2.1 KiB
2.1 KiB
layout | page_title | sidebar_current | description |
---|---|---|---|
vcd | vCloudDirector: vcd_firewall_rules | docs-vcd-resource-firewall-rules | Provides a vCloud Director Firewall resource. This can be used to create, modify, and delete firewall settings and rules. |
vcd_firewall_rules
Provides a vCloud Director Firewall resource. This can be used to create, modify, and delete firewall settings and rules.
Example Usage
resource "vcd_firewall_rules" "fw" {
edge_gateway = "Edge Gateway Name"
default_action = "drop"
rule {
description = "allow-web"
policy = "allow"
protocol = "tcp"
destination_port = "80"
destination_ip = "10.10.0.5"
source_port = "any"
source_ip = "any"
}
rule {
description = "allow-outbound"
policy = "allow"
protocol = "any"
destination_port = "any"
destination_ip = "any"
source_port = "any"
source_ip = "10.10.0.0/24"
}
}
Argument Reference
The following arguments are supported:
edge_gateway
- (Required) The name of the edge gateway on which to apply the Firewall Rulesdefault_action
- (Required) Either "allow" or "deny". Specifies what to do should none of the rules matchrule
- (Optional) Configures a firewall rule; see Rules below for details.
Rules
Each firewall rule supports the following attributes:
description
- (Required) Description of the fireall rulepolicy
- (Required) Specifies what to do when this rule is matched. Either "allow" or "deny"protocol
- (Required) The protocol to match. One of "tcp", "udp", "icmp" or "any"destination_port
- (Required) The destination port to match. Either a port number or "any"destination_ip
- (Required) The destination IP to match. Either an IP address, IP range or "any"source_port
- (Required) The source port to match. Either a port number or "any"source_ip
- (Required) The source IP to match. Either an IP address, IP range or "any"