linode.Firewall
Explore with Pulumi AI
Manages a Linode Firewall.
Example Usage
Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Linode = Pulumi.Linode;
return await Deployment.RunAsync(() =>
{
var myInstance = new Linode.Instance("myInstance", new()
{
Label = "my_instance",
Image = "linode/ubuntu18.04",
Region = "us-southeast",
Type = "g6-standard-1",
RootPass = "bogusPassword$",
SwapSize = 256,
});
var myFirewall = new Linode.Firewall("myFirewall", new()
{
Label = "my_firewall",
Inbounds = new[]
{
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-http",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-https",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
InboundPolicy = "DROP",
Outbounds = new[]
{
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-http",
Action = "DROP",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-https",
Action = "DROP",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
OutboundPolicy = "ACCEPT",
Linodes = new[]
{
myInstance.Id,
},
});
});
package main
import (
"github.com/pulumi/pulumi-linode/sdk/v4/go/linode"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
Label: pulumi.String("my_instance"),
Image: pulumi.String("linode/ubuntu18.04"),
Region: pulumi.String("us-southeast"),
Type: pulumi.String("g6-standard-1"),
RootPass: pulumi.String("bogusPassword$"),
SwapSize: pulumi.Int(256),
})
if err != nil {
return err
}
_, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
Label: pulumi.String("my_firewall"),
Inbounds: linode.FirewallInboundArray{
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-http"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-https"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
InboundPolicy: pulumi.String("DROP"),
Outbounds: linode.FirewallOutboundArray{
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-http"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-https"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
OutboundPolicy: pulumi.String("ACCEPT"),
Linodes: pulumi.IntArray{
myInstance.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Instance;
import com.pulumi.linode.InstanceArgs;
import com.pulumi.linode.Firewall;
import com.pulumi.linode.FirewallArgs;
import com.pulumi.linode.inputs.FirewallInboundArgs;
import com.pulumi.linode.inputs.FirewallOutboundArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myInstance = new Instance("myInstance", InstanceArgs.builder()
.label("my_instance")
.image("linode/ubuntu18.04")
.region("us-southeast")
.type("g6-standard-1")
.rootPass("bogusPassword$")
.swapSize(256)
.build());
var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()
.label("my_firewall")
.inbounds(
FirewallInboundArgs.builder()
.label("allow-http")
.action("ACCEPT")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallInboundArgs.builder()
.label("allow-https")
.action("ACCEPT")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.inboundPolicy("DROP")
.outbounds(
FirewallOutboundArgs.builder()
.label("reject-http")
.action("DROP")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallOutboundArgs.builder()
.label("reject-https")
.action("DROP")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.outboundPolicy("ACCEPT")
.linodes(myInstance.id())
.build());
}
}
import pulumi
import pulumi_linode as linode
my_instance = linode.Instance("myInstance",
label="my_instance",
image="linode/ubuntu18.04",
region="us-southeast",
type="g6-standard-1",
root_pass="bogusPassword$",
swap_size=256)
my_firewall = linode.Firewall("myFirewall",
label="my_firewall",
inbounds=[
linode.FirewallInboundArgs(
label="allow-http",
action="ACCEPT",
protocol="TCP",
ports="80",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
linode.FirewallInboundArgs(
label="allow-https",
action="ACCEPT",
protocol="TCP",
ports="443",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
],
inbound_policy="DROP",
outbounds=[
linode.FirewallOutboundArgs(
label="reject-http",
action="DROP",
protocol="TCP",
ports="80",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
linode.FirewallOutboundArgs(
label="reject-https",
action="DROP",
protocol="TCP",
ports="443",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
],
outbound_policy="ACCEPT",
linodes=[my_instance.id])
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";
const myInstance = new linode.Instance("myInstance", {
label: "my_instance",
image: "linode/ubuntu18.04",
region: "us-southeast",
type: "g6-standard-1",
rootPass: "bogusPassword$",
swapSize: 256,
});
const myFirewall = new linode.Firewall("myFirewall", {
label: "my_firewall",
inbounds: [
{
label: "allow-http",
action: "ACCEPT",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "allow-https",
action: "ACCEPT",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
inboundPolicy: "DROP",
outbounds: [
{
label: "reject-http",
action: "DROP",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "reject-https",
action: "DROP",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
outboundPolicy: "ACCEPT",
linodes: [myInstance.id],
});
resources:
myFirewall:
type: linode:Firewall
properties:
label: my_firewall
inbounds:
- label: allow-http
action: ACCEPT
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: allow-https
action: ACCEPT
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
inboundPolicy: DROP
outbounds:
- label: reject-http
action: DROP
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: reject-https
action: DROP
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
outboundPolicy: ACCEPT
linodes:
- ${myInstance.id}
myInstance:
type: linode:Instance
properties:
label: my_instance
image: linode/ubuntu18.04
region: us-southeast
type: g6-standard-1
rootPass: bogusPassword$
swapSize: 256
Create Firewall Resource
new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);
@overload
def Firewall(resource_name: str,
opts: Optional[ResourceOptions] = None,
disabled: Optional[bool] = None,
inbound_policy: Optional[str] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
label: Optional[str] = None,
linodes: Optional[Sequence[int]] = None,
nodebalancers: Optional[Sequence[int]] = None,
outbound_policy: Optional[str] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
tags: Optional[Sequence[str]] = None)
@overload
def Firewall(resource_name: str,
args: FirewallArgs,
opts: Optional[ResourceOptions] = None)
func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)
public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
public Firewall(String name, FirewallArgs args)
public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
type: linode:Firewall
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Firewall Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Firewall resource accepts the following input properties:
- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Label string
This Firewall's unique label.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- Disabled bool
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbounds
List<Firewall
Inbound> A firewall rule that specifies what inbound network traffic is allowed.
- Linodes List<int>
A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers List<int>
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbounds
List<Firewall
Outbound> A firewall rule that specifies what outbound network traffic is allowed.
- List<string>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Label string
This Firewall's unique label.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- Disabled bool
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbounds
[]Firewall
Inbound Args A firewall rule that specifies what inbound network traffic is allowed.
- Linodes []int
A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers []int
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbounds
[]Firewall
Outbound Args A firewall rule that specifies what outbound network traffic is allowed.
- []string
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label String
This Firewall's unique label.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- disabled Boolean
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds
List<Firewall
Inbound> A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Integer>
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Integer>
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds
List<Firewall
Outbound> A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label string
This Firewall's unique label.
- outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- disabled boolean
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds
Firewall
Inbound[] A firewall rule that specifies what inbound network traffic is allowed.
- linodes number[]
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers number[]
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds
Firewall
Outbound[] A firewall rule that specifies what outbound network traffic is allowed.
- string[]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound_
policy str The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label str
This Firewall's unique label.
- outbound_
policy str The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- disabled bool
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds
Sequence[Firewall
Inbound Args] A firewall rule that specifies what inbound network traffic is allowed.
- linodes Sequence[int]
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers Sequence[int]
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds
Sequence[Firewall
Outbound Args] A firewall rule that specifies what outbound network traffic is allowed.
- Sequence[str]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- label String
This Firewall's unique label.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- disabled Boolean
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbounds List<Property Map>
A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Number>
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Number>
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbounds List<Property Map>
A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
Outputs
All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:
Look up Existing Firewall Resource
Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
created: Optional[str] = None,
devices: Optional[Sequence[FirewallDeviceArgs]] = None,
disabled: Optional[bool] = None,
inbound_policy: Optional[str] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
label: Optional[str] = None,
linodes: Optional[Sequence[int]] = None,
nodebalancers: Optional[Sequence[int]] = None,
outbound_policy: Optional[str] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
status: Optional[str] = None,
tags: Optional[Sequence[str]] = None,
updated: Optional[str] = None) -> Firewall
func GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)
public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)
public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Created string
When this firewall was created
- Devices
List<Firewall
Device> The devices associated with this firewall.
- Disabled bool
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Inbounds
List<Firewall
Inbound> A firewall rule that specifies what inbound network traffic is allowed.
- Label string
This Firewall's unique label.
- Linodes List<int>
A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers List<int>
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- Outbounds
List<Firewall
Outbound> A firewall rule that specifies what outbound network traffic is allowed.
- Status string
The status of the Firewall.
- List<string>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Updated string
When this firewall was last updated
- Created string
When this firewall was created
- Devices
[]Firewall
Device Type Args The devices associated with this firewall.
- Disabled bool
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- Inbounds
[]Firewall
Inbound Args A firewall rule that specifies what inbound network traffic is allowed.
- Label string
This Firewall's unique label.
- Linodes []int
A list of IDs of Linodes this Firewall should govern network traffic for.
- Nodebalancers []int
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- Outbounds
[]Firewall
Outbound Args A firewall rule that specifies what outbound network traffic is allowed.
- Status string
The status of the Firewall.
- []string
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Updated string
When this firewall was last updated
- created String
When this firewall was created
- devices
List<Firewall
Device> The devices associated with this firewall.
- disabled Boolean
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds
List<Firewall
Inbound> A firewall rule that specifies what inbound network traffic is allowed.
- label String
This Firewall's unique label.
- linodes List<Integer>
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Integer>
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- outbounds
List<Firewall
Outbound> A firewall rule that specifies what outbound network traffic is allowed.
- status String
The status of the Firewall.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- updated String
When this firewall was last updated
- created string
When this firewall was created
- devices
Firewall
Device[] The devices associated with this firewall.
- disabled boolean
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds
Firewall
Inbound[] A firewall rule that specifies what inbound network traffic is allowed.
- label string
This Firewall's unique label.
- linodes number[]
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers number[]
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- outbounds
Firewall
Outbound[] A firewall rule that specifies what outbound network traffic is allowed.
- status string
The status of the Firewall.
- string[]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- updated string
When this firewall was last updated
- created str
When this firewall was created
- devices
Sequence[Firewall
Device Args] The devices associated with this firewall.
- disabled bool
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound_
policy str The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds
Sequence[Firewall
Inbound Args] A firewall rule that specifies what inbound network traffic is allowed.
- label str
This Firewall's unique label.
- linodes Sequence[int]
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers Sequence[int]
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound_
policy str The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- outbounds
Sequence[Firewall
Outbound Args] A firewall rule that specifies what outbound network traffic is allowed.
- status str
The status of the Firewall.
- Sequence[str]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- updated str
When this firewall was last updated
- created String
When this firewall was created
- devices List<Property Map>
The devices associated with this firewall.
- disabled Boolean
If
true
, the Firewall's rules are not enforced (defaults tofalse
).inbound
- (Optional) A firewall rule that specifies what inbound network traffic is allowed.
- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT
,DROP
)outbound
- (Optional) A firewall rule that specifies what outbound network traffic is allowed.
- inbounds List<Property Map>
A firewall rule that specifies what inbound network traffic is allowed.
- label String
This Firewall's unique label.
- linodes List<Number>
A list of IDs of Linodes this Firewall should govern network traffic for.
- nodebalancers List<Number>
A list of IDs of NodeBalancers this Firewall should govern network traffic for.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT
,DROP
)- outbounds List<Property Map>
A firewall rule that specifies what outbound network traffic is allowed.
- status String
The status of the Firewall.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- updated String
When this firewall was last updated
Supporting Types
FirewallDevice, FirewallDeviceArgs
FirewallInbound, FirewallInboundArgs
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
Used to identify this rule. For display purposes only.
- Protocol string
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- Ipv4s List<string>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s List<string>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
Used to identify this rule. For display purposes only.
- Protocol string
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- Ipv4s []string
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s []string
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
Used to identify this rule. For display purposes only.
- protocol String
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label string
Used to identify this rule. For display purposes only.
- protocol string
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s string[]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s string[]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label str
Used to identify this rule. For display purposes only.
- protocol str
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s Sequence[str]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s Sequence[str]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports str
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
Used to identify this rule. For display purposes only.
- protocol String
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
FirewallOutbound, FirewallOutboundArgs
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
This Firewall's unique label.
- Protocol string
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- Ipv4s List<string>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s List<string>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
This Firewall's unique label.
- Protocol string
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- Ipv4s []string
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s []string
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
This Firewall's unique label.
- protocol String
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label string
This Firewall's unique label.
- protocol string
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s string[]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s string[]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label str
This Firewall's unique label.
- protocol str
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s Sequence[str]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s Sequence[str]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports str
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT
,DROP
). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
This Firewall's unique label.
- protocol String
The network protocol this rule controls. (
TCP
,UDP
,ICMP
)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
Import
Firewalls can be imported using the id
, e.g.
$ pulumi import linode:index/firewall:Firewall my_firewall 12345
Package Details
- Repository
- Linode pulumi/pulumi-linode
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
linode
Terraform Provider.