gcp.compute.RegionTargetHttpsProxy
Explore with Pulumi AI
Represents a RegionTargetHttpsProxy resource, which is used by one or more forwarding rules to route incoming HTTPS requests to a URL map.
To get more information about RegionTargetHttpsProxy, see:
- API documentation
- How-to Guides
Example Usage
Region Target Https Proxy Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as std from "@pulumi/std";
const defaultRegionSslCertificate = new gcp.compute.RegionSslCertificate("default", {
region: "us-central1",
name: "my-certificate",
privateKey: std.file({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.file({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
});
const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("default", {
region: "us-central1",
name: "http-health-check",
httpHealthCheck: {
port: 80,
},
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", {
region: "us-central1",
name: "backend-service",
protocol: "HTTP",
loadBalancingScheme: "INTERNAL_MANAGED",
timeoutSec: 10,
healthChecks: defaultRegionHealthCheck.id,
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("default", {
region: "us-central1",
name: "url-map",
description: "a description",
defaultService: defaultRegionBackendService.id,
hostRules: [{
hosts: ["mysite.com"],
pathMatcher: "allpaths",
}],
pathMatchers: [{
name: "allpaths",
defaultService: defaultRegionBackendService.id,
pathRules: [{
paths: ["/*"],
service: defaultRegionBackendService.id,
}],
}],
});
const _default = new gcp.compute.RegionTargetHttpsProxy("default", {
region: "us-central1",
name: "test-proxy",
urlMap: defaultRegionUrlMap.id,
sslCertificates: [defaultRegionSslCertificate.id],
});
import pulumi
import pulumi_gcp as gcp
import pulumi_std as std
default_region_ssl_certificate = gcp.compute.RegionSslCertificate("default",
region="us-central1",
name="my-certificate",
private_key=std.file(input="path/to/private.key").result,
certificate=std.file(input="path/to/certificate.crt").result)
default_region_health_check = gcp.compute.RegionHealthCheck("default",
region="us-central1",
name="http-health-check",
http_health_check={
"port": 80,
})
default_region_backend_service = gcp.compute.RegionBackendService("default",
region="us-central1",
name="backend-service",
protocol="HTTP",
load_balancing_scheme="INTERNAL_MANAGED",
timeout_sec=10,
health_checks=default_region_health_check.id)
default_region_url_map = gcp.compute.RegionUrlMap("default",
region="us-central1",
name="url-map",
description="a description",
default_service=default_region_backend_service.id,
host_rules=[{
"hosts": ["mysite.com"],
"path_matcher": "allpaths",
}],
path_matchers=[{
"name": "allpaths",
"default_service": default_region_backend_service.id,
"path_rules": [{
"paths": ["/*"],
"service": default_region_backend_service.id,
}],
}])
default = gcp.compute.RegionTargetHttpsProxy("default",
region="us-central1",
name="test-proxy",
url_map=default_region_url_map.id,
ssl_certificates=[default_region_ssl_certificate.id])
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
defaultRegionSslCertificate, err := compute.NewRegionSslCertificate(ctx, "default", &compute.RegionSslCertificateArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("my-certificate"),
PrivateKey: pulumi.String(invokeFile.Result),
Certificate: pulumi.String(invokeFile1.Result),
})
if err != nil {
return err
}
defaultRegionHealthCheck, err := compute.NewRegionHealthCheck(ctx, "default", &compute.RegionHealthCheckArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("http-health-check"),
HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
Port: pulumi.Int(80),
},
})
if err != nil {
return err
}
defaultRegionBackendService, err := compute.NewRegionBackendService(ctx, "default", &compute.RegionBackendServiceArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("backend-service"),
Protocol: pulumi.String("HTTP"),
LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
TimeoutSec: pulumi.Int(10),
HealthChecks: defaultRegionHealthCheck.ID(),
})
if err != nil {
return err
}
defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("url-map"),
Description: pulumi.String("a description"),
DefaultService: defaultRegionBackendService.ID(),
HostRules: compute.RegionUrlMapHostRuleArray{
&compute.RegionUrlMapHostRuleArgs{
Hosts: pulumi.StringArray{
pulumi.String("mysite.com"),
},
PathMatcher: pulumi.String("allpaths"),
},
},
PathMatchers: compute.RegionUrlMapPathMatcherArray{
&compute.RegionUrlMapPathMatcherArgs{
Name: pulumi.String("allpaths"),
DefaultService: defaultRegionBackendService.ID(),
PathRules: compute.RegionUrlMapPathMatcherPathRuleArray{
&compute.RegionUrlMapPathMatcherPathRuleArgs{
Paths: pulumi.StringArray{
pulumi.String("/*"),
},
Service: defaultRegionBackendService.ID(),
},
},
},
},
})
if err != nil {
return err
}
_, err = compute.NewRegionTargetHttpsProxy(ctx, "default", &compute.RegionTargetHttpsProxyArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("test-proxy"),
UrlMap: defaultRegionUrlMap.ID(),
SslCertificates: pulumi.StringArray{
defaultRegionSslCertificate.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var defaultRegionSslCertificate = new Gcp.Compute.RegionSslCertificate("default", new()
{
Region = "us-central1",
Name = "my-certificate",
PrivateKey = Std.File.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result),
Certificate = Std.File.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result),
});
var defaultRegionHealthCheck = new Gcp.Compute.RegionHealthCheck("default", new()
{
Region = "us-central1",
Name = "http-health-check",
HttpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckHttpHealthCheckArgs
{
Port = 80,
},
});
var defaultRegionBackendService = new Gcp.Compute.RegionBackendService("default", new()
{
Region = "us-central1",
Name = "backend-service",
Protocol = "HTTP",
LoadBalancingScheme = "INTERNAL_MANAGED",
TimeoutSec = 10,
HealthChecks = defaultRegionHealthCheck.Id,
});
var defaultRegionUrlMap = new Gcp.Compute.RegionUrlMap("default", new()
{
Region = "us-central1",
Name = "url-map",
Description = "a description",
DefaultService = defaultRegionBackendService.Id,
HostRules = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapHostRuleArgs
{
Hosts = new[]
{
"mysite.com",
},
PathMatcher = "allpaths",
},
},
PathMatchers = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapPathMatcherArgs
{
Name = "allpaths",
DefaultService = defaultRegionBackendService.Id,
PathRules = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapPathMatcherPathRuleArgs
{
Paths = new[]
{
"/*",
},
Service = defaultRegionBackendService.Id,
},
},
},
},
});
var @default = new Gcp.Compute.RegionTargetHttpsProxy("default", new()
{
Region = "us-central1",
Name = "test-proxy",
UrlMap = defaultRegionUrlMap.Id,
SslCertificates = new[]
{
defaultRegionSslCertificate.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSslCertificate;
import com.pulumi.gcp.compute.RegionSslCertificateArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.inputs.RegionUrlMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionUrlMapPathMatcherArgs;
import com.pulumi.gcp.compute.RegionTargetHttpsProxy;
import com.pulumi.gcp.compute.RegionTargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultRegionSslCertificate = new RegionSslCertificate("defaultRegionSslCertificate", RegionSslCertificateArgs.builder()
.region("us-central1")
.name("my-certificate")
.privateKey(StdFunctions.file(FileArgs.builder()
.input("path/to/private.key")
.build()).result())
.certificate(StdFunctions.file(FileArgs.builder()
.input("path/to/certificate.crt")
.build()).result())
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("us-central1")
.name("http-health-check")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.port(80)
.build())
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.region("us-central1")
.name("backend-service")
.protocol("HTTP")
.loadBalancingScheme("INTERNAL_MANAGED")
.timeoutSec(10)
.healthChecks(defaultRegionHealthCheck.id())
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.region("us-central1")
.name("url-map")
.description("a description")
.defaultService(defaultRegionBackendService.id())
.hostRules(RegionUrlMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(RegionUrlMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultRegionBackendService.id())
.pathRules(RegionUrlMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultRegionBackendService.id())
.build())
.build())
.build());
var default_ = new RegionTargetHttpsProxy("default", RegionTargetHttpsProxyArgs.builder()
.region("us-central1")
.name("test-proxy")
.urlMap(defaultRegionUrlMap.id())
.sslCertificates(defaultRegionSslCertificate.id())
.build());
}
}
resources:
default:
type: gcp:compute:RegionTargetHttpsProxy
properties:
region: us-central1
name: test-proxy
urlMap: ${defaultRegionUrlMap.id}
sslCertificates:
- ${defaultRegionSslCertificate.id}
defaultRegionSslCertificate:
type: gcp:compute:RegionSslCertificate
name: default
properties:
region: us-central1
name: my-certificate
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:file
Arguments:
input: path/to/certificate.crt
Return: result
defaultRegionUrlMap:
type: gcp:compute:RegionUrlMap
name: default
properties:
region: us-central1
name: url-map
description: a description
defaultService: ${defaultRegionBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultRegionBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultRegionBackendService.id}
defaultRegionBackendService:
type: gcp:compute:RegionBackendService
name: default
properties:
region: us-central1
name: backend-service
protocol: HTTP
loadBalancingScheme: INTERNAL_MANAGED
timeoutSec: 10
healthChecks: ${defaultRegionHealthCheck.id}
defaultRegionHealthCheck:
type: gcp:compute:RegionHealthCheck
name: default
properties:
region: us-central1
name: http-health-check
httpHealthCheck:
port: 80
Region Target Https Proxy Http Keep Alive Timeout
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as std from "@pulumi/std";
const defaultRegionSslCertificate = new gcp.compute.RegionSslCertificate("default", {
region: "us-central1",
name: "my-certificate",
privateKey: std.file({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.file({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
});
const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("default", {
region: "us-central1",
name: "http-health-check",
httpHealthCheck: {
port: 80,
},
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", {
region: "us-central1",
name: "backend-service",
portName: "http",
protocol: "HTTP",
timeoutSec: 10,
loadBalancingScheme: "INTERNAL_MANAGED",
healthChecks: defaultRegionHealthCheck.id,
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("default", {
region: "us-central1",
name: "url-map",
description: "a description",
defaultService: defaultRegionBackendService.id,
hostRules: [{
hosts: ["mysite.com"],
pathMatcher: "allpaths",
}],
pathMatchers: [{
name: "allpaths",
defaultService: defaultRegionBackendService.id,
pathRules: [{
paths: ["/*"],
service: defaultRegionBackendService.id,
}],
}],
});
const _default = new gcp.compute.RegionTargetHttpsProxy("default", {
region: "us-central1",
name: "test-http-keep-alive-timeout-proxy",
httpKeepAliveTimeoutSec: 600,
urlMap: defaultRegionUrlMap.id,
sslCertificates: [defaultRegionSslCertificate.id],
});
import pulumi
import pulumi_gcp as gcp
import pulumi_std as std
default_region_ssl_certificate = gcp.compute.RegionSslCertificate("default",
region="us-central1",
name="my-certificate",
private_key=std.file(input="path/to/private.key").result,
certificate=std.file(input="path/to/certificate.crt").result)
default_region_health_check = gcp.compute.RegionHealthCheck("default",
region="us-central1",
name="http-health-check",
http_health_check={
"port": 80,
})
default_region_backend_service = gcp.compute.RegionBackendService("default",
region="us-central1",
name="backend-service",
port_name="http",
protocol="HTTP",
timeout_sec=10,
load_balancing_scheme="INTERNAL_MANAGED",
health_checks=default_region_health_check.id)
default_region_url_map = gcp.compute.RegionUrlMap("default",
region="us-central1",
name="url-map",
description="a description",
default_service=default_region_backend_service.id,
host_rules=[{
"hosts": ["mysite.com"],
"path_matcher": "allpaths",
}],
path_matchers=[{
"name": "allpaths",
"default_service": default_region_backend_service.id,
"path_rules": [{
"paths": ["/*"],
"service": default_region_backend_service.id,
}],
}])
default = gcp.compute.RegionTargetHttpsProxy("default",
region="us-central1",
name="test-http-keep-alive-timeout-proxy",
http_keep_alive_timeout_sec=600,
url_map=default_region_url_map.id,
ssl_certificates=[default_region_ssl_certificate.id])
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
defaultRegionSslCertificate, err := compute.NewRegionSslCertificate(ctx, "default", &compute.RegionSslCertificateArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("my-certificate"),
PrivateKey: pulumi.String(invokeFile.Result),
Certificate: pulumi.String(invokeFile1.Result),
})
if err != nil {
return err
}
defaultRegionHealthCheck, err := compute.NewRegionHealthCheck(ctx, "default", &compute.RegionHealthCheckArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("http-health-check"),
HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
Port: pulumi.Int(80),
},
})
if err != nil {
return err
}
defaultRegionBackendService, err := compute.NewRegionBackendService(ctx, "default", &compute.RegionBackendServiceArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("backend-service"),
PortName: pulumi.String("http"),
Protocol: pulumi.String("HTTP"),
TimeoutSec: pulumi.Int(10),
LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
HealthChecks: defaultRegionHealthCheck.ID(),
})
if err != nil {
return err
}
defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("url-map"),
Description: pulumi.String("a description"),
DefaultService: defaultRegionBackendService.ID(),
HostRules: compute.RegionUrlMapHostRuleArray{
&compute.RegionUrlMapHostRuleArgs{
Hosts: pulumi.StringArray{
pulumi.String("mysite.com"),
},
PathMatcher: pulumi.String("allpaths"),
},
},
PathMatchers: compute.RegionUrlMapPathMatcherArray{
&compute.RegionUrlMapPathMatcherArgs{
Name: pulumi.String("allpaths"),
DefaultService: defaultRegionBackendService.ID(),
PathRules: compute.RegionUrlMapPathMatcherPathRuleArray{
&compute.RegionUrlMapPathMatcherPathRuleArgs{
Paths: pulumi.StringArray{
pulumi.String("/*"),
},
Service: defaultRegionBackendService.ID(),
},
},
},
},
})
if err != nil {
return err
}
_, err = compute.NewRegionTargetHttpsProxy(ctx, "default", &compute.RegionTargetHttpsProxyArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("test-http-keep-alive-timeout-proxy"),
HttpKeepAliveTimeoutSec: pulumi.Int(600),
UrlMap: defaultRegionUrlMap.ID(),
SslCertificates: pulumi.StringArray{
defaultRegionSslCertificate.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var defaultRegionSslCertificate = new Gcp.Compute.RegionSslCertificate("default", new()
{
Region = "us-central1",
Name = "my-certificate",
PrivateKey = Std.File.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result),
Certificate = Std.File.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result),
});
var defaultRegionHealthCheck = new Gcp.Compute.RegionHealthCheck("default", new()
{
Region = "us-central1",
Name = "http-health-check",
HttpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckHttpHealthCheckArgs
{
Port = 80,
},
});
var defaultRegionBackendService = new Gcp.Compute.RegionBackendService("default", new()
{
Region = "us-central1",
Name = "backend-service",
PortName = "http",
Protocol = "HTTP",
TimeoutSec = 10,
LoadBalancingScheme = "INTERNAL_MANAGED",
HealthChecks = defaultRegionHealthCheck.Id,
});
var defaultRegionUrlMap = new Gcp.Compute.RegionUrlMap("default", new()
{
Region = "us-central1",
Name = "url-map",
Description = "a description",
DefaultService = defaultRegionBackendService.Id,
HostRules = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapHostRuleArgs
{
Hosts = new[]
{
"mysite.com",
},
PathMatcher = "allpaths",
},
},
PathMatchers = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapPathMatcherArgs
{
Name = "allpaths",
DefaultService = defaultRegionBackendService.Id,
PathRules = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapPathMatcherPathRuleArgs
{
Paths = new[]
{
"/*",
},
Service = defaultRegionBackendService.Id,
},
},
},
},
});
var @default = new Gcp.Compute.RegionTargetHttpsProxy("default", new()
{
Region = "us-central1",
Name = "test-http-keep-alive-timeout-proxy",
HttpKeepAliveTimeoutSec = 600,
UrlMap = defaultRegionUrlMap.Id,
SslCertificates = new[]
{
defaultRegionSslCertificate.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.RegionSslCertificate;
import com.pulumi.gcp.compute.RegionSslCertificateArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.inputs.RegionUrlMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionUrlMapPathMatcherArgs;
import com.pulumi.gcp.compute.RegionTargetHttpsProxy;
import com.pulumi.gcp.compute.RegionTargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultRegionSslCertificate = new RegionSslCertificate("defaultRegionSslCertificate", RegionSslCertificateArgs.builder()
.region("us-central1")
.name("my-certificate")
.privateKey(StdFunctions.file(FileArgs.builder()
.input("path/to/private.key")
.build()).result())
.certificate(StdFunctions.file(FileArgs.builder()
.input("path/to/certificate.crt")
.build()).result())
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("us-central1")
.name("http-health-check")
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.port(80)
.build())
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.region("us-central1")
.name("backend-service")
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.loadBalancingScheme("INTERNAL_MANAGED")
.healthChecks(defaultRegionHealthCheck.id())
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.region("us-central1")
.name("url-map")
.description("a description")
.defaultService(defaultRegionBackendService.id())
.hostRules(RegionUrlMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(RegionUrlMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultRegionBackendService.id())
.pathRules(RegionUrlMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultRegionBackendService.id())
.build())
.build())
.build());
var default_ = new RegionTargetHttpsProxy("default", RegionTargetHttpsProxyArgs.builder()
.region("us-central1")
.name("test-http-keep-alive-timeout-proxy")
.httpKeepAliveTimeoutSec(600)
.urlMap(defaultRegionUrlMap.id())
.sslCertificates(defaultRegionSslCertificate.id())
.build());
}
}
resources:
default:
type: gcp:compute:RegionTargetHttpsProxy
properties:
region: us-central1
name: test-http-keep-alive-timeout-proxy
httpKeepAliveTimeoutSec: 600
urlMap: ${defaultRegionUrlMap.id}
sslCertificates:
- ${defaultRegionSslCertificate.id}
defaultRegionSslCertificate:
type: gcp:compute:RegionSslCertificate
name: default
properties:
region: us-central1
name: my-certificate
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:file
Arguments:
input: path/to/certificate.crt
Return: result
defaultRegionUrlMap:
type: gcp:compute:RegionUrlMap
name: default
properties:
region: us-central1
name: url-map
description: a description
defaultService: ${defaultRegionBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultRegionBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultRegionBackendService.id}
defaultRegionBackendService:
type: gcp:compute:RegionBackendService
name: default
properties:
region: us-central1
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
loadBalancingScheme: INTERNAL_MANAGED
healthChecks: ${defaultRegionHealthCheck.id}
defaultRegionHealthCheck:
type: gcp:compute:RegionHealthCheck
name: default
properties:
region: us-central1
name: http-health-check
httpHealthCheck:
port: 80
Region Target Https Proxy Mtls
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as std from "@pulumi/std";
const project = gcp.organizations.getProject({});
const defaultTrustConfig = new gcp.certificatemanager.TrustConfig("default", {
location: "us-central1",
name: "my-trust-config",
description: "sample description for trust config",
trustStores: [{
trustAnchors: [{
pemCertificate: std.file({
input: "test-fixtures/ca_cert.pem",
}).then(invoke => invoke.result),
}],
intermediateCas: [{
pemCertificate: std.file({
input: "test-fixtures/ca_cert.pem",
}).then(invoke => invoke.result),
}],
}],
labels: {
foo: "bar",
},
});
const defaultServerTlsPolicy = new gcp.networksecurity.ServerTlsPolicy("default", {
location: "us-central1",
name: "my-tls-policy",
description: "my description",
allowOpen: false,
mtlsPolicy: {
clientValidationMode: "REJECT_INVALID",
clientValidationTrustConfig: pulumi.all([project, defaultTrustConfig.name]).apply(([project, name]) => `projects/${project.number}/locations/us-central1/trustConfigs/${name}`),
},
});
const defaultRegionSslCertificate = new gcp.compute.RegionSslCertificate("default", {
region: "us-central1",
name: "my-certificate",
privateKey: std.file({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.file({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
});
const defaultRegionHealthCheck = new gcp.compute.RegionHealthCheck("default", {
region: "us-central1",
name: "http-health-check",
checkIntervalSec: 1,
timeoutSec: 1,
httpHealthCheck: {
port: 80,
},
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", {
region: "us-central1",
name: "backend-service",
portName: "http",
protocol: "HTTP",
timeoutSec: 10,
loadBalancingScheme: "INTERNAL_MANAGED",
healthChecks: defaultRegionHealthCheck.id,
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("default", {
region: "us-central1",
name: "url-map",
description: "a description",
defaultService: defaultRegionBackendService.id,
hostRules: [{
hosts: ["mysite.com"],
pathMatcher: "allpaths",
}],
pathMatchers: [{
name: "allpaths",
defaultService: defaultRegionBackendService.id,
pathRules: [{
paths: ["/*"],
service: defaultRegionBackendService.id,
}],
}],
});
const _default = new gcp.compute.RegionTargetHttpsProxy("default", {
region: "us-central1",
name: "test-mtls-proxy",
urlMap: defaultRegionUrlMap.id,
sslCertificates: [defaultRegionSslCertificate.id],
serverTlsPolicy: defaultServerTlsPolicy.id,
});
import pulumi
import pulumi_gcp as gcp
import pulumi_std as std
project = gcp.organizations.get_project()
default_trust_config = gcp.certificatemanager.TrustConfig("default",
location="us-central1",
name="my-trust-config",
description="sample description for trust config",
trust_stores=[{
"trust_anchors": [{
"pem_certificate": std.file(input="test-fixtures/ca_cert.pem").result,
}],
"intermediate_cas": [{
"pem_certificate": std.file(input="test-fixtures/ca_cert.pem").result,
}],
}],
labels={
"foo": "bar",
})
default_server_tls_policy = gcp.networksecurity.ServerTlsPolicy("default",
location="us-central1",
name="my-tls-policy",
description="my description",
allow_open=False,
mtls_policy={
"client_validation_mode": "REJECT_INVALID",
"client_validation_trust_config": default_trust_config.name.apply(lambda name: f"projects/{project.number}/locations/us-central1/trustConfigs/{name}"),
})
default_region_ssl_certificate = gcp.compute.RegionSslCertificate("default",
region="us-central1",
name="my-certificate",
private_key=std.file(input="path/to/private.key").result,
certificate=std.file(input="path/to/certificate.crt").result)
default_region_health_check = gcp.compute.RegionHealthCheck("default",
region="us-central1",
name="http-health-check",
check_interval_sec=1,
timeout_sec=1,
http_health_check={
"port": 80,
})
default_region_backend_service = gcp.compute.RegionBackendService("default",
region="us-central1",
name="backend-service",
port_name="http",
protocol="HTTP",
timeout_sec=10,
load_balancing_scheme="INTERNAL_MANAGED",
health_checks=default_region_health_check.id)
default_region_url_map = gcp.compute.RegionUrlMap("default",
region="us-central1",
name="url-map",
description="a description",
default_service=default_region_backend_service.id,
host_rules=[{
"hosts": ["mysite.com"],
"path_matcher": "allpaths",
}],
path_matchers=[{
"name": "allpaths",
"default_service": default_region_backend_service.id,
"path_rules": [{
"paths": ["/*"],
"service": default_region_backend_service.id,
}],
}])
default = gcp.compute.RegionTargetHttpsProxy("default",
region="us-central1",
name="test-mtls-proxy",
url_map=default_region_url_map.id,
ssl_certificates=[default_region_ssl_certificate.id],
server_tls_policy=default_server_tls_policy.id)
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
project, err := organizations.LookupProject(ctx, nil, nil)
if err != nil {
return err
}
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "test-fixtures/ca_cert.pem",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "test-fixtures/ca_cert.pem",
}, nil)
if err != nil {
return err
}
defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
Location: pulumi.String("us-central1"),
Name: pulumi.String("my-trust-config"),
Description: pulumi.String("sample description for trust config"),
TrustStores: certificatemanager.TrustConfigTrustStoreArray{
&certificatemanager.TrustConfigTrustStoreArgs{
TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
PemCertificate: pulumi.String(invokeFile.Result),
},
},
IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
PemCertificate: pulumi.String(invokeFile1.Result),
},
},
},
},
Labels: pulumi.StringMap{
"foo": pulumi.String("bar"),
},
})
if err != nil {
return err
}
defaultServerTlsPolicy, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
Location: pulumi.String("us-central1"),
Name: pulumi.String("my-tls-policy"),
Description: pulumi.String("my description"),
AllowOpen: pulumi.Bool(false),
MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
ClientValidationMode: pulumi.String("REJECT_INVALID"),
ClientValidationTrustConfig: defaultTrustConfig.Name.ApplyT(func(name string) (string, error) {
return fmt.Sprintf("projects/%v/locations/us-central1/trustConfigs/%v", project.Number, name), nil
}).(pulumi.StringOutput),
},
})
if err != nil {
return err
}
invokeFile2, err := std.File(ctx, &std.FileArgs{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFile3, err := std.File(ctx, &std.FileArgs{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
defaultRegionSslCertificate, err := compute.NewRegionSslCertificate(ctx, "default", &compute.RegionSslCertificateArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("my-certificate"),
PrivateKey: pulumi.String(invokeFile2.Result),
Certificate: pulumi.String(invokeFile3.Result),
})
if err != nil {
return err
}
defaultRegionHealthCheck, err := compute.NewRegionHealthCheck(ctx, "default", &compute.RegionHealthCheckArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("http-health-check"),
CheckIntervalSec: pulumi.Int(1),
TimeoutSec: pulumi.Int(1),
HttpHealthCheck: &compute.RegionHealthCheckHttpHealthCheckArgs{
Port: pulumi.Int(80),
},
})
if err != nil {
return err
}
defaultRegionBackendService, err := compute.NewRegionBackendService(ctx, "default", &compute.RegionBackendServiceArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("backend-service"),
PortName: pulumi.String("http"),
Protocol: pulumi.String("HTTP"),
TimeoutSec: pulumi.Int(10),
LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
HealthChecks: defaultRegionHealthCheck.ID(),
})
if err != nil {
return err
}
defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("url-map"),
Description: pulumi.String("a description"),
DefaultService: defaultRegionBackendService.ID(),
HostRules: compute.RegionUrlMapHostRuleArray{
&compute.RegionUrlMapHostRuleArgs{
Hosts: pulumi.StringArray{
pulumi.String("mysite.com"),
},
PathMatcher: pulumi.String("allpaths"),
},
},
PathMatchers: compute.RegionUrlMapPathMatcherArray{
&compute.RegionUrlMapPathMatcherArgs{
Name: pulumi.String("allpaths"),
DefaultService: defaultRegionBackendService.ID(),
PathRules: compute.RegionUrlMapPathMatcherPathRuleArray{
&compute.RegionUrlMapPathMatcherPathRuleArgs{
Paths: pulumi.StringArray{
pulumi.String("/*"),
},
Service: defaultRegionBackendService.ID(),
},
},
},
},
})
if err != nil {
return err
}
_, err = compute.NewRegionTargetHttpsProxy(ctx, "default", &compute.RegionTargetHttpsProxyArgs{
Region: pulumi.String("us-central1"),
Name: pulumi.String("test-mtls-proxy"),
UrlMap: defaultRegionUrlMap.ID(),
SslCertificates: pulumi.StringArray{
defaultRegionSslCertificate.ID(),
},
ServerTlsPolicy: defaultServerTlsPolicy.ID(),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var project = Gcp.Organizations.GetProject.Invoke();
var defaultTrustConfig = new Gcp.CertificateManager.TrustConfig("default", new()
{
Location = "us-central1",
Name = "my-trust-config",
Description = "sample description for trust config",
TrustStores = new[]
{
new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreArgs
{
TrustAnchors = new[]
{
new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreTrustAnchorArgs
{
PemCertificate = Std.File.Invoke(new()
{
Input = "test-fixtures/ca_cert.pem",
}).Apply(invoke => invoke.Result),
},
},
IntermediateCas = new[]
{
new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreIntermediateCaArgs
{
PemCertificate = Std.File.Invoke(new()
{
Input = "test-fixtures/ca_cert.pem",
}).Apply(invoke => invoke.Result),
},
},
},
},
Labels =
{
{ "foo", "bar" },
},
});
var defaultServerTlsPolicy = new Gcp.NetworkSecurity.ServerTlsPolicy("default", new()
{
Location = "us-central1",
Name = "my-tls-policy",
Description = "my description",
AllowOpen = false,
MtlsPolicy = new Gcp.NetworkSecurity.Inputs.ServerTlsPolicyMtlsPolicyArgs
{
ClientValidationMode = "REJECT_INVALID",
ClientValidationTrustConfig = Output.Tuple(project, defaultTrustConfig.Name).Apply(values =>
{
var project = values.Item1;
var name = values.Item2;
return $"projects/{project.Apply(getProjectResult => getProjectResult.Number)}/locations/us-central1/trustConfigs/{name}";
}),
},
});
var defaultRegionSslCertificate = new Gcp.Compute.RegionSslCertificate("default", new()
{
Region = "us-central1",
Name = "my-certificate",
PrivateKey = Std.File.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result),
Certificate = Std.File.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result),
});
var defaultRegionHealthCheck = new Gcp.Compute.RegionHealthCheck("default", new()
{
Region = "us-central1",
Name = "http-health-check",
CheckIntervalSec = 1,
TimeoutSec = 1,
HttpHealthCheck = new Gcp.Compute.Inputs.RegionHealthCheckHttpHealthCheckArgs
{
Port = 80,
},
});
var defaultRegionBackendService = new Gcp.Compute.RegionBackendService("default", new()
{
Region = "us-central1",
Name = "backend-service",
PortName = "http",
Protocol = "HTTP",
TimeoutSec = 10,
LoadBalancingScheme = "INTERNAL_MANAGED",
HealthChecks = defaultRegionHealthCheck.Id,
});
var defaultRegionUrlMap = new Gcp.Compute.RegionUrlMap("default", new()
{
Region = "us-central1",
Name = "url-map",
Description = "a description",
DefaultService = defaultRegionBackendService.Id,
HostRules = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapHostRuleArgs
{
Hosts = new[]
{
"mysite.com",
},
PathMatcher = "allpaths",
},
},
PathMatchers = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapPathMatcherArgs
{
Name = "allpaths",
DefaultService = defaultRegionBackendService.Id,
PathRules = new[]
{
new Gcp.Compute.Inputs.RegionUrlMapPathMatcherPathRuleArgs
{
Paths = new[]
{
"/*",
},
Service = defaultRegionBackendService.Id,
},
},
},
},
});
var @default = new Gcp.Compute.RegionTargetHttpsProxy("default", new()
{
Region = "us-central1",
Name = "test-mtls-proxy",
UrlMap = defaultRegionUrlMap.Id,
SslCertificates = new[]
{
defaultRegionSslCertificate.Id,
},
ServerTlsPolicy = defaultServerTlsPolicy.Id,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.certificatemanager.TrustConfig;
import com.pulumi.gcp.certificatemanager.TrustConfigArgs;
import com.pulumi.gcp.certificatemanager.inputs.TrustConfigTrustStoreArgs;
import com.pulumi.gcp.networksecurity.ServerTlsPolicy;
import com.pulumi.gcp.networksecurity.ServerTlsPolicyArgs;
import com.pulumi.gcp.networksecurity.inputs.ServerTlsPolicyMtlsPolicyArgs;
import com.pulumi.gcp.compute.RegionSslCertificate;
import com.pulumi.gcp.compute.RegionSslCertificateArgs;
import com.pulumi.gcp.compute.RegionHealthCheck;
import com.pulumi.gcp.compute.RegionHealthCheckArgs;
import com.pulumi.gcp.compute.inputs.RegionHealthCheckHttpHealthCheckArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.inputs.RegionUrlMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.RegionUrlMapPathMatcherArgs;
import com.pulumi.gcp.compute.RegionTargetHttpsProxy;
import com.pulumi.gcp.compute.RegionTargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var project = OrganizationsFunctions.getProject();
var defaultTrustConfig = new TrustConfig("defaultTrustConfig", TrustConfigArgs.builder()
.location("us-central1")
.name("my-trust-config")
.description("sample description for trust config")
.trustStores(TrustConfigTrustStoreArgs.builder()
.trustAnchors(TrustConfigTrustStoreTrustAnchorArgs.builder()
.pemCertificate(StdFunctions.file(FileArgs.builder()
.input("test-fixtures/ca_cert.pem")
.build()).result())
.build())
.intermediateCas(TrustConfigTrustStoreIntermediateCaArgs.builder()
.pemCertificate(StdFunctions.file(FileArgs.builder()
.input("test-fixtures/ca_cert.pem")
.build()).result())
.build())
.build())
.labels(Map.of("foo", "bar"))
.build());
var defaultServerTlsPolicy = new ServerTlsPolicy("defaultServerTlsPolicy", ServerTlsPolicyArgs.builder()
.location("us-central1")
.name("my-tls-policy")
.description("my description")
.allowOpen("false")
.mtlsPolicy(ServerTlsPolicyMtlsPolicyArgs.builder()
.clientValidationMode("REJECT_INVALID")
.clientValidationTrustConfig(defaultTrustConfig.name().applyValue(name -> String.format("projects/%s/locations/us-central1/trustConfigs/%s", project.applyValue(getProjectResult -> getProjectResult.number()),name)))
.build())
.build());
var defaultRegionSslCertificate = new RegionSslCertificate("defaultRegionSslCertificate", RegionSslCertificateArgs.builder()
.region("us-central1")
.name("my-certificate")
.privateKey(StdFunctions.file(FileArgs.builder()
.input("path/to/private.key")
.build()).result())
.certificate(StdFunctions.file(FileArgs.builder()
.input("path/to/certificate.crt")
.build()).result())
.build());
var defaultRegionHealthCheck = new RegionHealthCheck("defaultRegionHealthCheck", RegionHealthCheckArgs.builder()
.region("us-central1")
.name("http-health-check")
.checkIntervalSec(1)
.timeoutSec(1)
.httpHealthCheck(RegionHealthCheckHttpHealthCheckArgs.builder()
.port(80)
.build())
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.region("us-central1")
.name("backend-service")
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.loadBalancingScheme("INTERNAL_MANAGED")
.healthChecks(defaultRegionHealthCheck.id())
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.region("us-central1")
.name("url-map")
.description("a description")
.defaultService(defaultRegionBackendService.id())
.hostRules(RegionUrlMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(RegionUrlMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultRegionBackendService.id())
.pathRules(RegionUrlMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultRegionBackendService.id())
.build())
.build())
.build());
var default_ = new RegionTargetHttpsProxy("default", RegionTargetHttpsProxyArgs.builder()
.region("us-central1")
.name("test-mtls-proxy")
.urlMap(defaultRegionUrlMap.id())
.sslCertificates(defaultRegionSslCertificate.id())
.serverTlsPolicy(defaultServerTlsPolicy.id())
.build());
}
}
resources:
default:
type: gcp:compute:RegionTargetHttpsProxy
properties:
region: us-central1
name: test-mtls-proxy
urlMap: ${defaultRegionUrlMap.id}
sslCertificates:
- ${defaultRegionSslCertificate.id}
serverTlsPolicy: ${defaultServerTlsPolicy.id}
defaultTrustConfig:
type: gcp:certificatemanager:TrustConfig
name: default
properties:
location: us-central1
name: my-trust-config
description: sample description for trust config
trustStores:
- trustAnchors:
- pemCertificate:
fn::invoke:
Function: std:file
Arguments:
input: test-fixtures/ca_cert.pem
Return: result
intermediateCas:
- pemCertificate:
fn::invoke:
Function: std:file
Arguments:
input: test-fixtures/ca_cert.pem
Return: result
labels:
foo: bar
defaultServerTlsPolicy:
type: gcp:networksecurity:ServerTlsPolicy
name: default
properties:
location: us-central1
name: my-tls-policy
description: my description
allowOpen: 'false'
mtlsPolicy:
clientValidationMode: REJECT_INVALID
clientValidationTrustConfig: projects/${project.number}/locations/us-central1/trustConfigs/${defaultTrustConfig.name}
defaultRegionSslCertificate:
type: gcp:compute:RegionSslCertificate
name: default
properties:
region: us-central1
name: my-certificate
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:file
Arguments:
input: path/to/certificate.crt
Return: result
defaultRegionUrlMap:
type: gcp:compute:RegionUrlMap
name: default
properties:
region: us-central1
name: url-map
description: a description
defaultService: ${defaultRegionBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultRegionBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultRegionBackendService.id}
defaultRegionBackendService:
type: gcp:compute:RegionBackendService
name: default
properties:
region: us-central1
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
loadBalancingScheme: INTERNAL_MANAGED
healthChecks: ${defaultRegionHealthCheck.id}
defaultRegionHealthCheck:
type: gcp:compute:RegionHealthCheck
name: default
properties:
region: us-central1
name: http-health-check
checkIntervalSec: 1
timeoutSec: 1
httpHealthCheck:
port: 80
variables:
project:
fn::invoke:
Function: gcp:organizations:getProject
Arguments: {}
Region Target Https Proxy Certificate Manager Certificate
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as std from "@pulumi/std";
const defaultCertificate = new gcp.certificatemanager.Certificate("default", {
name: "my-certificate",
location: "us-central1",
selfManaged: {
pemCertificate: std.file({
input: "test-fixtures/cert.pem",
}).then(invoke => invoke.result),
pemPrivateKey: std.file({
input: "test-fixtures/private-key.pem",
}).then(invoke => invoke.result),
},
});
const defaultRegionBackendService = new gcp.compute.RegionBackendService("default", {
name: "backend-service",
region: "us-central1",
protocol: "HTTPS",
timeoutSec: 30,
loadBalancingScheme: "INTERNAL_MANAGED",
});
const defaultRegionUrlMap = new gcp.compute.RegionUrlMap("default", {
name: "url-map",
defaultService: defaultRegionBackendService.id,
region: "us-central1",
});
const _default = new gcp.compute.RegionTargetHttpsProxy("default", {
name: "target-http-proxy",
urlMap: defaultRegionUrlMap.id,
certificateManagerCertificates: [pulumi.interpolate`//certificatemanager.googleapis.com/${defaultCertificate.id}`],
});
import pulumi
import pulumi_gcp as gcp
import pulumi_std as std
default_certificate = gcp.certificatemanager.Certificate("default",
name="my-certificate",
location="us-central1",
self_managed={
"pem_certificate": std.file(input="test-fixtures/cert.pem").result,
"pem_private_key": std.file(input="test-fixtures/private-key.pem").result,
})
default_region_backend_service = gcp.compute.RegionBackendService("default",
name="backend-service",
region="us-central1",
protocol="HTTPS",
timeout_sec=30,
load_balancing_scheme="INTERNAL_MANAGED")
default_region_url_map = gcp.compute.RegionUrlMap("default",
name="url-map",
default_service=default_region_backend_service.id,
region="us-central1")
default = gcp.compute.RegionTargetHttpsProxy("default",
name="target-http-proxy",
url_map=default_region_url_map.id,
certificate_manager_certificates=[default_certificate.id.apply(lambda id: f"//certificatemanager.googleapis.com/{id}")])
package main
import (
"fmt"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "test-fixtures/cert.pem",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "test-fixtures/private-key.pem",
}, nil)
if err != nil {
return err
}
defaultCertificate, err := certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
Name: pulumi.String("my-certificate"),
Location: pulumi.String("us-central1"),
SelfManaged: &certificatemanager.CertificateSelfManagedArgs{
PemCertificate: pulumi.String(invokeFile.Result),
PemPrivateKey: pulumi.String(invokeFile1.Result),
},
})
if err != nil {
return err
}
defaultRegionBackendService, err := compute.NewRegionBackendService(ctx, "default", &compute.RegionBackendServiceArgs{
Name: pulumi.String("backend-service"),
Region: pulumi.String("us-central1"),
Protocol: pulumi.String("HTTPS"),
TimeoutSec: pulumi.Int(30),
LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
})
if err != nil {
return err
}
defaultRegionUrlMap, err := compute.NewRegionUrlMap(ctx, "default", &compute.RegionUrlMapArgs{
Name: pulumi.String("url-map"),
DefaultService: defaultRegionBackendService.ID(),
Region: pulumi.String("us-central1"),
})
if err != nil {
return err
}
_, err = compute.NewRegionTargetHttpsProxy(ctx, "default", &compute.RegionTargetHttpsProxyArgs{
Name: pulumi.String("target-http-proxy"),
UrlMap: defaultRegionUrlMap.ID(),
CertificateManagerCertificates: pulumi.StringArray{
defaultCertificate.ID().ApplyT(func(id string) (string, error) {
return fmt.Sprintf("//certificatemanager.googleapis.com/%v", id), nil
}).(pulumi.StringOutput),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var defaultCertificate = new Gcp.CertificateManager.Certificate("default", new()
{
Name = "my-certificate",
Location = "us-central1",
SelfManaged = new Gcp.CertificateManager.Inputs.CertificateSelfManagedArgs
{
PemCertificate = Std.File.Invoke(new()
{
Input = "test-fixtures/cert.pem",
}).Apply(invoke => invoke.Result),
PemPrivateKey = Std.File.Invoke(new()
{
Input = "test-fixtures/private-key.pem",
}).Apply(invoke => invoke.Result),
},
});
var defaultRegionBackendService = new Gcp.Compute.RegionBackendService("default", new()
{
Name = "backend-service",
Region = "us-central1",
Protocol = "HTTPS",
TimeoutSec = 30,
LoadBalancingScheme = "INTERNAL_MANAGED",
});
var defaultRegionUrlMap = new Gcp.Compute.RegionUrlMap("default", new()
{
Name = "url-map",
DefaultService = defaultRegionBackendService.Id,
Region = "us-central1",
});
var @default = new Gcp.Compute.RegionTargetHttpsProxy("default", new()
{
Name = "target-http-proxy",
UrlMap = defaultRegionUrlMap.Id,
CertificateManagerCertificates = new[]
{
defaultCertificate.Id.Apply(id => $"//certificatemanager.googleapis.com/{id}"),
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.certificatemanager.Certificate;
import com.pulumi.gcp.certificatemanager.CertificateArgs;
import com.pulumi.gcp.certificatemanager.inputs.CertificateSelfManagedArgs;
import com.pulumi.gcp.compute.RegionBackendService;
import com.pulumi.gcp.compute.RegionBackendServiceArgs;
import com.pulumi.gcp.compute.RegionUrlMap;
import com.pulumi.gcp.compute.RegionUrlMapArgs;
import com.pulumi.gcp.compute.RegionTargetHttpsProxy;
import com.pulumi.gcp.compute.RegionTargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var defaultCertificate = new Certificate("defaultCertificate", CertificateArgs.builder()
.name("my-certificate")
.location("us-central1")
.selfManaged(CertificateSelfManagedArgs.builder()
.pemCertificate(StdFunctions.file(FileArgs.builder()
.input("test-fixtures/cert.pem")
.build()).result())
.pemPrivateKey(StdFunctions.file(FileArgs.builder()
.input("test-fixtures/private-key.pem")
.build()).result())
.build())
.build());
var defaultRegionBackendService = new RegionBackendService("defaultRegionBackendService", RegionBackendServiceArgs.builder()
.name("backend-service")
.region("us-central1")
.protocol("HTTPS")
.timeoutSec(30)
.loadBalancingScheme("INTERNAL_MANAGED")
.build());
var defaultRegionUrlMap = new RegionUrlMap("defaultRegionUrlMap", RegionUrlMapArgs.builder()
.name("url-map")
.defaultService(defaultRegionBackendService.id())
.region("us-central1")
.build());
var default_ = new RegionTargetHttpsProxy("default", RegionTargetHttpsProxyArgs.builder()
.name("target-http-proxy")
.urlMap(defaultRegionUrlMap.id())
.certificateManagerCertificates(defaultCertificate.id().applyValue(id -> String.format("//certificatemanager.googleapis.com/%s", id)))
.build());
}
}
resources:
default:
type: gcp:compute:RegionTargetHttpsProxy
properties:
name: target-http-proxy
urlMap: ${defaultRegionUrlMap.id}
certificateManagerCertificates: # [google_certificate_manager_certificate.default.id] is also acceptable
- //certificatemanager.googleapis.com/${defaultCertificate.id}
defaultCertificate:
type: gcp:certificatemanager:Certificate
name: default
properties:
name: my-certificate
location: us-central1
selfManaged:
pemCertificate:
fn::invoke:
Function: std:file
Arguments:
input: test-fixtures/cert.pem
Return: result
pemPrivateKey:
fn::invoke:
Function: std:file
Arguments:
input: test-fixtures/private-key.pem
Return: result
defaultRegionUrlMap:
type: gcp:compute:RegionUrlMap
name: default
properties:
name: url-map
defaultService: ${defaultRegionBackendService.id}
region: us-central1
defaultRegionBackendService:
type: gcp:compute:RegionBackendService
name: default
properties:
name: backend-service
region: us-central1
protocol: HTTPS
timeoutSec: 30
loadBalancingScheme: INTERNAL_MANAGED
Create RegionTargetHttpsProxy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new RegionTargetHttpsProxy(name: string, args: RegionTargetHttpsProxyArgs, opts?: CustomResourceOptions);
@overload
def RegionTargetHttpsProxy(resource_name: str,
args: RegionTargetHttpsProxyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def RegionTargetHttpsProxy(resource_name: str,
opts: Optional[ResourceOptions] = None,
url_map: Optional[str] = None,
certificate_manager_certificates: Optional[Sequence[str]] = None,
description: Optional[str] = None,
http_keep_alive_timeout_sec: Optional[int] = None,
name: Optional[str] = None,
project: Optional[str] = None,
region: Optional[str] = None,
server_tls_policy: Optional[str] = None,
ssl_certificates: Optional[Sequence[str]] = None,
ssl_policy: Optional[str] = None)
func NewRegionTargetHttpsProxy(ctx *Context, name string, args RegionTargetHttpsProxyArgs, opts ...ResourceOption) (*RegionTargetHttpsProxy, error)
public RegionTargetHttpsProxy(string name, RegionTargetHttpsProxyArgs args, CustomResourceOptions? opts = null)
public RegionTargetHttpsProxy(String name, RegionTargetHttpsProxyArgs args)
public RegionTargetHttpsProxy(String name, RegionTargetHttpsProxyArgs args, CustomResourceOptions options)
type: gcp:compute:RegionTargetHttpsProxy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args RegionTargetHttpsProxyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args RegionTargetHttpsProxyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args RegionTargetHttpsProxyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args RegionTargetHttpsProxyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args RegionTargetHttpsProxyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var regionTargetHttpsProxyResource = new Gcp.Compute.RegionTargetHttpsProxy("regionTargetHttpsProxyResource", new()
{
UrlMap = "string",
CertificateManagerCertificates = new[]
{
"string",
},
Description = "string",
HttpKeepAliveTimeoutSec = 0,
Name = "string",
Project = "string",
Region = "string",
ServerTlsPolicy = "string",
SslCertificates = new[]
{
"string",
},
SslPolicy = "string",
});
example, err := compute.NewRegionTargetHttpsProxy(ctx, "regionTargetHttpsProxyResource", &compute.RegionTargetHttpsProxyArgs{
UrlMap: pulumi.String("string"),
CertificateManagerCertificates: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
HttpKeepAliveTimeoutSec: pulumi.Int(0),
Name: pulumi.String("string"),
Project: pulumi.String("string"),
Region: pulumi.String("string"),
ServerTlsPolicy: pulumi.String("string"),
SslCertificates: pulumi.StringArray{
pulumi.String("string"),
},
SslPolicy: pulumi.String("string"),
})
var regionTargetHttpsProxyResource = new RegionTargetHttpsProxy("regionTargetHttpsProxyResource", RegionTargetHttpsProxyArgs.builder()
.urlMap("string")
.certificateManagerCertificates("string")
.description("string")
.httpKeepAliveTimeoutSec(0)
.name("string")
.project("string")
.region("string")
.serverTlsPolicy("string")
.sslCertificates("string")
.sslPolicy("string")
.build());
region_target_https_proxy_resource = gcp.compute.RegionTargetHttpsProxy("regionTargetHttpsProxyResource",
url_map="string",
certificate_manager_certificates=["string"],
description="string",
http_keep_alive_timeout_sec=0,
name="string",
project="string",
region="string",
server_tls_policy="string",
ssl_certificates=["string"],
ssl_policy="string")
const regionTargetHttpsProxyResource = new gcp.compute.RegionTargetHttpsProxy("regionTargetHttpsProxyResource", {
urlMap: "string",
certificateManagerCertificates: ["string"],
description: "string",
httpKeepAliveTimeoutSec: 0,
name: "string",
project: "string",
region: "string",
serverTlsPolicy: "string",
sslCertificates: ["string"],
sslPolicy: "string",
});
type: gcp:compute:RegionTargetHttpsProxy
properties:
certificateManagerCertificates:
- string
description: string
httpKeepAliveTimeoutSec: 0
name: string
project: string
region: string
serverTlsPolicy: string
sslCertificates:
- string
sslPolicy: string
urlMap: string
RegionTargetHttpsProxy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The RegionTargetHttpsProxy resource accepts the following input properties:
- Url
Map string - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- Certificate
Manager List<string>Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- Description string
- An optional description of this resource.
- Http
Keep intAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- Name string
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Region string
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- Server
Tls stringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- Ssl
Certificates List<string> - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- Ssl
Policy string - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- Url
Map string - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- Certificate
Manager []stringCertificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- Description string
- An optional description of this resource.
- Http
Keep intAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- Name string
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Region string
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- Server
Tls stringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- Ssl
Certificates []string - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- Ssl
Policy string - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url
Map String - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate
Manager List<String>Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- description String
- An optional description of this resource.
- http
Keep IntegerAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name String
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region String
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- server
Tls StringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl
Certificates List<String> - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl
Policy String - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url
Map string - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate
Manager string[]Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- description string
- An optional description of this resource.
- http
Keep numberAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name string
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region string
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- server
Tls stringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl
Certificates string[] - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl
Policy string - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url_
map str - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate_
manager_ Sequence[str]certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- description str
- An optional description of this resource.
- http_
keep_ intalive_ timeout_ sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name str
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region str
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- server_
tls_ strpolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl_
certificates Sequence[str] - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl_
policy str - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url
Map String - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate
Manager List<String>Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- description String
- An optional description of this resource.
- http
Keep NumberAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name String
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- region String
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- server
Tls StringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl
Certificates List<String> - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl
Policy String - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
Outputs
All input properties are implicitly available as output properties. Additionally, the RegionTargetHttpsProxy resource produces the following output properties:
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Proxy
Id int - The unique identifier for the resource.
- Self
Link string - The URI of the created resource.
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Proxy
Id int - The unique identifier for the resource.
- Self
Link string - The URI of the created resource.
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- id String
- The provider-assigned unique ID for this managed resource.
- proxy
Id Integer - The unique identifier for the resource.
- self
Link String - The URI of the created resource.
- creation
Timestamp string - Creation timestamp in RFC3339 text format.
- id string
- The provider-assigned unique ID for this managed resource.
- proxy
Id number - The unique identifier for the resource.
- self
Link string - The URI of the created resource.
- creation_
timestamp str - Creation timestamp in RFC3339 text format.
- id str
- The provider-assigned unique ID for this managed resource.
- proxy_
id int - The unique identifier for the resource.
- self_
link str - The URI of the created resource.
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- id String
- The provider-assigned unique ID for this managed resource.
- proxy
Id Number - The unique identifier for the resource.
- self
Link String - The URI of the created resource.
Look up Existing RegionTargetHttpsProxy Resource
Get an existing RegionTargetHttpsProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: RegionTargetHttpsProxyState, opts?: CustomResourceOptions): RegionTargetHttpsProxy
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
certificate_manager_certificates: Optional[Sequence[str]] = None,
creation_timestamp: Optional[str] = None,
description: Optional[str] = None,
http_keep_alive_timeout_sec: Optional[int] = None,
name: Optional[str] = None,
project: Optional[str] = None,
proxy_id: Optional[int] = None,
region: Optional[str] = None,
self_link: Optional[str] = None,
server_tls_policy: Optional[str] = None,
ssl_certificates: Optional[Sequence[str]] = None,
ssl_policy: Optional[str] = None,
url_map: Optional[str] = None) -> RegionTargetHttpsProxy
func GetRegionTargetHttpsProxy(ctx *Context, name string, id IDInput, state *RegionTargetHttpsProxyState, opts ...ResourceOption) (*RegionTargetHttpsProxy, error)
public static RegionTargetHttpsProxy Get(string name, Input<string> id, RegionTargetHttpsProxyState? state, CustomResourceOptions? opts = null)
public static RegionTargetHttpsProxy get(String name, Output<String> id, RegionTargetHttpsProxyState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Certificate
Manager List<string>Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Description string
- An optional description of this resource.
- Http
Keep intAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- Name string
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Proxy
Id int - The unique identifier for the resource.
- Region string
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- Self
Link string - The URI of the created resource.
- Server
Tls stringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- Ssl
Certificates List<string> - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- Ssl
Policy string - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- Url
Map string - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- Certificate
Manager []stringCertificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Description string
- An optional description of this resource.
- Http
Keep intAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- Name string
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Proxy
Id int - The unique identifier for the resource.
- Region string
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- Self
Link string - The URI of the created resource.
- Server
Tls stringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- Ssl
Certificates []string - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- Ssl
Policy string - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- Url
Map string - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate
Manager List<String>Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- description String
- An optional description of this resource.
- http
Keep IntegerAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name String
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- proxy
Id Integer - The unique identifier for the resource.
- region String
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- self
Link String - The URI of the created resource.
- server
Tls StringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl
Certificates List<String> - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl
Policy String - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url
Map String - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate
Manager string[]Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- creation
Timestamp string - Creation timestamp in RFC3339 text format.
- description string
- An optional description of this resource.
- http
Keep numberAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name string
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- proxy
Id number - The unique identifier for the resource.
- region string
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- self
Link string - The URI of the created resource.
- server
Tls stringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl
Certificates string[] - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl
Policy string - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url
Map string - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate_
manager_ Sequence[str]certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- creation_
timestamp str - Creation timestamp in RFC3339 text format.
- description str
- An optional description of this resource.
- http_
keep_ intalive_ timeout_ sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name str
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- proxy_
id int - The unique identifier for the resource.
- region str
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- self_
link str - The URI of the created resource.
- server_
tls_ strpolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl_
certificates Sequence[str] - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl_
policy str - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url_
map str - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
- certificate
Manager List<String>Certificates - URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
sslCertificates and certificateManagerCertificates can't be defined together.
Accepted format is
//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}
or just the self_linkprojects/{project}/locations/{location}/certificates/{resourceName}
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- description String
- An optional description of this resource.
- http
Keep NumberAlive Timeout Sec - Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (600 seconds) will be used. For Regioanl HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 600 seconds.
- name String
- Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- proxy
Id Number - The unique identifier for the resource.
- region String
- The Region in which the created target https proxy should reside. If it is not provided, the provider region is used.
- self
Link String - The URI of the created resource.
- server
Tls StringPolicy - A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
- ssl
Certificates List<String> - URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. At least one SSL certificate must be specified. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
- ssl
Policy String - A reference to the Region SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
- url
Map String - A reference to the RegionUrlMap resource that defines the mapping from URL
to the RegionBackendService.
Import
RegionTargetHttpsProxy can be imported using any of these accepted formats:
projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}
{{project}}/{{region}}/{{name}}
{{region}}/{{name}}
{{name}}
When using the pulumi import
command, RegionTargetHttpsProxy can be imported using one of the formats above. For example:
$ pulumi import gcp:compute/regionTargetHttpsProxy:RegionTargetHttpsProxy default projects/{{project}}/regions/{{region}}/targetHttpsProxies/{{name}}
$ pulumi import gcp:compute/regionTargetHttpsProxy:RegionTargetHttpsProxy default {{project}}/{{region}}/{{name}}
$ pulumi import gcp:compute/regionTargetHttpsProxy:RegionTargetHttpsProxy default {{region}}/{{name}}
$ pulumi import gcp:compute/regionTargetHttpsProxy:RegionTargetHttpsProxy default {{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-beta
Terraform Provider.