Google Compute Engine Security Policy

This page shows how to write Terraform for Compute Engine Security Policy and write them securely.


Fix issues in your cloud & app configurations

Test for misconfigurations of this resource in your cloud.


Terraform Example (google_compute_security_policy)

A Security Policy defines an IP blacklist or whitelist that protects load balanced Google Cloud services by denying or permitting traffic from specified IP ranges. For more information see the official documentation and the API. Security Policy is used by google_compute_backend_service.


  • description optional - string
    • An optional description of this security policy. Max size is 2048.

  • fingerprint requiredcomputed - string
    • Fingerprint of this resource.

  • id optionalcomputed - string
  • name required - string
    • The name of the security policy.

  • project optionalcomputed - string
    • The project in which the resource belongs. If it is not provided, the provider project is used.

  • self_link requiredcomputed - string
    • The URI of the created resource.

Example Usage (from GitHub)

resource "google_compute_security_policy" "policy" {
  name    = "internal"
  project = var.project

  rule {
    action   = "deny(403)"
resource "google_compute_security_policy" "policy" {
    name = "my-policy"
    rule {
        action = "deny(403)"
        priority = "1000"
        match {
resource "google_compute_security_policy" "policy" {
    name = "my-policy"
    rule {
        action = "deny(403)"
        priority = "1000"
        match {
resource "google_compute_security_policy" "security-policy-1" {
  name        = local.google_compute_security_policy_frontend_name
  project     = google_project.in_scope.project_id
  description = "Web application security policy"

  # Reject all traffic that hasn't been whitelisted.
resource "google_compute_security_policy" "allow_crowe" {
  name = "allow-crowe"

  rule {
    action   = "allow"
    priority = "1000"

Frequently asked questions

What is Google Compute Engine Security Policy?

Google Compute Engine Security Policy is a resource for Compute Engine of Google Cloud Platform. Settings can be wrote in Terraform.

Where can I find the example code for the Google Compute Engine Security Policy?

For Terraform, the intetunder-temp/terraform-modules, osmdilya/terraform-google and Mirlan777/terraform-google source code examples are useful. See the Terraform Example section for further details.