1. Packages
  2. Linode
  3. API Docs
  4. Firewall
Linode v4.7.0 published on Friday, Sep 29, 2023 by Pulumi

linode.Firewall

Explore with Pulumi AI

linode logo
Linode v4.7.0 published on Friday, Sep 29, 2023 by Pulumi

    Manages a Linode Firewall.

    Example Usage

    Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests

    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Linode = Pulumi.Linode;
    
    return await Deployment.RunAsync(() => 
    {
        var myInstance = new Linode.Instance("myInstance", new()
        {
            Label = "my_instance",
            Image = "linode/ubuntu18.04",
            Region = "us-southeast",
            Type = "g6-standard-1",
            RootPass = "bogusPassword$",
            SwapSize = 256,
        });
    
        var myFirewall = new Linode.Firewall("myFirewall", new()
        {
            Label = "my_firewall",
            Inbounds = new[]
            {
                new Linode.Inputs.FirewallInboundArgs
                {
                    Label = "allow-http",
                    Action = "ACCEPT",
                    Protocol = "TCP",
                    Ports = "80",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
                new Linode.Inputs.FirewallInboundArgs
                {
                    Label = "allow-https",
                    Action = "ACCEPT",
                    Protocol = "TCP",
                    Ports = "443",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
            },
            InboundPolicy = "DROP",
            Outbounds = new[]
            {
                new Linode.Inputs.FirewallOutboundArgs
                {
                    Label = "reject-http",
                    Action = "DROP",
                    Protocol = "TCP",
                    Ports = "80",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
                new Linode.Inputs.FirewallOutboundArgs
                {
                    Label = "reject-https",
                    Action = "DROP",
                    Protocol = "TCP",
                    Ports = "443",
                    Ipv4s = new[]
                    {
                        "0.0.0.0/0",
                    },
                    Ipv6s = new[]
                    {
                        "::/0",
                    },
                },
            },
            OutboundPolicy = "ACCEPT",
            Linodes = new[]
            {
                myInstance.Id,
            },
        });
    
    });
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
    			Label:    pulumi.String("my_instance"),
    			Image:    pulumi.String("linode/ubuntu18.04"),
    			Region:   pulumi.String("us-southeast"),
    			Type:     pulumi.String("g6-standard-1"),
    			RootPass: pulumi.String("bogusPassword$"),
    			SwapSize: pulumi.Int(256),
    		})
    		if err != nil {
    			return err
    		}
    		_, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
    			Label: pulumi.String("my_firewall"),
    			Inbounds: linode.FirewallInboundArray{
    				&linode.FirewallInboundArgs{
    					Label:    pulumi.String("allow-http"),
    					Action:   pulumi.String("ACCEPT"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("80"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    				&linode.FirewallInboundArgs{
    					Label:    pulumi.String("allow-https"),
    					Action:   pulumi.String("ACCEPT"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("443"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    			},
    			InboundPolicy: pulumi.String("DROP"),
    			Outbounds: linode.FirewallOutboundArray{
    				&linode.FirewallOutboundArgs{
    					Label:    pulumi.String("reject-http"),
    					Action:   pulumi.String("DROP"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("80"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    				&linode.FirewallOutboundArgs{
    					Label:    pulumi.String("reject-https"),
    					Action:   pulumi.String("DROP"),
    					Protocol: pulumi.String("TCP"),
    					Ports:    pulumi.String("443"),
    					Ipv4s: pulumi.StringArray{
    						pulumi.String("0.0.0.0/0"),
    					},
    					Ipv6s: pulumi.StringArray{
    						pulumi.String("::/0"),
    					},
    				},
    			},
    			OutboundPolicy: pulumi.String("ACCEPT"),
    			Linodes: pulumi.IntArray{
    				myInstance.ID(),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.linode.Instance;
    import com.pulumi.linode.InstanceArgs;
    import com.pulumi.linode.Firewall;
    import com.pulumi.linode.FirewallArgs;
    import com.pulumi.linode.inputs.FirewallInboundArgs;
    import com.pulumi.linode.inputs.FirewallOutboundArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var myInstance = new Instance("myInstance", InstanceArgs.builder()        
                .label("my_instance")
                .image("linode/ubuntu18.04")
                .region("us-southeast")
                .type("g6-standard-1")
                .rootPass("bogusPassword$")
                .swapSize(256)
                .build());
    
            var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()        
                .label("my_firewall")
                .inbounds(            
                    FirewallInboundArgs.builder()
                        .label("allow-http")
                        .action("ACCEPT")
                        .protocol("TCP")
                        .ports("80")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build(),
                    FirewallInboundArgs.builder()
                        .label("allow-https")
                        .action("ACCEPT")
                        .protocol("TCP")
                        .ports("443")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build())
                .inboundPolicy("DROP")
                .outbounds(            
                    FirewallOutboundArgs.builder()
                        .label("reject-http")
                        .action("DROP")
                        .protocol("TCP")
                        .ports("80")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build(),
                    FirewallOutboundArgs.builder()
                        .label("reject-https")
                        .action("DROP")
                        .protocol("TCP")
                        .ports("443")
                        .ipv4s("0.0.0.0/0")
                        .ipv6s("::/0")
                        .build())
                .outboundPolicy("ACCEPT")
                .linodes(myInstance.id())
                .build());
    
        }
    }
    
    import pulumi
    import pulumi_linode as linode
    
    my_instance = linode.Instance("myInstance",
        label="my_instance",
        image="linode/ubuntu18.04",
        region="us-southeast",
        type="g6-standard-1",
        root_pass="bogusPassword$",
        swap_size=256)
    my_firewall = linode.Firewall("myFirewall",
        label="my_firewall",
        inbounds=[
            linode.FirewallInboundArgs(
                label="allow-http",
                action="ACCEPT",
                protocol="TCP",
                ports="80",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
            linode.FirewallInboundArgs(
                label="allow-https",
                action="ACCEPT",
                protocol="TCP",
                ports="443",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
        ],
        inbound_policy="DROP",
        outbounds=[
            linode.FirewallOutboundArgs(
                label="reject-http",
                action="DROP",
                protocol="TCP",
                ports="80",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
            linode.FirewallOutboundArgs(
                label="reject-https",
                action="DROP",
                protocol="TCP",
                ports="443",
                ipv4s=["0.0.0.0/0"],
                ipv6s=["::/0"],
            ),
        ],
        outbound_policy="ACCEPT",
        linodes=[my_instance.id])
    
    import * as pulumi from "@pulumi/pulumi";
    import * as linode from "@pulumi/linode";
    
    const myInstance = new linode.Instance("myInstance", {
        label: "my_instance",
        image: "linode/ubuntu18.04",
        region: "us-southeast",
        type: "g6-standard-1",
        rootPass: "bogusPassword$",
        swapSize: 256,
    });
    const myFirewall = new linode.Firewall("myFirewall", {
        label: "my_firewall",
        inbounds: [
            {
                label: "allow-http",
                action: "ACCEPT",
                protocol: "TCP",
                ports: "80",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
            {
                label: "allow-https",
                action: "ACCEPT",
                protocol: "TCP",
                ports: "443",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
        ],
        inboundPolicy: "DROP",
        outbounds: [
            {
                label: "reject-http",
                action: "DROP",
                protocol: "TCP",
                ports: "80",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
            {
                label: "reject-https",
                action: "DROP",
                protocol: "TCP",
                ports: "443",
                ipv4s: ["0.0.0.0/0"],
                ipv6s: ["::/0"],
            },
        ],
        outboundPolicy: "ACCEPT",
        linodes: [myInstance.id],
    });
    
    resources:
      myFirewall:
        type: linode:Firewall
        properties:
          label: my_firewall
          inbounds:
            - label: allow-http
              action: ACCEPT
              protocol: TCP
              ports: '80'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
            - label: allow-https
              action: ACCEPT
              protocol: TCP
              ports: '443'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
          inboundPolicy: DROP
          outbounds:
            - label: reject-http
              action: DROP
              protocol: TCP
              ports: '80'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
            - label: reject-https
              action: DROP
              protocol: TCP
              ports: '443'
              ipv4s:
                - 0.0.0.0/0
              ipv6s:
                - ::/0
          outboundPolicy: ACCEPT
          linodes:
            - ${myInstance.id}
      myInstance:
        type: linode:Instance
        properties:
          label: my_instance
          image: linode/ubuntu18.04
          region: us-southeast
          type: g6-standard-1
          rootPass: bogusPassword$
          swapSize: 256
    

    Create Firewall Resource

    new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);
    @overload
    def Firewall(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 disabled: Optional[bool] = None,
                 inbound_policy: Optional[str] = None,
                 inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
                 label: Optional[str] = None,
                 linodes: Optional[Sequence[int]] = None,
                 nodebalancers: Optional[Sequence[int]] = None,
                 outbound_policy: Optional[str] = None,
                 outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
                 tags: Optional[Sequence[str]] = None)
    @overload
    def Firewall(resource_name: str,
                 args: FirewallArgs,
                 opts: Optional[ResourceOptions] = None)
    func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)
    public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
    public Firewall(String name, FirewallArgs args)
    public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
    
    type: linode:Firewall
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args FirewallArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Firewall Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The Firewall resource accepts the following input properties:

    InboundPolicy string

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Label string

    This Firewall's unique label.

    OutboundPolicy string

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    Disabled bool

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    Inbounds List<FirewallInbound>

    A firewall rule that specifies what inbound network traffic is allowed.

    Linodes List<int>

    A list of IDs of Linodes this Firewall should govern network traffic for.

    Nodebalancers List<int>

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    Outbounds List<FirewallOutbound>

    A firewall rule that specifies what outbound network traffic is allowed.

    Tags List<string>

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    InboundPolicy string

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Label string

    This Firewall's unique label.

    OutboundPolicy string

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    Disabled bool

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    Inbounds []FirewallInboundArgs

    A firewall rule that specifies what inbound network traffic is allowed.

    Linodes []int

    A list of IDs of Linodes this Firewall should govern network traffic for.

    Nodebalancers []int

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    Outbounds []FirewallOutboundArgs

    A firewall rule that specifies what outbound network traffic is allowed.

    Tags []string

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    inboundPolicy String

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label String

    This Firewall's unique label.

    outboundPolicy String

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    disabled Boolean

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds List<FirewallInbound>

    A firewall rule that specifies what inbound network traffic is allowed.

    linodes List<Integer>

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers List<Integer>

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outbounds List<FirewallOutbound>

    A firewall rule that specifies what outbound network traffic is allowed.

    tags List<String>

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    inboundPolicy string

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label string

    This Firewall's unique label.

    outboundPolicy string

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    disabled boolean

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds FirewallInbound[]

    A firewall rule that specifies what inbound network traffic is allowed.

    linodes number[]

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers number[]

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outbounds FirewallOutbound[]

    A firewall rule that specifies what outbound network traffic is allowed.

    tags string[]

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    inbound_policy str

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label str

    This Firewall's unique label.

    outbound_policy str

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    disabled bool

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds Sequence[FirewallInboundArgs]

    A firewall rule that specifies what inbound network traffic is allowed.

    linodes Sequence[int]

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers Sequence[int]

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outbounds Sequence[FirewallOutboundArgs]

    A firewall rule that specifies what outbound network traffic is allowed.

    tags Sequence[str]

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    inboundPolicy String

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    label String

    This Firewall's unique label.

    outboundPolicy String

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    disabled Boolean

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbounds List<Property Map>

    A firewall rule that specifies what inbound network traffic is allowed.

    linodes List<Number>

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers List<Number>

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outbounds List<Property Map>

    A firewall rule that specifies what outbound network traffic is allowed.

    tags List<String>

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:

    Created string

    When this firewall was created

    Devices List<FirewallDevice>

    The devices associated with this firewall.

    Id string

    The provider-assigned unique ID for this managed resource.

    Status string

    The status of the Firewall.

    Updated string

    When this firewall was last updated

    Created string

    When this firewall was created

    Devices []FirewallDeviceType

    The devices associated with this firewall.

    Id string

    The provider-assigned unique ID for this managed resource.

    Status string

    The status of the Firewall.

    Updated string

    When this firewall was last updated

    created String

    When this firewall was created

    devices List<FirewallDevice>

    The devices associated with this firewall.

    id String

    The provider-assigned unique ID for this managed resource.

    status String

    The status of the Firewall.

    updated String

    When this firewall was last updated

    created string

    When this firewall was created

    devices FirewallDevice[]

    The devices associated with this firewall.

    id string

    The provider-assigned unique ID for this managed resource.

    status string

    The status of the Firewall.

    updated string

    When this firewall was last updated

    created str

    When this firewall was created

    devices Sequence[FirewallDevice]

    The devices associated with this firewall.

    id str

    The provider-assigned unique ID for this managed resource.

    status str

    The status of the Firewall.

    updated str

    When this firewall was last updated

    created String

    When this firewall was created

    devices List<Property Map>

    The devices associated with this firewall.

    id String

    The provider-assigned unique ID for this managed resource.

    status String

    The status of the Firewall.

    updated String

    When this firewall was last updated

    Look up Existing Firewall Resource

    Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            created: Optional[str] = None,
            devices: Optional[Sequence[FirewallDeviceArgs]] = None,
            disabled: Optional[bool] = None,
            inbound_policy: Optional[str] = None,
            inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
            label: Optional[str] = None,
            linodes: Optional[Sequence[int]] = None,
            nodebalancers: Optional[Sequence[int]] = None,
            outbound_policy: Optional[str] = None,
            outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
            status: Optional[str] = None,
            tags: Optional[Sequence[str]] = None,
            updated: Optional[str] = None) -> Firewall
    func GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)
    public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)
    public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Created string

    When this firewall was created

    Devices List<FirewallDevice>

    The devices associated with this firewall.

    Disabled bool

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    InboundPolicy string

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Inbounds List<FirewallInbound>

    A firewall rule that specifies what inbound network traffic is allowed.

    Label string

    This Firewall's unique label.

    Linodes List<int>

    A list of IDs of Linodes this Firewall should govern network traffic for.

    Nodebalancers List<int>

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    OutboundPolicy string

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    Outbounds List<FirewallOutbound>

    A firewall rule that specifies what outbound network traffic is allowed.

    Status string

    The status of the Firewall.

    Tags List<string>

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    Updated string

    When this firewall was last updated

    Created string

    When this firewall was created

    Devices []FirewallDeviceTypeArgs

    The devices associated with this firewall.

    Disabled bool

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    InboundPolicy string

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    Inbounds []FirewallInboundArgs

    A firewall rule that specifies what inbound network traffic is allowed.

    Label string

    This Firewall's unique label.

    Linodes []int

    A list of IDs of Linodes this Firewall should govern network traffic for.

    Nodebalancers []int

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    OutboundPolicy string

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    Outbounds []FirewallOutboundArgs

    A firewall rule that specifies what outbound network traffic is allowed.

    Status string

    The status of the Firewall.

    Tags []string

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    Updated string

    When this firewall was last updated

    created String

    When this firewall was created

    devices List<FirewallDevice>

    The devices associated with this firewall.

    disabled Boolean

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inboundPolicy String

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds List<FirewallInbound>

    A firewall rule that specifies what inbound network traffic is allowed.

    label String

    This Firewall's unique label.

    linodes List<Integer>

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers List<Integer>

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outboundPolicy String

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    outbounds List<FirewallOutbound>

    A firewall rule that specifies what outbound network traffic is allowed.

    status String

    The status of the Firewall.

    tags List<String>

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    updated String

    When this firewall was last updated

    created string

    When this firewall was created

    devices FirewallDevice[]

    The devices associated with this firewall.

    disabled boolean

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inboundPolicy string

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds FirewallInbound[]

    A firewall rule that specifies what inbound network traffic is allowed.

    label string

    This Firewall's unique label.

    linodes number[]

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers number[]

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outboundPolicy string

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    outbounds FirewallOutbound[]

    A firewall rule that specifies what outbound network traffic is allowed.

    status string

    The status of the Firewall.

    tags string[]

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    updated string

    When this firewall was last updated

    created str

    When this firewall was created

    devices Sequence[FirewallDeviceArgs]

    The devices associated with this firewall.

    disabled bool

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inbound_policy str

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds Sequence[FirewallInboundArgs]

    A firewall rule that specifies what inbound network traffic is allowed.

    label str

    This Firewall's unique label.

    linodes Sequence[int]

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers Sequence[int]

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outbound_policy str

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    outbounds Sequence[FirewallOutboundArgs]

    A firewall rule that specifies what outbound network traffic is allowed.

    status str

    The status of the Firewall.

    tags Sequence[str]

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    updated str

    When this firewall was last updated

    created String

    When this firewall was created

    devices List<Property Map>

    The devices associated with this firewall.

    disabled Boolean

    If true, the Firewall's rules are not enforced (defaults to false).

    • inbound - (Optional) A firewall rule that specifies what inbound network traffic is allowed.
    inboundPolicy String

    The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

    • outbound - (Optional) A firewall rule that specifies what outbound network traffic is allowed.
    inbounds List<Property Map>

    A firewall rule that specifies what inbound network traffic is allowed.

    label String

    This Firewall's unique label.

    linodes List<Number>

    A list of IDs of Linodes this Firewall should govern network traffic for.

    nodebalancers List<Number>

    A list of IDs of NodeBalancers this Firewall should govern network traffic for.

    outboundPolicy String

    The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

    outbounds List<Property Map>

    A firewall rule that specifies what outbound network traffic is allowed.

    status String

    The status of the Firewall.

    tags List<String>

    A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

    updated String

    When this firewall was last updated

    Supporting Types

    FirewallDevice, FirewallDeviceArgs

    EntityId int

    The ID of the underlying entity this device references (i.e. the Linode's ID).

    Id int

    The ID of the Firewall Device.

    Label string

    This Firewall's unique label.

    Type string

    The type of Firewall Device.

    Url string

    The URL of the underlying entity this device references.

    EntityId int

    The ID of the underlying entity this device references (i.e. the Linode's ID).

    Id int

    The ID of the Firewall Device.

    Label string

    This Firewall's unique label.

    Type string

    The type of Firewall Device.

    Url string

    The URL of the underlying entity this device references.

    entityId Integer

    The ID of the underlying entity this device references (i.e. the Linode's ID).

    id Integer

    The ID of the Firewall Device.

    label String

    This Firewall's unique label.

    type String

    The type of Firewall Device.

    url String

    The URL of the underlying entity this device references.

    entityId number

    The ID of the underlying entity this device references (i.e. the Linode's ID).

    id number

    The ID of the Firewall Device.

    label string

    This Firewall's unique label.

    type string

    The type of Firewall Device.

    url string

    The URL of the underlying entity this device references.

    entity_id int

    The ID of the underlying entity this device references (i.e. the Linode's ID).

    id int

    The ID of the Firewall Device.

    label str

    This Firewall's unique label.

    type str

    The type of Firewall Device.

    url str

    The URL of the underlying entity this device references.

    entityId Number

    The ID of the underlying entity this device references (i.e. the Linode's ID).

    id Number

    The ID of the Firewall Device.

    label String

    This Firewall's unique label.

    type String

    The type of Firewall Device.

    url String

    The URL of the underlying entity this device references.

    FirewallInbound, FirewallInboundArgs

    Action string

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    Label string

    Used to identify this rule. For display purposes only.

    Protocol string

    The network protocol this rule controls. (TCP, UDP, ICMP)

    Ipv4s List<string>

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    Ipv6s List<string>

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    Ports string

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    Action string

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    Label string

    Used to identify this rule. For display purposes only.

    Protocol string

    The network protocol this rule controls. (TCP, UDP, ICMP)

    Ipv4s []string

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    Ipv6s []string

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    Ports string

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action String

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label String

    Used to identify this rule. For display purposes only.

    protocol String

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s List<String>

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s List<String>

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports String

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action string

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label string

    Used to identify this rule. For display purposes only.

    protocol string

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s string[]

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s string[]

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports string

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action str

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label str

    Used to identify this rule. For display purposes only.

    protocol str

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s Sequence[str]

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s Sequence[str]

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports str

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action String

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label String

    Used to identify this rule. For display purposes only.

    protocol String

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s List<String>

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s List<String>

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports String

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    FirewallOutbound, FirewallOutboundArgs

    Action string

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    Label string

    This Firewall's unique label.

    Protocol string

    The network protocol this rule controls. (TCP, UDP, ICMP)

    Ipv4s List<string>

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    Ipv6s List<string>

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    Ports string

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    Action string

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    Label string

    This Firewall's unique label.

    Protocol string

    The network protocol this rule controls. (TCP, UDP, ICMP)

    Ipv4s []string

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    Ipv6s []string

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    Ports string

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action String

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label String

    This Firewall's unique label.

    protocol String

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s List<String>

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s List<String>

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports String

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action string

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label string

    This Firewall's unique label.

    protocol string

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s string[]

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s string[]

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports string

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action str

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label str

    This Firewall's unique label.

    protocol str

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s Sequence[str]

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s Sequence[str]

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports str

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    action String

    Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

    label String

    This Firewall's unique label.

    protocol String

    The network protocol this rule controls. (TCP, UDP, ICMP)

    ipv4s List<String>

    A list of IPv4 addresses or networks. Must be in IP/mask format.

    ipv6s List<String>

    A list of IPv6 addresses or networks. Must be in IP/mask format.

    ports String

    A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

    Import

    Firewalls can be imported using the id, e.g.

     $ pulumi import linode:index/firewall:Firewall my_firewall 12345
    

    Package Details

    Repository
    Linode pulumi/pulumi-linode
    License
    Apache-2.0
    Notes

    This Pulumi package is based on the linode Terraform Provider.

    linode logo
    Linode v4.7.0 published on Friday, Sep 29, 2023 by Pulumi