ionoscloud_firewall
Creates and manages Firewall Rules.
Manages a set of Firewall Rules on IonosCloud.
Example Usage
resource "ionoscloud_datacenter" "example" {
name = "Datacenter Example"
location = "us/las"
description = "Datacenter Description"
sec_auth_protection = false
}
resource "ionoscloud_ipblock" "example" {
location = ionoscloud_datacenter.example.location
size = 2
name = "IP Block Example"
}
resource "ionoscloud_server" "example" {
name = "Server Example"
datacenter_id = ionoscloud_datacenter.example.id
cores = 1
ram = 1024
image_name = "Ubuntu-20.04"
image_password = random_password.server_image_password.result
volume {
name = "system"
size = 14
disk_type = "SSD"
}
nic {
lan = "1"
dhcp = true
firewall_active = true
}
}
resource "ionoscloud_nic" "example" {
datacenter_id = ionoscloud_datacenter.example.id
server_id = ionoscloud_server.example.id
lan = 2
dhcp = true
firewall_active = true
name = "Nic Example"
}
resource "ionoscloud_firewall" "example" {
datacenter_id = ionoscloud_datacenter.example.id
server_id = ionoscloud_server.example.id
nic_id = ionoscloud_nic.example.id
protocol = "ICMP"
name = "Firewall Example"
source_mac = "00:0a:95:9d:68:16"
source_ip = ionoscloud_ipblock.example.ips[0]
target_ip = ionoscloud_ipblock.example.ips[1]
icmp_type = 1
icmp_code = 8
type = "INGRESS"
}
resource "random_password" "server_image_password" {
length = 16
special = false
}
Argument reference
datacenter_id
- (Required)[string] The Virtual Data Center ID.server_id
- (Required)[string] The Server ID.nic_id
- (Required)[string] The NIC ID.protocol
- (Required)[string] The protocol for the rule: TCP, UDP, ICMP, ANY. Property cannot be modified after creation (disallowed in update requests).name
- (Optional)[string] The name of the firewall rule.source_mac
- (Optional)[string] Only traffic originating from the respective MAC address is allowed. Valid format: aa:bb:cc:dd:ee:ff. Value null allows all source MAC address. Valid format: aa:bb:cc:dd:ee:ff.source_ip
- (Optional)[string] Only traffic originating from the respective IPv4 address is allowed. Value null allows all source IPs.target_ip
- (Optional)[string] In case the target NIC has multiple IP addresses, only traffic directed to the respective IP address of the NIC is allowed. Value null allows all target IPs.port_range_start
- (Optional)[int] Defines the start range of the allowed port (from 1 to 65534) if protocol TCP or UDP is chosen. Leave portRangeStart and portRangeEnd null to allow all ports.port_range_end
- (Optional)[int] Defines the end range of the allowed port (from 1 to 65534) if the protocol TCP or UDP is chosen. Leave portRangeStart and portRangeEnd null to allow all ports.icmp_type
- (Optional)[string] Defines the allowed code (from 0 to 254) if protocol ICMP is chosen. Value null allows all codes.icmp_code
- (Optional)[int] Defines the allowed code (from 0 to 254) if protocol ICMP is chosen.type
- (Optional)[string] The type of firewall rule. If is not specified, it will take the default value INGRESS.
Import
Resource Firewall can be imported using the resource id
, e.g.
terraform import ionoscloud_firewall.myfwruledatacenter uuid/server uuid/nic uuid/firewall uuid
Last updated