Skip to content

Organization Policy Objects and Groups Configuration

Dashboard Location: Organization > Configure > Policy Objects

Centralized Network Policy Object Management and Security Group Configuration

Organization policy objects and groups configuration in Meraki provides administrators with comprehensive network object definition capabilities, enabling centralized security policy management, reusable network definitions, scalable firewall rule creation, and consistent security enforcement across multiple networks. This functionality supports network segmentation strategies, security policy standardization, firewall rule optimization, access control consistency, and centralized object management while providing efficient policy deployment and maintenance capabilities. Policy objects are essential for enterprise security architectures, consistent rule enforcement, scalable policy management, compliance standardization, and maintaining organized security infrastructure while supporting complex network environments and multi-site deployments.

Diagram

Diagram

Classes

organizations (meraki.domains)

NameTypeConstraintMandatoryDefault Value
policy_objectsList[policy_objects]No
policy_objects_groupsList[policy_objects_groups]No

policy_objects (meraki.domains.organizations)

NameTypeConstraintMandatoryDefault Value
nameStringmin: 1, max: 127No
categoryChoiceadaptivePolicy, networkNo
typeChoiceadaptivePolicyIpv4Cidr, cidr, fqdn, ipAndMaskNo
cidrStringRegex: ^(?i:any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?)(,(any|(\d{1,3}\.){3}\d{1,3}(\/\d{1,2})?))*$No
fqdnStringmin: 1, max: 1024No
maskStringRegex: ^(255|254|252|248|240|224|192|128|0+)(\.0|\.128|\.192|\.224|\.240|\.248|\.252|\.254|\.255){0,3}$No
ipIPNo
group_namesListString[min: 1, max: 127]No

policy_objects_groups (meraki.domains.organizations)

NameTypeConstraintMandatoryDefault Value
nameStringmin: 1, max: 127No
categoryChoiceNetworkObjectGroup, GeoLocationGroup, PortObjectGroup, ApplicationGroupNo
object_namesListString[min: 1, max: 127]No

Examples

Example-1: The example below demonstrates organization policy objects configuration using tested YAML configuration from pipeline fixtures.

meraki:
domains:
- name: "!env domain"
administrator:
name: "!env org_admin"
organizations:
- name: "!env org"
policy_objects:
- name: test cidr
category: network
type: cidr
cidr: 10.0.0.0/24
- name: test fqdn
category: network
type: fqdn
fqdn: www.cisco.com
policy_objects_groups:
- name: test cidr
category: NetworkObjectGroup
object_names:
- test cidr # This references the "test" policy object by name
- name: test fqdn
category: NetworkObjectGroup
object_names:
- test fqdn # This references the "test" policy object by name

Configuration Parameters

ParameterTypeRequiredDescription
policy_objectsarrayNoPolicy object definitions
policy_objects[].namestringYesPolicy object name
policy_objects[].categorystringYesObject category (network)
policy_objects[].typestringYesObject type (cidr, fqdn)
policy_objects[].cidrstringConditionalCIDR notation (required for cidr type)
policy_objects[].fqdnstringConditionalFully qualified domain name (required for fqdn type)
policy_objects_groupsarrayNoPolicy object group definitions
policy_objects_groups[].namestringYesGroup name
policy_objects_groups[].categorystringYesGroup category
policy_objects_groups[].object_namesarrayYesReferenced object names