1.9 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
cloudstack | CloudStack: cloudstack_firewall | docs-cloudstack-resource-firewall | Creates firewall rules for a given IP address. |
cloudstack_firewall
Creates firewall rules for a given IP address.
Example Usage
resource "cloudstack_firewall" "default" {
ipaddress = "192.168.0.1"
rule {
cidr_list = ["10.0.0.0/8"]
protocol = "tcp"
ports = ["80", "1000-2000"]
}
}
Argument Reference
The following arguments are supported:
-
ipaddress
- (Required) The IP address or ID for which to create the firewall rules. Changing this forces a new resource to be created. -
managed
- (Optional) USE WITH CAUTION! If enabled all the firewall rules for this IP address will be managed by this resource. This means it will delete all firewall rules that are not in your config! (defaults false) -
rule
- (Optional) Can be specified multiple times. Each rule block supports fields documented below. Ifmanaged = false
at least one rule is required!
The rule
block supports:
-
cidr_list
- (Required) A CIDR list to allow access to the given ports. -
source_cidr
- (Optional, Deprecated) The source CIDR to allow access to the given ports. This attribute is deprecated, please usecidr_list
instead. -
protocol
- (Required) The name of the protocol to allow. Valid options are:tcp
,udp
andicmp
. -
icmp_type
- (Optional) The ICMP type to allow. This can only be specified if the protocol is ICMP. -
icmp_code
- (Optional) The ICMP code to allow. This can only be specified if the protocol is ICMP. -
ports
- (Optional) List of ports and/or port ranges to allow. This can only be specified if the protocol is TCP or UDP.
Attributes Reference
The following attributes are exported:
id
- The IP address ID for which the firewall rules are created.