Skip to content
Reference
Terraform Provider
Provider
Resources
Security Group Rule

exoscale_security_group_rule (Resource)

Manage Exoscale Security Groups rules.

Parent resource: exoscale_security_group_rule.

Example Usage 

resource "exoscale_security_group" "my_security_group" {
  name = "my-security-group"
}

resource "exoscale_security_group_rule" "my_security_group_rule" {
  security_group_id = exoscale_security_group.my_security_group.id
  type              = "INGRESS"
  protocol          = "TCP"
  cidr              = "0.0.0.0/0" # "::/0" for IPv6
  start_port        = 80
  end_port          = 80
}

Please refer to the examples directory for complete configuration examples.

Schema

Required

  • security_group_id (String) ❗ The parent exoscale_security_group ID.
  • type (String) ❗ The traffic direction to match (INGRESS or EGRESS).

Optional

  • cidr (String) ❗ An (INGRESS) source / (EGRESS) destination IP subnet (in CIDR notation) to match (conflicts with public_security_group/user_security_group_id).
  • description (String) ❗ A free-form text describing the the Security Group rule.
  • end_port (Number) ❗The end port number in the TCP/UDP port range to match (conflicts with icmp_type/icmp_code).
  • icmp_code (Number) ❗An ICMP/ICMPv6 code to match.
  • icmp_type (Number) ❗An ICMP/ICMPv6 type to match.
  • protocol (String) ❗ The network protocol to match (TCP, UDP, ICMP, ICMPv6, AH, ESP, GRE or IPIP)
  • public_security_group (String) ❗ An (INGRESS) source / (EGRESS) destination public security group name to match (conflicts with cidr/user_security_group_id).
  • start_port (Number) ❗A start port number in the TCP/UDP port range to match (conflicts with icmp_type/icmp_code).
  • timeouts (Block, Optional) (see below for nested schema)
  • user_security_group_id (String) ❗ An (INGRESS) source / (EGRESS) user security group ID to match (conflicts with cidr/public_security_group).

Read-Only

  • id (String) The ID of the Security Group rule.

Nested Schema for timeouts

Optional:

  • create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as “30s” or “2h45m”. Valid time units are “s” (seconds), “m” (minutes), “h” (hours).
  • delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as “30s” or “2h45m”. Valid time units are “s” (seconds), “m” (minutes), “h” (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
  • read (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as “30s” or “2h45m”. Valid time units are “s” (seconds), “m” (minutes), “h” (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
  • update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as “30s” or “2h45m”. Valid time units are “s” (seconds), “m” (minutes), “h” (hours).

-> The symbol ❗ in an attribute indicates that modifying it, will force the creation of a new resource.

Import 

# An existing security group rule may be imported by `<security-group-ID>/<security-group-rule-ID>`:

terraform import \
  exoscale_security_group_rule.my_security_group_rule \
  f81d4fae-7dec-11d0-a765-00a0c91e6bf6/9ecc6b8b-73d4-4211-8ced-f7f29bb79524
Last updated on
Security GroupSks Cluster