googleAppEngineFirewallRule

A single firewall rule that is evaluated against incoming traffic and provides an action to take on matched requests.

To get more information about FirewallRule, see:

• API documentation
• How-to Guides
• Official Documentation

Example Usage - App Engine Firewall Rule Basic

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleProjectMyProject = new google.project.Project(this, "my_project", {
  name: "tf-test-project",
  org_id: "123456789",
  project_id: "ae-project",
});
const googleAppEngineApplicationApp =
  new google.appEngineApplication.AppEngineApplication(this, "app", {
    location_id: "us-central",
    project: googleProjectMyProject.projectId,
  });
new google.appEngineFirewallRule.AppEngineFirewallRule(this, "rule", {
  action: "ALLOW",
  priority: 1000,
  project: googleAppEngineApplicationApp.project,
  source_range: "*",
});

Argument Reference

The following arguments are supported:

• sourceRange - (Required) IP address or range, defined using CIDR notation, of requests that this rule applies to.

• action - (Required) The action to take if this rule matches. Possible values are unspecifiedAction, allow, and deny.

• description - (Optional) An optional string description of this rule.

• priority - (Optional) A positive integer that defines the order of rule evaluation. Rules with the lowest priority are evaluated first. A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic when no previous rule matches. Only the action of this rule can be modified by the user.

• project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

• id - an identifier for the resource with format apps/{{project}}/firewall/ingressRules/{{priority}}

Timeouts

This resource provides the following Timeouts configuration options:

• create - Default is 20 minutes.
• update - Default is 20 minutes.
• delete - Default is 20 minutes.

Import

FirewallRule can be imported using any of these accepted formats:

$ terraform import google_app_engine_firewall_rule.default apps/{{project}}/firewall/ingressRules/{{priority}}
$ terraform import google_app_engine_firewall_rule.default {{project}}/{{priority}}
$ terraform import google_app_engine_firewall_rule.default {{priority}}

User Project Overrides

This resource supports User Project Overrides.