Manage Linode Firewalls.
- name: Create a Linode Firewall
linode.cloud.firewall:
label: 'my-firewall'
devices:
- id: 123
type: linode
rules:
inbound_policy: DROP
inbound:
- label: allow-http-in
addresses:
ipv4:
- 0.0.0.0/0
ipv6:
- 'ff00::/8'
description: Allow inbound HTTP and HTTPS connections.
ports: '80,443'
protocol: TCP
action: ACCEPT
outbound_policy: DROP
outbound:
- label: allow-http-out
addresses:
ipv4:
- 0.0.0.0/0
ipv6:
- 'ff00::/8'
description: Allow outbound HTTP and HTTPS connections.
ports: '80,443'
protocol: TCP
action: ACCEPT
state: present
- name: Delete a Linode Firewall
linode.cloud.firewall:
label: 'my-firewall'
state: absent
Field | Type | Required | Description |
---|---|---|---|
state |
str |
Required | The desired state of the target. (Choices: present , absent , update ) |
label |
str |
Optional | The unique label to give this Firewall. |
devices (sub-options) |
list |
Optional | The devices that are attached to this Firewall. (Updatable) |
rules (sub-options) |
dict |
Optional | The inbound and outbound access rules to apply to this Firewall. (Updatable) |
status |
str |
Optional | The status of this Firewall. (Updatable) |
Field | Type | Required | Description |
---|---|---|---|
id |
int |
Required | The unique ID of the device to attach to this Firewall. |
type |
str |
Optional | The type of device to be attached to this Firewall. (Default: linode ) |
Field | Type | Required | Description |
---|---|---|---|
inbound (sub-options) |
list |
Optional | A list of rules for inbound traffic. |
inbound_policy |
str |
Optional | The default behavior for inbound traffic. |
outbound (sub-options) |
list |
Optional | A list of rules for outbound traffic. |
outbound_policy |
str |
Optional | The default behavior for outbound traffic. |
Field | Type | Required | Description |
---|---|---|---|
label |
str |
Required | The label of this rule. |
action |
str |
Required | Controls whether traffic is accepted or dropped by this rule. (Choices: ACCEPT , DROP ) |
addresses (sub-options) |
dict |
Optional | Allowed IPv4 or IPv6 addresses. |
description |
str |
Optional | A description for this rule. |
ports |
str |
Optional | A string representing the port or ports on which traffic will be allowed. See https://www.linode.com/docs/api/networking/#firewall-create |
protocol |
str |
Optional | The type of network traffic to allow. |
Field | Type | Required | Description |
---|---|---|---|
ipv4 |
list |
Optional | A list of IPv4 addresses or networks. Must be in IP/mask format. |
ipv6 |
list |
Optional | A list of IPv6 addresses or networks. Must be in IP/mask format. |
Field | Type | Required | Description |
---|---|---|---|
label |
str |
Required | The label of this rule. |
action |
str |
Required | Controls whether traffic is accepted or dropped by this rule. (Choices: ACCEPT , DROP ) |
addresses (sub-options) |
dict |
Optional | Allowed IPv4 or IPv6 addresses. |
description |
str |
Optional | A description for this rule. |
ports |
str |
Optional | A string representing the port or ports on which traffic will be allowed. See https://www.linode.com/docs/api/networking/#firewall-create |
protocol |
str |
Optional | The type of network traffic to allow. |
-
firewall
- The Firewall description in JSON serialized form.- Sample Response:
{ "created": "2018-01-01T00:01:01", "id": 123, "label": "firewall123", "rules": { "inbound": [ { "action": "ACCEPT", "addresses": { "ipv4": [ "192.0.2.0/24" ], "ipv6": [ "2001:DB8::/32" ] }, "description": "An example firewall rule description.", "label": "firewallrule123", "ports": "22-24, 80, 443", "protocol": "TCP" } ], "inbound_policy": "DROP", "outbound": [ { "action": "ACCEPT", "addresses": { "ipv4": [ "192.0.2.0/24" ], "ipv6": [ "2001:DB8::/32" ] }, "description": "An example firewall rule description.", "label": "firewallrule123", "ports": "22-24, 80, 443", "protocol": "TCP" } ], "outbound_policy": "DROP" }, "status": "enabled", "tags": [ "example tag", "another example" ], "updated": "2018-01-02T00:01:01" }
- See the Linode API response documentation for a list of returned fields
- Sample Response:
-
devices
- A list of Firewall devices JSON serialized form.- Sample Response:
[ { "created": "2018-01-01T00:01:01", "entity": { "id": 123, "label": "my-linode", "type": "linode", "url": "/v4/linode/instances/123" }, "id": 123, "updated": "2018-01-02T00:01:01" } ]
- See the Linode API response documentation for a list of returned fields
- Sample Response: