diff options
Diffstat (limited to 'digitalocean/firewall/main.tf')
| -rw-r--r-- | digitalocean/firewall/main.tf | 34 |
1 files changed, 34 insertions, 0 deletions
diff --git a/digitalocean/firewall/main.tf b/digitalocean/firewall/main.tf new file mode 100644 index 0000000..937a76a --- /dev/null +++ b/digitalocean/firewall/main.tf @@ -0,0 +1,34 @@ +resource "digitalocean_firewall" "this" { + name = var.name + droplet_ids = var.droplet_ids + + inbound_rule { + protocol = "icmp" + source_addresses = ["0.0.0.0/0", "::/0"] + } + outbound_rule { + protocol = "icmp" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + + dynamic "inbound_rule" { + for_each = var.open_ports + + content { + protocol = "tcp" + port_range = inbound_rule.value + source_addresses = ["0.0.0.0/0", "::/0"] + } + } + + outbound_rule { + protocol = "tcp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } + outbound_rule { + protocol = "udp" + port_range = "1-65535" + destination_addresses = ["0.0.0.0/0", "::/0"] + } +} |