Solved: How to document VPC Firewall Rules?

vitaly_il · 07-11-2022 01:04 AM

I'm trying to understand the optimal way to organize my VPC Firewall rules, mainly in terms of readability. For example - I have whitelist which includes a few IPs. In AWS SG I have a "description", which allows me to add a note for every IP. But in GCP I don't see a way to document rules except for the rule name.
What I'm missing?

Thanks, Vitaly

kolban

I had a look at the API for creating Firewall rules:

https://cloud.google.com/compute/docs/reference/rest/v1/firewalls/insert

I couldn't see any fields/data where we could put descriptions. This then seems to mean that if we want to create documentation, we should do that in an external sheet. Every rule has an identity ... a name. What that means is that we have a key for each rule. We can use gcloud to export a list of all the firewall rules that currently exist and use each of the rules as a key.

View solution in original post

kolban

I had a look at the API for creating Firewall rules:

https://cloud.google.com/compute/docs/reference/rest/v1/firewalls/insert

I couldn't see any fields/data where we could put descriptions. This then seems to mean that if we want to create documentation, we should do that in an external sheet. Every rule has an identity ... a name. What that means is that we have a key for each rule. We can use gcloud to export a list of all the firewall rules that currently exist and use each of the rules as a key.