Please note that the contents of this offline web site may be out of date. To access the most recent documentation visit the online version .
Note that links that point to online resources are green in color and will open in a new window.
We would love it if you could give us feedback about this material by filling this form (You have to be online to fill it)



Firewalls: insert

Requires authorization

Creates a firewall resource in the specified project using the data included in the request. Try it now .

Request

HTTP request 

POST https://www.googleapis.com/compute/v1/projects/project/global/firewalls

Parameters

Parameter name Value Description
Path parameters
project string Project ID of the project scoping this request.

Authorization

This request requires authorization with the following scope ( read more about authentication and authorization ).

Scope
https://www.googleapis.com/auth/compute

Request body

In the request body, supply a Firewalls resource with the following properties:

Property name Value Description Notes
Required Properties
name string Name of the resource; provided by the client when the resource is created. The name must be 1-63 characters long, and comply
with
RFC1035 . Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
which means
the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or
digit, except the last character, which cannot be a dash.
allowed[] list The list of rules specified by this firewall. Each rule specifies a protocol and port-range tuple that describes a permitted connection.
allowed[]. IPProtocol string The IP protocol that is allowed for this rule. This can either be a well known protocol string ( tcp , udp, or icmp ) or the IP protocol number. For example: 
"allowed": [
    {
      "IPProtocol": "tcp"
    },
    {
      "IPProtocol": "17",
      "ports": [ "161" ],
    }
  ]

Note: Certain types of traffic are not allowed between virtual machines and the Internet, regardless of the firewall settings. Read the documentation on blocked traffic for more information.

network string Fully-qualified URL of the network to which this firewall is applied; provided by the client when the firewall is created. For example: 
http://www.googleapis.com/compute/v1/project/<project-id>/global/networks/<network-name>
Supply at least one of the following properties:
sourceRanges[] list The address blocks that this rule applies to, expressed in CIDR format. One or both of sourceRanges and sourceTags may be set. An inbound connection is allowed if either the range or the tag of the source matches the sourceRanges or sourceTags . For example, "sourceRanges": ["192.168.0.0/16"] .
sourceTags[] list A list of instance tags which this rule applies to. One or both of sourceRanges and sourceTags may be set. An inbound connection is allowed if either the range or the tag of the source matches the sourceRanges or sourceTags . For example, "sourceTags": ["frontend", "external"] .

Response

If successful, this method returns a GlobalOperations resource in the response body. 

{
  "kind": "compute#operation",
  "id": unsigned long,
  "creationTimestamp": string,
  "name": string,
  "zone": string,
  "clientOperationId": string,
  "operationType": string,
  "targetLink": string,
  "targetId": unsigned long,
  "status": string,
  "statusMessage": string,
  "user": string,
  "progress": integer,
  "insertTime": string,
  "startTime": string,
  "endTime": string,
  "error": {
    "errors": [
      {
        "code": string,
        "location": string,
        "message": string
      }
    ]
  },
  "warnings": [
    {
      "code": string,
      "message": string,
      "data": [
        {
          "key": string,
          "value": string
        }
      ]
    }
  ],
  "httpErrorStatusCode": integer,
  "httpErrorMessage": string,
  "selfLink": string,
  "region": string
}
Property name Value Description Notes
clientOperationId string [Output Only] An optional identifier specified by the client when the mutation was initiated. Must be unique for all operation resources in the project.
creationTimestamp string [Output Only] Creation timestamp in RFC3339 text format.
endTime string [Output Only] The time that this operation was completed. This is in RFC3339 text format.
error object [Output Only] If errors occurred during processing of this operation, this field will be populated.
error. errors[] list [Output Only] The array of errors encountered while processing this operation.
error.errors[]. code string [Output Only] The error type identifier for this error.
error.errors[]. location string [Output Only] Indicates the field in the request which caused the error. This property is optional.
error.errors[]. message string [Output Only] An optional, human-readable error message.
httpErrorMessage string [Output Only] If operation fails, the HTTP error message returned, e.g. NOT FOUND .
httpErrorStatusCode integer [Output Only] If operation fails, the HTTP error status code returned, e.g. 404 .
id unsigned long [Output Only] Unique identifier for the resource, generated by the server.
insertTime string [Output Only] The time that this operation was requested. This is in RFC3339 text format.
kind string [Output Only] Type of the resource. Always compute#operation for Operation resources.
name string [Output Only] Name of the resource.
operationType string [Output Only] Type of the operation. Operations include insert , update , and delete .
progress integer [Output Only] An optional progress indicator that ranges from 0 to 100. There is no requirement that this be linear or support any granularity of operations. This should not be used to guess at when the operation will be complete. This number should be monotonically increasing as the operation progresses.
region string [Output Only] URL of the region where the operation resides. Only available when performing regional operations.
startTime string [Output Only] The time that this operation was started by the server. This is in RFC3339 text format.
status string [Output Only] Status of the operation.

Acceptable values are:
  • " DONE ": The operation has finished.
  • " PENDING ": The operation is pending and not yet run.
  • " RUNNING ": The operation is currently running.
statusMessage string [Output Only] An optional textual description of the current status of the operation.
targetId unsigned long [Output Only] Unique target id which identifies a particular incarnation of the target.
user string [Output Only] User who requested the operation, for example: [email protected] .
warnings[] list [Output Only] If there are issues with this operation, a warning is returned.
warnings[]. code string [Output Only] The warning type identifier for this warning.

Acceptable values are:
  • " DEPRECATED_RESOURCE_USED ": Indicates that you are using a deprecated resource and should transition to using a more current resource.
  • " INJECTED_KERNELS_DEPRECATED ": Indicates that specifying a separate Kernel resource is deprecated. You should transition to using images that contain kernel binaries. See Kernels for more information.
  • " NEXT_HOP_ADDRESS_NOT_ASSIGNED ": You did not specify a next hop address for your route.
  • " NEXT_HOP_CANNOT_IP_FORWARD ": In order for your route to work correctly, your source and destination virtual machine instances must have canIpForward enabled. See the documentation for more information.
  • " NEXT_HOP_INSTANCE_NOT_FOUND ": The next hop instance you specified was not found. Please double check that the instance exists and that you have specified it correctly.
  • " NEXT_HOP_INSTANCE_NOT_ON_NETWORK ": The next hop instance you specified was not found on the same network as your route object. Please make sure the instance is part of the same network as your route object.
  • " NEXT_HOP_NOT_RUNNING ": The next hop instance you specified is not currently running. Please restart or create the instnce.
  • " NO_RESULTS_ON_PAGE ": There were no results for your request.
  • " REQUIRED_TOS_AGREEMENT ": You must first agree to the terms of service agreement before you can use this service.
  • " UNREACHABLE ": The Compute Engine service is currently unreachable.
warnings[]. data[] list [Output Only] Metadata for this warning in 'key: value' format.
warnings[].data[]. key string [Output Only] Metadata key for this warning.
warnings[].data[]. value string [Output Only] Metadata value for the specified key.
warnings[]. message string [Output Only] Optional human-readable details for this warning.
zone string [Output Only] URL of the zone where the operation resides. Only available when performing per-zone operations.

Try it!

Use the APIs Explorer below to call this method on live data and see the response.

Except as otherwise noted, the content of this page is licensed under the Creative Commons Attribution 3.0 License , and code samples are licensed under the Apache 2.0 License . For details, see our Site Policies .

Authentication required

You need to be signed in with Google+ to do that.

Signing you in...

Google Developers needs your permission to do that.