REST Resource: firewallPolicies

Resource: FirewallPolicy

Represents a Firewall Policy resource.

JSON representation
{
  "id": string,
  "creationTimestamp": string,
  "name": string,
  "description": string,
  "rules": [
    {
      "description": string,
      "priority": integer,
      "match": {
        "srcIpRanges": [
          string
        ],
        "destIpRanges": [
          string
        ],
        "layer4Configs": [
          {
            "ipProtocol": string,
            "ports": [
              string
            ]
          }
        ]
      },
      "action": string,
      "direction": enum,
      "targetResources": [
        string
      ],
      "enableLogging": boolean,
      "ruleTupleCount": integer,
      "targetServiceAccounts": [
        string
      ],
      "disabled": boolean,
      "kind": string
    }
  ],
  "fingerprint": string,
  "selfLink": string,
  "selfLinkWithId": string,
  "associations": [
    {
      "name": string,
      "attachmentTarget": string,
      "firewallPolicyId": string,
      "shortName": string,
      "displayName": string
    }
  ],
  "ruleTupleCount": integer,
  "shortName": string,
  "displayName": string,
  "parent": string,
  "kind": string
}
Fields
id

string (uint64 format)

[Output Only] The unique identifier for the resource. This identifier is defined by the server.

creationTimestamp

string

[Output Only] Creation timestamp in RFC3339 text format.

name

string

[Output Only] Name of the resource. It is a numeric ID allocated by GCP which uniquely identifies the Firewall Policy.

description

string

An optional description of this resource. Provide this property when you create the resource.

rules[]

object

A list of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match "*"). If no rules are provided when creating a firewall policy, a default rule with action "allow" will be added.

rules[].description

string

An optional description for this resource.

rules[].priority

integer

An integer indicating the priority of a rule in the list. The priority must be a positive value between 0 and 2147483647. Rules are evaluated from highest to lowest priority where 0 is the highest priority and 2147483647 is the lowest prority.

rules[].match

object

A match condition that incoming traffic is evaluated against. If it evaluates to true, the corresponding 'action' is enforced.

rules[].match.srcIpRanges[]

string

CIDR IP address range. Maximum number of source CIDR IP ranges allowed is 5000.

rules[].match.destIpRanges[]

string

CIDR IP address range. Maximum number of destination CIDR IP ranges allowed is 5000.

rules[].match.layer4Configs[]

object

Pairs of IP protocols and ports that the rule should match.

rules[].match.layer4Configs[].ipProtocol

string

The IP protocol to which this rule applies. The protocol type is required when creating a firewall rule. This value can either be one of the following well known protocol strings (tcp, udp, icmp, esp, ah, ipip, sctp), or the IP protocol number.

rules[].match.layer4Configs[].ports[]

string

An optional list of ports to which this rule applies. This field is only applicable for UDP or TCP protocol. Each entry must be either an integer or a range. If not specified, this rule applies to connections through any port.

Example inputs include: ["22"], ["80","443"], and ["12345-12349"].

rules[].action

string

The Acti