Skip to content

googleAppEngineApplication

Allows creation and management of an App Engine application.

\~> App Engine applications cannot be deleted once they're created; you have to delete the entire project to delete the application. Terraform will report the application has been successfully deleted; this is a limitation of Terraform, and will go away in the future. Terraform is not able to delete App Engine applications.

\~> Warning: All arguments including iapOauth2ClientSecret will be stored in the raw state as plain-text. Read more about sensitive data in state.

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleProjectMyProject = new google.project.Project(this, "my_project", {
  name: "My Project",
  org_id: "1234567",
  project_id: "your-project-id",
});
new google.appEngineApplication.AppEngineApplication(this, "app", {
  location_id: "us-central",
  project: googleProjectMyProject.projectId,
});

Argument Reference

The following arguments are supported:

  • project - (Required) The project ID to create the application under. \~>NOTE: GCP only accepts project ID, not project number. If you are using number, you may get a "Permission denied" error.

  • locationId - (Required) The location to serve the app from.

  • authDomain - (Optional) The domain to authenticate users with when using App Engine's User API.

  • databaseType - (Optional) The type of the Cloud Firestore or Cloud Datastore database associated with this application. Can be cloudFirestore or cloudDatastoreCompatibility for new instances. To support old instances, the value cloudDatastore is accepted by the provider, but will be rejected by the API.

  • servingStatus - (Optional) The serving status of the app.

  • featureSettings - (Optional) A block of optional settings to configure specific App Engine features:

    • splitHealthChecks - (Required) Set to false to use the legacy health check instead of the readiness and liveness checks.

  • iap - (Optional) Settings for enabling Cloud Identity Aware Proxy

    • oauth2ClientId - (Required) OAuth2 client ID to use for the authentication flow.

    • oauth2ClientSecret - (Required) OAuth2 client secret to use for the authentication flow. The SHA-256 hash of the value is returned in the oauth2ClientSecretSha256 field.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format {{project}}

  • name - Unique name of the app, usually apps/{projectId}

  • appId - Identifier of the app, usually {projectId}

  • urlDispatchRule - A list of dispatch rule blocks. Each block has a domain, path, and service field.

  • codeBucket - The GCS bucket code is being stored in for this app.

  • defaultHostname - The default hostname for this app.

  • defaultBucket - The GCS bucket content is being stored in for this app.

  • gcrDomain - The GCR domain used for storing managed Docker images for this app.

  • iap - Settings for enabling Cloud Identity Aware Proxy

    • enabled - (Optional) Whether the serving infrastructure will authenticate and authorize all incoming requests. (default is false)

    • oauth2ClientSecretSha256 - Hex-encoded SHA-256 hash of the client secret.

Timeouts

This resource provides the following Timeouts configuration options: configuration options:

  • create - Default is 4 minutes.
  • update - Default is 4 minutes.

Import

Applications can be imported using the ID of the project the application belongs to, e.g.

$ terraform import google_app_engine_application.app your-project-id