Get started with Pulumi in a free one hour introductory workshop. Register Now

Firewall

NOTICE: The Firewall feature is currently available through early access.

Manages a Linode Firewall.

Example Usage

using Pulumi;
using Linode = Pulumi.Linode;

class MyStack : Stack
{
    public MyStack()
    {
        var myInstance = new Linode.Instance("myInstance", new Linode.InstanceArgs
        {
            Label = "my_instance",
            Image = "linode/ubuntu18.04",
            Region = "us-east",
            Type = "g6-standard-1",
            RootPass = "bogusPassword$",
            SwapSize = 256,
        });
        var myFirewall = new Linode.Firewall("myFirewall", new Linode.FirewallArgs
        {
            Label = "my_firewall",
            Tags = 
            {
                "test",
            },
            Inbounds = 
            {
                new Linode.Inputs.FirewallInboundArgs
                {
                    Protocol = "TCP",
                    Ports = 
                    {
                        "80",
                    },
                    Addresses = 
                    {
                        "0.0.0.0/0",
                    },
                },
            },
            Outbounds = 
            {
                new Linode.Inputs.FirewallOutboundArgs
                {
                    Protocol = "TCP",
                    Ports = 
                    {
                        "80",
                    },
                    Addresses = 
                    {
                        "0.0.0.0/0",
                    },
                },
            },
            Linodes = 
            {
                myInstance.Id,
            },
        });
    }

}
package main

import (
    "fmt"

    "github.com/pulumi/pulumi-linode/sdk/v2/go/linode"
    "github.com/pulumi/pulumi/sdk/v2/go/pulumi"
)

func main() {
    pulumi.Run(func(ctx *pulumi.Context) error {
        myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
            Label:    pulumi.String("my_instance"),
            Image:    pulumi.String("linode/ubuntu18.04"),
            Region:   pulumi.String("us-east"),
            Type:     pulumi.String("g6-standard-1"),
            RootPass: pulumi.String(fmt.Sprintf("%v%v", "bogusPassword", "$")),
            SwapSize: pulumi.Int(256),
        })
        if err != nil {
            return err
        }
        _, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
            Label: pulumi.String("my_firewall"),
            Tags: pulumi.StringArray{
                pulumi.String("test"),
            },
            Inbounds: linode.FirewallInboundArray{
                &linode.FirewallInboundArgs{
                    Protocol: pulumi.String("TCP"),
                    Ports: pulumi.StringArray{
                        pulumi.String("80"),
                    },
                    Addresses: pulumi.StringArray{
                        pulumi.String("0.0.0.0/0"),
                    },
                },
            },
            Outbounds: linode.FirewallOutboundArray{
                &linode.FirewallOutboundArgs{
                    Protocol: pulumi.String("TCP"),
                    Ports: pulumi.StringArray{
                        pulumi.String("80"),
                    },
                    Addresses: pulumi.StringArray{
                        pulumi.String("0.0.0.0/0"),
                    },
                },
            },
            Linodes: pulumi.IntArray{
                myInstance.ID(),
            },
        })
        if err != nil {
            return err
        }
        return nil
    })
}
import pulumi
import pulumi_linode as linode

my_instance = linode.Instance("myInstance",
    label="my_instance",
    image="linode/ubuntu18.04",
    region="us-east",
    type="g6-standard-1",
    root_pass="bogusPassword$",
    swap_size=256)
my_firewall = linode.Firewall("myFirewall",
    label="my_firewall",
    tags=["test"],
    inbounds=[linode.FirewallInboundArgs(
        protocol="TCP",
        ports=["80"],
        addresses=["0.0.0.0/0"],
    )],
    outbounds=[linode.FirewallOutboundArgs(
        protocol="TCP",
        ports=["80"],
        addresses=["0.0.0.0/0"],
    )],
    linodes=[my_instance.id])
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";

const myInstance = new linode.Instance("myInstance", {
    label: "my_instance",
    image: "linode/ubuntu18.04",
    region: "us-east",
    type: "g6-standard-1",
    rootPass: `bogusPassword$`,
    swapSize: 256,
});
const myFirewall = new linode.Firewall("myFirewall", {
    label: "my_firewall",
    tags: ["test"],
    inbounds: [{
        protocol: "TCP",
        ports: ["80"],
        addresses: ["0.0.0.0/0"],
    }],
    outbounds: [{
        protocol: "TCP",
        ports: ["80"],
        addresses: ["0.0.0.0/0"],
    }],
    linodes: [myInstance.id],
});

Create a Firewall Resource

def Firewall(resource_name: str, opts: Optional[ResourceOptions] = None, disabled: Optional[bool] = None, inbounds: Optional[Sequence[FirewallInboundArgs]] = None, label: Optional[str] = None, linodes: Optional[Sequence[int]] = None, outbounds: Optional[Sequence[FirewallOutboundArgs]] = None, tags: Optional[Sequence[str]] = None)
func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)
public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
name string
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
opts ResourceOptions
A bag of options that control this resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.

Firewall Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Programming Model docs.

Inputs

The Firewall resource accepts the following input properties:

Linodes List<int>

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

Disabled bool

If true, the Firewall’s rules are not enforced (defaults to false).

Inbounds List<FirewallInboundArgs>

A firewall rule that specifies what inbound network traffic is allowed.

Label string

This Firewall’s unique label.

Outbounds List<FirewallOutboundArgs>

A firewall rule that specifies what outbound network traffic is allowed.

Tags List<string>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Linodes []int

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

Disabled bool

If true, the Firewall’s rules are not enforced (defaults to false).

Inbounds []FirewallInbound

A firewall rule that specifies what inbound network traffic is allowed.

Label string

This Firewall’s unique label.

Outbounds []FirewallOutbound

A firewall rule that specifies what outbound network traffic is allowed.

Tags []string

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

linodes number[]

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

disabled boolean

If true, the Firewall’s rules are not enforced (defaults to false).

inbounds FirewallInbound[]

A firewall rule that specifies what inbound network traffic is allowed.

label string

This Firewall’s unique label.

outbounds FirewallOutbound[]

A firewall rule that specifies what outbound network traffic is allowed.

tags string[]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

linodes Sequence[int]

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

disabled bool

If true, the Firewall’s rules are not enforced (defaults to false).

inbounds Sequence[FirewallInboundArgs]

A firewall rule that specifies what inbound network traffic is allowed.

label str

This Firewall’s unique label.

outbounds Sequence[FirewallOutboundArgs]

A firewall rule that specifies what outbound network traffic is allowed.

tags Sequence[str]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Outputs

All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:

Devices List<FirewallDevice>

The devices associated with this firewall.

Id string
The provider-assigned unique ID for this managed resource.
Status string

The status of the Firewall.

Devices []FirewallDevice

The devices associated with this firewall.

Id string
The provider-assigned unique ID for this managed resource.
Status string

The status of the Firewall.

devices FirewallDevice[]

The devices associated with this firewall.

id string
The provider-assigned unique ID for this managed resource.
status string

The status of the Firewall.

devices Sequence[FirewallDevice]

The devices associated with this firewall.

id str
The provider-assigned unique ID for this managed resource.
status str

The status of the Firewall.

Look up an Existing Firewall Resource

Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall
@staticmethod
def get(resource_name: str, id: str, opts: Optional[ResourceOptions] = None, devices: Optional[Sequence[FirewallDeviceArgs]] = None, disabled: Optional[bool] = None, inbounds: Optional[Sequence[FirewallInboundArgs]] = None, label: Optional[str] = None, linodes: Optional[Sequence[int]] = None, outbounds: Optional[Sequence[FirewallOutboundArgs]] = None, status: Optional[str] = None, tags: Optional[Sequence[str]] = None) -> Firewall
func GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)
public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.

The following state arguments are supported:

Devices List<FirewallDeviceArgs>

The devices associated with this firewall.

Disabled bool

If true, the Firewall’s rules are not enforced (defaults to false).

Inbounds List<FirewallInboundArgs>

A firewall rule that specifies what inbound network traffic is allowed.

Label string

This Firewall’s unique label.

Linodes List<int>

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

Outbounds List<FirewallOutboundArgs>

A firewall rule that specifies what outbound network traffic is allowed.

Status string

The status of the Firewall.

Tags List<string>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Devices []FirewallDevice

The devices associated with this firewall.

Disabled bool

If true, the Firewall’s rules are not enforced (defaults to false).

Inbounds []FirewallInbound

A firewall rule that specifies what inbound network traffic is allowed.

Label string

This Firewall’s unique label.

Linodes []int

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

Outbounds []FirewallOutbound

A firewall rule that specifies what outbound network traffic is allowed.

Status string

The status of the Firewall.

Tags []string

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

devices FirewallDevice[]

The devices associated with this firewall.

disabled boolean

If true, the Firewall’s rules are not enforced (defaults to false).

inbounds FirewallInbound[]

A firewall rule that specifies what inbound network traffic is allowed.

label string

This Firewall’s unique label.

linodes number[]

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

outbounds FirewallOutbound[]

A firewall rule that specifies what outbound network traffic is allowed.

status string

The status of the Firewall.

tags string[]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

devices Sequence[FirewallDeviceArgs]

The devices associated with this firewall.

disabled bool

If true, the Firewall’s rules are not enforced (defaults to false).

inbounds Sequence[FirewallInboundArgs]

A firewall rule that specifies what inbound network traffic is allowed.

label str

This Firewall’s unique label.

linodes Sequence[int]

A list of IDs of Linodes this Firewall should govern it’s network traffic for.

outbounds Sequence[FirewallOutboundArgs]

A firewall rule that specifies what outbound network traffic is allowed.

status str

The status of the Firewall.

tags Sequence[str]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Supporting Types

FirewallDevice

See the output API doc for this type.

See the output API doc for this type.

See the output API doc for this type.

EntityId int

The ID of the underlying entity this device references (i.e. the Linode’s ID).

Id int

The ID of the Firewall Device.

Label string

This Firewall’s unique label.

Type string

The type of Firewall Device.

Url string
EntityId int

The ID of the underlying entity this device references (i.e. the Linode’s ID).

Id int

The ID of the Firewall Device.

Label string

This Firewall’s unique label.

Type string

The type of Firewall Device.

Url string
entityId number

The ID of the underlying entity this device references (i.e. the Linode’s ID).

id number

The ID of the Firewall Device.

label string

This Firewall’s unique label.

type string

The type of Firewall Device.

url string
entity_id int

The ID of the underlying entity this device references (i.e. the Linode’s ID).

id int

The ID of the Firewall Device.

label str

This Firewall’s unique label.

type str

The type of Firewall Device.

url str

FirewallInbound

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Addresses List<string>

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

Ports List<string>

A list of ports and/or port ranges (i.e. “443” or “80-90”).

Protocol string

The network protocol this rule controls.

Addresses []string

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

Ports []string

A list of ports and/or port ranges (i.e. “443” or “80-90”).

Protocol string

The network protocol this rule controls.

addresses string[]

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

ports string[]

A list of ports and/or port ranges (i.e. “443” or “80-90”).

protocol string

The network protocol this rule controls.

addresses Sequence[str]

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

ports Sequence[str]

A list of ports and/or port ranges (i.e. “443” or “80-90”).

protocol str

The network protocol this rule controls.

FirewallOutbound

See the input and output API doc for this type.

See the input and output API doc for this type.

See the input and output API doc for this type.

Addresses List<string>

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

Ports List<string>

A list of ports and/or port ranges (i.e. “443” or “80-90”).

Protocol string

The network protocol this rule controls.

Addresses []string

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

Ports []string

A list of ports and/or port ranges (i.e. “443” or “80-90”).

Protocol string

The network protocol this rule controls.

addresses string[]

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

ports string[]

A list of ports and/or port ranges (i.e. “443” or “80-90”).

protocol string

The network protocol this rule controls.

addresses Sequence[str]

A list of IP addresses, CIDR blocks, or 0.0.0.0/0 (to allow all) this rule applies to.

ports Sequence[str]

A list of ports and/or port ranges (i.e. “443” or “80-90”).

protocol str

The network protocol this rule controls.

Import

Firewalls can be imported using the id, e.g.

 $ pulumi import linode:index/firewall:Firewall my_firewall 12345

Package Details

Repository
https://github.com/pulumi/pulumi-linode
License
Apache-2.0
Notes
This Pulumi package is based on the linode Terraform Provider.