Skip to content
CrowdStrike Developer Center

cloud_google_registration

This resource registers a Google Cloud project, folder, or organization in Falcon Cloud Security.

API Scopes

Section titled “API Scopes”

The following API scopes are required:

  • Cloud Security Google Cloud Registration: READ
  • Cloud Security Google Cloud Registration: WRITE

Example Usage

Section titled “Example Usage”
terraform {
  required_providers {
    crowdstrike = {
      source = "registry.terraform.io/crowdstrike/crowdstrike"
    }
  }
}


provider "crowdstrike" {
  cloud = "us-2"
}




resource "crowdstrike_cloud_google_registration" "example_project" {
  name               = "my-advanced-google-cloud-registration"
  projects           = ["project-1", "project-2", "project-3"]
  infra_project      = "my-infra-project"
  wif_project        = "my-wif-project"
  wif_project_number = "123456789012"
  deployment_method  = "terraform-native"




  excluded_project_patterns = [
    "test-*",
    "*-sandbox"
  ]




  resource_name_prefix = "crowdstrike"
  resource_name_suffix = "prod"


  labels = {
    environment = "production"
    managed_by  = "terraform"
    team        = "security"
  }


  tags = {
    compliance = "required"
    owner      = "security-team"
  }


  realtime_visibility = {
    enabled = true
  }
}


resource "crowdstrike_cloud_google_registration" "example_folder" {
  name               = "my-folder-registration"
  folders            = ["123456789012"]
  infra_project      = "my-infra-project"
  wif_project        = "my-wif-project"
  wif_project_number = "123456789012"
  deployment_method  = "terraform-native"


  excluded_project_patterns = ["*-dev"]
}


resource "crowdstrike_cloud_google_registration" "example_organization" {
  name               = "my-org-registration"
  organization       = "987654321098"
  infra_project      = "my-infra-project"
  wif_project        = "my-wif-project"
  wif_project_number = "123456789012"
  deployment_method  = "terraform-native"


  excluded_project_patterns = [
    "*-dev",
    "*-test"
  ]
}


resource "crowdstrike_cloud_google_registration" "example_infrastructure_manager" {
  name                          = "my-infrastructure-manager-registration"
  projects                      = ["my-project-1", "my-project-2"]
  infra_project                 = "my-infra-project"
  wif_project                   = "my-wif-project"
  wif_project_number            = "123456789012"
  deployment_method             = "infrastructure-manager"
  infrastructure_manager_region = "us-central1"


  realtime_visibility = {
    enabled = true
  }
}

Schema

Section titled “Schema”

Required

Section titled “Required”
  • infra_project (String) The Google Cloud project ID where CrowdStrike infrastructure resources will be created
  • name (String) The name of the registration
  • wif_project (String) The Google Cloud project ID for Workload Identity Federation
  • wif_project_number (String) Google Cloud project number for Workload Identity Federation

Optional

Section titled “Optional”
  • deployment_method (String) The deployment method for the registration. Can be either terraform-native or infrastructure-manager. Defaults to terraform-native
  • excluded_project_patterns (List of String) Wildcard patterns to exclude specific projects from registration. Each pattern must contain only lowercase letters, hyphens, numbers, and wildcard (*). A pattern containing only a wildcard is not valid
  • folders (Set of String) Google Cloud folder IDs to register. Each must be numeric. Mutually exclusive with organization and projects
  • infrastructure_manager_region (String) The Google Cloud region for Infrastructure Manager. Required when deployment_method is infrastructure-manager
  • labels (Map of String) Google Cloud labels to apply to created resources
  • organization (String) Google Cloud organization ID to register. Must be numeric. Mutually exclusive with folders and projects
  • projects (Set of String) Google Cloud project IDs to register. Each must be 6-30 characters, start with a lowercase letter, and contain only lowercase letters, numbers, and hyphens. Mutually exclusive with organization and folders
  • realtime_visibility (Attributes) (see below for nested schema)
  • resource_name_prefix (String) Prefix to add to created Google Cloud resource names. The combined length of prefix and suffix must not exceed 13 characters
  • resource_name_suffix (String) Suffix to add to created Google Cloud resource names. The combined length of prefix and suffix must not exceed 13 characters
  • tags (Map of String) Google Cloud tags to apply to created resources

Read-Only

Section titled “Read-Only”
  • id (String) The registration ID
  • registration_scope (String) The scope of the registration. One of: organization, folder, project
  • status (String) The current status of the registration. Possible values: partial (registration is in setup incomplete status), complete (registration was setup successfully and validation succeeded), validation_failed (registration was setup successfully, but validation failed)
  • wif_pool_id (String) Workload Identity Federation pool ID
  • wif_pool_name (String) Workload Identity Federation pool name
  • wif_provider_id (String) Workload Identity Federation provider ID
  • wif_provider_name (String) Workload Identity Federation provider name

Nested Schema for realtime_visibility

Section titled “Nested Schema for realtime_visibility”

Required:

  • enabled (Boolean) Enable real-time visibility and detection

Import

Section titled “Import”

Import is supported using the following syntax:

Terminal window
# Google Cloud Project Registration can be imported by specifying the registration ID
terraform import crowdstrike_cloud_google_registration.example <registration_id>
© 2026 CrowdStrike, Inc. All rights reserved. Privacy Notice Cookie Notice Terms of Use