Google Access Context Manager (VPC Service Controls) Access Policy
This page shows how to write Terraform for Access Context Manager (VPC Service Controls) Access Policy and write them securely.
google_access_context_manager_access_policy (Terraform)
The Access Policy in Access Context Manager (VPC Service Controls) can be configured in Terraform with the resource name google_access_context_manager_access_policy
. The following sections describe 2 examples of how to use the resource and its parameters.
Example Usage from GitHub
resource "google_access_context_manager_access_policy" "this" {
parent = var.parent
title = var.title
dynamic "timeouts" {
for_each = var.timeouts
resource "google_access_context_manager_access_policy" "main" {
parent = join("/", ["organizations", var.access_policy.parent])
title = var.access_policy.title
}
resource "google_access_context_manager_service_perimeter" "main" {
Parameters
-
create_time
optional computed - string
Time the AccessPolicy was created in UTC.
Resource name of the AccessPolicy. Format: [policy_id]
-
parent
required - string
The parent of this AccessPolicy in the Cloud Resource Hierarchy. Format: organizations/[organization_id]
-
title
required - string
Human readable title. Does not affect behavior.
-
update_time
optional computed - string
Time the AccessPolicy was updated in UTC.
Explanation in Terraform Registry
AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. To get more information about AccessPolicy, see:
- API documentation
- How-to Guides
- Access Policy Quickstart
Warning: If you are using User ADCs (Application Default Credentials) with this resource, you must specify a
billing_project
and setuser_project_override
to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have theserviceusage.services.use
permission on thebilling_project
you defined.
Frequently asked questions
What is Google Access Context Manager (VPC Service Controls) Access Policy?
Google Access Context Manager (VPC Service Controls) Access Policy is a resource for Access Context Manager (VPC Service Controls) of Google Cloud Platform. Settings can be wrote in Terraform.
Where can I find the example code for the Google Access Context Manager (VPC Service Controls) Access Policy?
For Terraform, the niveklabs/google and AtsushiKitano/assets source code examples are useful. See the Terraform Example section for further details.