An association for the OrganizationSecurityPolicy.
To get more information about OrganizationSecurityPolicyAssociation, see:
resource "google_folder" "security_policy_target" {
provider = google-beta
display_name = "tf-test-secpol-%{random_suffix}"
parent = "organizations/123456789"
}
resource "google_compute_organization_security_policy" "policy" {
provider = google-beta
display_name = "tf-test%{random_suffix}"
parent = google_folder.security_policy_target.name
}
resource "google_compute_organization_security_policy_rule" "policy" {
provider = google-beta
policy_id = google_compute_organization_security_policy.policy.id
action = "allow"
direction = "INGRESS"
enable_logging = true
match {
config {
src_ip_ranges = ["192.168.0.0/16", "10.0.0.0/8"]
layer4_config {
ip_protocol = "tcp"
ports = ["22"]
}
layer4_config {
ip_protocol = "icmp"
}
}
}
priority = 100
}
resource "google_compute_organization_security_policy_association" "policy" {
provider = google-beta
name = "tf-test%{random_suffix}"
attachment_id = google_compute_organization_security_policy.policy.parent
policy_id = google_compute_organization_security_policy.policy.id
}
The following arguments are supported:
name
-
(Required)
The name for an association.
attachment_id
-
(Required)
The resource that the security policy is attached to.
policy_id
-
(Required)
The security policy ID of the association.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format {{policy_id}}/association/{{name}}
display_name
-
The display name of the security policy of the association.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.delete
- Default is 20 minutes.OrganizationSecurityPolicyAssociation can be imported using any of these accepted formats:
{{policy_id}}/association/{{name}}
In Terraform v1.5.0 and later, use an import
block to import OrganizationSecurityPolicyAssociation using one of the formats above. For example:
import {
id = "{{policy_id}}/association/{{name}}"
to = google_compute_organization_security_policy_association.default
}
When using the terraform import
command, OrganizationSecurityPolicyAssociation can be imported using one of the formats above. For example:
$ terraform import google_compute_organization_security_policy_association.default {{policy_id}}/association/{{name}}