35 lines
974 B
YAML
35 lines
974 B
YAML
# skip boilerplate check
|
|
---
|
|
# Terraform will be unable to decode this file if it does not contain valid YAML
|
|
# You can retain `---` (start of the document) to indicate an empty document.
|
|
|
|
ingress:
|
|
allow-hc-nva-ssh-landing:
|
|
description: "Allow traffic from Google healthchecks to NVA appliances"
|
|
source_ranges:
|
|
- healthchecks
|
|
rules:
|
|
- protocol: tcp
|
|
ports:
|
|
- 22
|
|
allow-onprem-probes-landing-example:
|
|
description: "Allow traffic from onprem probes"
|
|
source_ranges:
|
|
- onprem_probes
|
|
rules:
|
|
- protocol: tcp
|
|
ports:
|
|
- 12345
|
|
# This is not really needed, but it's good to have it
|
|
# in place if the more generic hierarchical firewall policies
|
|
# get deleted
|
|
allow-ncc-nva-bgp-landing:
|
|
description: "Allow BGP traffic from NCC Cloud Routers to NVAs"
|
|
source_ranges:
|
|
- ncc_cloud_routers_landing
|
|
targets: ["nva"]
|
|
rules:
|
|
- protocol: tcp
|
|
ports:
|
|
- 179
|