vpc_firewall_rules_view

List firewall rules
get/v1/vpc-firewall-rules

Query Parameters

project

vpc

Responses

Object
rules

A single rule in a VPC firewall

Object
action

Whether traffic matching the rule should be allowed or dropped

allowdeny
description

human-readable free-form text about a resource

direction

Whether this rule is for incoming or outgoing traffic

inboundoutbound
filters

Reductions on the scope of the rule

Filters reduce the scope of a firewall rule. Without filters, the rule applies to all packets to the targets (or from the targets, if it's an outbound rule). With multiple filters, the rule applies only to packets matching ALL filters. The maximum number of each type of filter is 256.

Object
hosts

If present, host filters match the "other end" of traffic from the target’s perspective: for an inbound rule, they match the source of traffic. For an outbound rule, they match the destination.

The VpcFirewallRuleHostFilter is used to filter traffic on the basis of its source or destination host.

ports

If present, the destination ports or port ranges this rule applies to.

An inclusive-inclusive range of IP ports. The second port may be omitted to represent a single port.

protocols

If present, the networking protocols this rule applies to.

TCPUDPICMP

The protocols that may be specified in a firewall rule's filter

id

unique, immutable, system-controlled identifier for each resource

name

unique, mutable, user-controlled identifier for each resource

Names must begin with a lower case ASCII letter, be composed exclusively of lowercase ASCII, uppercase ASCII, numbers, and '-', and may not end with a '-'. Names cannot be a UUID, but they may contain a UUID. They can be at most 63 characters long.

priority

The relative priority of this rule

status

Whether this rule is in effect

disabledenabled
targets

Determine the set of instances that the rule applies to

A VpcFirewallRuleTarget is used to specify the set of instances to which a firewall rule applies. You can target instances directly by name, or specify a VPC, VPC subnet, IP, or IP subnet, which will apply the rule to traffic going to all matching instances. Targets are additive: the rule applies to instances matching ANY target.

time_created

timestamp when this resource was created

time_modified

timestamp when this resource was last modified

vpc_id

The VPC to which this rule belongs