google_compute_region_security_policy

Represents a Region Cloud Armor Security Policy resource.

To get more information about RegionSecurityPolicy, see:

Open in Cloud Shell

Example Usage - Region Security Policy Basic

resource "google_compute_region_security_policy" "region-sec-policy-basic" {
  provider    = google-beta

  name        = "my-sec-policy-basic"
  description = "basic region security policy"
  type        = "CLOUD_ARMOR"
}
Open in Cloud Shell

Example Usage - Region Security Policy With Ddos Protection Config

resource "google_compute_region_security_policy" "region-sec-policy-ddos-protection" {
  provider    = google-beta  

  name        = "my-sec-policy-ddos-protection"
  description = "with ddos protection config"
  type        = "CLOUD_ARMOR_NETWORK"

  ddos_protection_config {
    ddos_protection = "ADVANCED_PREVIEW"
  }
}
Open in Cloud Shell

Example Usage - Region Security Policy With User Defined Fields

resource "google_compute_region_security_policy" "region-sec-policy-user-defined-fields" {
  provider    = google-beta  

  name        = "my-sec-policy-user-defined-fields"
  description = "with user defined fields"
  type        = "CLOUD_ARMOR_NETWORK"
  user_defined_fields {
    name = "SIG1_AT_0"
    base = "UDP"
    offset = 8
    size = 2
    mask = "0x8F00"
  }
  user_defined_fields {
    name = "SIG2_AT_8"
    base = "UDP"
    offset = 16
    size = 4
    mask = "0xFFFFFFFF"
  }
}

Argument Reference

The following arguments are supported:


The ddos_protection_config block supports:

The user_defined_fields block supports:

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Timeouts

This resource provides the following Timeouts configuration options:

Import

RegionSecurityPolicy can be imported using any of these accepted formats:

In Terraform v1.5.0 and later, use an import block to import RegionSecurityPolicy using one of the formats above. For example:

import {
  id = "projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}"
  to = google_compute_region_security_policy.default
}

When using the terraform import command, RegionSecurityPolicy can be imported using one of the formats above. For example:

$ terraform import google_compute_region_security_policy.default projects/{{project}}/regions/{{region}}/securityPolicies/{{name}}
$ terraform import google_compute_region_security_policy.default {{project}}/{{region}}/{{name}}
$ terraform import google_compute_region_security_policy.default {{region}}/{{name}}
$ terraform import google_compute_region_security_policy.default {{name}}

User Project Overrides

This resource supports User Project Overrides.