Firewall Policy

A Firewall Policy in Google Cloud is a centralized set of rules that control network traffic across multiple Virtual Private Cloud (VPC) networks. It allows you to define and enforce security rules at scale, ensuring consistent traffic filtering and access control. Firewall Policies can be applied hierarchically at the organization, folder, or project level, making it easier to manage security across large environments.

gcp.compute_firewall_policy

Fields

TitleIDTypeData TypeDescription
_keycorestring
ancestorscorearray<string>
associationscorejsonA list of associations that belong to this firewall policy.
creation_timestampcoretimestampOutput only. [Output Only] Creation timestamp inRFC3339 text format.
datadog_display_namecorestring
descriptioncorestringAn optional description of this resource. Provide this property when you create the resource.
gcp_display_namecorestringDeprecated, please use short name instead. User-provided name of the Organization firewall policy. The name should be unique in the organization in which the firewall policy is created. This field is not applicable to network firewall policies. This name must be set on creation and cannot be changed. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
idcorestring[Output Only] The unique identifier for the resource. This identifier is defined by the server.
kindcorestringOutput only. [Output only] Type of the resource. Alwayscompute#firewallPolicyfor firewall policies
labelscorearray<string>
namecorestringName of the resource. For Organization Firewall Policies it's a [Output Only] numeric ID allocated by Google Cloud which uniquely identifies the Organization Firewall Policy.
organization_idcorestring
packet_mirroring_rulescorejsonA list of packet mirroring rules that belong to this policy.
parentcorestringOutput only. [Output Only] The parent of the firewall policy. This field is not applicable to network firewall policies.
project_idcorestring
project_numbercorestring
regioncorestringOutput only. [Output Only] URL of the region where the regional firewall policy resides. This field is not applicable to global firewall policies. You must specify this field as part of the HTTP request URL. It is not settable as a field in the request body.
region_idcorestring
resource_namecorestring
rule_tuple_countcoreint64Output only. [Output Only] Total count of all firewall policy rule tuples. A firewall policy can not exceed a set number of tuples.
rulescorejsonA list of rules that belong to this policy. There must always be a default rule (rule with priority 2147483647 and match "*"). If no rules are provided when creating a firewall policy, a default rule with action "allow" will be added.
self_linkcorestring[Output Only] Server-defined URL for the resource.
self_link_with_idcorestringOutput only. [Output Only] Server-defined URL for this resource with the resource id.
short_namecorestringUser-provided name of the Organization firewall policy. The name should be unique in the organization in which the firewall policy is created. This field is not applicable to network firewall policies. This name must be set on creation and cannot be changed. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
tagscorehstore_csv
zone_idcorestring