2019-01-23 22:55:53 +08:00
|
|
|
resource "google_compute_firewall" "islands-in" {
|
2019-09-03 22:22:07 +08:00
|
|
|
name = "${local.resource_prefix}islands-in"
|
2019-01-23 22:55:53 +08:00
|
|
|
network = "${google_compute_network.monkeyzoo.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "tcp"
|
2019-01-23 23:13:00 +08:00
|
|
|
ports = ["22", "443", "3389", "5000"]
|
2019-01-23 22:55:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
direction = "INGRESS"
|
|
|
|
priority = "65534"
|
|
|
|
target_tags = ["island"]
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "islands-out" {
|
2019-09-03 22:22:07 +08:00
|
|
|
name = "${local.resource_prefix}islands-out"
|
2019-01-23 22:55:53 +08:00
|
|
|
network = "${google_compute_network.monkeyzoo.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "tcp"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "EGRESS"
|
|
|
|
priority = "65534"
|
|
|
|
target_tags = ["island"]
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "monkeyzoo-in" {
|
2019-09-03 22:22:07 +08:00
|
|
|
name = "${local.resource_prefix}monkeyzoo-in"
|
2019-01-23 22:55:53 +08:00
|
|
|
network = "${google_compute_network.monkeyzoo.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "all"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "INGRESS"
|
|
|
|
priority = "65534"
|
2019-09-04 21:06:49 +08:00
|
|
|
source_ranges = ["10.2.2.0/24", "10.2.1.0/27"]
|
2019-01-23 22:55:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "monkeyzoo-out" {
|
2019-09-03 22:22:07 +08:00
|
|
|
name = "${local.resource_prefix}monkeyzoo-out"
|
2019-01-23 22:55:53 +08:00
|
|
|
network = "${google_compute_network.monkeyzoo.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "all"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "EGRESS"
|
|
|
|
priority = "65534"
|
2019-09-04 21:06:49 +08:00
|
|
|
destination_ranges = ["10.2.2.0/24", "10.2.1.0/27"]
|
2019-01-23 22:55:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "tunneling-in" {
|
2019-09-03 22:22:07 +08:00
|
|
|
name = "${local.resource_prefix}tunneling-in"
|
2019-01-23 22:55:53 +08:00
|
|
|
network = "${google_compute_network.tunneling.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "all"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "INGRESS"
|
2019-09-04 21:06:49 +08:00
|
|
|
source_ranges = ["10.2.2.0/24", "10.2.0.0/28"]
|
2019-01-23 22:55:53 +08:00
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "tunneling-out" {
|
2019-09-03 22:22:07 +08:00
|
|
|
name = "${local.resource_prefix}tunneling-out"
|
2019-01-23 22:55:53 +08:00
|
|
|
network = "${google_compute_network.tunneling.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "all"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "EGRESS"
|
2019-09-04 21:06:49 +08:00
|
|
|
destination_ranges = ["10.2.2.0/24", "10.2.0.0/28"]
|
|
|
|
}
|
|
|
|
resource "google_compute_firewall" "tunneling2-in" {
|
|
|
|
name = "${local.resource_prefix}tunneling2-in"
|
|
|
|
network = "${google_compute_network.tunneling2.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "all"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "INGRESS"
|
|
|
|
source_ranges = ["10.2.1.0/27"]
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_firewall" "tunneling2-out" {
|
|
|
|
name = "${local.resource_prefix}tunneling2-out"
|
|
|
|
network = "${google_compute_network.tunneling2.name}"
|
|
|
|
|
|
|
|
allow {
|
|
|
|
protocol = "all"
|
|
|
|
}
|
|
|
|
|
|
|
|
direction = "EGRESS"
|
|
|
|
destination_ranges = ["10.2.1.0/27"]
|
2019-01-23 22:55:53 +08:00
|
|
|
}
|