Firewall
data class FirewallPolicyRuleArgs(val action: Output<String>? = null, val description: Output<String>? = null, val direction: Output<String>? = null, val disabled: Output<Boolean>? = null, val enableLogging: Output<Boolean>? = null, val firewallPolicy: Output<String>? = null, val match: Output<FirewallPolicyRuleMatchArgs>? = null, val priority: Output<Int>? = null, val targetResources: Output<List<String>>? = null, val targetServiceAccounts: Output<List<String>>? = null) : ConvertibleToJava<FirewallPolicyRuleArgs>
Hierarchical firewall policy rules let you create and enforce a consistent firewall policy across your organization. Rules can explicitly allow or deny connections or delegate evaluation to lower level policies. For more information see the official documentation
Example Usage
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.FirewallPolicy;
import com.pulumi.gcp.compute.FirewallPolicyArgs;
import com.pulumi.gcp.compute.FirewallPolicyRule;
import com.pulumi.gcp.compute.FirewallPolicyRuleArgs;
import com.pulumi.gcp.compute.inputs.FirewallPolicyRuleMatchArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultFirewallPolicy = new FirewallPolicy("defaultFirewallPolicy", FirewallPolicyArgs.builder()
.parent("organizations/12345")
.shortName("my-policy")
.description("Example Resource")
.build());
var defaultFirewallPolicyRule = new FirewallPolicyRule("defaultFirewallPolicyRule", FirewallPolicyRuleArgs.builder()
.firewallPolicy(defaultFirewallPolicy.id())
.description("Example Resource")
.priority(9000)
.enableLogging(true)
.action("allow")
.direction("EGRESS")
.disabled(false)
.match(FirewallPolicyRuleMatchArgs.builder()
.layer4Configs(FirewallPolicyRuleMatchLayer4ConfigArgs.builder()
.ipProtocol("tcp")
.ports(
80,
8080)
.build())
.destIpRanges("11.100.0.1/32")
.build())
.build());
}
}Content copied to clipboard
Import
FirewallPolicyRule can be imported using any of these accepted formats
$ pulumi import gcp:compute/firewallPolicyRule:FirewallPolicyRule default locations/global/firewallPolicies/{{firewall_policy}}/rules/{{priority}}Content copied to clipboard
$ pulumi import gcp:compute/firewallPolicyRule:FirewallPolicyRule default {{firewall_policy}}/{{priority}}Content copied to clipboard
Constructors
Link copied to clipboard
fun FirewallPolicyRuleArgs(action: Output<String>? = null, description: Output<String>? = null, direction: Output<String>? = null, disabled: Output<Boolean>? = null, enableLogging: Output<Boolean>? = null, firewallPolicy: Output<String>? = null, match: Output<FirewallPolicyRuleMatchArgs>? = null, priority: Output<Int>? = null, targetResources: Output<List<String>>? = null, targetServiceAccounts: Output<List<String>>? = null)