In our Infrastructure as Code journey, we took our existing vps, recreated it with Terraform and can now take it down, spin it up, and make changes through code. This is versioned and tracked. Donuts.
Let’s do the same for the firewall rules. I’m not going to display all of the rules I did for the server, but here are some basic ones.
Create a firewall.tf
resource "resource_type" "local_name_for_it" {
name = "name_of_the_firewall_ruleset"
rule {
description = "HTTP traffic"
direction = "in"
protocol = "tcp"
port = "80"
source_ips = "0.0.0.0/0"
}
rule {
description = "HTTPS traffic"
direction = "in"
protocol = "tcp"
port = "443"
source_ips = "0.0.0.0/0"
}
}
Now back in the console
terraform plan
terraform apply
It’s really that simple.
Ok, so what about when it comes to multiple firewall rules in varying parts of the infrastructure? Say it’s the VPS and AWS. We would separate those out through directories. The directories are environments or platforms.
infrastructure/
|---VPS/
|---main.tf
|---firewall.tf
|---AWS/
|---main.tf
|---firewall.tf
Each environment’s firewall rules now versioned and tracked.
I’m not exactly sure where I want to go next. I have some AWS services, but I could also go with the Kubernetes cluster itself. Both of those seem a little daunting for where I’m at currently, so I may tackle terraforming my DNS records.

