Not able to define inline multiple primary nic firewall rules
sfuhrm opened this issue · 2 comments
sfuhrm commented
Description
This feels more like a design problem than a software bug.
The ionoscloud_server
server contains sub-definitions for nic, and the nic contains a sub-definition for firewall.
Unfortunately the firewall is only able to contain one single firewall rule:
resource "ionoscloud_server" "example" {
...
nic {
lan = ionoscloud_lan.mylan.id
name = "system"
dhcp = true
firewall_active = true
firewall_type = "INGRESS"
ips = [ ionoscloud_ipblock.myip.ips[0] ]
firewall {
protocol = "TCP"
port_range_start = 22
port_range_end = 22
}
}
Expected behavior
The expected behaviour would be to either be able to add additional separate firewall objects that can refer to the servers nic, or specify an array of firewall objects in the server.
resource "ionoscloud_server" "example" {
...
nic {
lan = ionoscloud_lan.mylan.id
name = "system"
dhcp = true
firewall_active = true
firewall_type = "INGRESS"
ips = [ ionoscloud_ipblock.myip.ips[0] ]
firewall [ {
protocol = "TCP"
port_range_start = 22
port_range_end = 22}, {
protocol = "TCP"
port_range_start = 80
port_range_end = 80}
]
}
Environment
Terraform version:
Terraform v1.4.6
Provider version:
+ provider registry.terraform.io/ionos-cloud/ionoscloud v6.3.6
OS:
Debain 11
Additional notes
It is possible to attach firewall rules to a server by using ionoscloud_firewall
resources:
resource "ionoscloud_firewall" "example" {
datacenter_id = ionoscloud_datacenter.terraform_1.id
server_id = ionoscloud_server.example.id
nic_id = ionoscloud_server.example.nic[0].id
protocol = "ICMP"
...
icmp_type = 1
icmp_code = 8
type = "INGRESS"
}
References
cristiGuranIonos commented
Currently you cannot define multiple inline firewall rules for a server, but we are working on enabling that hopefully in the next release.