main.tf

locals {
  chunks = "${chunklist(local.whitelist, 5)}"
  rules = [
    { action = "allow", priority = "0", match = { versioned_expr = "SRC_IPS_V1", config = { src_ip_ranges = ["${local.chunks[0]}"] }}},
    { action = "deny(403)", priority = "2147483647", match = { versioned_expr = "SRC_IPS_V1", config = { src_ip_ranges = ["*"] }}, description = "Default rule: deny all"}
  ]
}

resource "google_compute_security_policy" "policy" {
  project = "${var.project}"
  name = "policy"
  rule = ["${local.rules}"]

  # rule {
  #   action   = "allow"
  #   priority = "0"

  #   match {
  #     versioned_expr = "SRC_IPS_V1"

  #     config {
  #       src_ip_ranges = ["${local.whitelist}"]
  #     }
  #   }
  # }

  # rule = [{
  #   action   = "deny(403)"
  #   priority = "2147483647"

  #   match {
  #     versioned_expr = "SRC_IPS_V1"

  #     config {
  #       src_ip_ranges = ["*"]
  #     }
  #   }

  #   description = "Default rule: deny all"
  # }]
}

output

$ terragrunt plan

...

Error: google_compute_security_policy.policy: "rule.0.action": required field is not set
Error: google_compute_security_policy.policy: "rule.0.match": required field is not set
Error: google_compute_security_policy.policy: "rule.0.priority": required field is not set

[terragrunt] 2020/03/23 10:56:24 Hit multiple errors:
exit status 1