google_compute_firewall_policy_association

Allows associating hierarchical firewall policies with the target where they are applied. This allows creating policies and rules in a different location than they are applied.

For more information on applying hierarchical firewall policies see the official documentation

Example Usage

resource "google_compute_firewall_policy" "default" {
  parent      = "organizations/12345"
  short_name  = "my-policy"
  description = "Example Resource"
}

resource "google_compute_firewall_policy_association" "default" {
  firewall_policy = google_compute_firewall_policy.default.id
  attachment_target = google_folder.folder.name
  name = "my-association"
}

Argument Reference

The following arguments are supported:


Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Timeouts

This resource provides the following Timeouts configuration options: configuration options:

Import

FirewallPolicyAssociation can be imported using any of these accepted formats:

In Terraform v1.5.0 and later, use an import block to import FirewallPolicyAssociation using one of the formats above. For example:

import {
  id = "locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}"
  to = google_compute_firewall_policy_association.default
}

When using the terraform import command, FirewallPolicyAssociation can be imported using one of the formats above. For example:

$ terraform import google_compute_firewall_policy_association.default locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}
$ terraform import google_compute_firewall_policy_association.default {{firewall_policy}}/{{name}}