Ecosyste.ms: Awesome
An open API service indexing awesome lists of open source software.
https://github.com/zoro16/terraform-hcloud-firewall
Terraform module to provision Firewall resources in Hetzner Cloud.
https://github.com/zoro16/terraform-hcloud-firewall
hetzner hetzner-cloud hetzner-cloud-firewalls hetzner-firewall terraform-hcloud-firewall terraform-module
Last synced: about 1 month ago
JSON representation
Terraform module to provision Firewall resources in Hetzner Cloud.
- Host: GitHub
- URL: https://github.com/zoro16/terraform-hcloud-firewall
- Owner: zoro16
- License: mit
- Created: 2023-09-23T18:27:57.000Z (over 1 year ago)
- Default Branch: main
- Last Pushed: 2023-09-30T11:56:13.000Z (over 1 year ago)
- Last Synced: 2023-09-30T12:48:23.358Z (over 1 year ago)
- Topics: hetzner, hetzner-cloud, hetzner-cloud-firewalls, hetzner-firewall, terraform-hcloud-firewall, terraform-module
- Language: HCL
- Homepage: https://registry.terraform.io/modules/zoro16/firewall/hcloud/latest
- Size: 10.7 KB
- Stars: 0
- Watchers: 1
- Forks: 0
- Open Issues: 0
-
Metadata Files:
- Readme: README.md
- Changelog: CHANGELOG.md
Awesome Lists containing this project
README
## Description
Terraform module to provision `Firewall` resources in Hetzner Cloud.
## Usage
```hcl
# Configure the Hetzner Cloud Provider
provider "hcloud" {
token = var.hcloud_token
}
module "firewall" {
source = "../../"
create_firewall = true
firewall_name = "test-fw"
firewall_labels = {
"Name" : "testing-fw"
}
firewall_rules = [
{
direction = "in"
protocol = "tcp"
port = "80"
source_ips = [
"0.0.0.0/0",
"::/0"
]
},
{
direction = "in"
protocol = "tcp"
source_ips = [
"0.0.0.0/0",
"::/0"
]
port = "8080"
description = "This accepts HTTP from anywhere"
},
{
direction = "out"
protocol = "tcp"
destination_ips = [
"10.22.0.0/24",
]
port = "80"
}
]
firewall_apply_to = {
label_selector = "key=value"
}
}
```
## Requirements
| Name | Version |
|------|---------|
| [terraform](#requirement\_terraform) | >= 1.2.0 |
| [hcloud](#requirement\_hcloud) | >= 1.42.1 |
## Providers
| Name | Version |
|------|---------|
| [hcloud](#provider\_hcloud) | >= 1.42.1 |
## Modules
No modules.
## Resources
| Name | Type |
|------|------|
| [hcloud_firewall.firewall](https://registry.terraform.io/providers/hetznercloud/hcloud/latest/docs/resources/firewall) | resource |
## Inputs
| Name | Description | Type | Default | Required |
|------|-------------|------|---------|:--------:|
| [create\_firewall](#input\_create\_firewall) | Whether to create a Firewall or not. | `bool` | `false` | no |
| [firewall\_apply\_to](#input\_firewall\_apply\_to) | Configuration of a Rule from this Firewall. |
object({
# Label Selector to select servers the firewall should be applied to (only one of server and label_selectorcan be applied in one block)
label_selector = optional(string)
# ID of the server you want to apply the firewall to (only one of server and label_selectorcan be applied in one block
server = optional(number)
}) | `{}` | no |
| [firewall\_labels](#input\_firewall\_labels) | User-defined labels (key-value pairs) should be created with. | `map(string)` | `{}` | no |
| [firewall\_name](#input\_firewall\_name) | Name of the Firewall. | `string` | `""` | no |
| [firewall\_rules](#input\_firewall\_rules) | Configuration of a Rule from this Firewall. | list(object({
# Direction of the Firewall Rule. `in`
direction = string
# Protocol of the Firewall Rule. `tcp`, `icmp`, `udp`, `gre`, `esp`
protocol = string
# List of CIDRs that are allowed within this Firewall Rule (when direction is in)
source_ips = optional(list(string))
# List of CIDRs that are allowed within this Firewall Rule (when direction is out)
destination_ips = optional(list(string))
# Port of the Firewall Rule. Required when `protocol` is `tcp` or `udp`. You can use any to allow all ports for the specific protocol. Port ranges are also possible: `80-85` allows all ports between 80 and 85.
port = optional(string)
# Description of the firewall rule
description = optional(string)
})) | `[]` | no |
## Outputs
| Name | Description |
|------|-------------|
| [firewall\_apply\_to](#output\_firewall\_apply\_to) | Configuration of a Rule from this Firewall. |
| [firewall\_id](#output\_firewall\_id) | ID of the Firewall. |
| [firewall\_labels](#output\_firewall\_labels) | User-defined labels (key-value pairs) should be created with. |
| [firewall\_name](#output\_firewall\_name) | Name of the Firewall. |
| [firewall\_rule](#output\_firewall\_rule) | Configuration of a Rule from this Firewall. |