google_compute_organization_security_policy_rule

A rule for the OrganizationSecurityPolicy.

To get more information about OrganizationSecurityPolicyRule, see:

Example Usage - Organization Security Policy Rule Basic

resource "google_compute_organization_security_policy" "policy" {
  provider = google-beta
  display_name = "tf-test%{random_suffix}"
  parent       = "organizations/123456789"
}

resource "google_compute_organization_security_policy_rule" "policy" {
  provider = google-beta

  policy_id = google_compute_organization_security_policy.policy.id
  action = "allow"

  direction = "INGRESS"
  enable_logging = true
  match {
    config {
      src_ip_ranges = ["192.168.0.0/16", "10.0.0.0/8"]
      layer4_config {
        ip_protocol = "tcp"
        ports = ["22"]
      }
      layer4_config {
        ip_protocol = "icmp"
      }
    }
  }
  priority = 100
}

Argument Reference

The following arguments are supported:

The match block supports:

The config block supports:

The layer4_config block supports:


Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Timeouts

This resource provides the following Timeouts configuration options:

Import

OrganizationSecurityPolicyRule can be imported using any of these accepted formats:

In Terraform v1.5.0 and later, use an import block to import OrganizationSecurityPolicyRule using one of the formats above. For example:

import {
  id = "{{policy_id}}/priority/{{priority}}"
  to = google_compute_organization_security_policy_rule.default
}

When using the terraform import command, OrganizationSecurityPolicyRule can be imported using one of the formats above. For example:

$ terraform import google_compute_organization_security_policy_rule.default {{policy_id}}/priority/{{priority}}