Class: Ansible::Ruby::Modules::Gcp_compute_firewall
- Inherits:
-
Base
- Object
- Ansible::Ruby::Models::Base
- Base
- Ansible::Ruby::Modules::Gcp_compute_firewall
- Defined in:
- lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb
Overview
Each network has its own firewall controlling access to and from the instances. All traffic to instances, even from other instances, is blocked by the firewall unless firewall rules are created to allow it. The default network has automatically created firewall rules that are shown in default firewall rules. No manually created network has automatically created firewall rules except for a default “allow” rule for outgoing traffic and a default “deny” for incoming traffic. For all networks except the default network, you must create any firewall rules you need.
Instance Method Summary collapse
-
#allowed ⇒ Array<Hash>, ...
The list of ALLOW rules specified by this firewall.
-
#description ⇒ Object?
An optional description of this resource.
-
#name ⇒ String?
Name of the resource.
-
#network ⇒ Object?
URL of the network resource for this firewall rule.
-
#source_ranges ⇒ Object?
If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges.
-
#source_tags ⇒ Array<String>, ...
If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags.
-
#state ⇒ :present, ...
Whether the given object should exist in GCP.
-
#target_tags ⇒ Array<String>, ...
A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[].,If no targetTags are specified, the firewall rule applies to all instances on the specified network.
Methods inherited from Base
Methods inherited from Ansible::Ruby::Models::Base
attr_option, attr_options, attribute, #initialize, remove_existing_validations, #to_h, validates
Constructor Details
This class inherits a constructor from Ansible::Ruby::Models::Base
Instance Method Details
#allowed ⇒ Array<Hash>, ...
Returns The list of ALLOW rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
18 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 18 attribute :allowed |
#description ⇒ Object?
Returns An optional description of this resource. Provide this property when you create the resource.
22 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 22 attribute :description |
#name ⇒ String?
Returns Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression ‘[a-z](*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
25 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 25 attribute :name |
#network ⇒ Object?
Returns URL of the network resource for this firewall rule. If not specified when creating a firewall rule, the default network is used: global/networks/default If you choose to specify this property, you can specify the network as a full or partial URL. For example, the following are all valid URLs: U(www.googleapis.com/compute/v1/projects/myproject/global/) networks/my-network projects/myproject/global/networks/my-network global/networks/default .
29 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 29 attribute :network |
#source_ranges ⇒ Object?
Returns If source ranges are specified, the firewall will apply only to traffic that has source IP address in these ranges. These ranges must be expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply. Only IPv4 is supported.
32 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 32 attribute :source_ranges |
#source_tags ⇒ Array<String>, ...
Returns If source tags are specified, the firewall will apply only to traffic with source IP that belongs to a tag listed in source tags. Source tags cannot be used to control traffic to an instance’s external IP address. Because tags are associated with an instance, not an IP address. One or both of sourceRanges and sourceTags may be set. If both properties are set, the firewall will apply to traffic that has source IP address within sourceRanges OR the source IP that belongs to a tag listed in the sourceTags property. The connection does not need to match both properties for the firewall to apply.
35 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 35 attribute :source_tags |
#state ⇒ :present, ...
Returns Whether the given object should exist in GCP.
14 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 14 attribute :state |
#target_tags ⇒ Array<String>, ...
Returns A list of instance tags indicating sets of instances located in the network that may make network connections as specified in allowed[].,If no targetTags are specified, the firewall rule applies to all instances on the specified network.
39 |
# File 'lib/ansible/ruby/modules/generated/cloud/google/gcp_compute_firewall.rb', line 39 attribute :target_tags |