googleComputeOrganizationSecurityPolicyAssociation
An association for the OrganizationSecurityPolicy.
\~> Warning: This resource is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta resources.
To get more information about OrganizationSecurityPolicyAssociation, see:
Example Usage - Organization Security Policy Association Basic
resource "google_folder" "security_policy_target" {
provider = google-beta
display_name = "tf-test-secpol-%{random_suffix}"
parent = "organizations/123456789"
}
resource "google_compute_organization_security_policy" "policy" {
provider = google-beta
display_name = "tf-test%{random_suffix}"
parent = google_folder.security_policy_target.name
}
resource "google_compute_organization_security_policy_rule" "policy" {
provider = google-beta
policy_id = google_compute_organization_security_policy.policy.id
action = "allow"
direction = "INGRESS"
enable_logging = true
match {
config {
src_ip_ranges = ["192.168.0.0/16", "10.0.0.0/8"]
layer4_config {
ip_protocol = "tcp"
ports = ["22"]
}
layer4_config {
ip_protocol = "icmp"
}
}
}
priority = 100
}
resource "google_compute_organization_security_policy_association" "policy" {
provider = google-beta
name = "tf-test%{random_suffix}"
attachment_id = google_compute_organization_security_policy.policy.parent
policy_id = google_compute_organization_security_policy.policy.id
}
Argument Reference
The following arguments are supported:
-
name
- (Required) The name for an association. -
attachmentId
- (Required) The resource that the security policy is attached to. -
policyId
- (Required) The security policy ID of the association.
Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
-
id
- an identifier for the resource with format{{policyId}}/association/{{name}}
-
displayName
- The display name of the security policy of the association.
Timeouts
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.delete
- Default is 20 minutes.
Import
OrganizationSecurityPolicyAssociation can be imported using any of these accepted formats: