The RecaptchaEnterprise Key resource
A basic test of recaptcha enterprise key that can be used by Android apps
resource "google_recaptcha_enterprise_key" "primary" {
display_name = "display-name-one"
android_settings {
allow_all_package_names = true
allowed_package_names = []
}
project = "my-project-name"
testing_options {
testing_score = 0.8
}
labels = {
label-one = "value-one"
}
}
A basic test of recaptcha enterprise key that can be used by iOS apps
resource "google_recaptcha_enterprise_key" "primary" {
display_name = "display-name-one"
ios_settings {
allow_all_bundle_ids = true
allowed_bundle_ids = []
}
project = "my-project-name"
testing_options {
testing_score = 1
}
labels = {
label-one = "value-one"
}
}
A minimal test of recaptcha enterprise key
resource "google_recaptcha_enterprise_key" "primary" {
display_name = "display-name-one"
project = "my-project-name"
web_settings {
integration_type = "SCORE"
allow_all_domains = true
}
labels = {}
}
A basic test of recaptcha enterprise key that includes WAF settings
resource "google_recaptcha_enterprise_key" "primary" {
display_name = "display-name-one"
project = "my-project-name"
testing_options {
testing_challenge = "NOCAPTCHA"
testing_score = 0.5
}
waf_settings {
waf_feature = "CHALLENGE_PAGE"
waf_service = "CA"
}
web_settings {
integration_type = "INVISIBLE"
allow_all_domains = true
allowed_domains = []
challenge_security_preference = "USABILITY"
}
labels = {
label-one = "value-one"
}
}
A basic test of recaptcha enterprise key that can be used by websites
resource "google_recaptcha_enterprise_key" "primary" {
display_name = "display-name-one"
project = "my-project-name"
testing_options {
testing_challenge = "NOCAPTCHA"
testing_score = 0.5
}
web_settings {
integration_type = "CHECKBOX"
allow_all_domains = true
allowed_domains = []
challenge_security_preference = "USABILITY"
}
labels = {
label-one = "value-one"
}
}
A basic test of recaptcha enterprise key with score integration type that can be used by websites
resource "google_recaptcha_enterprise_key" "primary" {
display_name = "display-name-one"
project = "my-project-name"
testing_options {
testing_score = 0.5
}
web_settings {
integration_type = "SCORE"
allow_all_domains = true
allow_amp_traffic = false
allowed_domains = []
}
labels = {
label-one = "value-one"
}
}
The following arguments are supported:
display_name
-
(Required)
Human-readable display name of this key. Modifiable by user.android_settings
-
(Optional)
Settings for keys that can be used by Android apps.
ios_settings
-
(Optional)
Settings for keys that can be used by iOS apps.
labels
-
(Optional)
See Creating and managing labels.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field effective_labels
for all of the labels present on the resource.
project
-
(Optional)
The project for the resource
testing_options
-
(Optional)
Options for user acceptance testing.
waf_settings
-
(Optional)
Settings specific to keys that can be used for WAF (Web Application Firewall).
web_settings
-
(Optional)
Settings for keys that can be used by websites.
The android_settings
block supports:
allow_all_package_names
-
(Optional)
If set to true, it means allowed_package_names will not be enforced.
allowed_package_names
-
(Optional)
Android package names of apps allowed to use the key. Example: 'com.companyname.appname'
The ios_settings
block supports:
allow_all_bundle_ids
-
(Optional)
If set to true, it means allowed_bundle_ids will not be enforced.
allowed_bundle_ids
-
(Optional)
iOS bundle ids of apps allowed to use the key. Example: 'com.companyname.productname.appname'
The testing_options
block supports:
testing_challenge
-
(Optional)
For challenge-based keys only (CHECKBOX, INVISIBLE), all challenge requests for this site will return nocaptcha if NOCAPTCHA, or an unsolvable challenge if UNSOLVABLE_CHALLENGE. Possible values: TESTING_CHALLENGE_UNSPECIFIED, NOCAPTCHA, UNSOLVABLE_CHALLENGE
testing_score
-
(Optional)
All assessments for this Key will return this score. Must be between 0 (likely not legitimate) and 1 (likely legitimate) inclusive.
The waf_settings
block supports:
waf_feature
-
(Required)
Supported WAF features. For more information, see https://cloud.google.com/recaptcha-enterprise/docs/usecase#comparison_of_features. Possible values: CHALLENGE_PAGE, SESSION_TOKEN, ACTION_TOKEN, EXPRESS
waf_service
-
(Required)
The WAF service that uses this key. Possible values: CA, FASTLY
The web_settings
block supports:
allow_all_domains
-
(Optional)
If set to true, it means allowed_domains will not be enforced.
allow_amp_traffic
-
(Optional)
If set to true, the key can be used on AMP (Accelerated Mobile Pages) websites. This is supported only for the SCORE integration type.
allowed_domains
-
(Optional)
Domains or subdomains of websites allowed to use the key. All subdomains of an allowed domain are automatically allowed. A valid domain requires a host and must not include any path, port, query or fragment. Examples: 'example.com' or 'subdomain.example.com'
challenge_security_preference
-
(Optional)
Settings for the frequency and difficulty at which this key triggers captcha challenges. This should only be specified for IntegrationTypes CHECKBOX and INVISIBLE. Possible values: CHALLENGE_SECURITY_PREFERENCE_UNSPECIFIED, USABILITY, BALANCE, SECURITY
integration_type
-
(Required)
Required. Describes how this key is integrated with the website. Possible values: SCORE, CHECKBOX, INVISIBLE
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/keys/{{name}}
create_time
-
The timestamp corresponding to the creation of this Key.
effective_labels
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
name
-
The resource id for the Key, which is the same as the Site Key itself.
terraform_labels
-
The combination of labels configured directly on the resource and default labels configured on the provider.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.Key can be imported using any of these accepted formats:
projects/{{project}}/keys/{{name}}
{{project}}/{{name}}
{{name}}
In Terraform v1.5.0 and later, use an import
block to import Key using one of the formats above. For example:
import {
id = "projects/{{project}}/keys/{{name}}"
to = google_recaptcha_enterprise_key.default
}
When using the terraform import
command, Key can be imported using one of the formats above. For example:
$ terraform import google_recaptcha_enterprise_key.default projects/{{project}}/keys/{{name}}
$ terraform import google_recaptcha_enterprise_key.default {{project}}/{{name}}
$ terraform import google_recaptcha_enterprise_key.default {{name}}