website/docs/r/network_acl_rule.html.markdown - cloudstack-terraform-provider - Git at Google

 ---
 layout: "cloudstack"
 page_title: "CloudStack: cloudstack_network_acl_rule"
 sidebar_current: "docs-cloudstack-resource-network-acl-rule"
 description: |-
   Creates network ACL rules for a given network ACL.
 ---

 # cloudstack_network_acl_rule

 Creates network ACL rules for a given network ACL.

 ## Example Usage

 ```hcl
 resource "cloudstack_network_acl_rule" "default" {
   acl_id = "f3843ce0-334c-4586-bbd3-0c2e2bc946c6"

   rule {
     action       = "allow"
     cidr_list    = ["10.0.0.0/8"]
     protocol     = "tcp"
     ports        = ["80", "1000-2000"]
     traffic_type = "ingress"
   }
 }
 ```

 ## Argument Reference

 The following arguments are supported:

 * `acl_id` - (Required) The network ACL ID for which to create the rules.
     Changing this forces a new resource to be created.

 * `managed` - (Optional) USE WITH CAUTION! If enabled all the firewall rules for
     this network ACL will be managed by this resource. This means it will delete
     all firewall rules that are not in your config! (defaults false)

 * `rule` - (Optional) Can be specified multiple times. Each rule block supports
     fields documented below. If `managed = false` at least one rule is required!

 * `project` - (Optional) The name or ID of the project to deploy this
     instance to. Changing this forces a new resource to be created.

 * `parallelism` (Optional) Specifies how much rules will be created or deleted
     concurrently. (defaults 2)

 The `rule` block supports:

 * `action` - (Optional) The action for the rule. Valid options are: `allow` and
     `deny` (defaults allow).

 * `cidr_list` - (Required) A CIDR list to allow access to the given ports.

 * `protocol` - (Required) The name of the protocol to allow. Valid options are:
     `tcp`, `udp`, `icmp`, `all` or a valid protocol number.

 * `icmp_type` - (Optional) The ICMP type to allow, or `-1` to allow `any`. This
     can only be specified if the protocol is ICMP. (defaults 0)

 * `icmp_code` - (Optional) The ICMP code to allow, or `-1` to allow `any`. This
     can only be specified if the protocol is ICMP. (defaults 0)

 * `ports` - (Optional) List of ports and/or port ranges to allow. This can only
     be specified if the protocol is TCP, UDP, ALL or a valid protocol number.

 * `traffic_type` - (Optional) The traffic type for the rule. Valid options are:
     `ingress` or `egress` (defaults ingress).

 ## Attributes Reference

 The following attributes are exported:

 * `id` - The ACL ID for which the rules are created.
	---
	layout: "cloudstack"
	page_title: "CloudStack: cloudstack_network_acl_rule"
	sidebar_current: "docs-cloudstack-resource-network-acl-rule"
	description: \|-
	Creates network ACL rules for a given network ACL.
	---

	# cloudstack_network_acl_rule

	Creates network ACL rules for a given network ACL.

	## Example Usage

	```hcl
	resource "cloudstack_network_acl_rule" "default" {
	acl_id = "f3843ce0-334c-4586-bbd3-0c2e2bc946c6"

	rule {
	action = "allow"
	cidr_list = ["10.0.0.0/8"]
	protocol = "tcp"
	ports = ["80", "1000-2000"]
	traffic_type = "ingress"
	}
	}
	```

	## Argument Reference

	The following arguments are supported:

	* `acl_id` - (Required) The network ACL ID for which to create the rules.
	Changing this forces a new resource to be created.

	* `managed` - (Optional) USE WITH CAUTION! If enabled all the firewall rules for
	this network ACL will be managed by this resource. This means it will delete
	all firewall rules that are not in your config! (defaults false)

	* `rule` - (Optional) Can be specified multiple times. Each rule block supports
	fields documented below. If `managed = false` at least one rule is required!

	* `project` - (Optional) The name or ID of the project to deploy this
	instance to. Changing this forces a new resource to be created.

	* `parallelism` (Optional) Specifies how much rules will be created or deleted
	concurrently. (defaults 2)

	The `rule` block supports:

	* `action` - (Optional) The action for the rule. Valid options are: `allow` and
	`deny` (defaults allow).

	* `cidr_list` - (Required) A CIDR list to allow access to the given ports.

	* `protocol` - (Required) The name of the protocol to allow. Valid options are:
	`tcp`, `udp`, `icmp`, `all` or a valid protocol number.

	* `icmp_type` - (Optional) The ICMP type to allow, or `-1` to allow `any`. This
	can only be specified if the protocol is ICMP. (defaults 0)

	* `icmp_code` - (Optional) The ICMP code to allow, or `-1` to allow `any`. This
	can only be specified if the protocol is ICMP. (defaults 0)

	* `ports` - (Optional) List of ports and/or port ranges to allow. This can only
	be specified if the protocol is TCP, UDP, ALL or a valid protocol number.

	* `traffic_type` - (Optional) The traffic type for the rule. Valid options are:
	`ingress` or `egress` (defaults ingress).

	## Attributes Reference

	The following attributes are exported:

	* `id` - The ACL ID for which the rules are created.