AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization.
To get more information about AccessPolicy, see:
resource "google_access_context_manager_access_policy" "access-policy" {
parent = "organizations/123456789"
title = "Org Access Policy"
}
resource "google_project" "project" {
project_id = "my-project-name"
name = "my-project-name"
org_id = "123456789"
}
resource "google_access_context_manager_access_policy" "access-policy" {
parent = "organizations/123456789"
title = "Scoped Access Policy"
scopes = ["projects/${google_project.project.number}"]
}
The following arguments are supported:
parent
-
(Required)
The parent of this AccessPolicy in the Cloud Resource Hierarchy.
Format: organizations/{organization_id}
title
-
(Required)
Human readable title. Does not affect behavior.
scopes
-
(Optional)
Folder or project on which this policy is applicable.
Format: folders/{{folder_id}} or projects/{{project_id}}In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format {{name}}
name
-
Resource name of the AccessPolicy. Format: {policy_id}
create_time
-
Time the AccessPolicy was created in UTC.
update_time
-
Time the AccessPolicy was updated in UTC.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.AccessPolicy can be imported using any of these accepted formats:
{{name}}
In Terraform v1.5.0 and later, use an import
block to import AccessPolicy using one of the formats above. For example:
import {
id = "{{name}}"
to = google_access_context_manager_access_policy.default
}
When using the terraform import
command, AccessPolicy can be imported using one of the formats above. For example:
$ terraform import google_access_context_manager_access_policy.default {{name}}