» google_app_engine_firewall_rule

A single firewall rule that is evaluated against incoming traffic and provides an action to take on matched requests.

To get more information about FirewallRule, see:

» Example Usage - App Engine Firewall Rule Basic

resource "google_project" "my_project" {
  name       = "tf-test-project"
  project_id = "test-project"
  org_id     = "123456789"
}

resource "google_app_engine_application" "app" {
  project     = "${google_project.my_project.project_id}"
  location_id = "us-central"
}

resource "google_app_engine_firewall_rule" "rule" {
  project = "${google_app_engine_application.app.project}"
  priority = 1000
  action = "ALLOW"
  source_range = "*"
}

» Argument Reference

The following arguments are supported:

  • source_range - (Required) IP address or range, defined using CIDR notation, of requests that this rule applies to.

  • action - (Required) The action to take if this rule matches.


  • description - (Optional) An optional string description of this rule.

  • priority - (Optional) A positive integer that defines the order of rule evaluation. Rules with the lowest priority are evaluated first. A default rule at priority Int32.MaxValue matches all IPv4 and IPv6 traffic when no previous rule matches. Only the action of this rule can be modified by the user.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

» Timeouts

This resource provides the following Timeouts configuration options:

  • create - Default is 4 minutes.
  • update - Default is 4 minutes.
  • delete - Default is 4 minutes.

» Import

FirewallRule can be imported using any of these accepted formats:

$ terraform import google_app_engine_firewall_rule.default {{project}}/{{priority}}
$ terraform import google_app_engine_firewall_rule.default {{priority}}

» User Project Overrides

This resource supports User Project Overrides.