github.com/armen/terraform@v0.5.2-0.20150529052519-caa8117a08f1/website/source/docs/providers/openstack/r/fw_policy_v1.html.markdown (about) 1 --- 2 layout: "openstack" 3 page_title: "OpenStack: openstack_fw_policy_v1" 4 sidebar_current: "docs-openstack-resource-fw-policy-v1" 5 description: |- 6 Manages a v1 firewall policy resource within OpenStack. 7 --- 8 9 # openstack\_fw\_policy_v1 10 11 Manages a v1 firewall policy resource within OpenStack. 12 13 ## Example Usage 14 15 ``` 16 resource "openstack_fw_rule_v1" "rule_1" { 17 name = "my-rule-1" 18 description = "drop TELNET traffic" 19 action = "deny" 20 protocol = "tcp" 21 destination_port = "23" 22 enabled = "true" 23 } 24 25 resource "openstack_fw_rule_v1" "rule_2" { 26 name = "my-rule-2" 27 description = "drop NTP traffic" 28 action = "deny" 29 protocol = "udp" 30 destination_port = "123" 31 enabled = "false" 32 } 33 34 resource "openstack_fw_policy_v1" "policy_1" { 35 region = "" 36 name = "my-policy" 37 rules = ["${openstack_fw_rule_v1.rule_1.id}", 38 "${openstack_fw_rule_v1.rule_2.id}"] 39 } 40 ``` 41 42 ## Argument Reference 43 44 The following arguments are supported: 45 46 * `region` - (Required) The region in which to obtain the v1 networking client. 47 A networking client is needed to create a firewall policy. If omitted, the 48 `OS_REGION_NAME` environment variable is used. Changing this creates a new 49 firewall policy. 50 51 * `name` - (Optional) A name for the firewall policy. Changing this 52 updates the `name` of an existing firewall policy. 53 54 * `description` - (Optional) A description for the firewall policy. Changing 55 this updates the `description` of an existing firewall policy. 56 57 * `rules` - (Optional) An array of one or more firewall rules that comprise 58 the policy. Changing this results in adding/removing rules from the 59 existing firewall policy. 60 61 * `audited` - (Optional) Audit status of the firewall policy 62 (must be "true" or "false" if provided - defaults to "false"). 63 This status is set to "false" whenever the firewall policy or any of its 64 rules are changed. Changing this updates the `audited` status of an existing 65 firewall policy. 66 67 * `shared` - (Optional) Sharing status of the firewall policy (must be "true" 68 or "false" if provided - defaults to "false"). If this is "true" the policy 69 is visible to, and can be used in, firewalls in other tenants. Changing this 70 updates the `shared` status of an existing firewall policy. 71 72 ## Attributes Reference 73 74 The following attributes are exported: 75 76 * `region` - See Argument Reference above. 77 * `name` - See Argument Reference above. 78 * `description` - See Argument Reference above. 79 * `audited` - See Argument Reference above. 80 * `shared` - See Argument Reference above.