ce3d1cad35 | ||
---|---|---|
.. | ||
firewall | ||
README.md | ||
backend.tf.sample | ||
diagram.png | ||
main.tf | ||
outputs.tf | ||
variables.tf |
README.md
Decentralized firewall management
This sample shows how a decentralized firewall management can be organized using the firewall-yaml module.
This approach is a good fit when Shared VPCs are used across multiple application/infrastructure teams. A central repository keeps environment/team specific folders with firewall definitions in yaml
format. This is the high level diagram:
Variables
name | description | type | required | default |
---|---|---|---|---|
billing_account_id | Billing account id used as default for new projects. | string |
✓ | |
prefix | Prefix used for resources that need unique names. | string |
✓ | |
root_node | Hierarchy node where projects will be created, 'organizations/org_id' or 'folders/folder_id'. | string |
✓ | |
ip_ranges | Subnet IP CIDR ranges. | map(string) |
... |
|
project_services | Service APIs enabled by default in new projects. | list(string) |
... |
|
region | Region used. | string |
europe-west1 |
Outputs
name | description | sensitive |
---|---|---|
fw_rules | Firewall rules. | |
projects | Project ids. | |
vpc | Shared VPCs. |