New module - meraki_mx_l3_firewall (#42326)

* Initial commig for meraki_mx_l3_firewall
- View and modify L3 firewalls applied to Meraki MX firewalls
- Initial integration tests included

* Added example documentation

* Added documentation for responses

* Documentation tweaks for typos

* PEP8 fix

2 files changed, 160 insertions, 0 deletions

diff --git a/test/integration/targets/meraki_mx_l3_firewall/aliases b/test/integration/targets/meraki_mx_l3_firewall/aliases
new file mode 100644
index 0000000000..ad7ccf7ada
--- /dev/null
+++ b/test/integration/targets/meraki_mx_l3_firewall/aliases
@@ -0,0 +1 @@
+unsupported
diff --git a/test/integration/targets/meraki_mx_l3_firewall/tasks/main.yml b/test/integration/targets/meraki_mx_l3_firewall/tasks/main.yml
new file mode 100644
index 0000000000..731ecca47d
--- /dev/null
+++ b/test/integration/targets/meraki_mx_l3_firewall/tasks/main.yml
@@ -0,0 +1,159 @@
+# Test code for the Meraki Organization module
+# Copyright: (c) 2018, Kevin Breit (@kbreit)
+
+# GNU General Public License v3.0+ (see COPYING or https://www.gnu.org/licenses/gpl-3.0.txt)
+---
+- block:
+  - name: Test an API key is provided
+    fail:
+      msg: Please define an API key
+    when: auth_key is not defined
+    
+  - name: Use an invalid domain
+    meraki_organization:
+      auth_key: '{{ auth_key }}'
+      host: marrrraki.com
+      state: present
+      org_name: IntTestOrg
+      output_level: debug
+    delegate_to: localhost
+    register: invalid_domain
+    ignore_errors: yes
+    
+  - name: Disable HTTP
+    meraki_organization:
+      auth_key: '{{ auth_key }}'
+      use_https: false
+      state: query
+      output_level: debug
+    delegate_to: localhost
+    register: http
+    ignore_errors: yes
+
+  - name: Connection assertions
+    assert:
+      that:
+        - '"Failed to connect to" in invalid_domain.msg'
+        - '"http" in http.url'
+
+  - name: Create network
+    meraki_network:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: present
+      type: appliance
+    delegate_to: localhost
+
+  - name: Query firewall rules
+    meraki_mx_l3_firewall:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: query
+    delegate_to: localhost
+    register: query
+
+  - debug:
+      msg: '{{query}}'
+
+  - assert:
+      that:
+        - query.data|length == 1
+
+  - name: Set one firewall rule
+    meraki_mx_l3_firewall:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: present
+      rules:
+        - comment: Deny to documentation address
+          src_port: any
+          src_cidr: any
+          dest_port: 80,443
+          dest_cidr: 192.0.1.1/32
+          protocol: tcp
+          policy: deny
+    delegate_to: localhost
+    register: create_one
+
+  - assert:
+      that:
+        - create_one.data|length == 2
+        - create_one.data.0.destCidr == '192.0.1.1/32'
+        - create_one.data.0.protocol == 'tcp'
+        - create_one.data.0.policy == 'deny'
+        - create_one.changed == True
+
+  - name: Check for idempotency
+    meraki_mx_l3_firewall:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: present
+      rules:
+        - comment: Deny to documentation address
+          src_port: any
+          src_cidr: any
+          dest_port: 80,443
+          dest_cidr: 192.0.1.1/32
+          protocol: tcp
+          policy: deny
+    delegate_to: localhost
+    register: create_one_idempotent
+
+  - debug:
+      msg: '{{create_one_idempotent}}'
+
+  - assert:
+      that:
+        - create_one_idempotent.changed == False
+
+  - name: Enable syslog for default rule
+    meraki_mx_l3_firewall:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: present
+      rules:
+        - comment: Deny to documentation address
+          src_port: any
+          src_cidr: any
+          dest_port: 80,443
+          dest_cidr: 192.0.1.1/32
+          protocol: tcp
+          policy: deny        
+      syslog_default_rule: yes
+    delegate_to: localhost
+    register: default_syslog
+
+  - debug:
+      msg: '{{default_syslog}}'
+
+  - name: Query firewall rules
+    meraki_mx_l3_firewall:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: query
+    delegate_to: localhost
+    register: query
+
+  - debug:
+      msg: '{{query.data.1}}'
+
+  - assert:
+      that:
+        - query.data.1.syslogEnabled == True
+
+  always:
+  - name: Delete all firewall rules
+    meraki_mx_l3_firewall:
+      auth_key: '{{ auth_key }}'
+      org_name: '{{test_org_name}}'
+      net_name: TestNetAppliance
+      state: present
+      rules: []
+    delegate_to: localhost
+    register: delete_all