Denotes one policy tag in a taxonomy.
To get more information about PolicyTag, see:
resource "google_data_catalog_policy_tag" "basic_policy_tag" {
taxonomy = google_data_catalog_taxonomy.my_taxonomy.id
display_name = "Low security"
description = "A policy tag normally associated with low security items"
}
resource "google_data_catalog_taxonomy" "my_taxonomy" {
display_name = "taxonomy_display_name"
description = "A collection of policy tags"
activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
}
resource "google_data_catalog_policy_tag" "parent_policy" {
taxonomy = google_data_catalog_taxonomy.my_taxonomy.id
display_name = "High"
description = "A policy tag category used for high security access"
}
resource "google_data_catalog_policy_tag" "child_policy" {
taxonomy = google_data_catalog_taxonomy.my_taxonomy.id
display_name = "ssn"
description = "A hash of the users ssn"
parent_policy_tag = google_data_catalog_policy_tag.parent_policy.id
}
resource "google_data_catalog_policy_tag" "child_policy2" {
taxonomy = google_data_catalog_taxonomy.my_taxonomy.id
display_name = "dob"
description = "The users date of birth"
parent_policy_tag = google_data_catalog_policy_tag.parent_policy.id
// depends_on to avoid concurrent delete issues
depends_on = [google_data_catalog_policy_tag.child_policy]
}
resource "google_data_catalog_taxonomy" "my_taxonomy" {
display_name = "taxonomy_display_name"
description = "A collection of policy tags"
activated_policy_types = ["FINE_GRAINED_ACCESS_CONTROL"]
}
The following arguments are supported:
display_name
-
(Required)
User defined name of this policy tag. It must: be unique within the parent
taxonomy; contain only unicode letters, numbers, underscores, dashes and spaces;
not start or end with spaces; and be at most 200 bytes long when encoded in UTF-8.
taxonomy
-
(Required)
Taxonomy the policy tag is associated with
description
-
(Optional)
Description of this policy tag. It must: contain only unicode characters, tabs,
newlines, carriage returns and page breaks; and be at most 2000 bytes long when
encoded in UTF-8. If not set, defaults to an empty description.
If not set, defaults to an empty description.
parent_policy_tag
-
(Optional)
Resource name of this policy tag's parent policy tag.
If empty, it means this policy tag is a top level policy tag.
If not set, defaults to an empty string.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format {{name}}
name
-
Resource name of this policy tag, whose format is:
"projects/{project}/locations/{region}/taxonomies/{taxonomy}/policyTags/{policytag}"
child_policy_tags
-
Resource names of child policy tags of this policy tag.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.PolicyTag can be imported using any of these accepted formats:
{{name}}
In Terraform v1.5.0 and later, use an import
block to import PolicyTag using one of the formats above. For example:
import {
id = "{{name}}"
to = google_data_catalog_policy_tag.default
}
When using the terraform import
command, PolicyTag can be imported using one of the formats above. For example:
$ terraform import google_data_catalog_policy_tag.default {{name}}