google_network_security_gateway_security_policy_rule

The GatewaySecurityPolicyRule resource is in a nested collection within a GatewaySecurityPolicy and represents a traffic matching condition and associated action to perform.

To get more information about GatewaySecurityPolicyRule, see:

Open in Cloud Shell

Example Usage - Network Security Gateway Security Policy Rules Basic

resource "google_network_security_gateway_security_policy" "default" {
  name        = "my-gateway-security-policy"
  location    = "us-central1"
  description = "gateway security policy created to be used as reference by the rule."
}

resource "google_network_security_gateway_security_policy_rule" "default" {
  name                    = "my-gateway-security-policy-rule"
  location                = "us-central1"
  gateway_security_policy = google_network_security_gateway_security_policy.default.name
  enabled                 = true  
  description             = "my description"
  priority                = 0
  session_matcher         = "host() == 'example.com'"
  basic_profile           = "ALLOW"
}
Open in Cloud Shell

Example Usage - Network Security Gateway Security Policy Rules Advanced

resource "google_network_security_gateway_security_policy" "default" {
  name        = "my-gateway-security-policy"
  location    = "us-central1"
  description = "gateway security policy created to be used as reference by the rule."
}

resource "google_network_security_gateway_security_policy_rule" "default" {
  name                    = "my-gateway-security-policy-rule"
  location                = "us-central1"
  gateway_security_policy = google_network_security_gateway_security_policy.default.name
  enabled                 = true  
  description             = "my description"
  priority                = 0
  session_matcher         = "host() == 'example.com'"
  application_matcher     = "request.method == 'POST'"
  tls_inspection_enabled  = false
  basic_profile           = "ALLOW"
}

Argument Reference

The following arguments are supported:


Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

Timeouts

This resource provides the following Timeouts configuration options:

Import

GatewaySecurityPolicyRule can be imported using any of these accepted formats:

In Terraform v1.5.0 and later, use an import block to import GatewaySecurityPolicyRule using one of the formats above. For example:

import {
  id = "projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}"
  to = google_network_security_gateway_security_policy_rule.default
}

When using the terraform import command, GatewaySecurityPolicyRule can be imported using one of the formats above. For example:

$ terraform import google_network_security_gateway_security_policy_rule.default projects/{{project}}/locations/{{location}}/gatewaySecurityPolicies/{{gateway_security_policy}}/rules/{{name}}
$ terraform import google_network_security_gateway_security_policy_rule.default {{project}}/{{location}}/{{gateway_security_policy}}/{{name}}
$ terraform import google_network_security_gateway_security_policy_rule.default {{location}}/{{gateway_security_policy}}/{{name}}

User Project Overrides

This resource supports User Project Overrides.