public/terraform-provider-google
0
0
Fork 0
mirror of https://github.com/letic/terraform-provider-google.git synced 2024-09-06 09:06:44 +00:00
Code Issues Projects Releases Wiki Activity
88140df221
terraform-provider-google/website/docs/r/compute_firewall.html.markdown
Riley Karson 2d0d8bdcc0 Add Beta support & Beta feature deny to google_compute_firewall (#282) 
* Add versioned Beta support to google_compute_firewall.

* Add Beta support for deny to google_compute_firewall.

* remove extra line:

* make fmt

* Add missing ForceNew fields.

* Respond to review comments testing functionality + reducing network GET to v1
2017-08-07 13:14:35 -07:00

2.4 KiB
Raw Blame History

layout page_title sidebar_current description
google Google: google_compute_firewall docs-google-compute-firewall Manages a firewall resource within GCE.

google_compute_firewall

Manages a firewall resource within GCE. For more information see the official documentation and API.

Example Usage

resource "google_compute_firewall" "default" {
  name    = "test-firewall"
  network = "${google_compute_network.other.name}"

  allow {
    protocol = "icmp"
  }

  allow {
    protocol = "tcp"
    ports    = ["80", "8080", "1000-2000"]
  }

  source_tags = ["web"]
}

Argument Reference

The following arguments are supported:

  • name - (Required) A unique name for the resource, required by GCE. Changing this forces a new resource to be created.

  • network - (Required) The name of the network to attach this firewall to.

  • allow - (Required) Can be specified multiple times for each allow rule. Each allow block supports fields documented below.

  • description - (Optional) Textual description field.

  • project - (Optional) The project in which the resource belongs. If it is not provided, the provider project is used.

  • source_ranges - (Optional) A list of source CIDR ranges that this firewall applies to.

  • source_tags - (Optional) A list of source tags for this firewall.

  • target_tags - (Optional) A list of target tags for this firewall.

  • deny - (Optional, Beta) Can be specified multiple times for each deny rule. Each deny block supports fields documented below. Can be specified instead of allow.

The allow block supports:

  • protocol - (Required) The name of the protocol to allow.

  • ports - (Optional) List of ports and/or port ranges to allow. This can only be specified if the protocol is TCP or UDP.

The deny block supports:

  • protocol - (Required) The name of the protocol to allow.

  • ports - (Optional) List of ports and/or port ranges to allow. This can only be specified if the protocol is TCP or UDP.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • self_link - The URI of the created resource.

Import

Firewalls can be imported using the name, e.g.

$ terraform import google_compute_firewall.default test-firewall