github/terraform-provider-unifi
2
0
Fork 0
Code Issues Pull Requests Actions Packages Projects Releases Wiki Activity

Add guide to docs for managing firewall rules across multiple sites

Browse Source
This commit is contained in:
Paul Tyng
2021-09-13 08:56:51 -04:00
parent b3480bf51e
commit f38166b55c
3 changed files with 75 additions and 0 deletions
Download Patch File Download Diff File Expand all files Collapse all files

38
docs/guides/multiple-site-firewall.md Normal file
View File

@@ -0,0 +1,38 @@
---
subcategory: ""
page_title: "Manage Firewall Rules for Multiple Sites - Unifi Provider"
description: |-
An example of applying firewall rules to multiple sites.
---
# Manage Firewall Rules for Multiple Sites
The provider takes a default site value but all resources in the provider should allow overriding of the
site you are managing. In order to apply and manage a firewall rule across multiple sites, you simply
need to provide different values for the `site` attribute to `unifi_firewall_rule`:
```terraform
resource "unifi_firewall_rule" "rule" {
# list of sites
for_each = toset(["default", "vq98kwez", "bfa2l6i7"])
# use the key of the list as the site value
site = each.key
name = "drop all"
action = "drop"
ruleset = "LAN_IN"
rule_index = 2011
protocol = "all"
dst_address = var.ip_address
}
```
You could optionally load lists of sites from JSON/CSV, variables, or other sources.
When you apply this configuration it will create the same firewall rule on every site in the list.
If you need to update the rule, you simply make an update to the rule definition and Terraform will
apply/update it across all the sites. If you add / or remove a site from the list, Terraform will also
handle creating or removing the rule on the subsequent `terraform apply`.

16
examples/multiple_site_firewall/firewall.tf Normal file
View File

@@ -0,0 +1,16 @@
resource "unifi_firewall_rule" "rule" {
# list of sites
for_each = toset(["default", "vq98kwez", "bfa2l6i7"])
# use the key of the list as the site value
site = each.key
name = "drop all"
action = "drop"
ruleset = "LAN_IN"
rule_index = 2011
protocol = "all"
dst_address = var.ip_address
}

21
templates/guides/multiple-site-firewall.md.tmpl Normal file
View File

@@ -0,0 +1,21 @@
---
subcategory: ""
page_title: "Manage Firewall Rules for Multiple Sites - Unifi Provider"
description: |-
An example of applying firewall rules to multiple sites.
---
# Manage Firewall Rules for Multiple Sites
The provider takes a default site value but all resources in the provider should allow overriding of the
site you are managing. In order to apply and manage a firewall rule across multiple sites, you simply
need to provide different values for the `site` attribute to `unifi_firewall_rule`:
{{ tffile "examples/multiple_site_firewall/firewall.tf" }}
You could optionally load lists of sites from JSON/CSV, variables, or other sources.
When you apply this configuration it will create the same firewall rule on every site in the list.
If you need to update the rule, you simply make an update to the rule definition and Terraform will
apply/update it across all the sites. If you add / or remove a site from the list, Terraform will also
handle creating or removing the rule on the subsequent `terraform apply`.