github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/website/source/docs/providers/vcd/r/firewall_rules.html.markdown

github.com/turtlemonvh/terraform@v0.6.9-0.20151204001754-8e40b6b855e8/website/source/docs/providers/vcd/r/firewall_rules.html.markdown (about)

     1  ---
     2  layout: "vcd"
     3  page_title: "vCloudDirector: vcd_firewall_rules"
     4  sidebar_current: "docs-vcd-resource-firewall-rules"
     5  description: |-
     6    Provides a vCloud Director Firewall resource. This can be used to create, modify, and delete firewall settings and rules.
     7  ---
     8  
     9  # vcd\_firewall\_rules
    10  
    11  Provides a vCloud Director Firewall resource. This can be used to create,
    12  modify, and delete firewall settings and rules.
    13  
    14  ## Example Usage
    15  
    16  ```
    17  resource "vcd_firewall_rules" "fw" {
    18      edge_gateway   = "Edge Gateway Name"
    19      default_action = "drop"
    20  
    21      rule {
    22          description      = "deny-ftp-out"
    23          policy           = "deny"
    24          protocol         = "tcp"
    25          destination_port = "21"
    26          destination_ip   = "any"
    27          source_port      = "any"
    28          source_ip        = "10.10.0.0/24"
    29      }
    30  
    31      rule {
    32          description      = "allow-outbound"
    33          policy           = "allow"
    34          protocol         = "any"
    35          destination_port = "any"
    36          destination_ip   = "any"
    37          source_port      = "any"
    38          source_ip        = "10.10.0.0/24"
    39      }
    40  
    41  }
    42  
    43  resource "vcd_vapp" "web" {
    44      ...
    45  }
    46  
    47  resource "vcd_firewall_rules" "fw-web" {
    48      edge_gateway   = "Edge Gateway Name"
    49      default_action = "drop"
    50  
    51      rule {
    52          description      = "allow-web"
    53          policy           = "allow"
    54          protocol         = "tcp"
    55          destination_port = "80"
    56          destination_ip   = "${vcd_vapp.web.ip}"
    57          source_port      = "any"
    58          source_ip        = "any"
    59      }
    60  }
    61  
    62  ```
    63  
    64  ## Argument Reference
    65  
    66  The following arguments are supported:
    67  
    68  * `edge_gateway` - (Required) The name of the edge gateway on which to apply the Firewall Rules
    69  * `default_action` - (Required) Either "allow" or "deny". Specifies what to do should none of the rules match
    70  * `rule` - (Optional) Configures a firewall rule; see [Rules](#rules) below for details.
    71  
    72  <a id="rules"></a>
    73  ## Rules
    74  
    75  Each firewall rule supports the following attributes:
    76  
    77  * `description` - (Required) Description of the fireall rule
    78  * `policy` - (Required) Specifies what to do when this rule is matched. Either "allow" or "deny"
    79  * `protocol` - (Required) The protocol to match. One of "tcp", "udp", "icmp" or "any"
    80  * `destination_port` - (Required) The destination port to match. Either a port number or "any"
    81  * `destination_ip` - (Required) The destination IP to match. Either an IP address, IP range or "any"
    82  * `source_port` - (Required) The source port to match. Either a port number or "any"
    83  * `source_ip` - (Required) The source IP to match. Either an IP address, IP range or "any"