Viewing docs for gcore 2.0.0-alpha.3
published on Monday, Mar 30, 2026 by g-core
published on Monday, Mar 30, 2026 by g-core
Viewing docs for gcore 2.0.0-alpha.3
published on Monday, Mar 30, 2026 by g-core
published on Monday, Mar 30, 2026 by g-core
Security group rules define individual traffic permissions specifying protocol, port range, direction, and allowed sources.
Example Usage
Allow HTTPS ingress from internal network
Creates an ingress rule allowing HTTPS traffic from a specific CIDR range.
import * as pulumi from "@pulumi/pulumi";
import * as gcore from "@pulumi/gcore";
// Allow inbound HTTPS traffic from a specific CIDR
const allowHttps = new gcore.CloudSecurityGroupRule("allow_https", {
projectId: 1,
regionId: 1,
groupId: web.id,
direction: "ingress",
ethertype: "IPv4",
protocol: "tcp",
portRangeMin: 443,
portRangeMax: 443,
remoteIpPrefix: "10.0.0.0/8",
description: "Allow HTTPS from internal network",
});
import pulumi
import pulumi_gcore as gcore
# Allow inbound HTTPS traffic from a specific CIDR
allow_https = gcore.CloudSecurityGroupRule("allow_https",
project_id=1,
region_id=1,
group_id=web["id"],
direction="ingress",
ethertype="IPv4",
protocol="tcp",
port_range_min=443,
port_range_max=443,
remote_ip_prefix="10.0.0.0/8",
description="Allow HTTPS from internal network")
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/gcore/v2/gcore"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
// Allow inbound HTTPS traffic from a specific CIDR
_, err := gcore.NewCloudSecurityGroupRule(ctx, "allow_https", &gcore.CloudSecurityGroupRuleArgs{
ProjectId: pulumi.Float64(1),
RegionId: pulumi.Float64(1),
GroupId: pulumi.Any(web.Id),
Direction: pulumi.String("ingress"),
Ethertype: pulumi.String("IPv4"),
Protocol: pulumi.String("tcp"),
PortRangeMin: pulumi.Float64(443),
PortRangeMax: pulumi.Float64(443),
RemoteIpPrefix: pulumi.String("10.0.0.0/8"),
Description: pulumi.String("Allow HTTPS from internal network"),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcore = Pulumi.Gcore;
return await Deployment.RunAsync(() =>
{
// Allow inbound HTTPS traffic from a specific CIDR
var allowHttps = new Gcore.CloudSecurityGroupRule("allow_https", new()
{
ProjectId = 1,
RegionId = 1,
GroupId = web.Id,
Direction = "ingress",
Ethertype = "IPv4",
Protocol = "tcp",
PortRangeMin = 443,
PortRangeMax = 443,
RemoteIpPrefix = "10.0.0.0/8",
Description = "Allow HTTPS from internal network",
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcore.CloudSecurityGroupRule;
import com.pulumi.gcore.CloudSecurityGroupRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Allow inbound HTTPS traffic from a specific CIDR
var allowHttps = new CloudSecurityGroupRule("allowHttps", CloudSecurityGroupRuleArgs.builder()
.projectId(1.0)
.regionId(1.0)
.groupId(web.id())
.direction("ingress")
.ethertype("IPv4")
.protocol("tcp")
.portRangeMin(443.0)
.portRangeMax(443.0)
.remoteIpPrefix("10.0.0.0/8")
.description("Allow HTTPS from internal network")
.build());
}
}
resources:
# Allow inbound HTTPS traffic from a specific CIDR
allowHttps:
type: gcore:CloudSecurityGroupRule
name: allow_https
properties:
projectId: 1
regionId: 1
groupId: ${web.id}
direction: ingress
ethertype: IPv4
protocol: tcp
portRangeMin: 443
portRangeMax: 443
remoteIpPrefix: 10.0.0.0/8
description: Allow HTTPS from internal network
Create CloudSecurityGroupRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CloudSecurityGroupRule(name: string, args: CloudSecurityGroupRuleArgs, opts?: CustomResourceOptions);@overload
def CloudSecurityGroupRule(resource_name: str,
args: CloudSecurityGroupRuleArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CloudSecurityGroupRule(resource_name: str,
opts: Optional[ResourceOptions] = None,
direction: Optional[str] = None,
group_id: Optional[str] = None,
description: Optional[str] = None,
ethertype: Optional[str] = None,
port_range_max: Optional[float] = None,
port_range_min: Optional[float] = None,
project_id: Optional[float] = None,
protocol: Optional[str] = None,
region_id: Optional[float] = None,
remote_group_id: Optional[str] = None,
remote_ip_prefix: Optional[str] = None)func NewCloudSecurityGroupRule(ctx *Context, name string, args CloudSecurityGroupRuleArgs, opts ...ResourceOption) (*CloudSecurityGroupRule, error)public CloudSecurityGroupRule(string name, CloudSecurityGroupRuleArgs args, CustomResourceOptions? opts = null)
public CloudSecurityGroupRule(String name, CloudSecurityGroupRuleArgs args)
public CloudSecurityGroupRule(String name, CloudSecurityGroupRuleArgs args, CustomResourceOptions options)
type: gcore:CloudSecurityGroupRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CloudSecurityGroupRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CloudSecurityGroupRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CloudSecurityGroupRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CloudSecurityGroupRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CloudSecurityGroupRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cloudSecurityGroupRuleResource = new Gcore.Index.CloudSecurityGroupRule("cloudSecurityGroupRuleResource", new()
{
Direction = "string",
GroupId = "string",
Description = "string",
Ethertype = "string",
PortRangeMax = 0,
PortRangeMin = 0,
ProjectId = 0,
Protocol = "string",
RegionId = 0,
RemoteGroupId = "string",
RemoteIpPrefix = "string",
});
example, err := gcore.NewCloudSecurityGroupRule(ctx, "cloudSecurityGroupRuleResource", &gcore.CloudSecurityGroupRuleArgs{
Direction: pulumi.String("string"),
GroupId: pulumi.String("string"),
Description: pulumi.String("string"),
Ethertype: pulumi.String("string"),
PortRangeMax: pulumi.Float64(0),
PortRangeMin: pulumi.Float64(0),
ProjectId: pulumi.Float64(0),
Protocol: pulumi.String("string"),
RegionId: pulumi.Float64(0),
RemoteGroupId: pulumi.String("string"),
RemoteIpPrefix: pulumi.String("string"),
})
var cloudSecurityGroupRuleResource = new CloudSecurityGroupRule("cloudSecurityGroupRuleResource", CloudSecurityGroupRuleArgs.builder()
.direction("string")
.groupId("string")
.description("string")
.ethertype("string")
.portRangeMax(0.0)
.portRangeMin(0.0)
.projectId(0.0)
.protocol("string")
.regionId(0.0)
.remoteGroupId("string")
.remoteIpPrefix("string")
.build());
cloud_security_group_rule_resource = gcore.CloudSecurityGroupRule("cloudSecurityGroupRuleResource",
direction="string",
group_id="string",
description="string",
ethertype="string",
port_range_max=0,
port_range_min=0,
project_id=0,
protocol="string",
region_id=0,
remote_group_id="string",
remote_ip_prefix="string")
const cloudSecurityGroupRuleResource = new gcore.CloudSecurityGroupRule("cloudSecurityGroupRuleResource", {
direction: "string",
groupId: "string",
description: "string",
ethertype: "string",
portRangeMax: 0,
portRangeMin: 0,
projectId: 0,
protocol: "string",
regionId: 0,
remoteGroupId: "string",
remoteIpPrefix: "string",
});
type: gcore:CloudSecurityGroupRule
properties:
description: string
direction: string
ethertype: string
groupId: string
portRangeMax: 0
portRangeMin: 0
projectId: 0
protocol: string
regionId: 0
remoteGroupId: string
remoteIpPrefix: string
CloudSecurityGroupRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CloudSecurityGroupRule resource accepts the following input properties:
- Direction string
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- Group
Id string - Security group ID
- Description string
- Rule description
- Ethertype string
- Ether type Available values: "IPv4", "IPv6".
- Port
Range doubleMax - The maximum port number in the range that is matched by the security group rule
- Port
Range doubleMin - The minimum port number in the range that is matched by the security group rule
- Project
Id double - Project ID
- Protocol string
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- Region
Id double - Region ID
- Remote
Group stringId - The remote group UUID to associate with this security group
- Remote
Ip stringPrefix - The remote IP prefix that is matched by this security group rule
- Direction string
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- Group
Id string - Security group ID
- Description string
- Rule description
- Ethertype string
- Ether type Available values: "IPv4", "IPv6".
- Port
Range float64Max - The maximum port number in the range that is matched by the security group rule
- Port
Range float64Min - The minimum port number in the range that is matched by the security group rule
- Project
Id float64 - Project ID
- Protocol string
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- Region
Id float64 - Region ID
- Remote
Group stringId - The remote group UUID to associate with this security group
- Remote
Ip stringPrefix - The remote IP prefix that is matched by this security group rule
- direction String
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- group
Id String - Security group ID
- description String
- Rule description
- ethertype String
- Ether type Available values: "IPv4", "IPv6".
- port
Range DoubleMax - The maximum port number in the range that is matched by the security group rule
- port
Range DoubleMin - The minimum port number in the range that is matched by the security group rule
- project
Id Double - Project ID
- protocol String
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region
Id Double - Region ID
- remote
Group StringId - The remote group UUID to associate with this security group
- remote
Ip StringPrefix - The remote IP prefix that is matched by this security group rule
- direction string
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- group
Id string - Security group ID
- description string
- Rule description
- ethertype string
- Ether type Available values: "IPv4", "IPv6".
- port
Range numberMax - The maximum port number in the range that is matched by the security group rule
- port
Range numberMin - The minimum port number in the range that is matched by the security group rule
- project
Id number - Project ID
- protocol string
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region
Id number - Region ID
- remote
Group stringId - The remote group UUID to associate with this security group
- remote
Ip stringPrefix - The remote IP prefix that is matched by this security group rule
- direction str
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- group_
id str - Security group ID
- description str
- Rule description
- ethertype str
- Ether type Available values: "IPv4", "IPv6".
- port_
range_ floatmax - The maximum port number in the range that is matched by the security group rule
- port_
range_ floatmin - The minimum port number in the range that is matched by the security group rule
- project_
id float - Project ID
- protocol str
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region_
id float - Region ID
- remote_
group_ strid - The remote group UUID to associate with this security group
- remote_
ip_ strprefix - The remote IP prefix that is matched by this security group rule
- direction String
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- group
Id String - Security group ID
- description String
- Rule description
- ethertype String
- Ether type Available values: "IPv4", "IPv6".
- port
Range NumberMax - The maximum port number in the range that is matched by the security group rule
- port
Range NumberMin - The minimum port number in the range that is matched by the security group rule
- project
Id Number - Project ID
- protocol String
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region
Id Number - Region ID
- remote
Group StringId - The remote group UUID to associate with this security group
- remote
Ip StringPrefix - The remote IP prefix that is matched by this security group rule
Outputs
All input properties are implicitly available as output properties. Additionally, the CloudSecurityGroupRule resource produces the following output properties:
- Id string
- The provider-assigned unique ID for this managed resource.
- Id string
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
- id string
- The provider-assigned unique ID for this managed resource.
- id str
- The provider-assigned unique ID for this managed resource.
- id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CloudSecurityGroupRule Resource
Get an existing CloudSecurityGroupRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CloudSecurityGroupRuleState, opts?: CustomResourceOptions): CloudSecurityGroupRule@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
description: Optional[str] = None,
direction: Optional[str] = None,
ethertype: Optional[str] = None,
group_id: Optional[str] = None,
port_range_max: Optional[float] = None,
port_range_min: Optional[float] = None,
project_id: Optional[float] = None,
protocol: Optional[str] = None,
region_id: Optional[float] = None,
remote_group_id: Optional[str] = None,
remote_ip_prefix: Optional[str] = None) -> CloudSecurityGroupRulefunc GetCloudSecurityGroupRule(ctx *Context, name string, id IDInput, state *CloudSecurityGroupRuleState, opts ...ResourceOption) (*CloudSecurityGroupRule, error)public static CloudSecurityGroupRule Get(string name, Input<string> id, CloudSecurityGroupRuleState? state, CustomResourceOptions? opts = null)public static CloudSecurityGroupRule get(String name, Output<String> id, CloudSecurityGroupRuleState state, CustomResourceOptions options)resources: _: type: gcore:CloudSecurityGroupRule get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Description string
- Rule description
- Direction string
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- Ethertype string
- Ether type Available values: "IPv4", "IPv6".
- Group
Id string - Security group ID
- Port
Range doubleMax - The maximum port number in the range that is matched by the security group rule
- Port
Range doubleMin - The minimum port number in the range that is matched by the security group rule
- Project
Id double - Project ID
- Protocol string
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- Region
Id double - Region ID
- Remote
Group stringId - The remote group UUID to associate with this security group
- Remote
Ip stringPrefix - The remote IP prefix that is matched by this security group rule
- Description string
- Rule description
- Direction string
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- Ethertype string
- Ether type Available values: "IPv4", "IPv6".
- Group
Id string - Security group ID
- Port
Range float64Max - The maximum port number in the range that is matched by the security group rule
- Port
Range float64Min - The minimum port number in the range that is matched by the security group rule
- Project
Id float64 - Project ID
- Protocol string
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- Region
Id float64 - Region ID
- Remote
Group stringId - The remote group UUID to associate with this security group
- Remote
Ip stringPrefix - The remote IP prefix that is matched by this security group rule
- description String
- Rule description
- direction String
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- ethertype String
- Ether type Available values: "IPv4", "IPv6".
- group
Id String - Security group ID
- port
Range DoubleMax - The maximum port number in the range that is matched by the security group rule
- port
Range DoubleMin - The minimum port number in the range that is matched by the security group rule
- project
Id Double - Project ID
- protocol String
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region
Id Double - Region ID
- remote
Group StringId - The remote group UUID to associate with this security group
- remote
Ip StringPrefix - The remote IP prefix that is matched by this security group rule
- description string
- Rule description
- direction string
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- ethertype string
- Ether type Available values: "IPv4", "IPv6".
- group
Id string - Security group ID
- port
Range numberMax - The maximum port number in the range that is matched by the security group rule
- port
Range numberMin - The minimum port number in the range that is matched by the security group rule
- project
Id number - Project ID
- protocol string
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region
Id number - Region ID
- remote
Group stringId - The remote group UUID to associate with this security group
- remote
Ip stringPrefix - The remote IP prefix that is matched by this security group rule
- description str
- Rule description
- direction str
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- ethertype str
- Ether type Available values: "IPv4", "IPv6".
- group_
id str - Security group ID
- port_
range_ floatmax - The maximum port number in the range that is matched by the security group rule
- port_
range_ floatmin - The minimum port number in the range that is matched by the security group rule
- project_
id float - Project ID
- protocol str
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region_
id float - Region ID
- remote_
group_ strid - The remote group UUID to associate with this security group
- remote_
ip_ strprefix - The remote IP prefix that is matched by this security group rule
- description String
- Rule description
- direction String
- Ingress or egress, which is the direction in which the security group is applied Available values: "egress", "ingress".
- ethertype String
- Ether type Available values: "IPv4", "IPv6".
- group
Id String - Security group ID
- port
Range NumberMax - The maximum port number in the range that is matched by the security group rule
- port
Range NumberMin - The minimum port number in the range that is matched by the security group rule
- project
Id Number - Project ID
- protocol String
- Protocol Available values: "ah", "any", "dccp", "egp", "esp", "gre", "icmp", "igmp", "ipencap", "ipip", "ipv6-encap", "ipv6-frag", "ipv6-icmp", "ipv6-nonxt", "ipv6-opts", "ipv6-route", "ospf", "pgm", "rsvp", "sctp", "tcp", "udp", "udplite", "vrrp".
- region
Id Number - Region ID
- remote
Group StringId - The remote group UUID to associate with this security group
- remote
Ip StringPrefix - The remote IP prefix that is matched by this security group rule
Import
$ pulumi import gcore:index/cloudSecurityGroupRule:CloudSecurityGroupRule example '<project_id>/<region_id>/<group_id>/<rule_id>'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- gcore g-core/terraform-provider-gcore
- License
- Notes
- This Pulumi package is based on the
gcoreTerraform Provider.
Viewing docs for gcore 2.0.0-alpha.3
published on Monday, Mar 30, 2026 by g-core
published on Monday, Mar 30, 2026 by g-core
