1. Packages
  2. Linode
  3. API Docs
  4. Firewall
Linode v4.17.0 published on Wednesday, Mar 27, 2024 by Pulumi

linode.Firewall

Explore with Pulumi AI

linode logo
Linode v4.17.0 published on Wednesday, Mar 27, 2024 by Pulumi

    Manages a Linode Firewall.

    Example Usage

    Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests:

    import * as pulumi from "@pulumi/pulumi";
    import * as linode from "@pulumi/linode";
    
    const myInstance = new linode.Instance("myInstance", {
        label: "my_instance",
        image: "linode/ubuntu22.04",
        region: "us-southeast",
        type: "g6-standard-1",
        rootPass: "bogusPassword$",
        swapSize: 256,
    });
    const myFirewall = new linode.Firewall("myFirewall", {
        label: "my_firewall",
        inbounds: [
            {
                label: "allow-http",
                action: "ACCEPT",
                protocol: "TCP",
                ports: "80",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
            {
                label: "allow-https",
                action: "ACCEPT",
                protocol: "TCP",
                ports: "443",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
        ],
        inboundPolicy: "DROP",
        outbounds: [
            {
                label: "reject-http",
                action: "DROP",
                protocol: "TCP",
                ports: "80",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
            {
                label: "reject-https",
                action: "DROP",
                protocol: "TCP",
                ports: "443",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
        ],
        outboundPolicy: "ACCEPT",
        linodes: [myInstance.id],
    });
    
    import pulumi
    import pulumi_linode as linode
    
    my_instance = linode.Instance("myInstance",
        label="my_instance",
        image="linode/ubuntu22.04",
        region="us-southeast",
        type="g6-standard-1",
        root_pass="bogusPassword$",
        swap_size=256)
    my_firewall = linode.Firewall("myFirewall",
        label="my_firewall",
        inbounds=[
            linode.FirewallInboundArgs(
                label="allow-http",
                action="ACCEPT",
                protocol="TCP",
                ports="80",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
            linode.FirewallInboundArgs(
                label="allow-https",
                action="ACCEPT",
                protocol="TCP",
                ports="443",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
        ],
        inbound_policy="DROP",
        outbounds=[
            linode.FirewallOutboundArgs(
                label="reject-http",
                action="DROP",
                protocol="TCP",
                ports="80",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
            linode.FirewallOutboundArgs(
                label="reject-https",
                action="DROP",
                protocol="TCP",
                ports="443",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
        ],
        outbound_policy="ACCEPT",
        linodes=[my_instance.id])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
    			Label:    pulumi.String("my_instance"),
    			Image:    pulumi.String("linode/ubuntu22.04"),
    			Region:   pulumi.String("us-southeast"),
    			Type:     pulumi.String("g6-standard-1"),
    			RootPass: pulumi.String("bogusPassword$"),
    			SwapSize: pulumi.Int(256),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
    			Label: pulumi.String("my_firewall"),
    			Inbounds: linode.FirewallInboundArray{
    				&linode.FirewallInboundArgs{
    					Label:    pulumi.String("allow-http"),
    					Action:   pulumi.String("ACCEPT"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("80"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    				&linode.FirewallInboundArgs{
    					Label:    pulumi.String("allow-https"),
    					Action:   pulumi.String("ACCEPT"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("443"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    			},
    			InboundPolicy: pulumi.String("DROP"),
    			Outbounds: linode.FirewallOutboundArray{
    				&linode.FirewallOutboundArgs{
    					Label:    pulumi.String("reject-http"),
    					Action:   pulumi.String("DROP"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("80"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    				&linode.FirewallOutboundArgs{
    					Label:    pulumi.String("reject-https"),
    					Action:   pulumi.String("DROP"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("443"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    			},
    			OutboundPolicy: pulumi.String("ACCEPT"),
    			Linodes: pulumi.IntArray{
    				myInstance.ID(),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Linode = Pulumi.Linode;
    
    return await Deployment.RunAsync(() => 
    {
        var myInstance = new Linode.Instance("myInstance", new()
        {
            Label = "my_instance",
            Image = "linode/ubuntu22.04",
            Region = "us-southeast",
            Type = "g6-standard-1",
            RootPass = "bogusPassword$",
            SwapSize = 256,
        });
    
        var myFirewall = new Linode.Firewall("myFirewall", new()
        {
            Label = "my_firewall",
            Inbounds = new[]
            {
                new Linode.Inputs.FirewallInboundArgs
                {
                    Label = "allow-http",
                    Action = "ACCEPT",
                    Protocol = "TCP",
                    Ports = "80",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
                new Linode.Inputs.FirewallInboundArgs
                {
                    Label = "allow-https",
                    Action = "ACCEPT",
                    Protocol = "TCP",
                    Ports = "443",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
            },
            InboundPolicy = "DROP",
            Outbounds = new[]
            {
                new Linode.Inputs.FirewallOutboundArgs
                {
                    Label = "reject-http",
                    Action = "DROP",
                    Protocol = "TCP",
                    Ports = "80",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
                new Linode.Inputs.FirewallOutboundArgs
                {
                    Label = "reject-https",
                    Action = "DROP",
                    Protocol = "TCP",
                    Ports = "443",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
            },
            OutboundPolicy = "ACCEPT",
            Linodes = new[]
            {
                myInstance.Id,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.linode.Instance;
    import com.pulumi.linode.InstanceArgs;
    import com.pulumi.linode.Firewall;
    import com.pulumi.linode.FirewallArgs;
    import com.pulumi.linode.inputs.FirewallInboundArgs;
    import com.pulumi.linode.inputs.FirewallOutboundArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var myInstance = new Instance("myInstance", InstanceArgs.builder()        
                .label("my_instance")
                .image("linode/ubuntu22.04")
                .region("us-southeast")
                .type("g6-standard-1")
                .rootPass("bogusPassword$")
                .swapSize(256)
                .build());
    
            var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()        
                .label("my_firewall")
                .inbounds(            
                    FirewallInboundArgs.builder()
                        .label("allow-http")
                        .action("ACCEPT")
                        .protocol("TCP")
                        .ports("80")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build(),
                    FirewallInboundArgs.builder()
                        .label("allow-https")
                        .action("ACCEPT")
                        .protocol("TCP")
                        .ports("443")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build())
                .inboundPolicy("DROP")
                .outbounds(            
                    FirewallOutboundArgs.builder()
                        .label("reject-http")
                        .action("DROP")
                        .protocol("TCP")
                        .ports("80")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build(),
                    FirewallOutboundArgs.builder()
                        .label("reject-https")
                        .action("DROP")
                        .protocol("TCP")
                        .ports("443")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build())
                .outboundPolicy("ACCEPT")
                .linodes(myInstance.id())
                .build());
    
        }
    }
    
    resources:
      myFirewall:
        type: linode:Firewall
        properties:
          label: my_firewall
          inbounds:
            - label: allow-http
              action: ACCEPT
              protocol: TCP
              ports: '80'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
            - label: allow-https
              action: ACCEPT
              protocol: TCP
              ports: '443'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
          inboundPolicy: DROP
          outbounds:
            - label: reject-http
              action: DROP
              protocol: TCP
              ports: '80'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
            - label: reject-https
              action: DROP
              protocol: TCP
              ports: '443'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
          outboundPolicy: ACCEPT
          linodes:
            - ${myInstance.id}
      myInstance:
        type: linode:Instance
        properties:
          label: my_instance
          image: linode/ubuntu22.04
          region: us-southeast
          type: g6-standard-1
          rootPass: bogusPassword$
          swapSize: 256
    

    Create Firewall Resource

    new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);
    @overload
    def Firewall(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 disabled: Optional[bool] = None,
                 inbound_policy: Optional[str] = None,
                 inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
                 label: Optional[str] = None,
                 linodes: Optional[Sequence[int]] = None,
                 nodebalancers: Optional[Sequence[int]] = None,
                 outbound_policy: Optional[str] = None,
                 outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
                 tags: Optional[Sequence[str]] = None)
    @overload
    def Firewall(resource_name: str,
                 args: FirewallArgs,
                 opts: Optional[ResourceOptions] = None)
    func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)
    public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
    public Firewall(String name, FirewallArgs args)
    public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
    
    type: linode:Firewall
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Firewall Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Firewall resource accepts the following input properties:

    InboundPolicy string
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Label string
    This Firewall's unique label.
    OutboundPolicy string
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    Disabled bool
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    Inbounds List<FirewallInbound>
    A firewall rule that specifies what inbound network traffic is allowed.
    Linodes List<int>
    A list of IDs of Linodes this Firewall should govern network traffic for.
    Nodebalancers List<int>
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    Outbounds List<FirewallOutbound>
    A firewall rule that specifies what outbound network traffic is allowed.
    Tags List<string>
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    InboundPolicy string
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Label string
    This Firewall's unique label.
    OutboundPolicy string
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    Disabled bool
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    Inbounds []FirewallInboundArgs
    A firewall rule that specifies what inbound network traffic is allowed.
    Linodes []int
    A list of IDs of Linodes this Firewall should govern network traffic for.
    Nodebalancers []int
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    Outbounds []FirewallOutboundArgs
    A firewall rule that specifies what outbound network traffic is allowed.
    Tags []string
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    inboundPolicy String
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label String
    This Firewall's unique label.
    outboundPolicy String
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    disabled Boolean
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds List<FirewallInbound>
    A firewall rule that specifies what inbound network traffic is allowed.
    linodes List<Integer>
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers List<Integer>
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outbounds List<FirewallOutbound>
    A firewall rule that specifies what outbound network traffic is allowed.
    tags List<String>
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    inboundPolicy string
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label string
    This Firewall's unique label.
    outboundPolicy string
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    disabled boolean
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds FirewallInbound[]
    A firewall rule that specifies what inbound network traffic is allowed.
    linodes number[]
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers number[]
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outbounds FirewallOutbound[]
    A firewall rule that specifies what outbound network traffic is allowed.
    tags string[]
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    inbound_policy str
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label str
    This Firewall's unique label.
    outbound_policy str
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    disabled bool
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds Sequence[FirewallInboundArgs]
    A firewall rule that specifies what inbound network traffic is allowed.
    linodes Sequence[int]
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers Sequence[int]
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outbounds Sequence[FirewallOutboundArgs]
    A firewall rule that specifies what outbound network traffic is allowed.
    tags Sequence[str]
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    inboundPolicy String
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label String
    This Firewall's unique label.
    outboundPolicy String
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    disabled Boolean
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds List<Property Map>
    A firewall rule that specifies what inbound network traffic is allowed.
    linodes List<Number>
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers List<Number>
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outbounds List<Property Map>
    A firewall rule that specifies what outbound network traffic is allowed.
    tags List<String>
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:

    Created string
    When this firewall was created
    Devices List<FirewallDevice>
    The devices associated with this firewall.
    Id string
    The provider-assigned unique ID for this managed resource.
    Status string
    The status of the Firewall.
    Updated string
    When this firewall was last updated
    Created string
    When this firewall was created
    Devices []FirewallDeviceType
    The devices associated with this firewall.
    Id string
    The provider-assigned unique ID for this managed resource.
    Status string
    The status of the Firewall.
    Updated string
    When this firewall was last updated
    created String
    When this firewall was created
    devices List<FirewallDevice>
    The devices associated with this firewall.
    id String
    The provider-assigned unique ID for this managed resource.
    status String
    The status of the Firewall.
    updated String
    When this firewall was last updated
    created string
    When this firewall was created
    devices FirewallDevice[]
    The devices associated with this firewall.
    id string
    The provider-assigned unique ID for this managed resource.
    status string
    The status of the Firewall.
    updated string
    When this firewall was last updated
    created str
    When this firewall was created
    devices Sequence[FirewallDevice]
    The devices associated with this firewall.
    id str
    The provider-assigned unique ID for this managed resource.
    status str
    The status of the Firewall.
    updated str
    When this firewall was last updated
    created String
    When this firewall was created
    devices List<Property Map>
    The devices associated with this firewall.
    id String
    The provider-assigned unique ID for this managed resource.
    status String
    The status of the Firewall.
    updated String
    When this firewall was last updated

    Look up Existing Firewall Resource

    Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            created: Optional[str] = None,
            devices: Optional[Sequence[FirewallDeviceArgs]] = None,
            disabled: Optional[bool] = None,
            inbound_policy: Optional[str] = None,
            inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
            label: Optional[str] = None,
            linodes: Optional[Sequence[int]] = None,
            nodebalancers: Optional[Sequence[int]] = None,
            outbound_policy: Optional[str] = None,
            outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
            status: Optional[str] = None,
            tags: Optional[Sequence[str]] = None,
            updated: Optional[str] = None) -> Firewall
    func GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)
    public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)
    public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Created string
    When this firewall was created
    Devices List<FirewallDevice>
    The devices associated with this firewall.
    Disabled bool
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    InboundPolicy string
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Inbounds List<FirewallInbound>
    A firewall rule that specifies what inbound network traffic is allowed.
    Label string
    This Firewall's unique label.
    Linodes List<int>
    A list of IDs of Linodes this Firewall should govern network traffic for.
    Nodebalancers List<int>
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    OutboundPolicy string
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    Outbounds List<FirewallOutbound>
    A firewall rule that specifies what outbound network traffic is allowed.
    Status string
    The status of the Firewall.
    Tags List<string>
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    Updated string
    When this firewall was last updated
    Created string
    When this firewall was created
    Devices []FirewallDeviceTypeArgs
    The devices associated with this firewall.
    Disabled bool
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    InboundPolicy string
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Inbounds []FirewallInboundArgs
    A firewall rule that specifies what inbound network traffic is allowed.
    Label string
    This Firewall's unique label.
    Linodes []int
    A list of IDs of Linodes this Firewall should govern network traffic for.
    Nodebalancers []int
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    OutboundPolicy string
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    Outbounds []FirewallOutboundArgs
    A firewall rule that specifies what outbound network traffic is allowed.
    Status string
    The status of the Firewall.
    Tags []string
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    Updated string
    When this firewall was last updated
    created String
    When this firewall was created
    devices List<FirewallDevice>
    The devices associated with this firewall.
    disabled Boolean
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inboundPolicy String
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds List<FirewallInbound>
    A firewall rule that specifies what inbound network traffic is allowed.
    label String
    This Firewall's unique label.
    linodes List<Integer>
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers List<Integer>
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outboundPolicy String
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    outbounds List<FirewallOutbound>
    A firewall rule that specifies what outbound network traffic is allowed.
    status String
    The status of the Firewall.
    tags List<String>
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    updated String
    When this firewall was last updated
    created string
    When this firewall was created
    devices FirewallDevice[]
    The devices associated with this firewall.
    disabled boolean
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inboundPolicy string
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds FirewallInbound[]
    A firewall rule that specifies what inbound network traffic is allowed.
    label string
    This Firewall's unique label.
    linodes number[]
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers number[]
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outboundPolicy string
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    outbounds FirewallOutbound[]
    A firewall rule that specifies what outbound network traffic is allowed.
    status string
    The status of the Firewall.
    tags string[]
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    updated string
    When this firewall was last updated
    created str
    When this firewall was created
    devices Sequence[FirewallDeviceArgs]
    The devices associated with this firewall.
    disabled bool
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbound_policy str
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds Sequence[FirewallInboundArgs]
    A firewall rule that specifies what inbound network traffic is allowed.
    label str
    This Firewall's unique label.
    linodes Sequence[int]
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers Sequence[int]
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outbound_policy str
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    outbounds Sequence[FirewallOutboundArgs]
    A firewall rule that specifies what outbound network traffic is allowed.
    status str
    The status of the Firewall.
    tags Sequence[str]
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    updated str
    When this firewall was last updated
    created String
    When this firewall was created
    devices List<Property Map>
    The devices associated with this firewall.
    disabled Boolean
    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inboundPolicy String
    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds List<Property Map>
    A firewall rule that specifies what inbound network traffic is allowed.
    label String
    This Firewall's unique label.
    linodes List<Number>
    A list of IDs of Linodes this Firewall should govern network traffic for.
    nodebalancers List<Number>
    A list of IDs of NodeBalancers this Firewall should govern network traffic for.
    outboundPolicy String
    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)
    outbounds List<Property Map>
    A firewall rule that specifies what outbound network traffic is allowed.
    status String
    The status of the Firewall.
    tags List<String>
    A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
    updated String
    When this firewall was last updated

    Supporting Types

    FirewallDevice, FirewallDeviceArgs

    EntityId int
    The ID of the underlying entity this device references (i.e. the Linode's ID).
    Id int
    The ID of the Firewall Device.
    Label string
    This Firewall's unique label.
    Type string
    The type of Firewall Device.
    Url string
    The URL of the underlying entity this device references.
    EntityId int
    The ID of the underlying entity this device references (i.e. the Linode's ID).
    Id int
    The ID of the Firewall Device.
    Label string
    This Firewall's unique label.
    Type string
    The type of Firewall Device.
    Url string
    The URL of the underlying entity this device references.
    entityId Integer
    The ID of the underlying entity this device references (i.e. the Linode's ID).
    id Integer
    The ID of the Firewall Device.
    label String
    This Firewall's unique label.
    type String
    The type of Firewall Device.
    url String
    The URL of the underlying entity this device references.
    entityId number
    The ID of the underlying entity this device references (i.e. the Linode's ID).
    id number
    The ID of the Firewall Device.
    label string
    This Firewall's unique label.
    type string
    The type of Firewall Device.
    url string
    The URL of the underlying entity this device references.
    entity_id int
    The ID of the underlying entity this device references (i.e. the Linode's ID).
    id int
    The ID of the Firewall Device.
    label str
    This Firewall's unique label.
    type str
    The type of Firewall Device.
    url str
    The URL of the underlying entity this device references.
    entityId Number
    The ID of the underlying entity this device references (i.e. the Linode's ID).
    id Number
    The ID of the Firewall Device.
    label String
    This Firewall's unique label.
    type String
    The type of Firewall Device.
    url String
    The URL of the underlying entity this device references.

    FirewallInbound, FirewallInboundArgs

    Action string
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    Label string
    Used to identify this rule. For display purposes only.
    Protocol string
    The network protocol this rule controls. (TCP, UDP, ICMP)
    Ipv4s List<string>
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    Ipv6s List<string>
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    Ports string
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    Action string
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    Label string
    Used to identify this rule. For display purposes only.
    Protocol string
    The network protocol this rule controls. (TCP, UDP, ICMP)
    Ipv4s []string
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    Ipv6s []string
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    Ports string
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action String
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label String
    Used to identify this rule. For display purposes only.
    protocol String
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s List<String>
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s List<String>
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports String
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action string
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label string
    Used to identify this rule. For display purposes only.
    protocol string
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s string[]
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s string[]
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports string
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action str
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label str
    Used to identify this rule. For display purposes only.
    protocol str
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s Sequence[str]
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s Sequence[str]
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports str
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action String
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label String
    Used to identify this rule. For display purposes only.
    protocol String
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s List<String>
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s List<String>
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports String
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    FirewallOutbound, FirewallOutboundArgs

    Action string
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    Label string
    This Firewall's unique label.
    Protocol string
    The network protocol this rule controls. (TCP, UDP, ICMP)
    Ipv4s List<string>
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    Ipv6s List<string>
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    Ports string
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    Action string
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    Label string
    This Firewall's unique label.
    Protocol string
    The network protocol this rule controls. (TCP, UDP, ICMP)
    Ipv4s []string
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    Ipv6s []string
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    Ports string
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action String
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label String
    This Firewall's unique label.
    protocol String
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s List<String>
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s List<String>
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports String
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action string
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label string
    This Firewall's unique label.
    protocol string
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s string[]
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s string[]
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports string
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action str
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label str
    This Firewall's unique label.
    protocol str
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s Sequence[str]
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s Sequence[str]
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports str
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
    action String
    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
    label String
    This Firewall's unique label.
    protocol String
    The network protocol this rule controls. (TCP, UDP, ICMP)
    ipv4s List<String>
    A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
    ipv6s List<String>
    A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
    ports String
    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    Import

    Firewalls can be imported using the id, e.g.

    $ pulumi import linode:index/firewall:Firewall my_firewall 12345
    

    Package Details

    Repository
    Linode pulumi/pulumi-linode
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the linode Terraform Provider.
    linode logo
    Linode v4.17.0 published on Wednesday, Mar 27, 2024 by Pulumi