Manages a v1 firewall rule resource within OpenStack.
resource "openstack_fw_rule_v1" "rule_1" {
name = "my_rule"
description = "drop TELNET traffic"
action = "deny"
protocol = "tcp"
destination_port = "23"
enabled = "true"
}
The following arguments are supported:
region
- (Optional) The region in which to obtain the v1 Compute client.
A Compute client is needed to create a firewall rule. If omitted, the
region
argument of the provider is used. Changing this creates a new
firewall rule.
name
- (Optional) A unique name for the firewall rule. Changing this
updates the name
of an existing firewall rule.
description
- (Optional) A description for the firewall rule. Changing this
updates the description
of an existing firewall rule.
protocol
- (Required) The protocol type on which the firewall rule operates.
Valid values are: tcp
, udp
, icmp
, and any
. Changing this updates the
protocol
of an existing firewall rule.
action
- (Required) Action to be taken ( must be "allow" or "deny") when the
firewall rule matches. Changing this updates the action
of an existing
firewall rule.
ip_version
- (Optional) IP version, either 4 (default) or 6. Changing this
updates the ip_version
of an existing firewall rule.
source_ip_address
- (Optional) The source IP address on which the firewall
rule operates. Changing this updates the source_ip_address
of an existing
firewall rule.
destination_ip_address
- (Optional) The destination IP address on which the
firewall rule operates. Changing this updates the destination_ip_address
of an existing firewall rule.
source_port
- (Optional) The source port on which the firewall
rule operates. Changing this updates the source_port
of an existing
firewall rule.
destination_port
- (Optional) The destination port on which the firewall
rule operates. Changing this updates the destination_port
of an existing
firewall rule.
enabled
- (Optional) Enabled status for the firewall rule (must be "true"
or "false" if provided - defaults to "true"). Changing this updates the
enabled
status of an existing firewall rule.
tenant_id
- (Optional) The owner of the firewall rule. Required if admin
wants to create a firewall rule for another tenant. Changing this creates a
new firewall rule.
value_specs
- (Optional) Map of additional options.
The following attributes are exported:
region
- See Argument Reference above.name
- See Argument Reference above.description
- See Argument Reference above.protocol
- See Argument Reference above.action
- See Argument Reference above.ip_version
- See Argument Reference above.source_ip_address
- See Argument Reference above.destination_ip_address
- See Argument Reference above.source_port
- See Argument Reference above.destination_port
- See Argument Reference above.enabled
- See Argument Reference above.tenant_id
- See Argument Reference above.Firewall Rules can be imported using the id
, e.g.
$ terraform import openstack_fw_rule_v1.rule_1 8dbc0c28-e49c-463f-b712-5c5d1bbac327