Represents a Firewall resource. See Firewalls documentation for more information.
For a list of methods for this resource, see the end of this page.
Resource representations
A Firewall resource.
{
"kind": "compute#firewall",
"selfLink": string,
"id": unsigned long,
"creationTimestamp": string,
"name": string,
"description": string,
"network": string,
"sourceRanges": [
string
],
"sourceTags": [
string
],
"targetTags": [
string
],
"allowed": [
{
"IPProtocol": string,
"ports": [
string
]
}
]
}
| Property name | Value | Description | Notes |
|---|---|---|---|
allowed[]
|
list
|
The list of rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection. | |
allowed[].
IPProtocol
|
string
|
This is the IP protocol that is allowed for this rule. This can either be a well known protocol string (
tcp
,
udp
, or
icmp
) or the IP protocol number.
|
|
allowed[].
ports[]
|
list
|
An optional list of ports which are allowed. This is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, connections through any port are allowed.
Example inputs include:
["22"]
,
["80","443"]
, and
["12345-12349"]
.
|
|
creationTimestamp
|
string
|
[Output Only] Creation timestamp in RFC3339 text format. | |
description
|
string
|
An optional textual description of the resource; provided by the client when the resource is created. | |
id
|
unsigned long
|
[Output Only] Unique identifier for the resource; defined by the server. | |
kind
|
string
|
[Output Only]
Type of the resource. Always
compute#firewall
.
|
|
name
|
string
|
Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply
with RFC1035 . Specifically, the name must be 1-63 characters long and match the regular expression
[a-z]([-a-z0-9]*[a-z0-9])?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. |
|
network
|
string
|
Fully-qualified URL of the network to which this firewall is applied; provided by the client when the firewall is created. For example:
http://www.googleapis.com/compute/v1beta16/project/<project-id>/global/networks/<network-name> |
|
selfLink
|
string
|
[Output Only] Server defined URL for the resource. | |
sourceRanges[]
|
list
|
The IP address blocks that this rule applies to, expressed in
CIDR
format. One or both of
sourceRanges
and sourceTags may be set. An inbound connection is allowed if either the range or the tag of the source matches the
sourceRanges
or
sourceTags
.
|
|
sourceTags[]
|
list
|
A list of instance tags which this rule applies to. One or both of
sourceRanges
and sourceTags may be set. An inbound connection is allowed if either the range or the tag of the source matches the
sourceRanges
or
sourceTags
.
|
|
targetTags[]
|
list
|
A list of instance tags indicating sets of instances located on network which may make network connections as specified in
allowed[]
. If no
targetTags
are specified, the firewall rule applies to all instances on the specified network.
|
Methods
The following are valid Firewall resource methods:
- delete
- Deletes the specified firewall resource.
- get
- Returns the specified firewall resource.
- insert
- Creates a firewall resource in the specified project using the data included in the request.
- list
- Retrieves the list of firewall resources available to the specified project.
- patch
- Updates the specified firewall resource with the data included in the request. This method supports patch semantics.
- update
- Updates the specified firewall resource with the data included in the request.