jprdonnelly/opentf
1
0
Fork 0
mirror of https://github.com/opentffoundation/opentf.git synced 2026-01-29 06:00:15 -05:00
Code Issues Packages Projects Releases Wiki Activity
Files
6a08e893e37ee2ca1dde05d36bbee5d8edca790d
opentf/website/source/docs/providers/cloudstack/r/firewall.html.markdown
Sander van Harmelen 815c8840a7 Refactor the use of names vs IDs for parameters referencing other TF resources 
We have a curtesy function in place allowing you to specify both a
`name` of `ID`. But in order for the graph to be build correctly when
you recreate or taint stuff that other resources depend on, we need to
reference the `ID` and *not* the `name`.

So in order to enforce this and by that help people to not make this
mistake unknowingly, I deprecated all the parameters this allies to and
changed the logic, docs and tests accordingly.
2016-04-11 17:14:28 +02:00

71 lines
2.2 KiB
Markdown
Raw Blame History

---
layout: "cloudstack"
page_title: "CloudStack: cloudstack_firewall"
sidebar_current: "docs-cloudstack-resource-firewall"
description: |-
Creates firewall rules for a given IP address.
---
# cloudstack\_firewall
Creates firewall rules for a given IP address.
## Example Usage
```
resource "cloudstack_firewall" "default" {
ip_address_id = "30b21801-d4b3-4174-852b-0c0f30bdbbfb"
rule {
cidr_list = ["10.0.0.0/8"]
protocol = "tcp"
ports = ["80", "1000-2000"]
}
}
```
## Argument Reference
The following arguments are supported:
* `ip_address_id` - (Required) The IP address ID for which to create the
firewall rules. Changing this forces a new resource to be created.
* `ipaddress` - (Required, Deprecated) The IP address or ID for which to create
the firewall rules. Changing this forces a new resource to be created.
* `managed` - (Optional) USE WITH CAUTION! If enabled all the firewall rules for
this IP address will be managed by this resource. This means it will delete
all firewall rules that are not in your config! (defaults false)
* `rule` - (Optional) Can be specified multiple times. Each rule block supports
fields documented below. If `managed = false` at least one rule is required!
* `parallelism` (Optional) Specifies how much rules will be created or deleted
concurrently. (defaults 2)
The `rule` block supports:
* `cidr_list` - (Required) A CIDR list to allow access to the given ports.
* `source_cidr` - (Optional, Deprecated) The source CIDR to allow access to the
given ports. This attribute is deprecated, please use `cidr_list` instead.
* `protocol` - (Required) The name of the protocol to allow. Valid options are:
`tcp`, `udp` and `icmp`.
* `icmp_type` - (Optional) The ICMP type to allow. This can only be specified if
the protocol is ICMP.
* `icmp_code` - (Optional) The ICMP code to allow. This can only be specified if
the protocol is ICMP.
* `ports` - (Optional) List of ports and/or port ranges to allow. This can only
be specified if the protocol is TCP or UDP.
## Attributes Reference
The following attributes are exported:
* `id` - The IP address ID for which the firewall rules are created.
Reference in New Issue View Git Blame Copy Permalink