Reference [Preview]
Terraform
Provider
Resources
Security Group Rule

exoscale_security_group_rule (Resource)

Manage Exoscale Security Group Rules.

Example Usage 

resource "exoscale_security_group" "my_security_group" {
  name = "my-security-group"
}

resource "exoscale_security_group_rule" "my_security_group_rule" {
  security_group_id = exoscale_security_group.my_security_group.id
  type              = "INGRESS"
  protocol          = "TCP"
  cidr              = "0.0.0.0/0" # "::/0" for IPv6
  start_port        = 80
  end_port          = 80
}

Please refer to the examples directory for complete configuration examples.

Schema

Required

  • type (String) ❗ The traffic direction to match (INGRESS or EGRESS).

Optional

  • cidr (String) ❗ An (INGRESS) source / (EGRESS) destination IP subnet (in CIDR notation) to match (conflicts with public_security_group/user_security_group/user_security_group_id).
  • description (String) ❗ A free-form text describing the security group rule.
  • end_port (Number) ❗ A TCP/UDP port range to match.
  • icmp_code (Number) ❗ An ICMP/ICMPv6 type/code to match.
  • icmp_type (Number) ❗ An ICMP/ICMPv6 type/code to match.
  • protocol (String) ❗ The network protocol to match (TCP, UDP, ICMP, ICMPv6, AH, ESP, GRE, IPIP or ALL)
  • public_security_group (String) ❗ An (INGRESS) source / (EGRESS) destination public security group name to match (conflicts with cidr/user_security_group/user_security_group_id).
  • security_group (String, Deprecated) ❗ The parent security group name. Please use the security_group_id argument along the exoscale_security_group data source instead.
  • security_group_id (String) ❗ The parent exoscale_security_group ID.
  • start_port (Number) ❗ A TCP/UDP port range to match.
  • timeouts (Block, Optional) (see below for nested schema)
  • user_security_group (String, Deprecated) ❗ An (INGRESS) source / (EGRESS) destination security group name to match (conflicts with cidr/public_security_group/user_security_group_id). Please use the user_security_group_id argument along the exoscale_security_group data source instead.
  • user_security_group_id (String) ❗ An (INGRESS) source / (EGRESS) destination security group ID to match (conflicts with cidr/public_security_group/user_security_group)).

Read-Only

  • id (String) The ID of this resource.

Nested Schema for timeouts

Optional:

  • create (String)
  • delete (String)
  • read (String)

-> The symbol ❗ in an attribute indicates that modifying it, will force the creation of a new resource.

Import 

# An existing security group rule may be imported by `<security-group-ID>/<security-group-rule-ID>`:

terraform import \
  exoscale_security_group_rule.my_security_group_rule \
  f81d4fae-7dec-11d0-a765-00a0c91e6bf6/9ecc6b8b-73d4-4211-8ced-f7f29bb79524
Security GroupSks Cluster