Google Access Context Manager (VPC Service Controls) Access Policy

This page shows how to write Terraform for Access Context Manager (VPC Service Controls) Access Policy and write them securely.

google_access_context_manager_access_policy (Terraform)

The Access Policy in Access Context Manager (VPC Service Controls) can be configured in Terraform with the resource name google_access_context_manager_access_policy. The following sections describe 2 examples of how to use the resource and its parameters.

Example Usage from GitHub

github-iconniveklabs/google
resource "google_access_context_manager_access_policy" "this" {
  parent = var.parent
  title  = var.title

  dynamic "timeouts" {
    for_each = var.timeouts
github-iconAtsushiKitano/assets
resource "google_access_context_manager_access_policy" "main" {
  parent = join("/", ["organizations", var.access_policy.parent])
  title  = var.access_policy.title
}

resource "google_access_context_manager_service_perimeter" "main" {

Parameters

  • create_time requiredcomputed - string
    • Time the AccessPolicy was created in UTC.

  • id optionalcomputed - string
  • name requiredcomputed - string
    • Resource name of the AccessPolicy. Format: {policy_id}

  • parent required - string
    • The parent of this AccessPolicy in the Cloud Resource Hierarchy. Format: organizations/{organization_id}

  • title required - string
    • Human readable title. Does not affect behavior.

  • update_time requiredcomputed - string
    • Time the AccessPolicy was updated in UTC.

Explanation in Terraform Registry

AccessPolicy is a container for AccessLevels (which define the necessary attributes to use GCP services) and ServicePerimeters (which define regions of services able to freely pass data within a perimeter). An access policy is globally visible within an organization, and the restrictions it specifies apply to all projects within an organization. To get more information about AccessPolicy, see:

  • API documentation
  • How-to Guides
    • Access Policy Quickstart

      Warning: If you are using User ADCs (Application Default Credentials) with this resource, you must specify a billing_project and set user_project_override to true in the provider configuration. Otherwise the ACM API will return a 403 error. Your account must have the serviceusage.services.use permission on the billing_project you defined.

Frequently asked questions

What is Google Access Context Manager (VPC Service Controls) Access Policy?

Google Access Context Manager (VPC Service Controls) Access Policy is a resource for Access Context Manager (VPC Service Controls) of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Access Context Manager (VPC Service Controls) Access Policy?

For Terraform, the niveklabs/google and AtsushiKitano/assets source code examples are useful. See the Terraform Example section for further details.

security-icon

Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.