mirrors/terraform-provider-proxmox
0
0
Fork 0
mirror of https://github.com/bpg/terraform-provider-proxmox.git synced 2025-07-06 05:53:58 +00:00
Code
9465f1472c
terraform-provider-proxmox/docs/resources/virtual_environment_firewall_options.md
Pavel Boldyrev 98e1cff7fe
feat: Add firewall resources (#246) 
* refactoring existing cluster / firewall API for better composition

* add basic security groups API
fix linter errors

* add rules API

* fix after renaming resourceVirtualEnvironmentClusterIPSet

* fix linter errors

* make linter happy

* even more refactoring

* tidy up datasources

* in refactoring spree

* update examples

* fix firewall resource/datasource & client error handling

* add ipset(s) datasource

* update docs

* add security group resource with rules

* docs

* fix security group update, TODO: rule update

* fix after rebase

* add rule update, extract common rule schema, refactor group

* fix linter  errors

* bump linter for ci

* make alias and ipset reusable

* make security group reusable

* refactor datasources

* add security group datasources

* fix linter errors

* update docs

TODO: documentation for group datasources

* add sg docs, update doc index

* minor cleanup

* fix examples & tests

* stub for firewall-level options and rules

* extract firewall interface

* add firewall options and rules on the cluster level

TODO: issues with rule list management

* refactor all resources format AGAIN, now more flat, without complex subresources

* sort out hierarchy of APIs and remove duplication in API wrappers

* bring back security group

* finally, working rules

* restore cluster firewall option

* add containers support

* add options

* move rules back under security group, update docs

* fix vm_id / container_id attrs

* add examples

* cleanup

* more cleanup


Release-As: 0.17.0-rc1
2023-04-02 18:01:10 -04:00

2.0 KiB
Raw Blame History

layout title permalink nav_order parent subcategory
page proxmox_virtual_environment_firewall_options /resources/virtual_environment_firewall_options 9 Resources Virtual Environment

Resource: proxmox_virtual_environment_firewall_options

Manages firewall options on VM / Container level.

Example Usage

resource "proxmox_virtual_environment_firewall_options" "example" {
  enabled = false

  dhcp          = true
  enabled       = false
  ipfilter      = true
  log_level_in  = "info"
  log_level_out = "info"
  macfilter     = false
  ndp           = true
  input_policy  = "ACCEPT
  output_policy = "ACCEPT"
  radv          = true
}

Argument Reference

  • node_name - (Required) Node name.
  • vm_id - (Optional) VM ID. Leave empty for cluster level aliases.
  • container_id - (Optional) Container ID. Leave empty for cluster level aliases.
  • dhcp - (Optional)Enable DHCP.
  • enabled - (Optional) Enable or disable the firewall.
  • ipfilter - (Optional) Enable default IP filters. This is equivalent to adding an empty ipfilter-net ipset for every interface. Such ipsets implicitly contain sane default restrictions such as restricting IPv6 link local addresses to the one derived from the interface's MAC address. For containers the configured IP addresses will be implicitly added.
  • log_level_in - (Optional) Log level for incoming packets (emerg, alert, crit, err, warning, notice, info, debug, nolog).
  • log_level_out - (Optional) Log level for outgoing packets (emerg, alert, crit, err, warning, notice, info, debug, nolog).
  • macfilter - (Optional) Enable/disable MAC address filter.
  • ndp - (Optional) Enable NDP (Neighbor Discovery Protocol).
  • input_policy - (Optional) The default input policy (ACCEPT, DROP, REJECT).
  • output_policy - (Optional) The default output policy (ACCEPT, DROP, REJECT).
  • radv - (Optional) Enable Router Advertisement.

Attribute Reference

There are no additional attributes available for this resource.