Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

https://github.com/zoro16/terraform-hcloud-firewall

Terraform module to provision Firewall resources in Hetzner Cloud.
https://github.com/zoro16/terraform-hcloud-firewall

hetzner hetzner-cloud hetzner-cloud-firewalls hetzner-firewall terraform-hcloud-firewall terraform-module

Last synced: 8 months ago
JSON representation

Terraform module to provision Firewall resources in Hetzner Cloud.

Awesome Lists containing this project

README 

          
## Description



Terraform module to provision `Firewall` resources in Hetzner Cloud.



## Usage



```hcl

# Configure the Hetzner Cloud Provider

provider "hcloud" {

  token = var.hcloud_token

}



module "firewall" {

  source = "../../"



  create_firewall = true



  firewall_name = "test-fw"



  firewall_labels = {

    "Name" : "testing-fw"

  }



  firewall_rules = [

    {

      direction = "in"

      protocol  = "tcp"

      port      = "80"

      source_ips = [

        "0.0.0.0/0",

        "::/0"

      ]

    },

    {

      direction = "in"

      protocol  = "tcp"

      source_ips = [

        "0.0.0.0/0",

        "::/0"

      ]

      port        = "8080"

      description = "This accepts HTTP from anywhere"

    },

    {

      direction = "out"

      protocol  = "tcp"

      destination_ips = [

        "10.22.0.0/24",

      ]

      port = "80"

    }

  ]



  firewall_apply_to = {

    label_selector = "key=value"

  }



}

```



## Requirements



| Name | Version |

|------|---------|

|  [terraform](#requirement\_terraform) | >= 1.2.0 |

|  [hcloud](#requirement\_hcloud) | >= 1.42.1 |



## Providers



| Name | Version |

|------|---------|

|  [hcloud](#provider\_hcloud) | >= 1.42.1 |



## Modules



No modules.



## Resources



| Name | Type |

|------|------|

| [hcloud_firewall.firewall](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall) | resource |



## Inputs



| Name | Description | Type | Default | Required |

|------|-------------|------|---------|:--------:|

|  [create\_firewall](#input\_create\_firewall) | Whether to create a Firewall or not. | `bool` | `false` | no |

|  [firewall\_apply\_to](#input\_firewall\_apply\_to) | Configuration of a Rule from this Firewall. | 
object({
    # Label Selector to select servers the firewall should be applied to (only one of server and label_selectorcan be applied in one block)
    label_selector = optional(string)

    # ID of the server you want to apply the firewall to (only one of server and label_selectorcan be applied in one block
    server = optional(number)
  })
 | `{}` | no |

|  [firewall\_labels](#input\_firewall\_labels) | User-defined labels (key-value pairs) should be created with. | `map(string)` | `{}` | no |

|  [firewall\_name](#input\_firewall\_name) | Name of the Firewall. | `string` | `""` | no |

|  [firewall\_rules](#input\_firewall\_rules) | Configuration of a Rule from this Firewall. | 
list(object({
    # Direction of the Firewall Rule. `in`
    direction = string

    # Protocol of the Firewall Rule. `tcp`, `icmp`, `udp`, `gre`, `esp`
    protocol = string

    # List of CIDRs that are allowed within this Firewall Rule (when direction is in)
    source_ips = optional(list(string))

    # List of CIDRs that are allowed within this Firewall Rule (when direction is out)
    destination_ips = optional(list(string))

    # Port of the Firewall Rule. Required when `protocol` is `tcp` or `udp`. You can use any to allow all ports for the specific protocol. Port ranges are also possible: `80-85` allows all ports between 80 and 85.
    port = optional(string)

    # Description of the firewall rule
    description = optional(string)
  }))
 | `[]` | no |



## Outputs



| Name | Description |

|------|-------------|

|  [firewall\_apply\_to](#output\_firewall\_apply\_to) | Configuration of a Rule from this Firewall. |

|  [firewall\_id](#output\_firewall\_id) | ID of the Firewall. |

|  [firewall\_labels](#output\_firewall\_labels) | User-defined labels (key-value pairs) should be created with. |

|  [firewall\_name](#output\_firewall\_name) | Name of the Firewall. |

|  [firewall\_rule](#output\_firewall\_rule) | Configuration of a Rule from this Firewall. |