linode logo
Linode v3.12.0, Feb 14 23

linode.Firewall

Manages a Linode Firewall.

Example Usage

Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests

using System.Collections.Generic;
using Pulumi;
using Linode = Pulumi.Linode;

return await Deployment.RunAsync(() => 
{
    var myInstance = new Linode.Instance("myInstance", new()
    {
        Label = "my_instance",
        Image = "linode/ubuntu18.04",
        Region = "us-southeast",
        Type = "g6-standard-1",
        RootPass = "bogusPassword$",
        SwapSize = 256,
    });

    var myFirewall = new Linode.Firewall("myFirewall", new()
    {
        Label = "my_firewall",
        Inbounds = new[]
        {
            new Linode.Inputs.FirewallInboundArgs
            {
                Label = "allow-http",
                Action = "ACCEPT",
                Protocol = "TCP",
                Ports = "80",
                Ipv4s = new[]
                {
                    "0.0.0.0/0",
                },
                Ipv6s = new[]
                {
                    "::/0",
                },
            },
            new Linode.Inputs.FirewallInboundArgs
            {
                Label = "allow-https",
                Action = "ACCEPT",
                Protocol = "TCP",
                Ports = "443",
                Ipv4s = new[]
                {
                    "0.0.0.0/0",
                },
                Ipv6s = new[]
                {
                    "::/0",
                },
            },
        },
        InboundPolicy = "DROP",
        Outbounds = new[]
        {
            new Linode.Inputs.FirewallOutboundArgs
            {
                Label = "reject-http",
                Action = "DROP",
                Protocol = "TCP",
                Ports = "80",
                Ipv4s = new[]
                {
                    "0.0.0.0/0",
                },
                Ipv6s = new[]
                {
                    "::/0",
                },
            },
            new Linode.Inputs.FirewallOutboundArgs
            {
                Label = "reject-https",
                Action = "DROP",
                Protocol = "TCP",
                Ports = "443",
                Ipv4s = new[]
                {
                    "0.0.0.0/0",
                },
                Ipv6s = new[]
                {
                    "::/0",
                },
            },
        },
        OutboundPolicy = "ACCEPT",
        Linodes = new[]
        {
            myInstance.Id,
        },
    });

});
package main

import (
	"fmt"

	"github.com/pulumi/pulumi-linode/sdk/v3/go/linode"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
			Label:    pulumi.String("my_instance"),
			Image:    pulumi.String("linode/ubuntu18.04"),
			Region:   pulumi.String("us-southeast"),
			Type:     pulumi.String("g6-standard-1"),
			RootPass: pulumi.String(fmt.Sprintf("bogusPassword$")),
			SwapSize: pulumi.Int(256),
		})
		if err != nil {
			return err
		}
		_, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
			Label: pulumi.String("my_firewall"),
			Inbounds: linode.FirewallInboundArray{
				&linode.FirewallInboundArgs{
					Label:    pulumi.String("allow-http"),
					Action:   pulumi.String("ACCEPT"),
					Protocol: pulumi.String("TCP"),
					Ports:    pulumi.String("80"),
					Ipv4s: pulumi.StringArray{
						pulumi.String("0.0.0.0/0"),
					},
					Ipv6s: pulumi.StringArray{
						pulumi.String("::/0"),
					},
				},
				&linode.FirewallInboundArgs{
					Label:    pulumi.String("allow-https"),
					Action:   pulumi.String("ACCEPT"),
					Protocol: pulumi.String("TCP"),
					Ports:    pulumi.String("443"),
					Ipv4s: pulumi.StringArray{
						pulumi.String("0.0.0.0/0"),
					},
					Ipv6s: pulumi.StringArray{
						pulumi.String("::/0"),
					},
				},
			},
			InboundPolicy: pulumi.String("DROP"),
			Outbounds: linode.FirewallOutboundArray{
				&linode.FirewallOutboundArgs{
					Label:    pulumi.String("reject-http"),
					Action:   pulumi.String("DROP"),
					Protocol: pulumi.String("TCP"),
					Ports:    pulumi.String("80"),
					Ipv4s: pulumi.StringArray{
						pulumi.String("0.0.0.0/0"),
					},
					Ipv6s: pulumi.StringArray{
						pulumi.String("::/0"),
					},
				},
				&linode.FirewallOutboundArgs{
					Label:    pulumi.String("reject-https"),
					Action:   pulumi.String("DROP"),
					Protocol: pulumi.String("TCP"),
					Ports:    pulumi.String("443"),
					Ipv4s: pulumi.StringArray{
						pulumi.String("0.0.0.0/0"),
					},
					Ipv6s: pulumi.StringArray{
						pulumi.String("::/0"),
					},
				},
			},
			OutboundPolicy: pulumi.String("ACCEPT"),
			Linodes: pulumi.IntArray{
				myInstance.ID(),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Instance;
import com.pulumi.linode.InstanceArgs;
import com.pulumi.linode.Firewall;
import com.pulumi.linode.FirewallArgs;
import com.pulumi.linode.inputs.FirewallInboundArgs;
import com.pulumi.linode.inputs.FirewallOutboundArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var myInstance = new Instance("myInstance", InstanceArgs.builder()        
            .label("my_instance")
            .image("linode/ubuntu18.04")
            .region("us-southeast")
            .type("g6-standard-1")
            .rootPass("bogusPassword$")
            .swapSize(256)
            .build());

        var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()        
            .label("my_firewall")
            .inbounds(            
                FirewallInboundArgs.builder()
                    .label("allow-http")
                    .action("ACCEPT")
                    .protocol("TCP")
                    .ports("80")
                    .ipv4s("0.0.0.0/0")
                    .ipv6s("::/0")
                    .build(),
                FirewallInboundArgs.builder()
                    .label("allow-https")
                    .action("ACCEPT")
                    .protocol("TCP")
                    .ports("443")
                    .ipv4s("0.0.0.0/0")
                    .ipv6s("::/0")
                    .build())
            .inboundPolicy("DROP")
            .outbounds(            
                FirewallOutboundArgs.builder()
                    .label("reject-http")
                    .action("DROP")
                    .protocol("TCP")
                    .ports("80")
                    .ipv4s("0.0.0.0/0")
                    .ipv6s("::/0")
                    .build(),
                FirewallOutboundArgs.builder()
                    .label("reject-https")
                    .action("DROP")
                    .protocol("TCP")
                    .ports("443")
                    .ipv4s("0.0.0.0/0")
                    .ipv6s("::/0")
                    .build())
            .outboundPolicy("ACCEPT")
            .linodes(myInstance.id())
            .build());

    }
}
import pulumi
import pulumi_linode as linode

my_instance = linode.Instance("myInstance",
    label="my_instance",
    image="linode/ubuntu18.04",
    region="us-southeast",
    type="g6-standard-1",
    root_pass="bogusPassword$",
    swap_size=256)
my_firewall = linode.Firewall("myFirewall",
    label="my_firewall",
    inbounds=[
        linode.FirewallInboundArgs(
            label="allow-http",
            action="ACCEPT",
            protocol="TCP",
            ports="80",
            ipv4s=["0.0.0.0/0"],
            ipv6s=["::/0"],
        ),
        linode.FirewallInboundArgs(
            label="allow-https",
            action="ACCEPT",
            protocol="TCP",
            ports="443",
            ipv4s=["0.0.0.0/0"],
            ipv6s=["::/0"],
        ),
    ],
    inbound_policy="DROP",
    outbounds=[
        linode.FirewallOutboundArgs(
            label="reject-http",
            action="DROP",
            protocol="TCP",
            ports="80",
            ipv4s=["0.0.0.0/0"],
            ipv6s=["::/0"],
        ),
        linode.FirewallOutboundArgs(
            label="reject-https",
            action="DROP",
            protocol="TCP",
            ports="443",
            ipv4s=["0.0.0.0/0"],
            ipv6s=["::/0"],
        ),
    ],
    outbound_policy="ACCEPT",
    linodes=[my_instance.id])
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";

const myInstance = new linode.Instance("myInstance", {
    label: "my_instance",
    image: "linode/ubuntu18.04",
    region: "us-southeast",
    type: "g6-standard-1",
    rootPass: `bogusPassword$`,
    swapSize: 256,
});
const myFirewall = new linode.Firewall("myFirewall", {
    label: "my_firewall",
    inbounds: [
        {
            label: "allow-http",
            action: "ACCEPT",
            protocol: "TCP",
            ports: "80",
            ipv4s: ["0.0.0.0/0"],
            ipv6s: ["::/0"],
        },
        {
            label: "allow-https",
            action: "ACCEPT",
            protocol: "TCP",
            ports: "443",
            ipv4s: ["0.0.0.0/0"],
            ipv6s: ["::/0"],
        },
    ],
    inboundPolicy: "DROP",
    outbounds: [
        {
            label: "reject-http",
            action: "DROP",
            protocol: "TCP",
            ports: "80",
            ipv4s: ["0.0.0.0/0"],
            ipv6s: ["::/0"],
        },
        {
            label: "reject-https",
            action: "DROP",
            protocol: "TCP",
            ports: "443",
            ipv4s: ["0.0.0.0/0"],
            ipv6s: ["::/0"],
        },
    ],
    outboundPolicy: "ACCEPT",
    linodes: [myInstance.id],
});
resources:
  myFirewall:
    type: linode:Firewall
    properties:
      label: my_firewall
      inbounds:
        - label: allow-http
          action: ACCEPT
          protocol: TCP
          ports: '80'
          ipv4s:
            - 0.0.0.0/0
          ipv6s:
            - ::/0
        - label: allow-https
          action: ACCEPT
          protocol: TCP
          ports: '443'
          ipv4s:
            - 0.0.0.0/0
          ipv6s:
            - ::/0
      inboundPolicy: DROP
      outbounds:
        - label: reject-http
          action: DROP
          protocol: TCP
          ports: '80'
          ipv4s:
            - 0.0.0.0/0
          ipv6s:
            - ::/0
        - label: reject-https
          action: DROP
          protocol: TCP
          ports: '443'
          ipv4s:
            - 0.0.0.0/0
          ipv6s:
            - ::/0
      outboundPolicy: ACCEPT
      linodes:
        - ${myInstance.id}
  myInstance:
    type: linode:Instance
    properties:
      label: my_instance
      image: linode/ubuntu18.04
      region: us-southeast
      type: g6-standard-1
      rootPass: bogusPassword$
      swapSize: 256

Create Firewall Resource

new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);
@overload
def Firewall(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             disabled: Optional[bool] = None,
             inbound_policy: Optional[str] = None,
             inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
             label: Optional[str] = None,
             linodes: Optional[Sequence[int]] = None,
             outbound_policy: Optional[str] = None,
             outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
             tags: Optional[Sequence[str]] = None)
@overload
def Firewall(resource_name: str,
             args: FirewallArgs,
             opts: Optional[ResourceOptions] = None)
func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)
public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
public Firewall(String name, FirewallArgs args)
public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
type: linode:Firewall
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

name string
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name str
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name string
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name string
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name String
The unique name of the resource.
args FirewallArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Firewall Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

The Firewall resource accepts the following input properties:

InboundPolicy string

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

Label string

This Firewall's unique label.

OutboundPolicy string

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

Disabled bool

If true, the Firewall's rules are not enforced (defaults to false).

Inbounds List<FirewallInboundArgs>

A firewall rule that specifies what inbound network traffic is allowed.

Linodes List<int>

A list of IDs of Linodes this Firewall should govern it's network traffic for.

Outbounds List<FirewallOutboundArgs>

A firewall rule that specifies what outbound network traffic is allowed.

Tags List<string>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

InboundPolicy string

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

Label string

This Firewall's unique label.

OutboundPolicy string

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

Disabled bool

If true, the Firewall's rules are not enforced (defaults to false).

Inbounds []FirewallInboundArgs

A firewall rule that specifies what inbound network traffic is allowed.

Linodes []int

A list of IDs of Linodes this Firewall should govern it's network traffic for.

Outbounds []FirewallOutboundArgs

A firewall rule that specifies what outbound network traffic is allowed.

Tags []string

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

inboundPolicy String

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

label String

This Firewall's unique label.

outboundPolicy String

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

disabled Boolean

If true, the Firewall's rules are not enforced (defaults to false).

inbounds List<FirewallInboundArgs>

A firewall rule that specifies what inbound network traffic is allowed.

linodes List<Integer>

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outbounds List<FirewallOutboundArgs>

A firewall rule that specifies what outbound network traffic is allowed.

tags List<String>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

inboundPolicy string

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

label string

This Firewall's unique label.

outboundPolicy string

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

disabled boolean

If true, the Firewall's rules are not enforced (defaults to false).

inbounds FirewallInboundArgs[]

A firewall rule that specifies what inbound network traffic is allowed.

linodes number[]

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outbounds FirewallOutboundArgs[]

A firewall rule that specifies what outbound network traffic is allowed.

tags string[]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

inbound_policy str

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

label str

This Firewall's unique label.

outbound_policy str

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

disabled bool

If true, the Firewall's rules are not enforced (defaults to false).

inbounds Sequence[FirewallInboundArgs]

A firewall rule that specifies what inbound network traffic is allowed.

linodes Sequence[int]

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outbounds Sequence[FirewallOutboundArgs]

A firewall rule that specifies what outbound network traffic is allowed.

tags Sequence[str]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

inboundPolicy String

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

label String

This Firewall's unique label.

outboundPolicy String

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

disabled Boolean

If true, the Firewall's rules are not enforced (defaults to false).

inbounds List<Property Map>

A firewall rule that specifies what inbound network traffic is allowed.

linodes List<Number>

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outbounds List<Property Map>

A firewall rule that specifies what outbound network traffic is allowed.

tags List<String>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Outputs

All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:

Devices List<FirewallDevice>

The devices associated with this firewall.

Id string

The provider-assigned unique ID for this managed resource.

Status string

The status of the Firewall.

Devices []FirewallDeviceType

The devices associated with this firewall.

Id string

The provider-assigned unique ID for this managed resource.

Status string

The status of the Firewall.

devices List<FirewallDevice>

The devices associated with this firewall.

id String

The provider-assigned unique ID for this managed resource.

status String

The status of the Firewall.

devices FirewallDevice[]

The devices associated with this firewall.

id string

The provider-assigned unique ID for this managed resource.

status string

The status of the Firewall.

devices Sequence[FirewallDevice]

The devices associated with this firewall.

id str

The provider-assigned unique ID for this managed resource.

status str

The status of the Firewall.

devices List<Property Map>

The devices associated with this firewall.

id String

The provider-assigned unique ID for this managed resource.

status String

The status of the Firewall.

Look up Existing Firewall Resource

Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        devices: Optional[Sequence[FirewallDeviceArgs]] = None,
        disabled: Optional[bool] = None,
        inbound_policy: Optional[str] = None,
        inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
        label: Optional[str] = None,
        linodes: Optional[Sequence[int]] = None,
        outbound_policy: Optional[str] = None,
        outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
        status: Optional[str] = None,
        tags: Optional[Sequence[str]] = None) -> Firewall
func GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)
public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)
public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name
The unique name of the resulting resource.
id
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Devices List<FirewallDeviceArgs>

The devices associated with this firewall.

Disabled bool

If true, the Firewall's rules are not enforced (defaults to false).

InboundPolicy string

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

Inbounds List<FirewallInboundArgs>

A firewall rule that specifies what inbound network traffic is allowed.

Label string

This Firewall's unique label.

Linodes List<int>

A list of IDs of Linodes this Firewall should govern it's network traffic for.

OutboundPolicy string

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

Outbounds List<FirewallOutboundArgs>

A firewall rule that specifies what outbound network traffic is allowed.

Status string

The status of the Firewall.

Tags List<string>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Devices []FirewallDeviceTypeArgs

The devices associated with this firewall.

Disabled bool

If true, the Firewall's rules are not enforced (defaults to false).

InboundPolicy string

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

Inbounds []FirewallInboundArgs

A firewall rule that specifies what inbound network traffic is allowed.

Label string

This Firewall's unique label.

Linodes []int

A list of IDs of Linodes this Firewall should govern it's network traffic for.

OutboundPolicy string

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

Outbounds []FirewallOutboundArgs

A firewall rule that specifies what outbound network traffic is allowed.

Status string

The status of the Firewall.

Tags []string

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

devices List<FirewallDeviceArgs>

The devices associated with this firewall.

disabled Boolean

If true, the Firewall's rules are not enforced (defaults to false).

inboundPolicy String

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

inbounds List<FirewallInboundArgs>

A firewall rule that specifies what inbound network traffic is allowed.

label String

This Firewall's unique label.

linodes List<Integer>

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outboundPolicy String

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

outbounds List<FirewallOutboundArgs>

A firewall rule that specifies what outbound network traffic is allowed.

status String

The status of the Firewall.

tags List<String>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

devices FirewallDeviceArgs[]

The devices associated with this firewall.

disabled boolean

If true, the Firewall's rules are not enforced (defaults to false).

inboundPolicy string

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

inbounds FirewallInboundArgs[]

A firewall rule that specifies what inbound network traffic is allowed.

label string

This Firewall's unique label.

linodes number[]

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outboundPolicy string

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

outbounds FirewallOutboundArgs[]

A firewall rule that specifies what outbound network traffic is allowed.

status string

The status of the Firewall.

tags string[]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

devices Sequence[FirewallDeviceArgs]

The devices associated with this firewall.

disabled bool

If true, the Firewall's rules are not enforced (defaults to false).

inbound_policy str

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

inbounds Sequence[FirewallInboundArgs]

A firewall rule that specifies what inbound network traffic is allowed.

label str

This Firewall's unique label.

linodes Sequence[int]

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outbound_policy str

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

outbounds Sequence[FirewallOutboundArgs]

A firewall rule that specifies what outbound network traffic is allowed.

status str

The status of the Firewall.

tags Sequence[str]

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

devices List<Property Map>

The devices associated with this firewall.

disabled Boolean

If true, the Firewall's rules are not enforced (defaults to false).

inboundPolicy String

The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (ACCEPT, DROP)

inbounds List<Property Map>

A firewall rule that specifies what inbound network traffic is allowed.

label String

This Firewall's unique label.

linodes List<Number>

A list of IDs of Linodes this Firewall should govern it's network traffic for.

outboundPolicy String

The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (ACCEPT, DROP)

outbounds List<Property Map>

A firewall rule that specifies what outbound network traffic is allowed.

status String

The status of the Firewall.

tags List<String>

A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.

Supporting Types

FirewallDevice

EntityId int

The ID of the underlying entity this device references (i.e. the Linode's ID).

Id int

The ID of the Firewall Device.

Label string

This Firewall's unique label.

Type string

The type of Firewall Device.

Url string

The URL of the underlying entity this device references.

EntityId int

The ID of the underlying entity this device references (i.e. the Linode's ID).

Id int

The ID of the Firewall Device.

Label string

This Firewall's unique label.

Type string

The type of Firewall Device.

Url string

The URL of the underlying entity this device references.

entityId Integer

The ID of the underlying entity this device references (i.e. the Linode's ID).

id Integer

The ID of the Firewall Device.

label String

This Firewall's unique label.

type String

The type of Firewall Device.

url String

The URL of the underlying entity this device references.

entityId number

The ID of the underlying entity this device references (i.e. the Linode's ID).

id number

The ID of the Firewall Device.

label string

This Firewall's unique label.

type string

The type of Firewall Device.

url string

The URL of the underlying entity this device references.

entity_id int

The ID of the underlying entity this device references (i.e. the Linode's ID).

id int

The ID of the Firewall Device.

label str

This Firewall's unique label.

type str

The type of Firewall Device.

url str

The URL of the underlying entity this device references.

entityId Number

The ID of the underlying entity this device references (i.e. the Linode's ID).

id Number

The ID of the Firewall Device.

label String

This Firewall's unique label.

type String

The type of Firewall Device.

url String

The URL of the underlying entity this device references.

FirewallInbound

Action string

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

Label string

Used to identify this rule. For display purposes only.

Protocol string

The network protocol this rule controls. (TCP, UDP, ICMP)

Ipv4s List<string>

A list of IPv4 addresses or networks. Must be in IP/mask format.

Ipv6s List<string>

A list of IPv6 addresses or networks. Must be in IP/mask format.

Ports string

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

Action string

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

Label string

Used to identify this rule. For display purposes only.

Protocol string

The network protocol this rule controls. (TCP, UDP, ICMP)

Ipv4s []string

A list of IPv4 addresses or networks. Must be in IP/mask format.

Ipv6s []string

A list of IPv6 addresses or networks. Must be in IP/mask format.

Ports string

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action String

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label String

Used to identify this rule. For display purposes only.

protocol String

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s List<String>

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s List<String>

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports String

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action string

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label string

Used to identify this rule. For display purposes only.

protocol string

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s string[]

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s string[]

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports string

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action str

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label str

Used to identify this rule. For display purposes only.

protocol str

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s Sequence[str]

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s Sequence[str]

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports str

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action String

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label String

Used to identify this rule. For display purposes only.

protocol String

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s List<String>

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s List<String>

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports String

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

FirewallOutbound

Action string

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

Label string

This Firewall's unique label.

Protocol string

The network protocol this rule controls. (TCP, UDP, ICMP)

Ipv4s List<string>

A list of IPv4 addresses or networks. Must be in IP/mask format.

Ipv6s List<string>

A list of IPv6 addresses or networks. Must be in IP/mask format.

Ports string

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

Action string

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

Label string

This Firewall's unique label.

Protocol string

The network protocol this rule controls. (TCP, UDP, ICMP)

Ipv4s []string

A list of IPv4 addresses or networks. Must be in IP/mask format.

Ipv6s []string

A list of IPv6 addresses or networks. Must be in IP/mask format.

Ports string

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action String

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label String

This Firewall's unique label.

protocol String

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s List<String>

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s List<String>

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports String

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action string

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label string

This Firewall's unique label.

protocol string

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s string[]

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s string[]

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports string

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action str

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label str

This Firewall's unique label.

protocol str

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s Sequence[str]

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s Sequence[str]

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports str

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

action String

Controls whether traffic is accepted or dropped by this rule (ACCEPT, DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.

label String

This Firewall's unique label.

protocol String

The network protocol this rule controls. (TCP, UDP, ICMP)

ipv4s List<String>

A list of IPv4 addresses or networks. Must be in IP/mask format.

ipv6s List<String>

A list of IPv6 addresses or networks. Must be in IP/mask format.

ports String

A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").

Import

Firewalls can be imported using the id, e.g.

 $ pulumi import linode:index/firewall:Firewall my_firewall 12345

Package Details

Repository
Linode pulumi/pulumi-linode
License
Apache-2.0
Notes

This Pulumi package is based on the linode Terraform Provider.