aboutsummaryrefslogtreecommitdiffstatshomepage
path: root/yandex/firewall
diff options
context:
space:
mode:
Diffstat (limited to '')
-rw-r--r--yandex/firewall/main.tf25
-rw-r--r--yandex/firewall/outputs.tf3
-rw-r--r--yandex/firewall/providers.tf7
-rw-r--r--yandex/firewall/variables.tf9
4 files changed, 44 insertions, 0 deletions
diff --git a/yandex/firewall/main.tf b/yandex/firewall/main.tf
new file mode 100644
index 0000000..81dc26a
--- /dev/null
+++ b/yandex/firewall/main.tf
@@ -0,0 +1,25 @@
+resource "yandex_vpc_security_group" "this" {
+ network_id = var.vpc_id
+
+ name = var.name
+
+ ingress {
+ protocol = "ICMP"
+ v4_cidr_blocks = ["0.0.0.0/0"]
+ }
+
+ dynamic "ingress" {
+ for_each = var.open_ports
+
+ content {
+ protocol = "ANY"
+ v4_cidr_blocks = ["0.0.0.0/0"]
+ port = ingress.value
+ }
+ }
+
+ egress {
+ protocol = "ANY"
+ v4_cidr_blocks = ["0.0.0.0/0"]
+ }
+}
diff --git a/yandex/firewall/outputs.tf b/yandex/firewall/outputs.tf
new file mode 100644
index 0000000..72058aa
--- /dev/null
+++ b/yandex/firewall/outputs.tf
@@ -0,0 +1,3 @@
+output "id" {
+ value = yandex_vpc_security_group.this.id
+}
diff --git a/yandex/firewall/providers.tf b/yandex/firewall/providers.tf
new file mode 100644
index 0000000..3a5782f
--- /dev/null
+++ b/yandex/firewall/providers.tf
@@ -0,0 +1,7 @@
+terraform {
+ required_providers {
+ yandex = {
+ source = "yandex-cloud/yandex"
+ }
+ }
+}
diff --git a/yandex/firewall/variables.tf b/yandex/firewall/variables.tf
new file mode 100644
index 0000000..04e111a
--- /dev/null
+++ b/yandex/firewall/variables.tf
@@ -0,0 +1,9 @@
+variable "name" {
+ type = string
+}
+variable "vpc_id" {
+ type = string
+}
+variable "open_ports" {
+ type = list(number)
+}