1. Answers
  2. Provision a GCP Compute Firewall

How do I provision a GCP compute firewall using Pulumi?

In this guide, we will demonstrate how to provision a Google Cloud Platform (GCP) Compute Firewall using Pulumi in TypeScript. A firewall allows you to control the traffic to and from your instances based on a set of rules.

Key Points:

  • We will define a network and a firewall rule.
  • The firewall rule will allow ingress traffic on port 80 (HTTP) from any source.
  • We will use Pulumi’s GCP provider to manage these resources.

Here is the complete Pulumi program:

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

// Create a new network
const network = new gcp.compute.Network("my-network", {
    autoCreateSubnetworks: true,
});

// Create a firewall rule to allow HTTP traffic
const firewall = new gcp.compute.Firewall("my-firewall", {
    network: network.id,
    allows: [{
        protocol: "tcp",
        ports: ["80"],
    }],
    sourceRanges: ["0.0.0.0/0"],
    direction: "INGRESS",
});

export const networkName = network.name;
export const firewallName = firewall.name;

Explanation:

  • Network Creation: We start by creating a new network named my-network. The autoCreateSubnetworks option is set to true, which automatically creates subnetworks for each region.
  • Firewall Rule: Next, we create a firewall rule named my-firewall. This rule allows ingress traffic on TCP port 80 from any source IP address (0.0.0.0/0).
  • Exports: Finally, we export the names of the network and firewall to make them accessible for further use.

Summary

In this guide, we created a GCP Compute Firewall using Pulumi in TypeScript. We defined a network and a firewall rule that allows HTTP traffic from any source. This setup ensures that our instances in the network can receive HTTP requests.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up