[Feature]: Add ability to update firewall rules

Question

[Feature]: Add ability to update firewall rules

Closed this issue 11 days ago · 3 comments

Description

Terraform provider for Linode doesn't have ability to change existing Firewall.

Linode doesn't support 2 Firewalls for one Instance (Linode)

My goal it is adding new rules to existing firewall using terraform or create second firewall for one instance with new rules by terraform.
So both of these use cases is not implemented in Linode.

My use case, I have Kafka instance which should be running on the public IP because I need to have connection to this Kafka instance from multiple regions (and multiple instances), these instances creating dynamically by terraform and I want to make whitelist in firewall for Kafka instance to allow access only from authorized IPs.
How can I implement it?
This features implemented in AWS, OCI, GCP and etc.

Thank you.

New or Affected Terraform Resources

No response

Potential Terraform Configuration

resource "aws_security_group_rule" "example" {
  type              = "ingress"
  from_port         = 0
  to_port           = 65535
  protocol          = "tcp"
  cidr_blocks       = [aws_vpc.example.cidr_block]
  ipv6_cidr_blocks  = [aws_vpc.example.ipv6_cidr_block]
  security_group_id = "sg-123456"
}

Answer 1 · 2024-10-04T21:52:49.000Z

Hi @iolesyk, thanks for the feature request!

Due to current API limitations, it's not easy for Terraform to directly change the firewall of a Linode instance.

If a firewall is not required during Linode instance booting time, you may you use linode_firewall_device resource to attach the Linode to the firewall, and then you can easily update the firewall in that resource.

On the other hand, if firewall coverage is required during Linode booting, we might have to look into a complicated way, for example, setting firewall_id in the linode_instance resource, and then remove that attribute and then import it to a linode_firewall_device resource.

The firewall rules can be updated within a linode_firewall resource, but be aware that there is a bug related to this operation that's being fixed in #1605

Answer 2 · 2024-11-04T00:18:56.000Z

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days

Answer 3 · 2024-12-08T00:21:26.000Z

This issue is stale because it has been open 30 days with no activity. Remove stale label or comment or this will be closed in 5 days

Description

My goal it is adding new rules to existing firewall using terraform or create second firewall for one instance with new rules by terraform. So both of these use cases is not implemented in Linode.

New or Affected Terraform Resources

Potential Terraform Configuration

My goal it is adding new rules to existing firewall using terraform or create second firewall for one instance with new rules by terraform.
So both of these use cases is not implemented in Linode.