Top / Google Cloud Platform / Google App Engine / Firewall Rule

Google App Engine Firewall Rule

This page shows how to write Terraform for App Engine Firewall Rule and write them securely.

terraform-logo

Review your .tf file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

google_app_engine_firewall_rule (Terraform)

The Firewall Rule in App Engine can be configured in Terraform with the resource name google_app_engine_firewall_rule. The following sections describe 5 examples of how to use the resource and its parameters.

Example Usage from GitHub

gae_firewall.tf#L7
resource "google_app_engine_firewall_rule" "gae_firewall_rule_allow_cron" {
  project = var.bbq_project
  priority = 1000
  action = "ALLOW"
  source_range = "0.1.0.1"
  description = "Allow GAE cron requests"
firewall.tf#L2
resource "google_app_engine_firewall_rule" "broad_firewall" {
  count        = length(var.broad_range_cidrs)
  project      = google_app_engine_application.gae_import_service.project
  priority     = 1000 + count.index
  action       = "ALLOW"
  description  = "Broad office ips"
20-app-engine-application.tf#L6
resource "google_app_engine_firewall_rule" "whitelist" {
  project = "try-10"
  priority = 1000
  action = "ALLOW"
  source_range = "109.155.0.0"
}
gae_firewall.tf#L7
resource "google_app_engine_firewall_rule" "gae_firewall_rule_allow_cron" {
  project = var.bbq_project
  priority = 1000
  action = "ALLOW"
  source_range = "0.1.0.1"
  description = "Allow GAE cron requests"
main.tf#L1
resource "google_app_engine_firewall_rule" "firewall_rule" {
  source_range = var.source_range
  action       = var.action
  description  = var.description
  priority     = var.priority

Review your Terraform file for Google best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

The action to take if this rule matches. Possible values: ["UNSPECIFIED_ACTION", "ALLOW", "DENY"]

An optional string description of this rule.

A positive integer that defines the order of rule evaluation. Rules with the lowest priority are evaluated first. A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic when no previous rule matches. Only the action of this rule can be modified by the user.

IP address or range, defined using CIDR notation, of requests that this rule applies to.

>> from Terraform Registry

Explanation in Terraform Registry

A single firewall rule that is evaluated against incoming traffic and provides an action to take on matched requests. To get more information about FirewallRule, see:

>> from Terraform Registry

The Other Related Google App Engine Resources

Frequently asked questions

What is Google App Engine Firewall Rule?

Google App Engine Firewall Rule is a resource for App Engine of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google App Engine Firewall Rule?

For Terraform, the gustcol/Canivete, broadinstitute/import_service_terraform and ianhomer/try-gcp source code examples are useful. See the Terraform Example section for further details.

security-icon

Automate config file reviews on your commits

Fix issues in your infrastructure as code with auto-generated patches.

Table of Contents