ovh.Ip.FirewallRule
Explore with Pulumi AI
Use this resource to manage a rule on an IP firewall.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as ovh from "@ovhcloud/pulumi-ovh";
const myFirewallRule = new ovh.ip.FirewallRule("myFirewallRule", {
    action: "deny",
    ip: "XXXXXX",
    ipOnFirewall: "XXXXXX",
    protocol: "tcp",
    sequence: 0,
});
import pulumi
import pulumi_ovh as ovh
my_firewall_rule = ovh.ip.FirewallRule("myFirewallRule",
    action="deny",
    ip="XXXXXX",
    ip_on_firewall="XXXXXX",
    protocol="tcp",
    sequence=0)
package main
import (
	"github.com/ovh/pulumi-ovh/sdk/v2/go/ovh/ip"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ip.NewFirewallRule(ctx, "myFirewallRule", &ip.FirewallRuleArgs{
			Action:       pulumi.String("deny"),
			Ip:           pulumi.String("XXXXXX"),
			IpOnFirewall: pulumi.String("XXXXXX"),
			Protocol:     pulumi.String("tcp"),
			Sequence:     pulumi.Float64(0),
		})
		if err != nil {
			return err
		}
		return nil
	})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ovh = Pulumi.Ovh;
return await Deployment.RunAsync(() => 
{
    var myFirewallRule = new Ovh.Ip.FirewallRule("myFirewallRule", new()
    {
        Action = "deny",
        Ip = "XXXXXX",
        IpOnFirewall = "XXXXXX",
        Protocol = "tcp",
        Sequence = 0,
    });
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.ovhcloud.pulumi.ovh.Ip.FirewallRule;
import com.ovhcloud.pulumi.ovh.Ip.FirewallRuleArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var myFirewallRule = new FirewallRule("myFirewallRule", FirewallRuleArgs.builder()
            .action("deny")
            .ip("XXXXXX")
            .ipOnFirewall("XXXXXX")
            .protocol("tcp")
            .sequence(0.0)
            .build());
    }
}
resources:
  myFirewallRule:
    type: ovh:Ip:FirewallRule
    properties:
      action: deny
      ip: XXXXXX
      ipOnFirewall: XXXXXX
      protocol: tcp
      sequence: 0
Create FirewallRule Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new FirewallRule(name: string, args: FirewallRuleArgs, opts?: CustomResourceOptions);@overload
def FirewallRule(resource_name: str,
                 args: FirewallRuleArgs,
                 opts: Optional[ResourceOptions] = None)
@overload
def FirewallRule(resource_name: str,
                 opts: Optional[ResourceOptions] = None,
                 action: Optional[str] = None,
                 ip: Optional[str] = None,
                 ip_on_firewall: Optional[str] = None,
                 protocol: Optional[str] = None,
                 sequence: Optional[float] = None,
                 destination_port: Optional[float] = None,
                 fragments: Optional[bool] = None,
                 source: Optional[str] = None,
                 source_port: Optional[float] = None,
                 tcp_option: Optional[str] = None)func NewFirewallRule(ctx *Context, name string, args FirewallRuleArgs, opts ...ResourceOption) (*FirewallRule, error)public FirewallRule(string name, FirewallRuleArgs args, CustomResourceOptions? opts = null)
public FirewallRule(String name, FirewallRuleArgs args)
public FirewallRule(String name, FirewallRuleArgs args, CustomResourceOptions options)
type: ovh:Ip:FirewallRule
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args FirewallRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args FirewallRuleArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args FirewallRuleArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args FirewallRuleArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args FirewallRuleArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var firewallRuleResource = new Ovh.Ip.FirewallRule("firewallRuleResource", new()
{
    Action = "string",
    Ip = "string",
    IpOnFirewall = "string",
    Protocol = "string",
    Sequence = 0,
    DestinationPort = 0,
    Fragments = false,
    Source = "string",
    SourcePort = 0,
    TcpOption = "string",
});
example, err := ip.NewFirewallRule(ctx, "firewallRuleResource", &ip.FirewallRuleArgs{
	Action:          pulumi.String("string"),
	Ip:              pulumi.String("string"),
	IpOnFirewall:    pulumi.String("string"),
	Protocol:        pulumi.String("string"),
	Sequence:        pulumi.Float64(0),
	DestinationPort: pulumi.Float64(0),
	Fragments:       pulumi.Bool(false),
	Source:          pulumi.String("string"),
	SourcePort:      pulumi.Float64(0),
	TcpOption:       pulumi.String("string"),
})
var firewallRuleResource = new FirewallRule("firewallRuleResource", FirewallRuleArgs.builder()
    .action("string")
    .ip("string")
    .ipOnFirewall("string")
    .protocol("string")
    .sequence(0.0)
    .destinationPort(0.0)
    .fragments(false)
    .source("string")
    .sourcePort(0.0)
    .tcpOption("string")
    .build());
firewall_rule_resource = ovh.ip.FirewallRule("firewallRuleResource",
    action="string",
    ip="string",
    ip_on_firewall="string",
    protocol="string",
    sequence=0,
    destination_port=0,
    fragments=False,
    source="string",
    source_port=0,
    tcp_option="string")
const firewallRuleResource = new ovh.ip.FirewallRule("firewallRuleResource", {
    action: "string",
    ip: "string",
    ipOnFirewall: "string",
    protocol: "string",
    sequence: 0,
    destinationPort: 0,
    fragments: false,
    source: "string",
    sourcePort: 0,
    tcpOption: "string",
});
type: ovh:Ip:FirewallRule
properties:
    action: string
    destinationPort: 0
    fragments: false
    ip: string
    ipOnFirewall: string
    protocol: string
    sequence: 0
    source: string
    sourcePort: 0
    tcpOption: string
FirewallRule Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The FirewallRule resource accepts the following input properties:
- Action string
- Possible values for action (deny|permit)
- Ip string
- The IP or the CIDR
- IpOn stringFirewall 
- IPv4 address
- Protocol string
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- Sequence double
- Rule position in the rules array
- DestinationPort double
- Destination port for your rule. Only with TCP/UDP protocol
- Fragments bool
- Fragments option
- Source string
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- SourcePort double
- Source port for your rule. Only with TCP/UDP protocol
- TcpOption string
- TCP option on your rule (syn|established)
- Action string
- Possible values for action (deny|permit)
- Ip string
- The IP or the CIDR
- IpOn stringFirewall 
- IPv4 address
- Protocol string
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- Sequence float64
- Rule position in the rules array
- DestinationPort float64
- Destination port for your rule. Only with TCP/UDP protocol
- Fragments bool
- Fragments option
- Source string
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- SourcePort float64
- Source port for your rule. Only with TCP/UDP protocol
- TcpOption string
- TCP option on your rule (syn|established)
- action String
- Possible values for action (deny|permit)
- ip String
- The IP or the CIDR
- ipOn StringFirewall 
- IPv4 address
- protocol String
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- sequence Double
- Rule position in the rules array
- destinationPort Double
- Destination port for your rule. Only with TCP/UDP protocol
- fragments Boolean
- Fragments option
- source String
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- sourcePort Double
- Source port for your rule. Only with TCP/UDP protocol
- tcpOption String
- TCP option on your rule (syn|established)
- action string
- Possible values for action (deny|permit)
- ip string
- The IP or the CIDR
- ipOn stringFirewall 
- IPv4 address
- protocol string
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- sequence number
- Rule position in the rules array
- destinationPort number
- Destination port for your rule. Only with TCP/UDP protocol
- fragments boolean
- Fragments option
- source string
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- sourcePort number
- Source port for your rule. Only with TCP/UDP protocol
- tcpOption string
- TCP option on your rule (syn|established)
- action str
- Possible values for action (deny|permit)
- ip str
- The IP or the CIDR
- ip_on_ strfirewall 
- IPv4 address
- protocol str
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- sequence float
- Rule position in the rules array
- destination_port float
- Destination port for your rule. Only with TCP/UDP protocol
- fragments bool
- Fragments option
- source str
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- source_port float
- Source port for your rule. Only with TCP/UDP protocol
- tcp_option str
- TCP option on your rule (syn|established)
- action String
- Possible values for action (deny|permit)
- ip String
- The IP or the CIDR
- ipOn StringFirewall 
- IPv4 address
- protocol String
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- sequence Number
- Rule position in the rules array
- destinationPort Number
- Destination port for your rule. Only with TCP/UDP protocol
- fragments Boolean
- Fragments option
- source String
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- sourcePort Number
- Source port for your rule. Only with TCP/UDP protocol
- tcpOption String
- TCP option on your rule (syn|established)
Outputs
All input properties are implicitly available as output properties. Additionally, the FirewallRule resource produces the following output properties:
- CreationDate string
- Creation date of the rule
- Destination string
- Destination IP for your rule
- DestinationPort stringDesc 
- String description of field destination_port
- Id string
- The provider-assigned unique ID for this managed resource.
- Rule string
- Description of the rule
- SourcePort stringDesc 
- String description of field source_port
- State string
- Current state of your rule
- CreationDate string
- Creation date of the rule
- Destination string
- Destination IP for your rule
- DestinationPort stringDesc 
- String description of field destination_port
- Id string
- The provider-assigned unique ID for this managed resource.
- Rule string
- Description of the rule
- SourcePort stringDesc 
- String description of field source_port
- State string
- Current state of your rule
- creationDate String
- Creation date of the rule
- destination String
- Destination IP for your rule
- destinationPort StringDesc 
- String description of field destination_port
- id String
- The provider-assigned unique ID for this managed resource.
- rule String
- Description of the rule
- sourcePort StringDesc 
- String description of field source_port
- state String
- Current state of your rule
- creationDate string
- Creation date of the rule
- destination string
- Destination IP for your rule
- destinationPort stringDesc 
- String description of field destination_port
- id string
- The provider-assigned unique ID for this managed resource.
- rule string
- Description of the rule
- sourcePort stringDesc 
- String description of field source_port
- state string
- Current state of your rule
- creation_date str
- Creation date of the rule
- destination str
- Destination IP for your rule
- destination_port_ strdesc 
- String description of field destination_port
- id str
- The provider-assigned unique ID for this managed resource.
- rule str
- Description of the rule
- source_port_ strdesc 
- String description of field source_port
- state str
- Current state of your rule
- creationDate String
- Creation date of the rule
- destination String
- Destination IP for your rule
- destinationPort StringDesc 
- String description of field destination_port
- id String
- The provider-assigned unique ID for this managed resource.
- rule String
- Description of the rule
- sourcePort StringDesc 
- String description of field source_port
- state String
- Current state of your rule
Look up Existing FirewallRule Resource
Get an existing FirewallRule resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: FirewallRuleState, opts?: CustomResourceOptions): FirewallRule@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        action: Optional[str] = None,
        creation_date: Optional[str] = None,
        destination: Optional[str] = None,
        destination_port: Optional[float] = None,
        destination_port_desc: Optional[str] = None,
        fragments: Optional[bool] = None,
        ip: Optional[str] = None,
        ip_on_firewall: Optional[str] = None,
        protocol: Optional[str] = None,
        rule: Optional[str] = None,
        sequence: Optional[float] = None,
        source: Optional[str] = None,
        source_port: Optional[float] = None,
        source_port_desc: Optional[str] = None,
        state: Optional[str] = None,
        tcp_option: Optional[str] = None) -> FirewallRulefunc GetFirewallRule(ctx *Context, name string, id IDInput, state *FirewallRuleState, opts ...ResourceOption) (*FirewallRule, error)public static FirewallRule Get(string name, Input<string> id, FirewallRuleState? state, CustomResourceOptions? opts = null)public static FirewallRule get(String name, Output<String> id, FirewallRuleState state, CustomResourceOptions options)resources:  _:    type: ovh:Ip:FirewallRule    get:      id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Action string
- Possible values for action (deny|permit)
- CreationDate string
- Creation date of the rule
- Destination string
- Destination IP for your rule
- DestinationPort double
- Destination port for your rule. Only with TCP/UDP protocol
- DestinationPort stringDesc 
- String description of field destination_port
- Fragments bool
- Fragments option
- Ip string
- The IP or the CIDR
- IpOn stringFirewall 
- IPv4 address
- Protocol string
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- Rule string
- Description of the rule
- Sequence double
- Rule position in the rules array
- Source string
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- SourcePort double
- Source port for your rule. Only with TCP/UDP protocol
- SourcePort stringDesc 
- String description of field source_port
- State string
- Current state of your rule
- TcpOption string
- TCP option on your rule (syn|established)
- Action string
- Possible values for action (deny|permit)
- CreationDate string
- Creation date of the rule
- Destination string
- Destination IP for your rule
- DestinationPort float64
- Destination port for your rule. Only with TCP/UDP protocol
- DestinationPort stringDesc 
- String description of field destination_port
- Fragments bool
- Fragments option
- Ip string
- The IP or the CIDR
- IpOn stringFirewall 
- IPv4 address
- Protocol string
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- Rule string
- Description of the rule
- Sequence float64
- Rule position in the rules array
- Source string
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- SourcePort float64
- Source port for your rule. Only with TCP/UDP protocol
- SourcePort stringDesc 
- String description of field source_port
- State string
- Current state of your rule
- TcpOption string
- TCP option on your rule (syn|established)
- action String
- Possible values for action (deny|permit)
- creationDate String
- Creation date of the rule
- destination String
- Destination IP for your rule
- destinationPort Double
- Destination port for your rule. Only with TCP/UDP protocol
- destinationPort StringDesc 
- String description of field destination_port
- fragments Boolean
- Fragments option
- ip String
- The IP or the CIDR
- ipOn StringFirewall 
- IPv4 address
- protocol String
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- rule String
- Description of the rule
- sequence Double
- Rule position in the rules array
- source String
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- sourcePort Double
- Source port for your rule. Only with TCP/UDP protocol
- sourcePort StringDesc 
- String description of field source_port
- state String
- Current state of your rule
- tcpOption String
- TCP option on your rule (syn|established)
- action string
- Possible values for action (deny|permit)
- creationDate string
- Creation date of the rule
- destination string
- Destination IP for your rule
- destinationPort number
- Destination port for your rule. Only with TCP/UDP protocol
- destinationPort stringDesc 
- String description of field destination_port
- fragments boolean
- Fragments option
- ip string
- The IP or the CIDR
- ipOn stringFirewall 
- IPv4 address
- protocol string
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- rule string
- Description of the rule
- sequence number
- Rule position in the rules array
- source string
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- sourcePort number
- Source port for your rule. Only with TCP/UDP protocol
- sourcePort stringDesc 
- String description of field source_port
- state string
- Current state of your rule
- tcpOption string
- TCP option on your rule (syn|established)
- action str
- Possible values for action (deny|permit)
- creation_date str
- Creation date of the rule
- destination str
- Destination IP for your rule
- destination_port float
- Destination port for your rule. Only with TCP/UDP protocol
- destination_port_ strdesc 
- String description of field destination_port
- fragments bool
- Fragments option
- ip str
- The IP or the CIDR
- ip_on_ strfirewall 
- IPv4 address
- protocol str
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- rule str
- Description of the rule
- sequence float
- Rule position in the rules array
- source str
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- source_port float
- Source port for your rule. Only with TCP/UDP protocol
- source_port_ strdesc 
- String description of field source_port
- state str
- Current state of your rule
- tcp_option str
- TCP option on your rule (syn|established)
- action String
- Possible values for action (deny|permit)
- creationDate String
- Creation date of the rule
- destination String
- Destination IP for your rule
- destinationPort Number
- Destination port for your rule. Only with TCP/UDP protocol
- destinationPort StringDesc 
- String description of field destination_port
- fragments Boolean
- Fragments option
- ip String
- The IP or the CIDR
- ipOn StringFirewall 
- IPv4 address
- protocol String
- Possible values for protocol (ah|esp|gre|icmp|ipv4|tcp|udp)
- rule String
- Description of the rule
- sequence Number
- Rule position in the rules array
- source String
- IPv4 CIDR notation (e.g., 192.0.2.0/24)
- sourcePort Number
- Source port for your rule. Only with TCP/UDP protocol
- sourcePort StringDesc 
- String description of field source_port
- state String
- Current state of your rule
- tcpOption String
- TCP option on your rule (syn|established)
Import
The resource can be imported using the properties ip, ip_on_firewall and sequence, separated by “|” E.g.,
bash
$ pulumi import ovh:Ip/firewallRule:FirewallRule my_firewall_rule '127.0.0.1|127.0.0.2|0'
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- ovh ovh/pulumi-ovh
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the ovhTerraform Provider.