38 lines
677 B
YAML
38 lines
677 B
YAML
# skip boilerplate check
|
|
|
|
allow-admins:
|
|
description: Access from the admin subnet to all subnets
|
|
priority: 1000
|
|
match:
|
|
source_ranges:
|
|
- rfc1918
|
|
|
|
allow-healthchecks:
|
|
description: Enable HTTP and HTTPS healthchecks
|
|
priority: 1001
|
|
match:
|
|
source_ranges:
|
|
- healthchecks
|
|
layer4_configs:
|
|
- protocol: tcp
|
|
ports: ["80", "443"]
|
|
|
|
allow-ssh-from-iap:
|
|
description: Enable SSH from IAP
|
|
priority: 1002
|
|
match:
|
|
source_ranges:
|
|
- 35.235.240.0/20
|
|
layer4_configs:
|
|
- protocol: tcp
|
|
ports: ["22"]
|
|
|
|
allow-icmp:
|
|
description: Enable ICMP
|
|
priority: 1003
|
|
match:
|
|
source_ranges:
|
|
- 0.0.0.0/0
|
|
layer4_configs:
|
|
- protocol: icmp
|