-
Notifications
You must be signed in to change notification settings - Fork 5
/
gcloud-compute-firewall-rules-create.sh
executable file
·84 lines (72 loc) · 1.78 KB
/
gcloud-compute-firewall-rules-create.sh
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
#!/bin/sh
usage ()
{
echo "Usage : $(basename "$0") project-name network-name"
echo "Creates 5 default firewall rules"
echo "allpw-http, allow-http2, allow-icmp, allow-internal, allow-ssh"
exit
}
if [ "$#" -ne 2 ]
then
usage
fi
run () {
CMD1=$(cat <<EOF
gcloud compute firewall-rules create "${2}-allow-http" \
--project "${1}" \
--network "${2}" \
--allow tcp:80 \
--source-ranges "0.0.0.0/0" \
--target-tags "http-server"
EOF
)
CMD2=$(cat <<EOF
gcloud compute firewall-rules create "${2}-allow-https" \
--project "${1}" \
--network "${2}" \
--allow tcp:443 \
--source-ranges "0.0.0.0/0" \
--target-tags "https-server"
EOF
)
CMD3=$(cat <<EOF
gcloud compute firewall-rules create "${2}-icmp"\
--project "${1}" \
--network "${2}" \
--allow icmp \
--description "Allows ICMP connections from any source to any instance on the network." \
--source-ranges "0.0.0.0/0" \
--target-tags pingable
EOF
)
CMD4=$(cat <<EOF
gcloud compute firewall-rules create "${2}-allow-internal" \
--project "${1}" \
--network "${2}" \
--allow tcp:0-65535,udp:0-65535,icmp \
--description "Allows connections from any source in the network IP range to any instance on the network using TCP and UDP ports 1-65535 plus ICMP." \
--source-ranges "10.128.0.0/9"
EOF
)
CMD5=$(cat <<EOF
gcloud compute firewall-rules create "${2}-allow-ssh"\
--project "${1}" \
--network "${2}" \
--allow tcp:22 \
--description "Allows TCP connections from any source to any instance on the network using port 22." \
--source-ranges "0.0.0.0/0" \
--target-tags sshable
EOF
)
echo ${CMD1}
echo ${CMD2}
echo ${CMD3}
echo ${CMD4}
echo ${CMD5}
echo "${CMD1}" | /bin/sh
echo "${CMD2}" | /bin/sh
echo "${CMD3}" | /bin/sh
echo "${CMD4}" | /bin/sh
echo "${CMD5}" | /bin/sh
}
run $1 $2