Fork me on GitHub

Module firewall

@pulumi/openstack > firewall

Index

firewall/firewall.ts firewall/getPolicy.ts firewall/policy.ts firewall/rule.ts

class Firewall

Manages a v1 firewall resource within OpenStack.

constructor

new Firewall(name: string, args: FirewallArgs, opts?: pulumi.CustomResourceOptions)

Create a Firewall resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: FirewallState): Firewall

Get an existing Firewall resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property adminStateUp

public adminStateUp: pulumi.Output<boolean | undefined>;

Administrative up/down status for the firewall (must be “true” or “false” if provided - defaults to “true”). Changing this updates the admin_state_up of an existing firewall.

property associatedRouters

public associatedRouters: pulumi.Output<string[]>;

Router(s) to associate this firewall instance with. Must be a list of strings. Changing this updates the associated routers of an existing firewall. Conflicts with no_routers.

property description

public description: pulumi.Output<string | undefined>;

A description for the firewall. Changing this updates the description of an existing firewall.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

A name for the firewall. Changing this updates the name of an existing firewall.

property noRouters

public noRouters: pulumi.Output<boolean | undefined>;

Should this firewall not be associated with any routers (must be “true” or “false” if provide - defaults to “false”). Conflicts with associated_routers.

property policyId

public policyId: pulumi.Output<string>;

The policy resource id for the firewall. Changing this updates the policy_id of an existing firewall.

property region

public region: pulumi.Output<string>;

The region in which to obtain the v1 networking client. A networking client is needed to create a firewall. If omitted, the region argument of the provider is used. Changing this creates a new firewall.

property tenantId

public tenantId: pulumi.Output<string>;

The owner of the floating IP. Required if admin wants to create a firewall for another tenant. Changing this creates a new firewall.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property valueSpecs

public valueSpecs: pulumi.Output<{ ... } | undefined>;

Map of additional options.

class Policy

Manages a v1 firewall policy resource within OpenStack.

constructor

new Policy(name: string, args?: PolicyArgs, opts?: pulumi.CustomResourceOptions)

Create a Policy resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: PolicyState): Policy

Get an existing Policy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property audited

public audited: pulumi.Output<boolean | undefined>;

Audit status of the firewall policy (must be “true” or “false” if provided - defaults to “false”). This status is set to “false” whenever the firewall policy or any of its rules are changed. Changing this updates the audited status of an existing firewall policy.

property description

public description: pulumi.Output<string | undefined>;

A description for the firewall policy. Changing this updates the description of an existing firewall policy.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property name

public name: pulumi.Output<string>;

A name for the firewall policy. Changing this updates the name of an existing firewall policy.

property region

public region: pulumi.Output<string>;

The region in which to obtain the v1 networking client. A networking client is needed to create a firewall policy. If omitted, the region argument of the provider is used. Changing this creates a new firewall policy.

property rules

public rules: pulumi.Output<string[] | undefined>;

An array of one or more firewall rules that comprise the policy. Changing this results in adding/removing rules from the existing firewall policy.

property shared

public shared: pulumi.Output<boolean | undefined>;

Sharing status of the firewall policy (must be “true” or “false” if provided). If this is “true” the policy is visible to, and can be used in, firewalls in other tenants. Changing this updates the shared status of an existing firewall policy. Only administrative users can specify if the policy should be shared.

property tenantId

public tenantId: pulumi.Output<string>;

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property valueSpecs

public valueSpecs: pulumi.Output<{ ... } | undefined>;

Map of additional options.

class Rule

Manages a v1 firewall rule resource within OpenStack.

constructor

new Rule(name: string, args: RuleArgs, opts?: pulumi.CustomResourceOptions)

Create a Rule resource with the given unique name, arguments, and options.

  • name The unique name of the resource.
  • args The arguments to use to populate this resource's properties.
  • opts A bag of options that control this resource's behavior.

method get

public static get(name: string, id: pulumi.Input<pulumi.ID>, state?: RuleState): Rule

Get an existing Rule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

method getProvider

getProvider(moduleMember: string): ProviderResource | undefined

method isInstance

static isInstance(obj: any): boolean

Returns true if the given object is an instance of CustomResource. This is designed to work even when multiple copies of the Pulumi SDK have been loaded into the same process.

property action

public action: pulumi.Output<string>;

Action to be taken ( must be “allow” or “deny”) when the firewall rule matches. Changing this updates the action of an existing firewall rule.

property description

public description: pulumi.Output<string | undefined>;

A description for the firewall rule. Changing this updates the description of an existing firewall rule.

property destinationIpAddress

public destinationIpAddress: pulumi.Output<string | undefined>;

The destination IP address on which the firewall rule operates. Changing this updates the destination_ip_address of an existing firewall rule.

property destinationPort

public destinationPort: pulumi.Output<string | undefined>;

The destination port on which the firewall rule operates. Changing this updates the destination_port of an existing firewall rule.

property enabled

public enabled: pulumi.Output<boolean | undefined>;

Enabled status for the firewall rule (must be “true” or “false” if provided - defaults to “true”). Changing this updates the enabled status of an existing firewall rule.

property id

id: Output<ID>;

id is the provider-assigned unique ID for this managed resource. It is set during deployments and may be missing (undefined) during planning phases.

property ipVersion

public ipVersion: pulumi.Output<number | undefined>;

IP version, either 4 (default) or 6. Changing this updates the ip_version of an existing firewall rule.

property name

public name: pulumi.Output<string>;

A unique name for the firewall rule. Changing this updates the name of an existing firewall rule.

property protocol

public protocol: pulumi.Output<string>;

The protocol type on which the firewall rule operates. Valid values are: tcp, udp, icmp, and any. Changing this updates the protocol of an existing firewall rule.

property region

public region: pulumi.Output<string>;

The region in which to obtain the v1 Compute client. A Compute client is needed to create a firewall rule. If omitted, the region argument of the provider is used. Changing this creates a new firewall rule.

property sourceIpAddress

public sourceIpAddress: pulumi.Output<string | undefined>;

The source IP address on which the firewall rule operates. Changing this updates the source_ip_address of an existing firewall rule.

property sourcePort

public sourcePort: pulumi.Output<string | undefined>;

The source port on which the firewall rule operates. Changing this updates the source_port of an existing firewall rule.

property tenantId

public tenantId: pulumi.Output<string | undefined>;

The owner of the firewall rule. Required if admin wants to create a firewall rule for another tenant. Changing this creates a new firewall rule.

property urn

urn: Output<URN>;

urn is the stable logical URN used to distinctly address a resource, both before and after deployments.

property valueSpecs

public valueSpecs: pulumi.Output<{ ... } | undefined>;

Map of additional options.

function getPolicy

getPolicy(args?: GetPolicyArgs, opts?: pulumi.InvokeOptions): Promise<GetPolicyResult>

Use this data source to get firewall policy information of an available OpenStack firewall policy.

interface FirewallArgs

The set of arguments for constructing a Firewall resource.

property adminStateUp

adminStateUp?: pulumi.Input<boolean>;

Administrative up/down status for the firewall (must be “true” or “false” if provided - defaults to “true”). Changing this updates the admin_state_up of an existing firewall.

property associatedRouters

associatedRouters?: pulumi.Input<pulumi.Input<string>[]>;

Router(s) to associate this firewall instance with. Must be a list of strings. Changing this updates the associated routers of an existing firewall. Conflicts with no_routers.

property description

description?: pulumi.Input<string>;

A description for the firewall. Changing this updates the description of an existing firewall.

property name

name?: pulumi.Input<string>;

A name for the firewall. Changing this updates the name of an existing firewall.

property noRouters

noRouters?: pulumi.Input<boolean>;

Should this firewall not be associated with any routers (must be “true” or “false” if provide - defaults to “false”). Conflicts with associated_routers.

property policyId

policyId: pulumi.Input<string>;

The policy resource id for the firewall. Changing this updates the policy_id of an existing firewall.

property region

region?: pulumi.Input<string>;

The region in which to obtain the v1 networking client. A networking client is needed to create a firewall. If omitted, the region argument of the provider is used. Changing this creates a new firewall.

property tenantId

tenantId?: pulumi.Input<string>;

The owner of the floating IP. Required if admin wants to create a firewall for another tenant. Changing this creates a new firewall.

property valueSpecs

valueSpecs?: pulumi.Input<{ ... }>;

Map of additional options.

interface FirewallState

Input properties used for looking up and filtering Firewall resources.

property adminStateUp

adminStateUp?: pulumi.Input<boolean>;

Administrative up/down status for the firewall (must be “true” or “false” if provided - defaults to “true”). Changing this updates the admin_state_up of an existing firewall.

property associatedRouters

associatedRouters?: pulumi.Input<pulumi.Input<string>[]>;

Router(s) to associate this firewall instance with. Must be a list of strings. Changing this updates the associated routers of an existing firewall. Conflicts with no_routers.

property description

description?: pulumi.Input<string>;

A description for the firewall. Changing this updates the description of an existing firewall.

property name

name?: pulumi.Input<string>;

A name for the firewall. Changing this updates the name of an existing firewall.

property noRouters

noRouters?: pulumi.Input<boolean>;

Should this firewall not be associated with any routers (must be “true” or “false” if provide - defaults to “false”). Conflicts with associated_routers.

property policyId

policyId?: pulumi.Input<string>;

The policy resource id for the firewall. Changing this updates the policy_id of an existing firewall.

property region

region?: pulumi.Input<string>;

The region in which to obtain the v1 networking client. A networking client is needed to create a firewall. If omitted, the region argument of the provider is used. Changing this creates a new firewall.

property tenantId

tenantId?: pulumi.Input<string>;

The owner of the floating IP. Required if admin wants to create a firewall for another tenant. Changing this creates a new firewall.

property valueSpecs

valueSpecs?: pulumi.Input<{ ... }>;

Map of additional options.

interface GetPolicyArgs

A collection of arguments for invoking getPolicy.

property name

name?: string;

The name of the firewall policy.

property policyId

policyId?: string;

The ID of the firewall policy.

property region

region?: string;

The region in which to obtain the V2 Neutron client. A Neutron client is needed to retrieve firewall policy ids. If omitted, the region argument of the provider is used.

property tenantId

tenantId?: string;

The owner of the firewall policy.

interface GetPolicyResult

A collection of values returned by getPolicy.

property audited

audited: boolean;

The audit status of the firewall policy.

property description

description: string;

The description of the firewall policy.

property id

id: string;

id is the provider-assigned unique ID for this managed resource.

property region

region: string;

See Argument Reference above.

property rules

rules: string[];

The array of one or more firewall rules that comprise the policy.

property shared

shared: boolean;

The sharing status of the firewall policy.

property tenantId

tenantId: string;

See Argument Reference above.

interface PolicyArgs

The set of arguments for constructing a Policy resource.

property audited

audited?: pulumi.Input<boolean>;

Audit status of the firewall policy (must be “true” or “false” if provided - defaults to “false”). This status is set to “false” whenever the firewall policy or any of its rules are changed. Changing this updates the audited status of an existing firewall policy.

property description

description?: pulumi.Input<string>;

A description for the firewall policy. Changing this updates the description of an existing firewall policy.

property name

name?: pulumi.Input<string>;

A name for the firewall policy. Changing this updates the name of an existing firewall policy.

property region

region?: pulumi.Input<string>;

The region in which to obtain the v1 networking client. A networking client is needed to create a firewall policy. If omitted, the region argument of the provider is used. Changing this creates a new firewall policy.

property rules

rules?: pulumi.Input<pulumi.Input<string>[]>;

An array of one or more firewall rules that comprise the policy. Changing this results in adding/removing rules from the existing firewall policy.

property shared

shared?: pulumi.Input<boolean>;

Sharing status of the firewall policy (must be “true” or “false” if provided). If this is “true” the policy is visible to, and can be used in, firewalls in other tenants. Changing this updates the shared status of an existing firewall policy. Only administrative users can specify if the policy should be shared.

property tenantId

tenantId?: pulumi.Input<string>;

property valueSpecs

valueSpecs?: pulumi.Input<{ ... }>;

Map of additional options.

interface PolicyState

Input properties used for looking up and filtering Policy resources.

property audited

audited?: pulumi.Input<boolean>;

Audit status of the firewall policy (must be “true” or “false” if provided - defaults to “false”). This status is set to “false” whenever the firewall policy or any of its rules are changed. Changing this updates the audited status of an existing firewall policy.

property description

description?: pulumi.Input<string>;

A description for the firewall policy. Changing this updates the description of an existing firewall policy.

property name

name?: pulumi.Input<string>;

A name for the firewall policy. Changing this updates the name of an existing firewall policy.

property region

region?: pulumi.Input<string>;

The region in which to obtain the v1 networking client. A networking client is needed to create a firewall policy. If omitted, the region argument of the provider is used. Changing this creates a new firewall policy.

property rules

rules?: pulumi.Input<pulumi.Input<string>[]>;

An array of one or more firewall rules that comprise the policy. Changing this results in adding/removing rules from the existing firewall policy.

property shared

shared?: pulumi.Input<boolean>;

Sharing status of the firewall policy (must be “true” or “false” if provided). If this is “true” the policy is visible to, and can be used in, firewalls in other tenants. Changing this updates the shared status of an existing firewall policy. Only administrative users can specify if the policy should be shared.

property tenantId

tenantId?: pulumi.Input<string>;

property valueSpecs

valueSpecs?: pulumi.Input<{ ... }>;

Map of additional options.

interface RuleArgs

The set of arguments for constructing a Rule resource.

property action

action: pulumi.Input<string>;

Action to be taken ( must be “allow” or “deny”) when the firewall rule matches. Changing this updates the action of an existing firewall rule.

property description

description?: pulumi.Input<string>;

A description for the firewall rule. Changing this updates the description of an existing firewall rule.

property destinationIpAddress

destinationIpAddress?: pulumi.Input<string>;

The destination IP address on which the firewall rule operates. Changing this updates the destination_ip_address of an existing firewall rule.

property destinationPort

destinationPort?: pulumi.Input<string>;

The destination port on which the firewall rule operates. Changing this updates the destination_port of an existing firewall rule.

property enabled

enabled?: pulumi.Input<boolean>;

Enabled status for the firewall rule (must be “true” or “false” if provided - defaults to “true”). Changing this updates the enabled status of an existing firewall rule.

property ipVersion

ipVersion?: pulumi.Input<number>;

IP version, either 4 (default) or 6. Changing this updates the ip_version of an existing firewall rule.

property name

name?: pulumi.Input<string>;

A unique name for the firewall rule. Changing this updates the name of an existing firewall rule.

property protocol

protocol: pulumi.Input<string>;

The protocol type on which the firewall rule operates. Valid values are: tcp, udp, icmp, and any. Changing this updates the protocol of an existing firewall rule.

property region

region?: pulumi.Input<string>;

The region in which to obtain the v1 Compute client. A Compute client is needed to create a firewall rule. If omitted, the region argument of the provider is used. Changing this creates a new firewall rule.

property sourceIpAddress

sourceIpAddress?: pulumi.Input<string>;

The source IP address on which the firewall rule operates. Changing this updates the source_ip_address of an existing firewall rule.

property sourcePort

sourcePort?: pulumi.Input<string>;

The source port on which the firewall rule operates. Changing this updates the source_port of an existing firewall rule.

property tenantId

tenantId?: pulumi.Input<string>;

The owner of the firewall rule. Required if admin wants to create a firewall rule for another tenant. Changing this creates a new firewall rule.

property valueSpecs

valueSpecs?: pulumi.Input<{ ... }>;

Map of additional options.

interface RuleState

Input properties used for looking up and filtering Rule resources.

property action

action?: pulumi.Input<string>;

Action to be taken ( must be “allow” or “deny”) when the firewall rule matches. Changing this updates the action of an existing firewall rule.

property description

description?: pulumi.Input<string>;

A description for the firewall rule. Changing this updates the description of an existing firewall rule.

property destinationIpAddress

destinationIpAddress?: pulumi.Input<string>;

The destination IP address on which the firewall rule operates. Changing this updates the destination_ip_address of an existing firewall rule.

property destinationPort

destinationPort?: pulumi.Input<string>;

The destination port on which the firewall rule operates. Changing this updates the destination_port of an existing firewall rule.

property enabled

enabled?: pulumi.Input<boolean>;

Enabled status for the firewall rule (must be “true” or “false” if provided - defaults to “true”). Changing this updates the enabled status of an existing firewall rule.

property ipVersion

ipVersion?: pulumi.Input<number>;

IP version, either 4 (default) or 6. Changing this updates the ip_version of an existing firewall rule.

property name

name?: pulumi.Input<string>;

A unique name for the firewall rule. Changing this updates the name of an existing firewall rule.

property protocol

protocol?: pulumi.Input<string>;

The protocol type on which the firewall rule operates. Valid values are: tcp, udp, icmp, and any. Changing this updates the protocol of an existing firewall rule.

property region

region?: pulumi.Input<string>;

The region in which to obtain the v1 Compute client. A Compute client is needed to create a firewall rule. If omitted, the region argument of the provider is used. Changing this creates a new firewall rule.

property sourceIpAddress

sourceIpAddress?: pulumi.Input<string>;

The source IP address on which the firewall rule operates. Changing this updates the source_ip_address of an existing firewall rule.

property sourcePort

sourcePort?: pulumi.Input<string>;

The source port on which the firewall rule operates. Changing this updates the source_port of an existing firewall rule.

property tenantId

tenantId?: pulumi.Input<string>;

The owner of the firewall rule. Required if admin wants to create a firewall rule for another tenant. Changing this creates a new firewall rule.

property valueSpecs

valueSpecs?: pulumi.Input<{ ... }>;

Map of additional options.