Policy: GCP > Network > Firewall > Ingress Rules > Approved > Rules
An Object Control List (OCL) with a list of filter rules to approve or reject firewall rules.
Examples: Allow HTTP and HTTPS rules for RFC1918 private space APPROVE $.turbot.fromPort:=80 $.turbot.toPort:=80 $.turbot.cidr:<=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16 APPROVE $.turbot.fromPort:=443 $.turbot.toPort:=443 $.turbot.cidr:<=10.0.0.0/8,172.16.0.0/12,192.168.0.0/16<br /><br /> Reject any rule from 0.0.0.0/0 REJECT $.turbot.cidr:0.0.0.0/0
Resource Types
This policy targets the following resource types:
Primary Policy
This policy is used with the following primary policy:
Controls
Policy Packs
This policy setting is used by the following policy packs:
- GCP CIS v2.0.0 - Section 3 - Networking
- Enforce GCP VPC Network Firewall Rules with Port Ranges to Block Incoming Traffic
Policy Specification
Schema Type | |
|---|---|
Default | |
Category
In Your Workspace
Developers
- tmod:@turbot/turbot#/control/categories/resourceApproved
- tmod:@turbot/gcp-network#/policy/types/firewallIngressRulesApprovedRules
- turbot graphql policy-type --id "tmod:@turbot/gcp-network#/policy/types/firewallIngressRulesApprovedRules"
- turbot graphql policy-settings --filter "policyTypeId:tmod:@turbot/gcp-network#/policy/types/firewallIngressRulesApprovedRules"
Get Policy TypeGet Policy Settings
Category URI
Policy Type URI
GraphQL
CLI