GCP firewall rules support different matching methods based on ingress and egress. For example, when creating an ingress rule, you will see new terms such as Tag and Service Account along with the more traditional source IP range. Additionally, you need to specify a target Service Account or Tag instead of the traditional destination address. After working through the new terminology and methodology, I created a Terraform Module, available on the included Terraform Registry page. The Terraform module provides easy-to-use resources to deploy GCP firewall rules for network engineers–or better yet, developers. Note you don’t need to know the intricacies of Terraform or have deep knowledge about JSON.