🔗 Supported Cloud Objects🔗 Portal🔗 REST API🔗 tuono.com

subnet

Description

Venue

Equivalent Concept(s)

aws

Subnets

azure

Subnets

An IP subnet.

Required Properties

range (cidr)

One or more CIDR that define the usable network range(s) of this subnet. You can specify up to one IPv4 address for a subnet. The inventory may contain an IPv4 and an IPv6 address for the subnet after applying.

Example(s):

  • 10.0.0.0/16

  • 192.168.1.0/24

  • 2001:db8:1234:1a00::/64

Optional Properties

default_policy (dict)

Default inbound/outbound firewall policies.

The default value if not specified is {'inbound': 'inherit', 'outbound': 'inherit'}.

inbound (string)

The default inbound firewall policy.

Allowed Values:

  • allow

  • deny

  • inherit

The default value if not specified is inherit.

outbound (string)

The default outbound firewall policy.

Allowed Values:

  • allow

  • deny

  • inherit

The default value if not specified is inherit.

enable_ipv6 (boolean)

Configure the subnet to enable IPv6 support and make IPv6 addresses available for use. This requires the network to have IPv6 support enabled as well.

The default value if not specified is False.

firewall ( networking.firewall)

The firewall applied to packets arriving at this subnet. Use a firewall to maintain a high level of security by restricting data flows to only desired traffic patterns.

network ( networking.network)

The network that this subnet belongs to. The range(s) of this subnet must be wholly contained in the range(s) of the network it belongs to.

scope (string)

Indicates basic subnet connectivity. A public subnet allows inbound, and outbound Internet with firewalls determining which protocols. A private-with-internet subnet allows outbound Internet, but no inbound Internet. A private-no-internet subnet does not allow Internet access, but allows traffic with other subnets. And, an isolated subnet does not allow Internet traffic, or even traffic with hosts on other subnets (by default). Firewalls can be used to update the allowed traffic. Public subnets require a public network. Private subnets can be on either a public or private network. Isolated subnets can be on any network.

Allowed Values:

  • public

  • private-with-internet

  • private-no-internet

  • isolated

The default value if not specified is private-no-internet.

zone (integer)

The number of the Availability Zone to put the subnet in. This property may be ignored by some venues, for example on Azure. On venues where this property is important it will be filled in automatically as part of attaching the subnet to a consuming resource, so we recommend that you do not normally set this property. On venues that support zoned subnets it may be necessary to specify a zone when creating a subnet that is not consumed by anything else.

Common Properties

count (integer)

Indicates how many of this subnet should exist. When count is specified the name of the given resource will have a hyphen and numeric suffix added automatically, unless the count variable is referenced in the blueprint object name.

depends_on ( any)

This property can be used to declare a dependency from this subnet to any other object in the blueprint. This is not necessary for dependencies generated normally by the schema.

folder ( location.folder)

The folder containing this subnet. If this is not specified and there is only one folder defined, that folder is used automatically.

name (string)

The name of this subnet. The name can be different than the blueprint object name. When the name property is not present we apply automatic naming strategies to make resources easier to identify in each venue's management console. When the name property is specified we will use it exactly as specified.

readonly (boolean)

Indicates whether or not this subnet is read-only. If so, we verify only the existence and correctness of this subnet to its specification rather than creating or modifying it.

The default value if not specified is false.

tags (dict)

The tags to place on this subnet. Tags are metadata stored in (key = value, ...) form. Consumers are not allowed to use tags that begin with _tuono as those are reserved.

Discovered Properties

These properties are populated and available in the inventory following a successful apply.

id (string)

The venue-specific identifier of this subnet.

Examples

Define a public subnet in a specific zone with a firewall:

location:
  folder:
    example-folder:
      region: example-region
  region:
    example-region:
      area: west
      country: USA
networking:
  firewall:
    example-firewall:
      rules:
        - description: Allow SSH
          from: anywhere
          protocols: ssh
          to: self
  network:
    example-network:
      range: 10.0.0.0/8
      scope: public
  protocol:
    ssh:
      ports:
        - port: 6379
          proto: tcp
  subnet:
    example-subnet:
      firewall: example-firewall
      network: example-network
      range: 10.0.0.0/24
      scope: public
      zone: 1

Define a public and an isolated subnet:

location:
  folder:
    example-folder:
      region: example-region
  region:
    example-region:
      area: west
      country: USA
networking:
  firewall:
    example-firewall:
      rules:
        - description: Allow SSH
          from: anywhere
          protocols: ssh
          to: self
  network:
    example-network:
      range: 10.0.0.0/8
      scope: public
  protocol:
    ssh:
      ports:
        - port: 6379
          proto: tcp
  subnet:
    example-isolated:
      network: example-network
      range: 10.100.0.0/24
      scope: isolated
    example-public:
      firewall: example-firewall
      network: example-network
      range: 10.0.0.0/24
      scope: public
PreviousserviceNextpresets

Last updated

Was this helpful?