This template creates firewall rules for a network.
- Install gcloud
- Create a GCP project, set up billing, enable requisite APIs
- Create a network
- Grant the compute.networkAdmin or compute.securityAdmin IAM role to the project service account
-
Note:
The beta API supports the firewall log feature.
See the properties
section in the schema file(s):
- Clone the Deployment Manager samples repository:
git clone https://github.com/GoogleCloudPlatform/cloud-foundation-toolkit
- Go to the dm directory:
cd dm
- Copy the example DM config to be used as a model for the deployment; in this case, examples/firewall.yaml:
cp templates/firewall/examples/firewall.yaml my_firewall.yaml
- Change the values in the config file to match your specific GCP setup (for properties, refer to the schema files listed above):
vim my_firewall.yaml # <== change values to match your GCP setup
- Create your deployment (replace <YOUR_DEPLOYMENT_NAME> with the relevant deployment name):
gcloud deployment-manager deployments create <YOUR_DEPLOYMENT_NAME> \
--config my_firewall.yaml
- In case you need to delete your deployment:
gcloud deployment-manager deployments delete <YOUR_DEPLOYMENT_NAME>