Viewing docs for Linode v3.12.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Viewing docs for Linode v3.12.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
Manages a Linode Firewall.
Example Usage
Accept only inbound HTTP(s) requests and drop outbound HTTP(s) requests
using System.Collections.Generic;
using Pulumi;
using Linode = Pulumi.Linode;
return await Deployment.RunAsync(() =>
{
var myInstance = new Linode.Instance("myInstance", new()
{
Label = "my_instance",
Image = "linode/ubuntu18.04",
Region = "us-southeast",
Type = "g6-standard-1",
RootPass = "bogusPassword$",
SwapSize = 256,
});
var myFirewall = new Linode.Firewall("myFirewall", new()
{
Label = "my_firewall",
Inbounds = new[]
{
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-http",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallInboundArgs
{
Label = "allow-https",
Action = "ACCEPT",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
InboundPolicy = "DROP",
Outbounds = new[]
{
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-http",
Action = "DROP",
Protocol = "TCP",
Ports = "80",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
new Linode.Inputs.FirewallOutboundArgs
{
Label = "reject-https",
Action = "DROP",
Protocol = "TCP",
Ports = "443",
Ipv4s = new[]
{
"0.0.0.0/0",
},
Ipv6s = new[]
{
"::/0",
},
},
},
OutboundPolicy = "ACCEPT",
Linodes = new[]
{
myInstance.Id,
},
});
});
package main
import (
"fmt"
"github.com/pulumi/pulumi-linode/sdk/v3/go/linode"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
myInstance, err := linode.NewInstance(ctx, "myInstance", &linode.InstanceArgs{
Label: pulumi.String("my_instance"),
Image: pulumi.String("linode/ubuntu18.04"),
Region: pulumi.String("us-southeast"),
Type: pulumi.String("g6-standard-1"),
RootPass: pulumi.String(fmt.Sprintf("bogusPassword$")),
SwapSize: pulumi.Int(256),
})
if err != nil {
return err
}
_, err = linode.NewFirewall(ctx, "myFirewall", &linode.FirewallArgs{
Label: pulumi.String("my_firewall"),
Inbounds: linode.FirewallInboundArray{
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-http"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallInboundArgs{
Label: pulumi.String("allow-https"),
Action: pulumi.String("ACCEPT"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
InboundPolicy: pulumi.String("DROP"),
Outbounds: linode.FirewallOutboundArray{
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-http"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("80"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
&linode.FirewallOutboundArgs{
Label: pulumi.String("reject-https"),
Action: pulumi.String("DROP"),
Protocol: pulumi.String("TCP"),
Ports: pulumi.String("443"),
Ipv4s: pulumi.StringArray{
pulumi.String("0.0.0.0/0"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("::/0"),
},
},
},
OutboundPolicy: pulumi.String("ACCEPT"),
Linodes: pulumi.IntArray{
myInstance.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.linode.Instance;
import com.pulumi.linode.InstanceArgs;
import com.pulumi.linode.Firewall;
import com.pulumi.linode.FirewallArgs;
import com.pulumi.linode.inputs.FirewallInboundArgs;
import com.pulumi.linode.inputs.FirewallOutboundArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var myInstance = new Instance("myInstance", InstanceArgs.builder()
.label("my_instance")
.image("linode/ubuntu18.04")
.region("us-southeast")
.type("g6-standard-1")
.rootPass("bogusPassword$")
.swapSize(256)
.build());
var myFirewall = new Firewall("myFirewall", FirewallArgs.builder()
.label("my_firewall")
.inbounds(
FirewallInboundArgs.builder()
.label("allow-http")
.action("ACCEPT")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallInboundArgs.builder()
.label("allow-https")
.action("ACCEPT")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.inboundPolicy("DROP")
.outbounds(
FirewallOutboundArgs.builder()
.label("reject-http")
.action("DROP")
.protocol("TCP")
.ports("80")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build(),
FirewallOutboundArgs.builder()
.label("reject-https")
.action("DROP")
.protocol("TCP")
.ports("443")
.ipv4s("0.0.0.0/0")
.ipv6s("::/0")
.build())
.outboundPolicy("ACCEPT")
.linodes(myInstance.id())
.build());
}
}
import * as pulumi from "@pulumi/pulumi";
import * as linode from "@pulumi/linode";
const myInstance = new linode.Instance("myInstance", {
label: "my_instance",
image: "linode/ubuntu18.04",
region: "us-southeast",
type: "g6-standard-1",
rootPass: `bogusPassword$`,
swapSize: 256,
});
const myFirewall = new linode.Firewall("myFirewall", {
label: "my_firewall",
inbounds: [
{
label: "allow-http",
action: "ACCEPT",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "allow-https",
action: "ACCEPT",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
inboundPolicy: "DROP",
outbounds: [
{
label: "reject-http",
action: "DROP",
protocol: "TCP",
ports: "80",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
{
label: "reject-https",
action: "DROP",
protocol: "TCP",
ports: "443",
ipv4s: ["0.0.0.0/0"],
ipv6s: ["::/0"],
},
],
outboundPolicy: "ACCEPT",
linodes: [myInstance.id],
});
import pulumi
import pulumi_linode as linode
my_instance = linode.Instance("myInstance",
label="my_instance",
image="linode/ubuntu18.04",
region="us-southeast",
type="g6-standard-1",
root_pass="bogusPassword$",
swap_size=256)
my_firewall = linode.Firewall("myFirewall",
label="my_firewall",
inbounds=[
linode.FirewallInboundArgs(
label="allow-http",
action="ACCEPT",
protocol="TCP",
ports="80",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
linode.FirewallInboundArgs(
label="allow-https",
action="ACCEPT",
protocol="TCP",
ports="443",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
],
inbound_policy="DROP",
outbounds=[
linode.FirewallOutboundArgs(
label="reject-http",
action="DROP",
protocol="TCP",
ports="80",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
linode.FirewallOutboundArgs(
label="reject-https",
action="DROP",
protocol="TCP",
ports="443",
ipv4s=["0.0.0.0/0"],
ipv6s=["::/0"],
),
],
outbound_policy="ACCEPT",
linodes=[my_instance.id])
resources:
myFirewall:
type: linode:Firewall
properties:
label: my_firewall
inbounds:
- label: allow-http
action: ACCEPT
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: allow-https
action: ACCEPT
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
inboundPolicy: DROP
outbounds:
- label: reject-http
action: DROP
protocol: TCP
ports: '80'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
- label: reject-https
action: DROP
protocol: TCP
ports: '443'
ipv4s:
- 0.0.0.0/0
ipv6s:
- ::/0
outboundPolicy: ACCEPT
linodes:
- ${myInstance.id}
myInstance:
type: linode:Instance
properties:
label: my_instance
image: linode/ubuntu18.04
region: us-southeast
type: g6-standard-1
rootPass: bogusPassword$
swapSize: 256
Create Firewall Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Firewall(name: string, args: FirewallArgs, opts?: CustomResourceOptions);@overload
def Firewall(resource_name: str,
args: FirewallArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Firewall(resource_name: str,
opts: Optional[ResourceOptions] = None,
inbound_policy: Optional[str] = None,
label: Optional[str] = None,
outbound_policy: Optional[str] = None,
disabled: Optional[bool] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
linodes: Optional[Sequence[int]] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
tags: Optional[Sequence[str]] = None)func NewFirewall(ctx *Context, name string, args FirewallArgs, opts ...ResourceOption) (*Firewall, error)public Firewall(string name, FirewallArgs args, CustomResourceOptions? opts = null)
public Firewall(String name, FirewallArgs args)
public Firewall(String name, FirewallArgs args, CustomResourceOptions options)
type: linode:Firewall
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var firewallResource = new Linode.Firewall("firewallResource", new()
{
InboundPolicy = "string",
Label = "string",
OutboundPolicy = "string",
Disabled = false,
Inbounds = new[]
{
new Linode.Inputs.FirewallInboundArgs
{
Action = "string",
Label = "string",
Protocol = "string",
Ipv4s = new[]
{
"string",
},
Ipv6s = new[]
{
"string",
},
Ports = "string",
},
},
Linodes = new[]
{
0,
},
Outbounds = new[]
{
new Linode.Inputs.FirewallOutboundArgs
{
Action = "string",
Label = "string",
Protocol = "string",
Ipv4s = new[]
{
"string",
},
Ipv6s = new[]
{
"string",
},
Ports = "string",
},
},
Tags = new[]
{
"string",
},
});
example, err := linode.NewFirewall(ctx, "firewallResource", &linode.FirewallArgs{
InboundPolicy: pulumi.String("string"),
Label: pulumi.String("string"),
OutboundPolicy: pulumi.String("string"),
Disabled: pulumi.Bool(false),
Inbounds: linode.FirewallInboundArray{
&linode.FirewallInboundArgs{
Action: pulumi.String("string"),
Label: pulumi.String("string"),
Protocol: pulumi.String("string"),
Ipv4s: pulumi.StringArray{
pulumi.String("string"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("string"),
},
Ports: pulumi.String("string"),
},
},
Linodes: pulumi.IntArray{
pulumi.Int(0),
},
Outbounds: linode.FirewallOutboundArray{
&linode.FirewallOutboundArgs{
Action: pulumi.String("string"),
Label: pulumi.String("string"),
Protocol: pulumi.String("string"),
Ipv4s: pulumi.StringArray{
pulumi.String("string"),
},
Ipv6s: pulumi.StringArray{
pulumi.String("string"),
},
Ports: pulumi.String("string"),
},
},
Tags: pulumi.StringArray{
pulumi.String("string"),
},
})
var firewallResource = new Firewall("firewallResource", FirewallArgs.builder()
.inboundPolicy("string")
.label("string")
.outboundPolicy("string")
.disabled(false)
.inbounds(FirewallInboundArgs.builder()
.action("string")
.label("string")
.protocol("string")
.ipv4s("string")
.ipv6s("string")
.ports("string")
.build())
.linodes(0)
.outbounds(FirewallOutboundArgs.builder()
.action("string")
.label("string")
.protocol("string")
.ipv4s("string")
.ipv6s("string")
.ports("string")
.build())
.tags("string")
.build());
firewall_resource = linode.Firewall("firewallResource",
inbound_policy="string",
label="string",
outbound_policy="string",
disabled=False,
inbounds=[{
"action": "string",
"label": "string",
"protocol": "string",
"ipv4s": ["string"],
"ipv6s": ["string"],
"ports": "string",
}],
linodes=[0],
outbounds=[{
"action": "string",
"label": "string",
"protocol": "string",
"ipv4s": ["string"],
"ipv6s": ["string"],
"ports": "string",
}],
tags=["string"])
const firewallResource = new linode.Firewall("firewallResource", {
inboundPolicy: "string",
label: "string",
outboundPolicy: "string",
disabled: false,
inbounds: [{
action: "string",
label: "string",
protocol: "string",
ipv4s: ["string"],
ipv6s: ["string"],
ports: "string",
}],
linodes: [0],
outbounds: [{
action: "string",
label: "string",
protocol: "string",
ipv4s: ["string"],
ipv6s: ["string"],
ports: "string",
}],
tags: ["string"],
});
type: linode:Firewall
properties:
disabled: false
inboundPolicy: string
inbounds:
- action: string
ipv4s:
- string
ipv6s:
- string
label: string
ports: string
protocol: string
label: string
linodes:
- 0
outboundPolicy: string
outbounds:
- action: string
ipv4s:
- string
ipv6s:
- string
label: string
ports: string
protocol: string
tags:
- string
Firewall Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Firewall resource accepts the following input properties:
- Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - Label string
- This Firewall's unique label.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse). - Inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- Linodes List<int>
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- List<string>
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - Label string
- This Firewall's unique label.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse). - Inbounds
[]Firewall
Inbound Args - A firewall rule that specifies what inbound network traffic is allowed.
- Linodes []int
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbounds
[]Firewall
Outbound Args - A firewall rule that specifies what outbound network traffic is allowed.
- []string
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - label String
- This Firewall's unique label.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Integer>
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - label string
- This Firewall's unique label.
- outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbounds
Firewall
Inbound[] - A firewall rule that specifies what inbound network traffic is allowed.
- linodes number[]
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds
Firewall
Outbound[] - A firewall rule that specifies what outbound network traffic is allowed.
- string[]
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound_
policy str - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - label str
- This Firewall's unique label.
- outbound_
policy str - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbounds
Sequence[Firewall
Inbound Args] - A firewall rule that specifies what inbound network traffic is allowed.
- linodes Sequence[int]
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds
Sequence[Firewall
Outbound Args] - A firewall rule that specifies what outbound network traffic is allowed.
- Sequence[str]
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - label String
- This Firewall's unique label.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbounds List<Property Map>
- A firewall rule that specifies what inbound network traffic is allowed.
- linodes List<Number>
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbounds List<Property Map>
- A firewall rule that specifies what outbound network traffic is allowed.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
Outputs
All input properties are implicitly available as output properties. Additionally, the Firewall resource produces the following output properties:
- Devices
List<Firewall
Device> - The devices associated with this firewall.
- Id string
- The provider-assigned unique ID for this managed resource.
- Status string
- The status of the Firewall.
- Devices
[]Firewall
Device Type - The devices associated with this firewall.
- Id string
- The provider-assigned unique ID for this managed resource.
- Status string
- The status of the Firewall.
- devices
List<Firewall
Device> - The devices associated with this firewall.
- id String
- The provider-assigned unique ID for this managed resource.
- status String
- The status of the Firewall.
- devices
Firewall
Device[] - The devices associated with this firewall.
- id string
- The provider-assigned unique ID for this managed resource.
- status string
- The status of the Firewall.
- devices
Sequence[Firewall
Device] - The devices associated with this firewall.
- id str
- The provider-assigned unique ID for this managed resource.
- status str
- The status of the Firewall.
- devices List<Property Map>
- The devices associated with this firewall.
- id String
- The provider-assigned unique ID for this managed resource.
- status String
- The status of the Firewall.
Look up Existing Firewall Resource
Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallState, opts?: CustomResourceOptions): Firewall@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
devices: Optional[Sequence[FirewallDeviceArgs]] = None,
disabled: Optional[bool] = None,
inbound_policy: Optional[str] = None,
inbounds: Optional[Sequence[FirewallInboundArgs]] = None,
label: Optional[str] = None,
linodes: Optional[Sequence[int]] = None,
outbound_policy: Optional[str] = None,
outbounds: Optional[Sequence[FirewallOutboundArgs]] = None,
status: Optional[str] = None,
tags: Optional[Sequence[str]] = None) -> Firewallfunc GetFirewall(ctx *Context, name string, id IDInput, state *FirewallState, opts ...ResourceOption) (*Firewall, error)public static Firewall Get(string name, Input<string> id, FirewallState? state, CustomResourceOptions? opts = null)public static Firewall get(String name, Output<String> id, FirewallState state, CustomResourceOptions options)resources: _: type: linode:Firewall get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Devices
List<Firewall
Device> - The devices associated with this firewall.
- Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse). - Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - Inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- Label string
- This Firewall's unique label.
- Linodes List<int>
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- Status string
- The status of the Firewall.
- List<string>
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- Devices
[]Firewall
Device Type Args - The devices associated with this firewall.
- Disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse). - Inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - Inbounds
[]Firewall
Inbound Args - A firewall rule that specifies what inbound network traffic is allowed.
- Label string
- This Firewall's unique label.
- Linodes []int
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- Outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - Outbounds
[]Firewall
Outbound Args - A firewall rule that specifies what outbound network traffic is allowed.
- Status string
- The status of the Firewall.
- []string
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices
List<Firewall
Device> - The devices associated with this firewall.
- disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - inbounds
List<Firewall
Inbound> - A firewall rule that specifies what inbound network traffic is allowed.
- label String
- This Firewall's unique label.
- linodes List<Integer>
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds
List<Firewall
Outbound> - A firewall rule that specifies what outbound network traffic is allowed.
- status String
- The status of the Firewall.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices
Firewall
Device[] - The devices associated with this firewall.
- disabled boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbound
Policy string - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - inbounds
Firewall
Inbound[] - A firewall rule that specifies what inbound network traffic is allowed.
- label string
- This Firewall's unique label.
- linodes number[]
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound
Policy string - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds
Firewall
Outbound[] - A firewall rule that specifies what outbound network traffic is allowed.
- status string
- The status of the Firewall.
- string[]
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices
Sequence[Firewall
Device Args] - The devices associated with this firewall.
- disabled bool
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbound_
policy str - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - inbounds
Sequence[Firewall
Inbound Args] - A firewall rule that specifies what inbound network traffic is allowed.
- label str
- This Firewall's unique label.
- linodes Sequence[int]
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound_
policy str - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds
Sequence[Firewall
Outbound Args] - A firewall rule that specifies what outbound network traffic is allowed.
- status str
- The status of the Firewall.
- Sequence[str]
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
- devices List<Property Map>
- The devices associated with this firewall.
- disabled Boolean
- If
true, the Firewall's rules are not enforced (defaults tofalse). - inbound
Policy String - The default behavior for inbound traffic. This setting can be overridden by updating the inbound.action property of the Firewall Rule. (
ACCEPT,DROP) - inbounds List<Property Map>
- A firewall rule that specifies what inbound network traffic is allowed.
- label String
- This Firewall's unique label.
- linodes List<Number>
- A list of IDs of Linodes this Firewall should govern it's network traffic for.
- outbound
Policy String - The default behavior for outbound traffic. This setting can be overridden by updating the outbound.action property for an individual Firewall Rule. (
ACCEPT,DROP) - outbounds List<Property Map>
- A firewall rule that specifies what outbound network traffic is allowed.
- status String
- The status of the Firewall.
- List<String>
- A list of tags applied to the Kubernetes cluster. Tags are for organizational purposes only.
Supporting Types
FirewallDevice, FirewallDeviceArgs
FirewallInbound, FirewallInboundArgs
- Action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - Label string
- Used to identify this rule. For display purposes only.
- Protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - Ipv4s List<string>
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s List<string>
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - Label string
- Used to identify this rule. For display purposes only.
- Protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - Ipv4s []string
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s []string
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label String
- Used to identify this rule. For display purposes only.
- protocol String
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s List<String>
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label string
- Used to identify this rule. For display purposes only.
- protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s string[]
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s string[]
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label str
- Used to identify this rule. For display purposes only.
- protocol str
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s Sequence[str]
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s Sequence[str]
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports str
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label String
- Used to identify this rule. For display purposes only.
- protocol String
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s List<String>
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
FirewallOutbound, FirewallOutboundArgs
- Action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - Label string
- This Firewall's unique label.
- Protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - Ipv4s List<string>
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s List<string>
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- Action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - Label string
- This Firewall's unique label.
- Protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - Ipv4s []string
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- Ipv6s []string
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- Ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label String
- This Firewall's unique label.
- protocol String
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s List<String>
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action string
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label string
- This Firewall's unique label.
- protocol string
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s string[]
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s string[]
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports string
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action str
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label str
- This Firewall's unique label.
- protocol str
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s Sequence[str]
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s Sequence[str]
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports str
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
- action String
- Controls whether traffic is accepted or dropped by this rule (
ACCEPT,DROP). Overrides the Firewall’s inbound_policy if this is an inbound rule, or the outbound_policy if this is an outbound rule. - label String
- This Firewall's unique label.
- protocol String
- The network protocol this rule controls. (
TCP,UDP,ICMP) - ipv4s List<String>
- A list of IPv4 addresses or networks. Must be in IP/mask format.
- ipv6s List<String>
- A list of IPv6 addresses or networks. Must be in IP/mask format.
- ports String
- A string representation of ports and/or port ranges (i.e. "443" or "80-90, 91").
Import
Firewalls can be imported using the id, e.g.
$ pulumi import linode:index/firewall:Firewall my_firewall 12345
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Linode pulumi/pulumi-linode
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
linodeTerraform Provider.
Viewing docs for Linode v3.12.0 (Older version)
published on Monday, Mar 9, 2026 by Pulumi
published on Monday, Mar 9, 2026 by Pulumi
