Skip to content

googleComputeFirewallPolicyAssociation

Allows associating hierarchical firewall policies with the target where they are applied. This allows creating policies and rules in a different location than they are applied.

For more information on applying hierarchical firewall policies see the official documentation

Example Usage

/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as google from "./.gen/providers/google";
/*The following providers are missing schema information and might need manual adjustments to synthesize correctly: google.
For a more precise conversion please use the --provider flag in convert.*/
const googleComputeFirewallPolicyDefault =
  new google.computeFirewallPolicy.ComputeFirewallPolicy(this, "default", {
    description: "Example Resource",
    parent: "organizations/12345",
    short_name: "my-policy",
  });
const googleComputeFirewallPolicyAssociationDefault =
  new google.computeFirewallPolicyAssociation.ComputeFirewallPolicyAssociation(
    this,
    "default_1",
    {
      attachment_target: "${google_folder.folder.name}",
      firewall_policy: googleComputeFirewallPolicyDefault.id,
      name: "my-association",
    }
  );
/*This allows the Terraform resource name to match the original name. You can remove the call if you don't need them to match.*/
googleComputeFirewallPolicyAssociationDefault.overrideLogicalId("default");

Argument Reference

The following arguments are supported:

  • attachmentTarget - (Required) The target that the firewall policy is attached to.

  • firewallPolicy - (Required) The firewall policy ID of the association.

  • name - (Required) The name for an association.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format locations/global/firewallPolicies/{{firewallPolicy}}/associations/{{name}}

  • shortName - The short name of the firewall policy of the association.

Timeouts

This resource provides the following Timeouts configuration options: configuration options:

  • create - Default is 20 minutes.
  • delete - Default is 20 minutes.

Import

FirewallPolicyAssociation can be imported using any of these accepted formats:

$ terraform import google_compute_firewall_policy_association.default locations/global/firewallPolicies/{{firewall_policy}}/associations/{{name}}
$ terraform import google_compute_firewall_policy_association.default {{firewall_policy}}/{{name}}