at least one ingress or egress rule
Closed this issue · 2 comments
Moosbart commented
This code
resource "civo_firewall" "example" {
name = "example"
create_default_rules = false
}
resource "civo_firewall_rule" "ingress-kubernetes" {
firewall_id = civo_firewall.example.id
protocol = "tcp"
action = "allow"
cidr = ["0.0.0.0/0"]
start_port = "6443"
end_port = "6443"
direction = "ingress"
label = "kubernetes-api-server"
}
resource "civo_firewall_rule" "egress-http" {
firewall_id = civo_firewall.example.id
protocol = "tcp"
action = "allow"
cidr = ["0.0.0.0/0"]
start_port = "80"
end_port = "80"
direction = "egress"
}
resource "civo_firewall_rule" "egress-https" {
firewall_id = civo_firewall.example.id
protocol = "tcp"
action = "allow"
cidr = ["0.0.0.0/0"]
start_port = "443"
end_port = "443"
direction = "egress"
}
causes:
╷
│ Error: if you set create_default_rules to false you need to define at least one ingress or egress rule
│
│ with module.civo.civo_firewall.example,
│ on civo/firewall.tf line 1, in resource "civo_firewall" "example":
│ 1: resource "civo_firewall" "example" {
│
╵
Since I did define ingress and egress rules I did not expect this error to occur.
alejandrojnm commented
Hi @Moosbart thanks for this, the thing is the civo_firewall_rule is deprecate the new way is adding the rules inside the firewall resource check here or add this:
this is just an example also you can have multiple ingress_rule and egress_rule
ingress_rule {
label = "ssh"
protocol = "tcp"
port_range = "22"
cidr = ["192.168.1.1/32", "192.168.10.4/32", "192.168.10.10/32"]
action = "allow"
}
egress_rule {
label = "all"
protocol = "tcp"
port_range = "1-65535"
cidr = ["0.0.0.0/0"]
action = "allow"
}alejandrojnm commented
Hi @Moosbart, if this is done, can you close the issue