How do I provision a GCP compute firewall using Pulumi?
In this guide, we will demonstrate how to provision a Google Cloud Platform (GCP) Compute Firewall using Pulumi in TypeScript. A firewall allows you to control the traffic to and from your instances based on a set of rules.
Key Points:
- We will define a network and a firewall rule.
- The firewall rule will allow ingress traffic on port 80 (HTTP) from any source.
- We will use Pulumi’s GCP provider to manage these resources.
Here is the complete Pulumi program:
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
// Create a new network
const network = new gcp.compute.Network("my-network", {
autoCreateSubnetworks: true,
});
// Create a firewall rule to allow HTTP traffic
const firewall = new gcp.compute.Firewall("my-firewall", {
network: network.id,
allows: [{
protocol: "tcp",
ports: ["80"],
}],
sourceRanges: ["0.0.0.0/0"],
direction: "INGRESS",
});
export const networkName = network.name;
export const firewallName = firewall.name;
Explanation:
- Network Creation: We start by creating a new network named
my-network
. TheautoCreateSubnetworks
option is set totrue
, which automatically creates subnetworks for each region. - Firewall Rule: Next, we create a firewall rule named
my-firewall
. This rule allows ingress traffic on TCP port 80 from any source IP address (0.0.0.0/0
). - Exports: Finally, we export the names of the network and firewall to make them accessible for further use.
Summary
In this guide, we created a GCP Compute Firewall using Pulumi in TypeScript. We defined a network and a firewall rule that allows HTTP traffic from any source. This setup ensures that our instances in the network can receive HTTP requests.
Deploy this code
Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.
Sign upNew to Pulumi?
Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.
Sign upThank you for your feedback!
If you have a question about how to use Pulumi, reach out in Community Slack.
Open an issue on GitHub to report a problem or suggest an improvement.