openstack_fw_rule_v2
This instruction is a copy of the official OpenStack Terraform provider's OpenStack Terraform documentation in the Terraform Registry.
Manages a v2 firewall rule resource within OpenStack.
Firewall v2 has no support for OVN currently.
Example Usage
resource "openstack_fw_rule_v2" "rule_2" {
name = "firewall_rule"
description = "drop TELNET traffic"
action = "deny"
protocol = "tcp"
destination_port = "23"
enabled = "true"
}
Argument Reference
The following arguments are supported:
-
region— (Optional) The region in which to obtain the v2 networking client. A networking client is needed to create a firewall rule. If omitted, theregionargument of the provider is used. Changing this creates a new firewall rule. -
name— (Optional) A unique name for the firewall rule. Changing this updates thenameof an existing firewall rule. -
description— (Optional) A description for the firewall rule. Changing this updates thedescriptionof an existing firewall rule. -
tenant_id— (Optional) — This argument conflicts and is interchangeable withproject_id. The owner of the firewall rule. Required if admin wants to create a firewall rule for another tenant. Changing this creates a new firewall rule. -
project_id— (Optional) — This argument conflicts and is interchangeable withtenant_id. The owner of the firewall rule. Required if admin wants to create a firewall rule for another project. Changing this creates a new firewall rule. -
protocol— (Optional; Required ifsource_portordestination_portis not empty) The protocol type on which the firewall rule operates. Valid values are:tcp,udp,icmpandany. Changing this updates theprotocolof an existing firewall rule. Default isany. -
action— (Optional) Action to be taken (must be "allow", "deny" or "reject") when the firewall rule matches. Changing this updates theactionof an existing firewall rule. Default isdeny. -
ip_version— (Optional) IP version, either 4 or 6. Changing this updates theip_versionof an existing firewall rule. Default is4. -
source_ip_address� — (Optional) The source IP address on which the firewall rule operates. Changing this updates thesource_ip_addressof an existing firewall rule. -
destination_ip_address— (Optional) The destination IP address on which the firewall rule operates. Changing these updates thedestination_ip_addressof an existing firewall rule. -
source_port— (Optional) The source port on which the firewall rule operates. Changing this updates thesource_portof an existing firewall rule. Require notanyor empty protocol. -
destination_port— (Optional) The destination port on which the firewall rule operates. Changing this updates thedestination_portof an existing firewall rule. Require notanyor empty protocol. -
shared— (Optional) Sharing status of the firewall rule (must be "true" or "false" if provided). If this is "true" the policy is visible to, and can be used in, firewalls in other tenants. Changing this updates thesharedstatus of an existing firewall policy. On -
enabled— (Optional) Enabled status for the firewall rule (must be "true" or "false" if provided — defaults to "true"). Changing this updates theenabledstatus of an existing firewall rule.
Attributes Reference
The following attributes are exported:
region— See Argument Reference above.name— See Argument Reference above.description— See Argument Reference above.tenant_id— See Argument Reference above.project_id— See Argument Reference above.protocol— See Argument Reference above.action— See Argument Reference above.ip_version— See Argument Reference above.source_ip_address— See Argument Reference above.destination_ip_address— See Argument Reference above.source_port— See Argument Reference above.destination_port— See Argument Reference above.shared— See Argument Reference above.enabled— See Argument Reference above.
Import
Firewall Rules can be imported using the id, e.g.
$ terraform import openstack_fw_rule_v2.rule_1 8dbc0c28-e49c-463f-b712-5c5d1bbac327