linode.Firewall
Manages a Linode Firewall.
Example Usage
Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests
using System.Collections.Generic;
using Pulumi;
using Linode = Pulumi.Linode;
return await Deployment.RunAsync(() =>
{
var myInstance = new Linode.Instance("myInstance", new()
{
Label = "my_instance",
Image = "linode/ubuntu18.04",
Region = "us-southeast",
Type = "g6-standard-1",
RootPass = "bogusPassword$",
SwapSize = 256,
});
var myFirewall = new Linode.Firewall("myFirewall", new()
{
Label = "my_firewall",
Inbounds = new[]
{
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-http",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-https",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
InboundPolicy = "DROP",
Outbounds = new[]
{
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-http",
Action = "DROP",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-https",
Action = "DROP",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
OutboundPolicy = "ACCEPT",
Linodes = new[]
{
myInstance.Id,
},
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-linode/sdk/v3/go/linode"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
Label: pulumi.String("my_instance"),
Image: pulumi.String("linode/ubuntu18.04"),
Region: pulumi.String("us-southeast"),
Type: pulumi.String("g6-standard-1"),
RootPass: pulumi.String(fmt.Sprintf("bogusPassword$")),
SwapSize: pulumi.Int(256),
})
if err != nil {
return err
}
_, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
Label: pulumi.String("my_firewall"),
Inbounds: linode.FirewallInboundArray{
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-http"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-https"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
InboundPolicy: pulumi.String("DROP"),
Outbounds: linode.FirewallOutboundArray{
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-http"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-https"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
OutboundPolicy: pulumi.String("ACCEPT"),
Linodes: pulumi.IntArray{
myInstance.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Instance;
import com.pulumi.linode.InstanceArgs;
import com.pulumi.linode.Firewall;
import com.pulumi.linode.FirewallArgs;
import com.pulumi.linode.inputs.FirewallInboundArgs;
import com.pulumi.linode.inputs.FirewallOutboundArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myInstance = new Instance("myInstance", InstanceArgs.builder()
.label("my_instance")
.image("linode/ubuntu18.04")
.region("us-southeast")
.type("g6-standard-1")
.rootPass("bogusPassword$")
.swapSize(256)
.build());
var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()
.label("my_firewall")
.inbounds(
FirewallInboundArgs.builder()
.label("allow-http")
.action("ACCEPT")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallInboundArgs.builder()
.label("allow-https")
.action("ACCEPT")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.inboundPolicy("DROP")
.outbounds(
FirewallOutboundArgs.builder()
.label("reject-http")
.action("DROP")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallOutboundArgs.builder()
.label("reject-https")
.action("DROP")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.outboundPolicy("ACCEPT")
.linodes(myInstance.id())
.build());
}
}
import pulumi
import pulumi_linode as linode
my_instance = linode.Instance("myInstance",
label="my_instance",
image="linode/ubuntu18.04",
region="us-southeast",
type="g6-standard-1",
root_pass="bogusPassword$",
swap_size=256)
my_firewall = linode.Firewall("myFirewall",
label="my_firewall",
inbounds=[
linode.FirewallInboundArgs(
label="allow-http",
action="ACCEPT",
protocol="TCP",
ports="80",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
linode.FirewallInboundArgs(
label="allow-https",
action="ACCEPT",
protocol="TCP",
ports="443",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
],
inbound_policy="DROP",
outbounds=[
linode.FirewallOutboundArgs(
label="reject-http",
action="DROP",
protocol="TCP",
ports="80",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
linode.FirewallOutboundArgs(
label="reject-https",
action="DROP",
protocol="TCP",
ports="443",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
],
outbound_policy="ACCEPT",
linodes=[my_instance.id])
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";
const myInstance = new linode.Instance("myInstance", {
label: "my_instance",
image: "linode/ubuntu18.04",
region: "us-southeast",
type: "g6-standard-1",
rootPass: `bogusPassword$`,
swapSize: 256,
});
const myFirewall = new linode.Firewall("myFirewall", {
label: "my_firewall",
inbounds: [
{
label: "allow-http",
action: "ACCEPT",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "allow-https",
action: "ACCEPT",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
inboundPolicy: "DROP",
outbounds: [
{
label: "reject-http",
action: "DROP",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "reject-https",
action: "DROP",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
outboundPolicy: "ACCEPT",
linodes: [myInstance.id],
});
resources:
myFirewall:
type: linode:Firewall
properties:
label: my_firewall
inbounds:
- label: allow-http
action: ACCEPT
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: allow-https
action: ACCEPT
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
inboundPolicy: DROP
outbounds:
- label: reject-http
action: DROP
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: reject-https
action: DROP
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
outboundPolicy: ACCEPT
linodes:
- ${myInstance.id}
myInstance:
type: linode:Instance
properties:
label: my_instance
image: linode/ubuntu18.04
region: us-southeast
type: g6-standard-1
rootPass: bogusPassword$
swapSize: 256
Create Firewall Resource
new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);@overload
def Firewall(resource_name: str,
opts: Optional[ResourceOptions] = None,
disabled: Optional[bool] = None,
inbound_policy: Optional[str] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
label: Optional[str] = None,
linodes: Optional[Sequence[int]] = None,
outbound_policy: Optional[str] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
tags: Optional[Sequence[str]] = None)
@overload
def Firewall(resource_name: str,
args: FirewallArgs,
opts: Optional[ResourceOptions] = None)func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
public Firewall(String name, FirewallArgs args)
public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
type: linode:Firewall
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Firewall Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Firewall resource accepts the following input properties:
- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- Label string
This Firewall's unique label.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- Disabled bool
If
true, the Firewall's rules are not enforced (defaults tofalse).- Inbounds
List<Firewall
Inbound Args> A firewall rule that specifies what inbound network traffic is allowed.
- Linodes List<int>
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbounds
List<Firewall
Outbound Args> A firewall rule that specifies what outbound network traffic is allowed.
- List<string>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- Label string
This Firewall's unique label.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- Disabled bool
If
true, the Firewall's rules are not enforced (defaults tofalse).- Inbounds
[]Firewall
Inbound Args A firewall rule that specifies what inbound network traffic is allowed.
- Linodes []int
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbounds
[]Firewall
Outbound Args A firewall rule that specifies what outbound network traffic is allowed.
- []string
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- label String
This Firewall's unique label.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- disabled Boolean
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbounds
List<Firewall
Inbound Args> A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Integer>
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds
List<Firewall
Outbound Args> A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- label string
This Firewall's unique label.
- outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- disabled boolean
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbounds
Firewall
Inbound Args[] A firewall rule that specifies what inbound network traffic is allowed.
- linodes number[]
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds
Firewall
Outbound Args[] A firewall rule that specifies what outbound network traffic is allowed.
- string[]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound_
policy str The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- label str
This Firewall's unique label.
- outbound_
policy str The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- disabled bool
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbounds
Sequence[Firewall
Inbound Args] A firewall rule that specifies what inbound network traffic is allowed.
- linodes Sequence[int]
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds
Sequence[Firewall
Outbound Args] A firewall rule that specifies what outbound network traffic is allowed.
- Sequence[str]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- label String
This Firewall's unique label.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- disabled Boolean
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbounds List<Property Map>
A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Number>
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds List<Property Map>
A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
Outputs
All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:
- Devices
List<Firewall
Device> The devices associated with this firewall.
- Id string
The provider-assigned unique ID for this managed resource.
- Status string
The status of the Firewall.
- Devices
[]Firewall
Device Type The devices associated with this firewall.
- Id string
The provider-assigned unique ID for this managed resource.
- Status string
The status of the Firewall.
- devices
List<Firewall
Device> The devices associated with this firewall.
- id String
The provider-assigned unique ID for this managed resource.
- status String
The status of the Firewall.
- devices
Firewall
Device[] The devices associated with this firewall.
- id string
The provider-assigned unique ID for this managed resource.
- status string
The status of the Firewall.
- devices
Sequence[Firewall
Device] The devices associated with this firewall.
- id str
The provider-assigned unique ID for this managed resource.
- status str
The status of the Firewall.
- devices List<Property Map>
The devices associated with this firewall.
- id String
The provider-assigned unique ID for this managed resource.
- status String
The status of the Firewall.
Look up Existing Firewall Resource
Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
devices: Optional[Sequence[FirewallDeviceArgs]] = None,
disabled: Optional[bool] = None,
inbound_policy: Optional[str] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
label: Optional[str] = None,
linodes: Optional[Sequence[int]] = None,
outbound_policy: Optional[str] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
status: Optional[str] = None,
tags: Optional[Sequence[str]] = None) -> Firewallfunc GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Devices
List<Firewall
Device Args> The devices associated with this firewall.
- Disabled bool
If
true, the Firewall's rules are not enforced (defaults tofalse).- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- Inbounds
List<Firewall
Inbound Args> A firewall rule that specifies what inbound network traffic is allowed.
- Label string
This Firewall's unique label.
- Linodes List<int>
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- Outbounds
List<Firewall
Outbound Args> A firewall rule that specifies what outbound network traffic is allowed.
- Status string
The status of the Firewall.
- List<string>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Devices
[]Firewall
Device Type Args The devices associated with this firewall.
- Disabled bool
If
true, the Firewall's rules are not enforced (defaults tofalse).- Inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- Inbounds
[]Firewall
Inbound Args A firewall rule that specifies what inbound network traffic is allowed.
- Label string
This Firewall's unique label.
- Linodes []int
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- Outbounds
[]Firewall
Outbound Args A firewall rule that specifies what outbound network traffic is allowed.
- Status string
The status of the Firewall.
- []string
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices
List<Firewall
Device Args> The devices associated with this firewall.
- disabled Boolean
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- inbounds
List<Firewall
Inbound Args> A firewall rule that specifies what inbound network traffic is allowed.
- label String
This Firewall's unique label.
- linodes List<Integer>
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- outbounds
List<Firewall
Outbound Args> A firewall rule that specifies what outbound network traffic is allowed.
- status String
The status of the Firewall.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices
Firewall
Device Args[] The devices associated with this firewall.
- disabled boolean
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbound
Policy string The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- inbounds
Firewall
Inbound Args[] A firewall rule that specifies what inbound network traffic is allowed.
- label string
This Firewall's unique label.
- linodes number[]
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound
Policy string The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- outbounds
Firewall
Outbound Args[] A firewall rule that specifies what outbound network traffic is allowed.
- status string
The status of the Firewall.
- string[]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices
Sequence[Firewall
Device Args] The devices associated with this firewall.
- disabled bool
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbound_
policy str The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- inbounds
Sequence[Firewall
Inbound Args] A firewall rule that specifies what inbound network traffic is allowed.
- label str
This Firewall's unique label.
- linodes Sequence[int]
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound_
policy str The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- outbounds
Sequence[Firewall
Outbound Args] A firewall rule that specifies what outbound network traffic is allowed.
- status str
The status of the Firewall.
- Sequence[str]
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices List<Property Map>
The devices associated with this firewall.
- disabled Boolean
If
true, the Firewall's rules are not enforced (defaults tofalse).- inbound
Policy String The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP)- inbounds List<Property Map>
A firewall rule that specifies what inbound network traffic is allowed.
- label String
This Firewall's unique label.
- linodes List<Number>
A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound
Policy String The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP)- outbounds List<Property Map>
A firewall rule that specifies what outbound network traffic is allowed.
- status String
The status of the Firewall.
- List<String>
A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
Supporting Types
FirewallDevice
FirewallInbound
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
Used to identify this rule. For display purposes only.
- Protocol string
The network protocol this rule controls. (
TCP,UDP,ICMP)- Ipv4s List<string>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s List<string>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
Used to identify this rule. For display purposes only.
- Protocol string
The network protocol this rule controls. (
TCP,UDP,ICMP)- Ipv4s []string
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s []string
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
Used to identify this rule. For display purposes only.
- protocol String
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label string
Used to identify this rule. For display purposes only.
- protocol string
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s string[]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s string[]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label str
Used to identify this rule. For display purposes only.
- protocol str
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s Sequence[str]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s Sequence[str]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports str
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
Used to identify this rule. For display purposes only.
- protocol String
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
FirewallOutbound
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
This Firewall's unique label.
- Protocol string
The network protocol this rule controls. (
TCP,UDP,ICMP)- Ipv4s List<string>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s List<string>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- Label string
This Firewall's unique label.
- Protocol string
The network protocol this rule controls. (
TCP,UDP,ICMP)- Ipv4s []string
A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s []string
A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
This Firewall's unique label.
- protocol String
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label string
This Firewall's unique label.
- protocol string
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s string[]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s string[]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports string
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label str
This Firewall's unique label.
- protocol str
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s Sequence[str]
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s Sequence[str]
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports str
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule.- label String
This Firewall's unique label.
- protocol String
The network protocol this rule controls. (
TCP,UDP,ICMP)- ipv4s List<String>
A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
Import
Firewalls can be imported using the id, e.g.
$ pulumi import linode:index/firewall:Firewall my_firewall 12345
Package Details
- Repository
- Linode pulumi/pulumi-linode
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
linodeTerraform Provider.