network
Description
A virtual Layer 3 IP network.
Required Properties
range (cidr)
One or more CIDR that define the usable network range(s) of this network. The network provides layer 3 connectivity between all ports in the range. This can be specified either as a string or as a list.
Optional Properties
default_policy (dict)
Default inbound/outbound firewall policies.
The default value if not specified is {'inbound': 'deny', 'outbound': 'allow'}.
inbound (string)The default inbound firewall policy.
Allowed Values:
allow
deny
The default value if not specified is
deny.
outbound (string)The default outbound firewall policy.
Allowed Values:
allow
deny
The default value if not specified is
allow.
dns (⏩ networking.dns)
The DNS services to use for name resolution. Any referenced dns zones must be private.
enable_ipv6 (boolean)
Configure the network to enable IPv6 support and make IPv6 addresses available for use.
The default value if not specified is False.
scope (string)
Indicates basic network connectivity. A public network allows inbound, and outbound Internet with firewalls determining which protocols. A private-with-internet network allows outbound Internet, but no inbound Internet traffic. A private-no-internet network does not allow Internet traffic, but allows traffic within the network. And, an isolated network does not allow Internet traffic, or even traffic with hosts on other subnets (by default). Firewalls can be used to update the allowed traffic.
Allowed Values:
public
private-with-internet
private-no-internet
isolated
The default value if not specified is private-no-internet.
Common Properties
count (integer)
Indicates how many of this network should exist. When count is specified the name of the given resource will have a hyphen and numeric suffix added automatically, unless the count variable is referenced in the blueprint object name.
depends_on (⏩ any)
This property can be used to declare a dependency from this network to any other object in the blueprint. This is not necessary for dependencies generated normally by the schema.
folder (▶ location.folder)
The folder containing this network. If this is not specified and there is only one folder defined, that folder is used automatically.
name (string)
The name of this network. The name can be different than the blueprint object name. When the name property is not present we apply automatic naming strategies to make resources easier to identify in each venue's management console. When the name property is specified we will use it exactly as specified.
readonly (boolean)
Indicates whether or not this network is read-only. If so, we verify only the existence and correctness of this network to its specification rather than creating or modifying it.
The default value if not specified is false.
tags (dict)
The tags to place on this network. Tags are metadata stored in (key = value, ...) form. Consumers are not allowed to use tags that begin with _tuono as those are reserved.
Discovered Properties
These properties are populated and available in the inventory following a successful apply.
id (string)
The venue-specific identifier of this network.
Examples
Define a network with one large Class A range:
location:
folder:
example-folder:
region: example-region
region:
example-region:
area: west
country: USA
networking:
network:
example-network:
range: 10.0.0.0/8
scope: publicDefine a network with multiple Class B ranges:
location:
folder:
example-folder:
region: example-region
region:
example-region:
area: west
country: USA
networking:
network:
example-multirange-network:
range:
- 10.10.0.0/16
- 10.11.0.0/16
- 10.12.0.0/16Define a network that uses a private DNS zone:
location:
folder:
example-folder:
region: example-region
region:
example-region:
area: west
country: USA
networking:
dns:
example-private-dns:
fqdn: dev.example.local
network:
example-dns-network:
dns:
- example-private-dns
range: 10.0.0.0/8
scope: private-no-internetLast updated
Was this helpful?