33 lines
504 B
HCL
33 lines
504 B
HCL
# Hetzner Cloud Firewall
|
|
|
|
resource "hcloud_firewall" "icmp" {
|
|
name = "ICMP"
|
|
rule {
|
|
direction = "in"
|
|
protocol = "icmp"
|
|
source_ips = [
|
|
"0.0.0.0/0",
|
|
"::/0"
|
|
]
|
|
}
|
|
apply_to {
|
|
label_selector = "env=prod"
|
|
}
|
|
}
|
|
|
|
resource "hcloud_firewall" "ssh" {
|
|
name = "SSH"
|
|
rule {
|
|
direction = "in"
|
|
protocol = "tcp"
|
|
port = "22"
|
|
source_ips = [
|
|
var.bastion_host.ipv4,
|
|
var.bastion_host.ipv6
|
|
]
|
|
}
|
|
apply_to {
|
|
label_selector = "env=prod"
|
|
}
|
|
}
|