Create a firewall rule

  using 
  
  Google.Cloud.Compute.V1 
 
 ; 
 using 
  
 System.Threading.Tasks 
 ; 
 public 
  
 class 
  
 CreateFirewallRuleAsyncSample 
 { 
  
 public 
  
 async 
  
 Task 
  
 CreateFirewallRuleAsync 
 ( 
  
 // TODO(developer): Set your own default values for these parameters or pass different values when calling this method. 
  
 string 
  
 projectId 
  
 = 
  
 "your-project-id" 
 , 
  
 string 
  
 firewallRuleName 
  
 = 
  
 "my-test-firewall-rule" 
 , 
  
 // Name of the network the rule will be applied to. Some available name formats: 
  
 // projects/{project_id}/global/networks/{network} 
  
 // global/networks/{network} 
  
 string 
  
 networkName 
  
 = 
  
 "global/networks/default" 
 ) 
  
 { 
  
  Firewall 
 
  
 firewallRule 
  
 = 
  
 new 
  
  Firewall 
 
  
 { 
  
 Name 
  
 = 
  
 firewallRuleName 
 , 
  
 Network 
  
 = 
  
 networkName 
 , 
  
 Direction 
  
 = 
  
  ComputeEnumConstants 
 
 . 
  Firewall 
 
 . 
  Direction 
 
 . 
  Ingress 
 
 , 
  
 Allowed 
  
 = 
  
 { 
  
 new 
  
  Allowed 
 
  
 { 
  
 Ports 
  
 = 
  
 { 
  
 "80" 
 , 
  
 "443" 
  
 }, 
  
 IPProtocol 
  
 = 
  
 "tcp" 
  
 } 
  
 }, 
  
 TargetTags 
  
 = 
  
 { 
  
 "web" 
  
 }, 
  
 Description 
  
 = 
  
 "Allows TCP traffic on port 80 and 443 from anywhere." 
  
 }; 
  
 // Note that the default value of priority for the firewall API is 1000. 
  
 // If you check the value of firewallRule.Priority at this point it 
  
 // will be equal to 0, however it is not treated as "set" by the library, and thus 
  
 // the default will be applied to the new rule. If you want to create a rule that 
  
 // has priority == 0, you'll need to explicitly set it: firewallRule.Priority = 0. 
  
 // You can use the firewallRule.HasPriority property to check if the priority has been set. 
  
 // You can use the firewallRule.ClearPriority() method to unset the priority. 
  
 // Initialize client that will be used to send requests. This client only needs to be created 
  
 // once, and can be reused for multiple requests. 
  
  FirewallsClient 
 
  
 client 
  
 = 
  
 await 
  
  FirewallsClient 
 
 . 
  CreateAsync 
 
 (); 
  
 // Create the firewall rule in the specified project. 
  
 var 
  
 firewallRuleCreation 
  
 = 
  
 await 
  
 client 
 . 
  InsertAsync 
 
 ( 
 projectId 
 , 
  
 firewallRule 
 ); 
  
 // Wait for the operation to complete using client-side polling. 
  
 await 
  
 firewallRuleCreation 
 . 
 PollUntilCompletedAsync 
 (); 
  
 } 
 } 
 

  import 
  
 ( 
  
 "context" 
  
 "fmt" 
  
 "io" 
  
 compute 
  
 "cloud.google.com/go/compute/apiv1" 
  
 computepb 
  
 "cloud.google.com/go/compute/apiv1/computepb" 
  
 "google.golang.org/protobuf/proto" 
 ) 
 // createFirewallRule creates a firewall rule allowing for incoming HTTP and HTTPS access from the entire Internet. 
 func 
  
 createFirewallRule 
 ( 
 w 
  
 io 
 . 
 Writer 
 , 
  
 projectID 
 , 
  
 firewallRuleName 
 , 
  
 networkName 
  
 string 
 ) 
  
 error 
  
 { 
  
 // projectID := "your_project_id" 
  
 // firewallRuleName := "europe-central2-b" 
  
 // networkName := "global/networks/default" 
  
 ctx 
  
 := 
  
 context 
 . 
 Background 
 () 
  
 firewallsClient 
 , 
  
 err 
  
 := 
  
 compute 
 . 
  NewFirewallsRESTClient 
 
 ( 
 ctx 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "NewInstancesRESTClient: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 defer 
  
 firewallsClient 
 . 
 Close 
 () 
  
 firewallRule 
  
 := 
  
& computepb 
 . 
 Firewall 
 { 
  
 Allowed 
 : 
  
 [] 
 * 
 computepb 
 . 
 Allowed 
 { 
  
 { 
  
 IPProtocol 
 : 
  
 proto 
 . 
 String 
 ( 
 "tcp" 
 ), 
  
 Ports 
 : 
  
 [] 
 string 
 { 
 "80" 
 , 
  
 "443" 
 }, 
  
 }, 
  
 }, 
  
 Direction 
 : 
  
 proto 
 . 
 String 
 ( 
 computepb 
 . 
  Firewall_INGRESS 
 
 . 
 String 
 ()), 
  
 Name 
 : 
  
& firewallRuleName 
 , 
  
 TargetTags 
 : 
  
 [] 
 string 
 { 
  
 "web" 
 , 
  
 }, 
  
 Network 
 : 
  
& networkName 
 , 
  
 Description 
 : 
  
 proto 
 . 
 String 
 ( 
 "Allowing TCP traffic on port 80 and 443 from Internet." 
 ), 
  
 } 
  
 // Note that the default value of priority for the firewall API is 1000. 
  
 // If you check the value of `firewallRule.GetPriority()` at this point it 
  
 // will be equal to 0, however it is not treated as "set" by the library and thus 
  
 // the default will be applied to the new rule. If you want to create a rule that 
  
 // has priority == 0, you need to explicitly set it so: 
  
 // firewallRule.Priority = proto.Int32(0) 
  
 req 
  
 := 
  
& computepb 
 . 
 InsertFirewallRequest 
 { 
  
 Project 
 : 
  
 projectID 
 , 
  
 FirewallResource 
 : 
  
 firewallRule 
 , 
  
 } 
  
 op 
 , 
  
 err 
  
 := 
  
 firewallsClient 
 . 
 Insert 
 ( 
 ctx 
 , 
  
 req 
 ) 
  
 if 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "unable to create firewall rule: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 if 
  
 err 
  
 = 
  
 op 
 . 
 Wait 
 ( 
 ctx 
 ); 
  
 err 
  
 != 
  
 nil 
  
 { 
  
 return 
  
 fmt 
 . 
 Errorf 
 ( 
 "unable to wait for the operation: %w" 
 , 
  
 err 
 ) 
  
 } 
  
 fmt 
 . 
 Fprintf 
 ( 
 w 
 , 
  
 "Firewall rule created\n" 
 ) 
  
 return 
  
 nil 
 } 
 

  import 
  
 com.google.cloud.compute.v1. Allowed 
 
 ; 
 import 
  
 com.google.cloud.compute.v1. Firewall 
 
 ; 
 import 
  
 com.google.cloud.compute.v1. Firewall 
.Direction 
 ; 
 import 
  
 com.google.cloud.compute.v1. FirewallsClient 
 
 ; 
 import 
  
 com.google.cloud.compute.v1. InsertFirewallRequest 
 
 ; 
 import 
  
 java.io.IOException 
 ; 
 import 
  
 java.util.UUID 
 ; 
 import 
  
 java.util.concurrent.ExecutionException 
 ; 
 import 
  
 java.util.concurrent.TimeUnit 
 ; 
 import 
  
 java.util.concurrent.TimeoutException 
 ; 
 public 
  
 class 
 CreateFirewallRule 
  
 { 
  
 public 
  
 static 
  
 void 
  
 main 
 ( 
 String 
 [] 
  
 args 
 ) 
  
 throws 
  
 IOException 
 , 
  
 ExecutionException 
 , 
  
 InterruptedException 
 , 
  
 TimeoutException 
  
 { 
  
 // TODO(developer): Replace these variables before running the sample 
  
 /* project: project ID or project number of the Cloud project you want to use. 
 firewallRuleName: name of the rule that is created. 
 network: name of the network the rule will be applied to. Available name formats: 
 * https://www.googleapis.com/compute/v1/projects/{project_id}/global/networks/{network} 
 * projects/{project_id}/global/networks/{network} 
 * global/networks/{network} */ 
  
 String 
  
 project 
  
 = 
  
 "your-project-id" 
 ; 
  
 String 
  
 firewallRuleName 
  
 = 
  
 "firewall-rule-name-" 
  
 + 
  
 UUID 
 . 
 randomUUID 
 (); 
  
 String 
  
 network 
  
 = 
  
 "global/networks/default" 
 ; 
  
 // The rule will be created with default priority of 1000. 
  
 createFirewall 
 ( 
 project 
 , 
  
 firewallRuleName 
 , 
  
 network 
 ); 
  
 } 
  
 // Creates a simple firewall rule allowing for incoming HTTP and 
  
 // HTTPS access from the entire Internet. 
  
 public 
  
 static 
  
 void 
  
 createFirewall 
 ( 
 String 
  
 project 
 , 
  
 String 
  
 firewallRuleName 
 , 
  
 String 
  
 network 
 ) 
  
 throws 
  
 IOException 
 , 
  
 ExecutionException 
 , 
  
 InterruptedException 
 , 
  
 TimeoutException 
  
 { 
  
 /* Initialize client that will be used to send requests. This client only needs to be created 
 once, and can be reused for multiple requests. After completing all of your requests, call 
 the `firewallsClient.close()` method on the client to safely 
 clean up any remaining background resources. */ 
  
 try 
  
 ( 
  FirewallsClient 
 
  
 firewallsClient 
  
 = 
  
  FirewallsClient 
 
 . 
 create 
 ()) 
  
 { 
  
 // The below firewall rule is created in the default network. 
  
  Firewall 
 
  
 firewallRule 
  
 = 
  
  Firewall 
 
 . 
 newBuilder 
 () 
  
 . 
 setName 
 ( 
 firewallRuleName 
 ) 
  
 . 
 setDirection 
 ( 
 Direction 
 . 
 INGRESS 
 . 
 toString 
 ()) 
  
 . 
  addAllowed 
 
 ( 
  
  Allowed 
 
 . 
 newBuilder 
 (). 
 addPorts 
 ( 
 "80" 
 ). 
 addPorts 
 ( 
 "443" 
 ). 
 setIPProtocol 
 ( 
 "tcp" 
 ). 
 build 
 ()) 
  
 . 
  addSourceRanges 
 
 ( 
 "0.0.0.0/0" 
 ) 
  
 . 
 setNetwork 
 ( 
 network 
 ) 
  
 . 
  addTargetTags 
 
 ( 
 "web" 
 ) 
  
 . 
 setDescription 
 ( 
 "Allowing TCP traffic on port 80 and 443 from Internet." 
 ) 
  
 . 
 build 
 (); 
  
 /* Note that the default value of priority for the firewall API is 1000. 
 If you check the value of `firewallRule.getPriority()` at this point it 
 will be equal to 0, however it is not treated as "set" by the library and thus 
 the default will be applied to the new rule. If you want to create a rule that 
 has priority == 0, you'll need to explicitly set it so: setPriority(0) */ 
  
  InsertFirewallRequest 
 
  
 insertFirewallRequest 
  
 = 
  
  InsertFirewallRequest 
 
 . 
 newBuilder 
 () 
  
 . 
 setFirewallResource 
 ( 
 firewallRule 
 ) 
  
 . 
 setProject 
 ( 
 project 
 ). 
 build 
 (); 
  
 firewallsClient 
 . 
 insertAsync 
 ( 
 insertFirewallRequest 
 ). 
 get 
 ( 
 3 
 , 
  
 TimeUnit 
 . 
 MINUTES 
 ); 
  
 System 
 . 
 out 
 . 
 println 
 ( 
 "Firewall rule created successfully -> " 
  
 + 
  
 firewallRuleName 
 ); 
  
 } 
  
 } 
 } 
 

  /** 
 * TODO(developer): Uncomment and replace these variables before running the sample. 
 */ 
 // const projectId = 'YOUR_PROJECT_ID'; 
 // const firewallRuleName = 'YOUR_FIREWALL_RULE_NAME' 
 // const networkName = 'global/networks/default' 
 const 
  
 compute 
  
 = 
  
 require 
 ( 
 ' @google-cloud/compute 
' 
 ); 
 const 
  
 computeProtos 
  
 = 
  
 compute 
 . 
 protos 
 . 
 google 
 . 
 cloud 
 . 
 compute 
 . 
 v1 
 ; 
 async 
  
 function 
  
 createFirewallRule 
 () 
  
 { 
  
 const 
  
 firewallsClient 
  
 = 
  
 new 
  
 compute 
 . 
  FirewallsClient 
 
 (); 
  
 const 
  
 operationsClient 
  
 = 
  
 new 
  
 compute 
 . 
  GlobalOperationsClient 
 
 (); 
  
 const 
  
 firewallRule 
  
 = 
  
 new 
  
 computeProtos 
 . 
  Firewall 
 
 (); 
  
 firewallRule 
 . 
 name 
  
 = 
  
 firewallRuleName 
 ; 
  
 firewallRule 
 . 
 direction 
  
 = 
  
 'INGRESS' 
 ; 
  
 firewallRule 
 . 
 allowed 
  
 = 
  
 [ 
  
 { 
  
 IPProtocol 
 : 
  
 'tcp' 
 , 
  
 ports 
 : 
  
 [ 
 '80' 
 , 
  
 '443' 
 ], 
  
 }, 
  
 ]; 
  
 firewallRule 
 . 
 targetTags 
  
 = 
  
 [ 
 'web' 
 ]; 
  
 firewallRule 
 . 
 network 
  
 = 
  
 networkName 
 ; 
  
 firewallRule 
 . 
 description 
  
 = 
  
 'Allowing TCP traffic on port 80 and 443 from Internet.' 
 ; 
  
 // Note that the default value of priority for the firewall API is 1000. 
  
 // If you check the value of `firewallRule.priority` at this point it 
  
 // will be equal to null, however it is not treated as "set" by the library and thus 
  
 // the default will be applied to the new rule. If you want to create a rule that 
  
 // has priority == 0, you need to explicitly set it so: 
  
 // firewallRule.priority = 0 
  
 const 
  
 [ 
 response 
 ] 
  
 = 
  
 await 
  
 firewallsClient 
 . 
 insert 
 ({ 
  
 project 
 : 
  
 projectId 
 , 
  
 firewallResource 
 : 
  
 firewallRule 
 , 
  
 }); 
  
 let 
  
 operation 
  
 = 
  
 response 
 . 
 latestResponse 
 ; 
  
 // Wait for the create operation to complete. 
  
 while 
  
 ( 
 operation 
 . 
 status 
  
 !== 
  
 'DONE' 
 ) 
  
 { 
  
 [ 
 operation 
 ] 
  
 = 
  
 await 
  
 operationsClient 
 . 
 wait 
 ({ 
  
 operation 
 : 
  
 operation 
 . 
 name 
 , 
  
 project 
 : 
  
 projectId 
 , 
  
 }); 
  
 } 
  
 console 
 . 
 log 
 ( 
 'Firewall rule created' 
 ); 
 } 
 createFirewallRule 
 (); 
 

  use Google\Cloud\Compute\V1\Allowed; 
 use Google\Cloud\Compute\V1\Client\FirewallsClient; 
 use Google\Cloud\Compute\V1\Enums\Firewall\Direction; 
 /** 
 * To correctly handle string enums in Cloud Compute library 
 * use constants defined in the Enums subfolder. 
 */ 
 use Google\Cloud\Compute\V1\Firewall; 
 use Google\Cloud\Compute\V1\InsertFirewallRequest; 
 /** 
 * Creates a simple firewall rule allowing incoming HTTP and HTTPS access from the entire internet. 
 * 
 * @param string $projectId Project ID or project number of the Cloud project you want to create a rule for. 
 * @param string $firewallRuleName Name of the rule that is created. 
 * @param string $network Name of the network the rule will be applied to. Available name formats: 
 *                        https://www.googleapis.com/compute/v1/projects/{project_id}/global/networks/{network} 
 *                        projects/{project_id}/global/networks/{network} 
 *                        global/networks/{network} 
 * 
 * @throws \Google\ApiCore\ApiException if the remote call fails. 
 * @throws \Google\ApiCore\ValidationException if local error occurs before remote call. 
 */ 
 function create_firewall_rule(string $projectId, string $firewallRuleName, string $network = 'global/networks/default') 
 { 
 $firewallsClient = new FirewallsClient(); 
 $allowedPorts = (new Allowed()) 
 ->setIPProtocol('tcp') 
 ->setPorts(['80', '443']); 
 $firewallResource = (new Firewall()) 
 ->setName($firewallRuleName) 
 ->setDirection(Direction::INGRESS) 
 ->setAllowed([$allowedPorts]) 
 ->setSourceRanges(['0.0.0.0/0']) 
 ->setTargetTags(['web']) 
 ->setNetwork($network) 
 ->setDescription('Allowing TCP traffic on ports 80 and 443 from Internet.'); 
 /** 
 * Note that the default value of priority for the firewall API is 1000. 
 * If you check the value of its priority at this point it will be 
 * equal to 0, however it is not treated as "set" by the library and thus 
 * the default will be applied to the new rule. If you want to create a rule 
 * that has priority == 0, you need to explicitly set it so: 
 * 
 *   $firewallResource->setPriority(0); 
 */ 
 //Create the firewall rule using Firewalls Client. 
 $request = (new InsertFirewallRequest()) 
 ->setFirewallResource($firewallResource) 
 ->setProject($projectId); 
 $operation = $firewallsClient->insert($request); 
 // Wait for the operation to complete. 
 $operation->pollUntilComplete(); 
 if ($operation->operationSucceeded()) { 
 printf('Created rule %s.' . PHP_EOL, $firewallRuleName); 
 } else { 
 $error = $operation->getError(); 
 printf('Firewall rule creation failed: %s' . PHP_EOL, $error?->getMessage()); 
 } 
 } 
 

  from 
  
 __future__ 
  
 import 
 annotations 
 import 
  
 sys 
 from 
  
 typing 
  
 import 
 Any 
 from 
  
 google.api_core.extended_operation 
  
 import 
 ExtendedOperation 
 from 
  
 google.cloud 
  
 import 
  compute_v1 
 
 def 
  
 wait_for_extended_operation 
 ( 
 operation 
 : 
 ExtendedOperation 
 , 
 verbose_name 
 : 
 str 
 = 
 "operation" 
 , 
 timeout 
 : 
 int 
 = 
 300 
 ) 
 - 
> Any 
 : 
  
 """ 
 Waits for the extended (long-running) operation to complete. 
 If the operation is successful, it will return its result. 
 If the operation ends with an error, an exception will be raised. 
 If there were any warnings during the execution of the operation 
 they will be printed to sys.stderr. 
 Args: 
 operation: a long-running operation you want to wait on. 
 verbose_name: (optional) a more verbose name of the operation, 
 used only during error and warning reporting. 
 timeout: how long (in seconds) to wait for operation to finish. 
 If None, wait indefinitely. 
 Returns: 
 Whatever the operation.result() returns. 
 Raises: 
 This method will raise the exception received from `operation.exception()` 
 or RuntimeError if there is no exception set, but there is an `error_code` 
 set for the `operation`. 
 In case of an operation taking longer than `timeout` seconds to complete, 
 a `concurrent.futures.TimeoutError` will be raised. 
 """ 
 result 
 = 
 operation 
 . 
 result 
 ( 
 timeout 
 = 
 timeout 
 ) 
 if 
 operation 
 . 
 error_code 
 : 
 print 
 ( 
 f 
 "Error during 
 { 
 verbose_name 
 } 
 : [Code: 
 { 
 operation 
 . 
 error_code 
 } 
 ]: 
 { 
 operation 
 . 
 error_message 
 } 
 " 
 , 
 file 
 = 
 sys 
 . 
 stderr 
 , 
 flush 
 = 
 True 
 , 
 ) 
 print 
 ( 
 f 
 "Operation ID: 
 { 
 operation 
 . 
 name 
 } 
 " 
 , 
 file 
 = 
 sys 
 . 
 stderr 
 , 
 flush 
 = 
 True 
 ) 
 raise 
 operation 
 . 
 exception 
 () 
 or 
 RuntimeError 
 ( 
 operation 
 . 
 error_message 
 ) 
 if 
 operation 
 . 
 warnings 
 : 
 print 
 ( 
 f 
 "Warnings during 
 { 
 verbose_name 
 } 
 : 
 \n 
 " 
 , 
 file 
 = 
 sys 
 . 
 stderr 
 , 
 flush 
 = 
 True 
 ) 
 for 
 warning 
 in 
 operation 
 . 
 warnings 
 : 
 print 
 ( 
 f 
 " - 
 { 
 warning 
 . 
 code 
 } 
 : 
 { 
 warning 
 . 
 message 
 } 
 " 
 , 
 file 
 = 
 sys 
 . 
 stderr 
 , 
 flush 
 = 
 True 
 ) 
 return 
 result 
 def 
  
 create_firewall_rule 
 ( 
 project_id 
 : 
 str 
 , 
 firewall_rule_name 
 : 
 str 
 , 
 network 
 : 
 str 
 = 
 "global/networks/default" 
 ) 
 - 
> compute_v1 
 . 
 Firewall 
 : 
  
 """ 
 Creates a simple firewall rule allowing for incoming HTTP and HTTPS access from the entire Internet. 
 Args: 
 project_id: project ID or project number of the Cloud project you want to use. 
 firewall_rule_name: name of the rule that is created. 
 network: name of the network the rule will be applied to. Available name formats: 
 * https://www.googleapis.com/compute/v1/projects/{project_id}/global/networks/{network} 
 * projects/{project_id}/global/networks/{network} 
 * global/networks/{network} 
 Returns: 
 A Firewall object. 
 """ 
 firewall_rule 
 = 
  compute_v1 
 
 . 
  Firewall 
 
 () 
 firewall_rule 
 . 
 name 
 = 
 firewall_rule_name 
 firewall_rule 
 . 
 direction 
 = 
 "INGRESS" 
 allowed_ports 
 = 
  compute_v1 
 
 . 
  Allowed 
 
 () 
 allowed_ports 
 . 
 I_p_protocol 
 = 
 "tcp" 
 allowed_ports 
 . 
 ports 
 = 
 [ 
 "80" 
 , 
 "443" 
 ] 
 firewall_rule 
 . 
 allowed 
 = 
 [ 
 allowed_ports 
 ] 
 firewall_rule 
 . 
 source_ranges 
 = 
 [ 
 "0.0.0.0/0" 
 ] 
 firewall_rule 
 . 
 network 
 = 
 network 
 firewall_rule 
 . 
 description 
 = 
 "Allowing TCP traffic on port 80 and 443 from Internet." 
 firewall_rule 
 . 
 target_tags 
 = 
 [ 
 "web" 
 ] 
 # Note that the default value of priority for the firewall API is 1000. 
 # If you check the value of `firewall_rule.priority` at this point it 
 # will be equal to 0, however it is not treated as "set" by the library and thus 
 # the default will be applied to the new rule. If you want to create a rule that 
 # has priority == 0, you need to explicitly set it so: 
 # TODO: Uncomment to set the priority to 0 
 # firewall_rule.priority = 0 
 firewall_client 
 = 
  compute_v1 
 
 . 
  FirewallsClient 
 
 () 
 operation 
 = 
 firewall_client 
 . 
  insert 
 
 ( 
 project 
 = 
 project_id 
 , 
 firewall_resource 
 = 
 firewall_rule 
 ) 
 wait_for_extended_operation 
 ( 
 operation 
 , 
 "firewall rule creation" 
 ) 
 return 
 firewall_client 
 . 
  get 
 
 ( 
 project 
 = 
 project_id 
 , 
 firewall 
 = 
 firewall_rule_name 
 ) 
 

  require 
  
 "google/cloud/compute/v1" 
 # Creates a simple firewall rule allowing for incoming HTTP and HTTPS access from the entire Internet. 
 # 
 # @param [String] project project ID or project number of the Cloud project you want to use. 
 # @param [String] name: name of the rule that is created. 
 # @param network: name of the network the rule will be applied to. Available name formats: 
 #         * https://www.googleapis.com/compute/v1/projects/{project_id}/global/networks/{network} 
 #         * projects/{project_id}/global/networks/{network} 
 #         * global/networks/{network} 
 def 
  
 create_firewall_rule 
  
 project 
 :, 
  
 name 
 :, 
  
 network 
 : 
  
 "global/networks/default" 
  
 rule 
  
 = 
  
 { 
  
 name 
 : 
  
 name 
 , 
  
 direction 
 : 
  
 "INGRESS" 
 , 
  
 allowed 
 : 
  
 [ 
 { 
  
 I_p_protocol 
 : 
  
 "tcp" 
 , 
  
 ports 
 : 
  
 [ 
 "80" 
 , 
  
 "443" 
 ] 
  
 } 
 ] 
 , 
  
 source_ranges 
 : 
  
 [ 
 "0.0.0.0/0" 
 ] 
 , 
  
 network 
 : 
  
 network 
 , 
  
 description 
 : 
  
 "Allowing TCP traffic on port 80 and 443 from Internet." 
 , 
  
 target_tags 
 : 
  
 [ 
 "web" 
 ] 
  
 } 
  
 # Note that the default value of priority for the firewall API is 1000. 
  
 # If you want to create a rule that has priority == 0, you need to explicitly set it: 
  
 #   rule[:priority] = 0 
  
 # Use `rule.has_key? :priority` to check if the priority has been set. 
  
 # Use `rule.delete :priority` method to unset the priority. 
  
 request 
  
 = 
  
 { 
  
 firewall_resource 
 : 
  
 rule 
 , 
  
 project 
 : 
  
 project 
  
 } 
  
 client 
  
 = 
  
 :: 
 Google 
 :: 
 Cloud 
 :: 
 Compute 
 :: 
 V1 
 :: 
 Firewalls 
 :: 
 Rest 
 :: 
 Client 
 . 
 new 
  
 operation 
  
 = 
  
 client 
 . 
 insert 
  
 request 
  
 wait_until_done 
  
 operation 
 : 
  
 operation 
 end 
 

  resource 
  
 "google_compute_firewall" 
  
 "rules" 
  
 { 
  
 name 
  
 = 
  
 "my-firewall-rule" 
  
 network 
  
 = 
  
 "default" 
  
 description 
  
 = 
  
 "Creates firewall rule targeting tagged instances" 
  
 allow 
  
 { 
  
 protocol 
  
 = 
  
 "tcp" 
  
 ports 
  
 = 
  
 [ 
 "80", "443" 
 ] 
  
 } 
  
 source_ranges 
  
 = 
  
 [ 
 "0.0.0.0/0" 
 ] 
  
 target_tags 
  
 = 
  
 [ 
 "web" 
 ] 
 }