Docs Home
Linode v4.38.0 published on Thursday, Apr 24, 2025 by Pulumi
linode.Firewall
Explore with Pulumi AI
Manages a Linode Firewall. For more information, see the Linode APIv4 docs.
Example Usage
Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests:
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";
const myInstance = new linode.Instance("my_instance", {
label: "my_instance",
image: "linode/ubuntu22.04",
region: "us-southeast",
type: "g6-standard-1",
rootPass: "bogusPassword$",
swapSize: 256,
});
const myFirewall = new linode.Firewall("my_firewall", {
label: "my_firewall",
inbounds: [
{
label: "allow-http",
action: "ACCEPT",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "allow-https",
action: "ACCEPT",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
inboundPolicy: "DROP",
outbounds: [
{
label: "reject-http",
action: "DROP",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "reject-https",
action: "DROP",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
outboundPolicy: "ACCEPT",
linodes: [myInstance.id],
});
import pulumi
import pulumi_linode as linode
my_instance = linode.Instance("my_instance",
label="my_instance",
image="linode/ubuntu22.04",
region="us-southeast",
type="g6-standard-1",
root_pass="bogusPassword$",
swap_size=256)
my_firewall = linode.Firewall("my_firewall",
label="my_firewall",
inbounds=[
{
"label": "allow-http",
"action": "ACCEPT",
"protocol": "TCP",
"ports": "80",
"ipv4s": ["0.0.0.0/0"],
"ipv6s": ["::/0"],
},
{
"label": "allow-https",
"action": "ACCEPT",
"protocol": "TCP",
"ports": "443",
"ipv4s": ["0.0.0.0/0"],
"ipv6s": ["::/0"],
},
],
inbound_policy="DROP",
outbounds=[
{
"label": "reject-http",
"action": "DROP",
"protocol": "TCP",
"ports": "80",
"ipv4s": ["0.0.0.0/0"],
"ipv6s": ["::/0"],
},
{
"label": "reject-https",
"action": "DROP",
"protocol": "TCP",
"ports": "443",
"ipv4s": ["0.0.0.0/0"],
"ipv6s": ["::/0"],
},
],
outbound_policy="ACCEPT",
linodes=[my_instance.id])
package main
import (
"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myInstance, err := linode.NewInstance(ctx, "my_instance", &linode.InstanceArgs{
Label: pulumi.String("my_instance"),
Image: pulumi.String("linode/ubuntu22.04"),
Region: pulumi.String("us-southeast"),
Type: pulumi.String("g6-standard-1"),
RootPass: pulumi.String("bogusPassword$"),
SwapSize: pulumi.Int(256),
})
if err != nil {
return err
}
_, err = linode.NewFirewall(ctx, "my_firewall", &linode.FirewallArgs{
Label: pulumi.String("my_firewall"),
Inbounds: linode.FirewallInboundArray{
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-http"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-https"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
InboundPolicy: pulumi.String("DROP"),
Outbounds: linode.FirewallOutboundArray{
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-http"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-https"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
OutboundPolicy: pulumi.String("ACCEPT"),
Linodes: pulumi.IntArray{
myInstance.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Linode = Pulumi.Linode;
return await Deployment.RunAsync(() =>
{
var myInstance = new Linode.Instance("my_instance", new()
{
Label = "my_instance",
Image = "linode/ubuntu22.04",
Region = "us-southeast",
Type = "g6-standard-1",
RootPass = "bogusPassword$",
SwapSize = 256,
});
var myFirewall = new Linode.Firewall("my_firewall", new()
{
Label = "my_firewall",
Inbounds = new[]
{
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-http",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-https",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
InboundPolicy = "DROP",
Outbounds = new[]
{
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-http",
Action = "DROP",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-https",
Action = "DROP",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
OutboundPolicy = "ACCEPT",
Linodes = new[]
{
myInstance.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Instance;
import com.pulumi.linode.InstanceArgs;
import com.pulumi.linode.Firewall;
import com.pulumi.linode.FirewallArgs;
import com.pulumi.linode.inputs.FirewallInboundArgs;
import com.pulumi.linode.inputs.FirewallOutboundArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myInstance = new Instance("myInstance", InstanceArgs.builder()
.label("my_instance")
.image("linode/ubuntu22.04")
.region("us-southeast")
.type("g6-standard-1")
.rootPass("bogusPassword$")
.swapSize(256)
.build());
var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()
.label("my_firewall")
.inbounds(
FirewallInboundArgs.builder()
.label("allow-http")
.action("ACCEPT")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallInboundArgs.builder()
.label("allow-https")
.action("ACCEPT")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.inboundPolicy("DROP")
.outbounds(
FirewallOutboundArgs.builder()
.label("reject-http")
.action("DROP")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallOutboundArgs.builder()
.label("reject-https")
.action("DROP")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.outboundPolicy("ACCEPT")
.linodes(myInstance.id())
.build());
}
}
resources:
myFirewall:
type: linode:Firewall
name: my_firewall
properties:
label: my_firewall
inbounds:
- label: allow-http
action: ACCEPT
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: allow-https
action: ACCEPT
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
inboundPolicy: DROP
outbounds:
- label: reject-http
action: DROP
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: reject-https
action: DROP
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
outboundPolicy: ACCEPT
linodes:
- ${myInstance.id}
myInstance:
type: linode:Instance
name: my_instance
properties:
label: my_instance
image: linode/ubuntu22.04
region: us-southeast
type: g6-standard-1
rootPass: bogusPassword$
swapSize: 256
Create Firewall Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);@overload
def Firewall(resource_name: str,
args: FirewallArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Firewall(resource_name: str,
opts: Optional[ResourceOptions] = None,
inbound_policy: Optional[str] = None,
label: Optional[str] = None,
outbound_policy: Optional[str] = None,
disabled: Optional[bool] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
linodes: Optional[Sequence[int]] = None,
nodebalancers: Optional[Sequence[int]] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
tags: Optional[Sequence[str]] = None)func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
public Firewall(String name, FirewallArgs args)
public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
type: linode:Firewall
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var firewallResource = new Linode.Firewall("firewallResource", new()
{
InboundPolicy = "string",
Label = "string",
OutboundPolicy = "string",
Disabled = false,
Inbounds = new[]
{
new Linode.Inputs.FirewallInboundArgs
{
Action = "string",
Label = "string",
Protocol = "string",
Description = "string",
Ipv4s = new[]
{
"string",
},
Ipv6s = new[]
{
"string",
},
Ports = "string",
},
},
Linodes = new[]
{
0,
},
Nodebalancers = new[]
{
0,
},
Outbounds = new[]
{
new Linode.Inputs.FirewallOutboundArgs
{
Action = "string",
Label = "string",
Protocol = "string",
Description = "string",
Ipv4s = new[]
{
"string",
},
Ipv6s = new[]
{
"string",
},
Ports = "string",
},
},
Tags = new[]
{
"string",
},
});
example, err := linode.NewFirewall(ctx, "firewallResource", &linode.FirewallArgs{
InboundPolicy: pulumi.String("string"),
Label: pulumi.String("string"),
OutboundPolicy: pulumi.String("string"),
Disabled: pulumi.Bool(false),
Inbounds: linode.FirewallInboundArray{
&linode.FirewallInboundArgs{
Action: pulumi.String("string"),
Label: pulumi.String("string"),
Protocol: pulumi.String("string"),
Description: pulumi.String("string"),
Ipv4s: pulumi.StringArray{
pulumi.String("string"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("string"),
},
Ports: pulumi.String("string"),
},
},
Linodes: pulumi.IntArray{
pulumi.Int(0),
},
Nodebalancers: pulumi.IntArray{
pulumi.Int(0),
},
Outbounds: linode.FirewallOutboundArray{
&linode.FirewallOutboundArgs{
Action: pulumi.String("string"),
Label: pulumi.String("string"),
Protocol: pulumi.String("string"),
Description: pulumi.String("string"),
Ipv4s: pulumi.StringArray{
pulumi.String("string"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("string"),
},
Ports: pulumi.String("string"),
},
},
Tags: pulumi.StringArray{
pulumi.String("string"),
},
})
var firewallResource = new Firewall("firewallResource", FirewallArgs.builder()
.inboundPolicy("string")
.label("string")
.outboundPolicy("string")
.disabled(false)
.inbounds(FirewallInboundArgs.builder()
.action("string")
.label("string")
.protocol("string")
.description("string")
.ipv4s("string")
.ipv6s("string")
.ports("string")
.build())
.linodes(0)
.nodebalancers(0)
.outbounds(FirewallOutboundArgs.builder()
.action("string")
.label("string")
.protocol("string")
.description("string")
.ipv4s("string")
.ipv6s("string")
.ports("string")
.build())
.tags("string")
.build());
firewall_resource = linode.Firewall("firewallResource",
inbound_policy="string",
label="string",
outbound_policy="string",
disabled=False,
inbounds=[{
"action": "string",
"label": "string",
"protocol": "string",
"description": "string",
"ipv4s": ["string"],
"ipv6s": ["string"],
"ports": "string",
}],
linodes=[0],
nodebalancers=[0],
outbounds=[{
"action": "string",
"label": "string",
"protocol": "string",
"description": "string",
"ipv4s": ["string"],
"ipv6s": ["string"],
"ports": "string",
}],
tags=["string"])
const firewallResource = new linode.Firewall("firewallResource", {
inboundPolicy: "string",
label: "string",
outboundPolicy: "string",
disabled: false,
inbounds: [{
action: "string",
label: "string",
protocol: "string",
description: "string",
ipv4s: ["string"],
ipv6s: ["string"],
ports: "string",
}],
linodes: [0],
nodebalancers: [0],
outbounds: [{
action: "string",
label: "string",
protocol: "string",
description: "string",
ipv4s: ["string"],
ipv6s: ["string"],
ports: "string",
}],
tags: ["string"],
});
type: linode:Firewall
properties:
disabled: false
inboundPolicy: string
inbounds:
- action: string
description: string
ipv4s:
- string
ipv6s:
- string
label: string
ports: string
protocol: string
label: string
linodes:
- 0
nodebalancers:
- 0
outboundPolicy: string
outbounds:
- action: string
description: string
ipv4s:
- string
ipv6s:
- string
label: string
ports: string
protocol: string
tags:
- string
Firewall Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Firewall resource accepts the following input properties:
- Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Label string
- This Firewall's unique label.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- Linodes List<int>
- A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers List<int>
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- List<string>
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Label string
- This Firewall's unique label.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbounds
[]Firewall
Inbound Args - A firewall rule that specifies what inbound network traffic is allowed.
- Linodes []int
- A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers []int
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbounds
[]Firewall
Outbound Args - A firewall rule that specifies what outbound network traffic is allowed.
- []string
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label String
- This Firewall's unique label.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Integer>
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Integer>
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label string
- This Firewall's unique label.
- outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds
Firewall
Inbound[] - A firewall rule that specifies what inbound network traffic is allowed.
- linodes number[]
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers number[]
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds
Firewall
Outbound[] - A firewall rule that specifies what outbound network traffic is allowed.
- string[]
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- inbound_
policy str - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label str
- This Firewall's unique label.
- outbound_
policy str - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds
Sequence[Firewall
Inbound Args] - A firewall rule that specifies what inbound network traffic is allowed.
- linodes Sequence[int]
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers Sequence[int]
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds
Sequence[Firewall
Outbound Args] - A firewall rule that specifies what outbound network traffic is allowed.
- Sequence[str]
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label String
- This Firewall's unique label.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds List<Property Map>
- A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Number>
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Number>
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds List<Property Map>
- A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
Outputs
All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:
Look up Existing Firewall Resource
Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created: Optional[str] = None,
devices: Optional[Sequence[FirewallDeviceArgs]] = None,
disabled: Optional[bool] = None,
inbound_policy: Optional[str] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
label: Optional[str] = None,
linodes: Optional[Sequence[int]] = None,
nodebalancers: Optional[Sequence[int]] = None,
outbound_policy: Optional[str] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
status: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
updated: Optional[str] = None) -> Firewallfunc GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)resources: _: type: linode:Firewall get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created string
- When this firewall was created
- Devices
List<Firewall
Device> - The devices associated with this firewall.
- Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- Label string
- This Firewall's unique label.
- Linodes List<int>
- A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers List<int>
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- Status string
- The status of the Firewall.
- List<string>
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- Updated string
- When this firewall was last updated
- Created string
- When this firewall was created
- Devices
[]Firewall
Device Type Args - The devices associated with this firewall.
- Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Inbounds
[]Firewall
Inbound Args - A firewall rule that specifies what inbound network traffic is allowed.
- Label string
- This Firewall's unique label.
- Linodes []int
- A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers []int
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Outbounds
[]Firewall
Outbound Args - A firewall rule that specifies what outbound network traffic is allowed.
- Status string
- The status of the Firewall.
- []string
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- Updated string
- When this firewall was last updated
- created String
- When this firewall was created
- devices
List<Firewall
Device> - The devices associated with this firewall.
- disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- label String
- This Firewall's unique label.
- linodes List<Integer>
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Integer>
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- status String
- The status of the Firewall.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- updated String
- When this firewall was last updated
- created string
- When this firewall was created
- devices
Firewall
Device[] - The devices associated with this firewall.
- disabled boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds
Firewall
Inbound[] - A firewall rule that specifies what inbound network traffic is allowed.
- label string
- This Firewall's unique label.
- linodes number[]
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers number[]
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds
Firewall
Outbound[] - A firewall rule that specifies what outbound network traffic is allowed.
- status string
- The status of the Firewall.
- string[]
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- updated string
- When this firewall was last updated
- created str
- When this firewall was created
- devices
Sequence[Firewall
Device Args] - The devices associated with this firewall.
- disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound_
policy str - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds
Sequence[Firewall
Inbound Args] - A firewall rule that specifies what inbound network traffic is allowed.
- label str
- This Firewall's unique label.
- linodes Sequence[int]
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers Sequence[int]
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound_
policy str - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds
Sequence[Firewall
Outbound Args] - A firewall rule that specifies what outbound network traffic is allowed.
- status str
- The status of the Firewall.
- Sequence[str]
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- updated str
- When this firewall was last updated
- created String
- When this firewall was created
- devices List<Property Map>
- The devices associated with this firewall.
- disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse).inbound- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)outbound- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds List<Property Map>
- A firewall rule that specifies what inbound network traffic is allowed.
- label String
- This Firewall's unique label.
- linodes List<Number>
- A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Number>
- A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds List<Property Map>
- A firewall rule that specifies what outbound network traffic is allowed.
- status String
- The status of the Firewall.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are case-insensitive and are for organizational purposes only.
- updated String
- When this firewall was last updated
Supporting Types
FirewallDevice, FirewallDeviceArgs
FirewallInbound, FirewallInboundArgs
- Action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - Label string
- Used to identify this rule. For display purposes only.
- Protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - Description string
- Used to describe this rule. For display purposes only.
- Ipv4s List<string>
- A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
- Ipv6s List<string>
- A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - Label string
- Used to identify this rule. For display purposes only.
- Protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - Description string
- Used to describe this rule. For display purposes only.
- Ipv4s []string
- A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
- Ipv6s []string
- A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label String
- Used to identify this rule. For display purposes only.
- protocol String
- The network protocol this rule controls. (
TCP,UDP,ICMP) - description String
- Used to describe this rule. For display purposes only.
- ipv4s List<String>
- A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
- ipv6s List<String>
- A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label string
- Used to identify this rule. For display purposes only.
- protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - description string
- Used to describe this rule. For display purposes only.
- ipv4s string[]
- A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
- ipv6s string[]
- A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
- ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label str
- Used to identify this rule. For display purposes only.
- protocol str
- The network protocol this rule controls. (
TCP,UDP,ICMP) - description str
- Used to describe this rule. For display purposes only.
- ipv4s Sequence[str]
- A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
- ipv6s Sequence[str]
- A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
- ports str
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label String
- Used to identify this rule. For display purposes only.
- protocol String
- The network protocol this rule controls. (
TCP,UDP,ICMP) - description String
- Used to describe this rule. For display purposes only.
- ipv4s List<String>
- A list of IPv4 addresses or networks. Must be in IP/mask (CIDR) format.
- ipv6s List<String>
- A list of IPv6 addresses or networks. Must be in IP/mask (CIDR) format.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
FirewallOutbound, FirewallOutboundArgs
- Action string
- Controls whether traffic is accepted or dropped by this rule. Overrides the Firewall's inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
- Label string
- This Firewall's unique label.
- Protocol string
- The network protocol this rule controls.
- Description string
- Used to describe this rule. For display purposes only.
- Ipv4s List<string>
- A list of CIDR blocks or 0.0.0.0/0 (to allow all) this rule applies to.
- Ipv6s List<string>
- A list of IPv6 addresses or networks this rule applies to.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
- Controls whether traffic is accepted or dropped by this rule. Overrides the Firewall's inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
- Label string
- This Firewall's unique label.
- Protocol string
- The network protocol this rule controls.
- Description string
- Used to describe this rule. For display purposes only.
- Ipv4s []string
- A list of CIDR blocks or 0.0.0.0/0 (to allow all) this rule applies to.
- Ipv6s []string
- A list of IPv6 addresses or networks this rule applies to.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule. Overrides the Firewall's inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
- label String
- This Firewall's unique label.
- protocol String
- The network protocol this rule controls.
- description String
- Used to describe this rule. For display purposes only.
- ipv4s List<String>
- A list of CIDR blocks or 0.0.0.0/0 (to allow all) this rule applies to.
- ipv6s List<String>
- A list of IPv6 addresses or networks this rule applies to.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
- Controls whether traffic is accepted or dropped by this rule. Overrides the Firewall's inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
- label string
- This Firewall's unique label.
- protocol string
- The network protocol this rule controls.
- description string
- Used to describe this rule. For display purposes only.
- ipv4s string[]
- A list of CIDR blocks or 0.0.0.0/0 (to allow all) this rule applies to.
- ipv6s string[]
- A list of IPv6 addresses or networks this rule applies to.
- ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
- Controls whether traffic is accepted or dropped by this rule. Overrides the Firewall's inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
- label str
- This Firewall's unique label.
- protocol str
- The network protocol this rule controls.
- description str
- Used to describe this rule. For display purposes only.
- ipv4s Sequence[str]
- A list of CIDR blocks or 0.0.0.0/0 (to allow all) this rule applies to.
- ipv6s Sequence[str]
- A list of IPv6 addresses or networks this rule applies to.
- ports str
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule. Overrides the Firewall's inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.
- label String
- This Firewall's unique label.
- protocol String
- The network protocol this rule controls.
- description String
- Used to describe this rule. For display purposes only.
- ipv4s List<String>
- A list of CIDR blocks or 0.0.0.0/0 (to allow all) this rule applies to.
- ipv6s List<String>
- A list of IPv6 addresses or networks this rule applies to.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
Import
Firewalls can be imported using the id, e.g.
$ pulumi import linode:index/firewall:Firewall my_firewall 12345
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Linode pulumi/pulumi-linode
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
linodeTerraform Provider.