1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. TargetHttpsProxy
Google Cloud Classic v8.3.1 published on Wednesday, Sep 25, 2024 by Pulumi

gcp.compute.TargetHttpsProxy

Explore with Pulumi AI

gcp logo
Google Cloud Classic v8.3.1 published on Wednesday, Sep 25, 2024 by Pulumi

    Represents a TargetHttpsProxy resource, which is used by one or more global forwarding rule to route incoming HTTPS requests to a URL map.

    To get more information about TargetHttpsProxy, see:

    Example Usage

    Target Https Proxy Basic

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as std from "@pulumi/std";
    
    const defaultSSLCertificate = new gcp.compute.SSLCertificate("default", {
        name: "my-certificate",
        privateKey: std.file({
            input: "path/to/private.key",
        }).then(invoke => invoke.result),
        certificate: std.file({
            input: "path/to/certificate.crt",
        }).then(invoke => invoke.result),
    });
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "http-health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const defaultBackendService = new gcp.compute.BackendService("default", {
        name: "backend-service",
        portName: "http",
        protocol: "HTTP",
        timeoutSec: 10,
        healthChecks: defaultHttpHealthCheck.id,
    });
    const defaultURLMap = new gcp.compute.URLMap("default", {
        name: "url-map",
        description: "a description",
        defaultService: defaultBackendService.id,
        hostRules: [{
            hosts: ["mysite.com"],
            pathMatcher: "allpaths",
        }],
        pathMatchers: [{
            name: "allpaths",
            defaultService: defaultBackendService.id,
            pathRules: [{
                paths: ["/*"],
                service: defaultBackendService.id,
            }],
        }],
    });
    const _default = new gcp.compute.TargetHttpsProxy("default", {
        name: "test-proxy",
        urlMap: defaultURLMap.id,
        sslCertificates: [defaultSSLCertificate.id],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_std as std
    
    default_ssl_certificate = gcp.compute.SSLCertificate("default",
        name="my-certificate",
        private_key=std.file(input="path/to/private.key").result,
        certificate=std.file(input="path/to/certificate.crt").result)
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="http-health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default_backend_service = gcp.compute.BackendService("default",
        name="backend-service",
        port_name="http",
        protocol="HTTP",
        timeout_sec=10,
        health_checks=default_http_health_check.id)
    default_url_map = gcp.compute.URLMap("default",
        name="url-map",
        description="a description",
        default_service=default_backend_service.id,
        host_rules=[{
            "hosts": ["mysite.com"],
            "path_matcher": "allpaths",
        }],
        path_matchers=[{
            "name": "allpaths",
            "default_service": default_backend_service.id,
            "path_rules": [{
                "paths": ["/*"],
                "service": default_backend_service.id,
            }],
        }])
    default = gcp.compute.TargetHttpsProxy("default",
        name="test-proxy",
        url_map=default_url_map.id,
        ssl_certificates=[default_ssl_certificate.id])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile1, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultSSLCertificate, err := compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
    			Name:        pulumi.String("my-certificate"),
    			PrivateKey:  pulumi.String(invokeFile.Result),
    			Certificate: pulumi.String(invokeFile1.Result),
    		})
    		if err != nil {
    			return err
    		}
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("http-health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			PortName:     pulumi.String("http"),
    			Protocol:     pulumi.String("HTTP"),
    			TimeoutSec:   pulumi.Int(10),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
    			Name:           pulumi.String("url-map"),
    			Description:    pulumi.String("a description"),
    			DefaultService: defaultBackendService.ID(),
    			HostRules: compute.URLMapHostRuleArray{
    				&compute.URLMapHostRuleArgs{
    					Hosts: pulumi.StringArray{
    						pulumi.String("mysite.com"),
    					},
    					PathMatcher: pulumi.String("allpaths"),
    				},
    			},
    			PathMatchers: compute.URLMapPathMatcherArray{
    				&compute.URLMapPathMatcherArgs{
    					Name:           pulumi.String("allpaths"),
    					DefaultService: defaultBackendService.ID(),
    					PathRules: compute.URLMapPathMatcherPathRuleArray{
    						&compute.URLMapPathMatcherPathRuleArgs{
    							Paths: pulumi.StringArray{
    								pulumi.String("/*"),
    							},
    							Service: defaultBackendService.ID(),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
    			Name:   pulumi.String("test-proxy"),
    			UrlMap: defaultURLMap.ID(),
    			SslCertificates: pulumi.StringArray{
    				defaultSSLCertificate.ID(),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultSSLCertificate = new Gcp.Compute.SSLCertificate("default", new()
        {
            Name = "my-certificate",
            PrivateKey = Std.File.Invoke(new()
            {
                Input = "path/to/private.key",
            }).Apply(invoke => invoke.Result),
            Certificate = Std.File.Invoke(new()
            {
                Input = "path/to/certificate.crt",
            }).Apply(invoke => invoke.Result),
        });
    
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "http-health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var defaultBackendService = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            PortName = "http",
            Protocol = "HTTP",
            TimeoutSec = 10,
            HealthChecks = defaultHttpHealthCheck.Id,
        });
    
        var defaultURLMap = new Gcp.Compute.URLMap("default", new()
        {
            Name = "url-map",
            Description = "a description",
            DefaultService = defaultBackendService.Id,
            HostRules = new[]
            {
                new Gcp.Compute.Inputs.URLMapHostRuleArgs
                {
                    Hosts = new[]
                    {
                        "mysite.com",
                    },
                    PathMatcher = "allpaths",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.Compute.Inputs.URLMapPathMatcherArgs
                {
                    Name = "allpaths",
                    DefaultService = defaultBackendService.Id,
                    PathRules = new[]
                    {
                        new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
                        {
                            Paths = new[]
                            {
                                "/*",
                            },
                            Service = defaultBackendService.Id,
                        },
                    },
                },
            },
        });
    
        var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
        {
            Name = "test-proxy",
            UrlMap = defaultURLMap.Id,
            SslCertificates = new[]
            {
                defaultSSLCertificate.Id,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpsProxy;
    import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
                .name("my-certificate")
                .privateKey(StdFunctions.file(FileArgs.builder()
                    .input("path/to/private.key")
                    .build()).result())
                .certificate(StdFunctions.file(FileArgs.builder()
                    .input("path/to/certificate.crt")
                    .build()).result())
                .build());
    
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("http-health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
                .name("backend-service")
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .healthChecks(defaultHttpHealthCheck.id())
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
                .name("url-map")
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
                .name("test-proxy")
                .urlMap(defaultURLMap.id())
                .sslCertificates(defaultSSLCertificate.id())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:TargetHttpsProxy
        properties:
          name: test-proxy
          urlMap: ${defaultURLMap.id}
          sslCertificates:
            - ${defaultSSLCertificate.id}
      defaultSSLCertificate:
        type: gcp:compute:SSLCertificate
        name: default
        properties:
          name: my-certificate
          privateKey:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/private.key
              Return: result
          certificate:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/certificate.crt
              Return: result
      defaultURLMap:
        type: gcp:compute:URLMap
        name: default
        properties:
          name: url-map
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        name: default
        properties:
          name: backend-service
          portName: http
          protocol: HTTP
          timeoutSec: 10
          healthChecks: ${defaultHttpHealthCheck.id}
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: http-health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Target Https Proxy Http Keep Alive Timeout

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as std from "@pulumi/std";
    
    const defaultSSLCertificate = new gcp.compute.SSLCertificate("default", {
        name: "my-certificate",
        privateKey: std.file({
            input: "path/to/private.key",
        }).then(invoke => invoke.result),
        certificate: std.file({
            input: "path/to/certificate.crt",
        }).then(invoke => invoke.result),
    });
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "http-health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const defaultBackendService = new gcp.compute.BackendService("default", {
        name: "backend-service",
        portName: "http",
        protocol: "HTTP",
        timeoutSec: 10,
        loadBalancingScheme: "EXTERNAL_MANAGED",
        healthChecks: defaultHttpHealthCheck.id,
    });
    const defaultURLMap = new gcp.compute.URLMap("default", {
        name: "url-map",
        description: "a description",
        defaultService: defaultBackendService.id,
        hostRules: [{
            hosts: ["mysite.com"],
            pathMatcher: "allpaths",
        }],
        pathMatchers: [{
            name: "allpaths",
            defaultService: defaultBackendService.id,
            pathRules: [{
                paths: ["/*"],
                service: defaultBackendService.id,
            }],
        }],
    });
    const _default = new gcp.compute.TargetHttpsProxy("default", {
        name: "test-http-keep-alive-timeout-proxy",
        httpKeepAliveTimeoutSec: 610,
        urlMap: defaultURLMap.id,
        sslCertificates: [defaultSSLCertificate.id],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_std as std
    
    default_ssl_certificate = gcp.compute.SSLCertificate("default",
        name="my-certificate",
        private_key=std.file(input="path/to/private.key").result,
        certificate=std.file(input="path/to/certificate.crt").result)
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="http-health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default_backend_service = gcp.compute.BackendService("default",
        name="backend-service",
        port_name="http",
        protocol="HTTP",
        timeout_sec=10,
        load_balancing_scheme="EXTERNAL_MANAGED",
        health_checks=default_http_health_check.id)
    default_url_map = gcp.compute.URLMap("default",
        name="url-map",
        description="a description",
        default_service=default_backend_service.id,
        host_rules=[{
            "hosts": ["mysite.com"],
            "path_matcher": "allpaths",
        }],
        path_matchers=[{
            "name": "allpaths",
            "default_service": default_backend_service.id,
            "path_rules": [{
                "paths": ["/*"],
                "service": default_backend_service.id,
            }],
        }])
    default = gcp.compute.TargetHttpsProxy("default",
        name="test-http-keep-alive-timeout-proxy",
        http_keep_alive_timeout_sec=610,
        url_map=default_url_map.id,
        ssl_certificates=[default_ssl_certificate.id])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile1, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultSSLCertificate, err := compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
    			Name:        pulumi.String("my-certificate"),
    			PrivateKey:  pulumi.String(invokeFile.Result),
    			Certificate: pulumi.String(invokeFile1.Result),
    		})
    		if err != nil {
    			return err
    		}
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("http-health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("backend-service"),
    			PortName:            pulumi.String("http"),
    			Protocol:            pulumi.String("HTTP"),
    			TimeoutSec:          pulumi.Int(10),
    			LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
    			HealthChecks:        defaultHttpHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
    			Name:           pulumi.String("url-map"),
    			Description:    pulumi.String("a description"),
    			DefaultService: defaultBackendService.ID(),
    			HostRules: compute.URLMapHostRuleArray{
    				&compute.URLMapHostRuleArgs{
    					Hosts: pulumi.StringArray{
    						pulumi.String("mysite.com"),
    					},
    					PathMatcher: pulumi.String("allpaths"),
    				},
    			},
    			PathMatchers: compute.URLMapPathMatcherArray{
    				&compute.URLMapPathMatcherArgs{
    					Name:           pulumi.String("allpaths"),
    					DefaultService: defaultBackendService.ID(),
    					PathRules: compute.URLMapPathMatcherPathRuleArray{
    						&compute.URLMapPathMatcherPathRuleArgs{
    							Paths: pulumi.StringArray{
    								pulumi.String("/*"),
    							},
    							Service: defaultBackendService.ID(),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
    			Name:                    pulumi.String("test-http-keep-alive-timeout-proxy"),
    			HttpKeepAliveTimeoutSec: pulumi.Int(610),
    			UrlMap:                  defaultURLMap.ID(),
    			SslCertificates: pulumi.StringArray{
    				defaultSSLCertificate.ID(),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultSSLCertificate = new Gcp.Compute.SSLCertificate("default", new()
        {
            Name = "my-certificate",
            PrivateKey = Std.File.Invoke(new()
            {
                Input = "path/to/private.key",
            }).Apply(invoke => invoke.Result),
            Certificate = Std.File.Invoke(new()
            {
                Input = "path/to/certificate.crt",
            }).Apply(invoke => invoke.Result),
        });
    
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "http-health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var defaultBackendService = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            PortName = "http",
            Protocol = "HTTP",
            TimeoutSec = 10,
            LoadBalancingScheme = "EXTERNAL_MANAGED",
            HealthChecks = defaultHttpHealthCheck.Id,
        });
    
        var defaultURLMap = new Gcp.Compute.URLMap("default", new()
        {
            Name = "url-map",
            Description = "a description",
            DefaultService = defaultBackendService.Id,
            HostRules = new[]
            {
                new Gcp.Compute.Inputs.URLMapHostRuleArgs
                {
                    Hosts = new[]
                    {
                        "mysite.com",
                    },
                    PathMatcher = "allpaths",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.Compute.Inputs.URLMapPathMatcherArgs
                {
                    Name = "allpaths",
                    DefaultService = defaultBackendService.Id,
                    PathRules = new[]
                    {
                        new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
                        {
                            Paths = new[]
                            {
                                "/*",
                            },
                            Service = defaultBackendService.Id,
                        },
                    },
                },
            },
        });
    
        var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
        {
            Name = "test-http-keep-alive-timeout-proxy",
            HttpKeepAliveTimeoutSec = 610,
            UrlMap = defaultURLMap.Id,
            SslCertificates = new[]
            {
                defaultSSLCertificate.Id,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpsProxy;
    import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
                .name("my-certificate")
                .privateKey(StdFunctions.file(FileArgs.builder()
                    .input("path/to/private.key")
                    .build()).result())
                .certificate(StdFunctions.file(FileArgs.builder()
                    .input("path/to/certificate.crt")
                    .build()).result())
                .build());
    
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("http-health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
                .name("backend-service")
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .loadBalancingScheme("EXTERNAL_MANAGED")
                .healthChecks(defaultHttpHealthCheck.id())
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
                .name("url-map")
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
                .name("test-http-keep-alive-timeout-proxy")
                .httpKeepAliveTimeoutSec(610)
                .urlMap(defaultURLMap.id())
                .sslCertificates(defaultSSLCertificate.id())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:TargetHttpsProxy
        properties:
          name: test-http-keep-alive-timeout-proxy
          httpKeepAliveTimeoutSec: 610
          urlMap: ${defaultURLMap.id}
          sslCertificates:
            - ${defaultSSLCertificate.id}
      defaultSSLCertificate:
        type: gcp:compute:SSLCertificate
        name: default
        properties:
          name: my-certificate
          privateKey:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/private.key
              Return: result
          certificate:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/certificate.crt
              Return: result
      defaultURLMap:
        type: gcp:compute:URLMap
        name: default
        properties:
          name: url-map
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        name: default
        properties:
          name: backend-service
          portName: http
          protocol: HTTP
          timeoutSec: 10
          loadBalancingScheme: EXTERNAL_MANAGED
          healthChecks: ${defaultHttpHealthCheck.id}
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: http-health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Target Https Proxy Mtls

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as std from "@pulumi/std";
    
    const project = gcp.organizations.getProject({});
    const defaultTrustConfig = new gcp.certificatemanager.TrustConfig("default", {
        name: "my-trust-config",
        description: "sample description for the trust config",
        location: "global",
        trustStores: [{
            trustAnchors: [{
                pemCertificate: std.file({
                    input: "test-fixtures/ca_cert.pem",
                }).then(invoke => invoke.result),
            }],
            intermediateCas: [{
                pemCertificate: std.file({
                    input: "test-fixtures/ca_cert.pem",
                }).then(invoke => invoke.result),
            }],
        }],
        labels: {
            foo: "bar",
        },
    });
    const defaultServerTlsPolicy = new gcp.networksecurity.ServerTlsPolicy("default", {
        name: "my-tls-policy",
        description: "my description",
        location: "global",
        allowOpen: false,
        mtlsPolicy: {
            clientValidationMode: "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
            clientValidationTrustConfig: pulumi.all([project, defaultTrustConfig.name]).apply(([project, name]) => `projects/${project.number}/locations/global/trustConfigs/${name}`),
        },
    });
    const defaultSSLCertificate = new gcp.compute.SSLCertificate("default", {
        name: "my-certificate",
        privateKey: std.file({
            input: "path/to/private.key",
        }).then(invoke => invoke.result),
        certificate: std.file({
            input: "path/to/certificate.crt",
        }).then(invoke => invoke.result),
    });
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "http-health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const defaultBackendService = new gcp.compute.BackendService("default", {
        name: "backend-service",
        portName: "http",
        protocol: "HTTP",
        timeoutSec: 10,
        healthChecks: defaultHttpHealthCheck.id,
    });
    const defaultURLMap = new gcp.compute.URLMap("default", {
        name: "url-map",
        description: "a description",
        defaultService: defaultBackendService.id,
        hostRules: [{
            hosts: ["mysite.com"],
            pathMatcher: "allpaths",
        }],
        pathMatchers: [{
            name: "allpaths",
            defaultService: defaultBackendService.id,
            pathRules: [{
                paths: ["/*"],
                service: defaultBackendService.id,
            }],
        }],
    });
    const _default = new gcp.compute.TargetHttpsProxy("default", {
        name: "test-mtls-proxy",
        urlMap: defaultURLMap.id,
        sslCertificates: [defaultSSLCertificate.id],
        serverTlsPolicy: defaultServerTlsPolicy.id,
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_std as std
    
    project = gcp.organizations.get_project()
    default_trust_config = gcp.certificatemanager.TrustConfig("default",
        name="my-trust-config",
        description="sample description for the trust config",
        location="global",
        trust_stores=[{
            "trust_anchors": [{
                "pem_certificate": std.file(input="test-fixtures/ca_cert.pem").result,
            }],
            "intermediate_cas": [{
                "pem_certificate": std.file(input="test-fixtures/ca_cert.pem").result,
            }],
        }],
        labels={
            "foo": "bar",
        })
    default_server_tls_policy = gcp.networksecurity.ServerTlsPolicy("default",
        name="my-tls-policy",
        description="my description",
        location="global",
        allow_open=False,
        mtls_policy={
            "client_validation_mode": "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
            "client_validation_trust_config": default_trust_config.name.apply(lambda name: f"projects/{project.number}/locations/global/trustConfigs/{name}"),
        })
    default_ssl_certificate = gcp.compute.SSLCertificate("default",
        name="my-certificate",
        private_key=std.file(input="path/to/private.key").result,
        certificate=std.file(input="path/to/certificate.crt").result)
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="http-health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default_backend_service = gcp.compute.BackendService("default",
        name="backend-service",
        port_name="http",
        protocol="HTTP",
        timeout_sec=10,
        health_checks=default_http_health_check.id)
    default_url_map = gcp.compute.URLMap("default",
        name="url-map",
        description="a description",
        default_service=default_backend_service.id,
        host_rules=[{
            "hosts": ["mysite.com"],
            "path_matcher": "allpaths",
        }],
        path_matchers=[{
            "name": "allpaths",
            "default_service": default_backend_service.id,
            "path_rules": [{
                "paths": ["/*"],
                "service": default_backend_service.id,
            }],
        }])
    default = gcp.compute.TargetHttpsProxy("default",
        name="test-mtls-proxy",
        url_map=default_url_map.id,
        ssl_certificates=[default_ssl_certificate.id],
        server_tls_policy=default_server_tls_policy.id)
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		project, err := organizations.LookupProject(ctx, nil, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "test-fixtures/ca_cert.pem",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile1, err := std.File(ctx, &std.FileArgs{
    			Input: "test-fixtures/ca_cert.pem",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
    			Name:        pulumi.String("my-trust-config"),
    			Description: pulumi.String("sample description for the trust config"),
    			Location:    pulumi.String("global"),
    			TrustStores: certificatemanager.TrustConfigTrustStoreArray{
    				&certificatemanager.TrustConfigTrustStoreArgs{
    					TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
    						&certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
    							PemCertificate: pulumi.String(invokeFile.Result),
    						},
    					},
    					IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
    						&certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
    							PemCertificate: pulumi.String(invokeFile1.Result),
    						},
    					},
    				},
    			},
    			Labels: pulumi.StringMap{
    				"foo": pulumi.String("bar"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		defaultServerTlsPolicy, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
    			Name:        pulumi.String("my-tls-policy"),
    			Description: pulumi.String("my description"),
    			Location:    pulumi.String("global"),
    			AllowOpen:   pulumi.Bool(false),
    			MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
    				ClientValidationMode: pulumi.String("ALLOW_INVALID_OR_MISSING_CLIENT_CERT"),
    				ClientValidationTrustConfig: defaultTrustConfig.Name.ApplyT(func(name string) (string, error) {
    					return fmt.Sprintf("projects/%v/locations/global/trustConfigs/%v", project.Number, name), nil
    				}).(pulumi.StringOutput),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		invokeFile2, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile3, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultSSLCertificate, err := compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
    			Name:        pulumi.String("my-certificate"),
    			PrivateKey:  pulumi.String(invokeFile2.Result),
    			Certificate: pulumi.String(invokeFile3.Result),
    		})
    		if err != nil {
    			return err
    		}
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("http-health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			PortName:     pulumi.String("http"),
    			Protocol:     pulumi.String("HTTP"),
    			TimeoutSec:   pulumi.Int(10),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
    			Name:           pulumi.String("url-map"),
    			Description:    pulumi.String("a description"),
    			DefaultService: defaultBackendService.ID(),
    			HostRules: compute.URLMapHostRuleArray{
    				&compute.URLMapHostRuleArgs{
    					Hosts: pulumi.StringArray{
    						pulumi.String("mysite.com"),
    					},
    					PathMatcher: pulumi.String("allpaths"),
    				},
    			},
    			PathMatchers: compute.URLMapPathMatcherArray{
    				&compute.URLMapPathMatcherArgs{
    					Name:           pulumi.String("allpaths"),
    					DefaultService: defaultBackendService.ID(),
    					PathRules: compute.URLMapPathMatcherPathRuleArray{
    						&compute.URLMapPathMatcherPathRuleArgs{
    							Paths: pulumi.StringArray{
    								pulumi.String("/*"),
    							},
    							Service: defaultBackendService.ID(),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
    			Name:   pulumi.String("test-mtls-proxy"),
    			UrlMap: defaultURLMap.ID(),
    			SslCertificates: pulumi.StringArray{
    				defaultSSLCertificate.ID(),
    			},
    			ServerTlsPolicy: defaultServerTlsPolicy.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var project = Gcp.Organizations.GetProject.Invoke();
    
        var defaultTrustConfig = new Gcp.CertificateManager.TrustConfig("default", new()
        {
            Name = "my-trust-config",
            Description = "sample description for the trust config",
            Location = "global",
            TrustStores = new[]
            {
                new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreArgs
                {
                    TrustAnchors = new[]
                    {
                        new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreTrustAnchorArgs
                        {
                            PemCertificate = Std.File.Invoke(new()
                            {
                                Input = "test-fixtures/ca_cert.pem",
                            }).Apply(invoke => invoke.Result),
                        },
                    },
                    IntermediateCas = new[]
                    {
                        new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreIntermediateCaArgs
                        {
                            PemCertificate = Std.File.Invoke(new()
                            {
                                Input = "test-fixtures/ca_cert.pem",
                            }).Apply(invoke => invoke.Result),
                        },
                    },
                },
            },
            Labels = 
            {
                { "foo", "bar" },
            },
        });
    
        var defaultServerTlsPolicy = new Gcp.NetworkSecurity.ServerTlsPolicy("default", new()
        {
            Name = "my-tls-policy",
            Description = "my description",
            Location = "global",
            AllowOpen = false,
            MtlsPolicy = new Gcp.NetworkSecurity.Inputs.ServerTlsPolicyMtlsPolicyArgs
            {
                ClientValidationMode = "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
                ClientValidationTrustConfig = Output.Tuple(project, defaultTrustConfig.Name).Apply(values =>
                {
                    var project = values.Item1;
                    var name = values.Item2;
                    return $"projects/{project.Apply(getProjectResult => getProjectResult.Number)}/locations/global/trustConfigs/{name}";
                }),
            },
        });
    
        var defaultSSLCertificate = new Gcp.Compute.SSLCertificate("default", new()
        {
            Name = "my-certificate",
            PrivateKey = Std.File.Invoke(new()
            {
                Input = "path/to/private.key",
            }).Apply(invoke => invoke.Result),
            Certificate = Std.File.Invoke(new()
            {
                Input = "path/to/certificate.crt",
            }).Apply(invoke => invoke.Result),
        });
    
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "http-health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var defaultBackendService = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            PortName = "http",
            Protocol = "HTTP",
            TimeoutSec = 10,
            HealthChecks = defaultHttpHealthCheck.Id,
        });
    
        var defaultURLMap = new Gcp.Compute.URLMap("default", new()
        {
            Name = "url-map",
            Description = "a description",
            DefaultService = defaultBackendService.Id,
            HostRules = new[]
            {
                new Gcp.Compute.Inputs.URLMapHostRuleArgs
                {
                    Hosts = new[]
                    {
                        "mysite.com",
                    },
                    PathMatcher = "allpaths",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.Compute.Inputs.URLMapPathMatcherArgs
                {
                    Name = "allpaths",
                    DefaultService = defaultBackendService.Id,
                    PathRules = new[]
                    {
                        new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
                        {
                            Paths = new[]
                            {
                                "/*",
                            },
                            Service = defaultBackendService.Id,
                        },
                    },
                },
            },
        });
    
        var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
        {
            Name = "test-mtls-proxy",
            UrlMap = defaultURLMap.Id,
            SslCertificates = new[]
            {
                defaultSSLCertificate.Id,
            },
            ServerTlsPolicy = defaultServerTlsPolicy.Id,
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.organizations.OrganizationsFunctions;
    import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
    import com.pulumi.gcp.certificatemanager.TrustConfig;
    import com.pulumi.gcp.certificatemanager.TrustConfigArgs;
    import com.pulumi.gcp.certificatemanager.inputs.TrustConfigTrustStoreArgs;
    import com.pulumi.gcp.networksecurity.ServerTlsPolicy;
    import com.pulumi.gcp.networksecurity.ServerTlsPolicyArgs;
    import com.pulumi.gcp.networksecurity.inputs.ServerTlsPolicyMtlsPolicyArgs;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpsProxy;
    import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var project = OrganizationsFunctions.getProject();
    
            var defaultTrustConfig = new TrustConfig("defaultTrustConfig", TrustConfigArgs.builder()
                .name("my-trust-config")
                .description("sample description for the trust config")
                .location("global")
                .trustStores(TrustConfigTrustStoreArgs.builder()
                    .trustAnchors(TrustConfigTrustStoreTrustAnchorArgs.builder()
                        .pemCertificate(StdFunctions.file(FileArgs.builder()
                            .input("test-fixtures/ca_cert.pem")
                            .build()).result())
                        .build())
                    .intermediateCas(TrustConfigTrustStoreIntermediateCaArgs.builder()
                        .pemCertificate(StdFunctions.file(FileArgs.builder()
                            .input("test-fixtures/ca_cert.pem")
                            .build()).result())
                        .build())
                    .build())
                .labels(Map.of("foo", "bar"))
                .build());
    
            var defaultServerTlsPolicy = new ServerTlsPolicy("defaultServerTlsPolicy", ServerTlsPolicyArgs.builder()
                .name("my-tls-policy")
                .description("my description")
                .location("global")
                .allowOpen("false")
                .mtlsPolicy(ServerTlsPolicyMtlsPolicyArgs.builder()
                    .clientValidationMode("ALLOW_INVALID_OR_MISSING_CLIENT_CERT")
                    .clientValidationTrustConfig(defaultTrustConfig.name().applyValue(name -> String.format("projects/%s/locations/global/trustConfigs/%s", project.applyValue(getProjectResult -> getProjectResult.number()),name)))
                    .build())
                .build());
    
            var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
                .name("my-certificate")
                .privateKey(StdFunctions.file(FileArgs.builder()
                    .input("path/to/private.key")
                    .build()).result())
                .certificate(StdFunctions.file(FileArgs.builder()
                    .input("path/to/certificate.crt")
                    .build()).result())
                .build());
    
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
                .name("http-health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
                .name("backend-service")
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .healthChecks(defaultHttpHealthCheck.id())
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
                .name("url-map")
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
                .name("test-mtls-proxy")
                .urlMap(defaultURLMap.id())
                .sslCertificates(defaultSSLCertificate.id())
                .serverTlsPolicy(defaultServerTlsPolicy.id())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:TargetHttpsProxy
        properties:
          name: test-mtls-proxy
          urlMap: ${defaultURLMap.id}
          sslCertificates:
            - ${defaultSSLCertificate.id}
          serverTlsPolicy: ${defaultServerTlsPolicy.id}
      defaultTrustConfig:
        type: gcp:certificatemanager:TrustConfig
        name: default
        properties:
          name: my-trust-config
          description: sample description for the trust config
          location: global
          trustStores:
            - trustAnchors:
                - pemCertificate:
                    fn::invoke:
                      Function: std:file
                      Arguments:
                        input: test-fixtures/ca_cert.pem
                      Return: result
              intermediateCas:
                - pemCertificate:
                    fn::invoke:
                      Function: std:file
                      Arguments:
                        input: test-fixtures/ca_cert.pem
                      Return: result
          labels:
            foo: bar
      defaultServerTlsPolicy:
        type: gcp:networksecurity:ServerTlsPolicy
        name: default
        properties:
          name: my-tls-policy
          description: my description
          location: global
          allowOpen: 'false'
          mtlsPolicy:
            clientValidationMode: ALLOW_INVALID_OR_MISSING_CLIENT_CERT
            clientValidationTrustConfig: projects/${project.number}/locations/global/trustConfigs/${defaultTrustConfig.name}
      defaultSSLCertificate:
        type: gcp:compute:SSLCertificate
        name: default
        properties:
          name: my-certificate
          privateKey:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/private.key
              Return: result
          certificate:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/certificate.crt
              Return: result
      defaultURLMap:
        type: gcp:compute:URLMap
        name: default
        properties:
          name: url-map
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        name: default
        properties:
          name: backend-service
          portName: http
          protocol: HTTP
          timeoutSec: 10
          healthChecks: ${defaultHttpHealthCheck.id}
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: http-health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    variables:
      project:
        fn::invoke:
          Function: gcp:organizations:getProject
          Arguments: {}
    

    Target Https Proxy Certificate Manager Certificate

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as std from "@pulumi/std";
    
    const defaultCertificate = new gcp.certificatemanager.Certificate("default", {
        name: "my-certificate",
        scope: "ALL_REGIONS",
        selfManaged: {
            pemCertificate: std.file({
                input: "test-fixtures/cert.pem",
            }).then(invoke => invoke.result),
            pemPrivateKey: std.file({
                input: "test-fixtures/private-key.pem",
            }).then(invoke => invoke.result),
        },
    });
    const defaultBackendService = new gcp.compute.BackendService("default", {
        name: "backend-service",
        portName: "http",
        protocol: "HTTP",
        timeoutSec: 10,
        loadBalancingScheme: "INTERNAL_MANAGED",
    });
    const defaultURLMap = new gcp.compute.URLMap("default", {
        name: "url-map",
        description: "a description",
        defaultService: defaultBackendService.id,
        hostRules: [{
            hosts: ["mysite.com"],
            pathMatcher: "allpaths",
        }],
        pathMatchers: [{
            name: "allpaths",
            defaultService: defaultBackendService.id,
            pathRules: [{
                paths: ["/*"],
                service: defaultBackendService.id,
            }],
        }],
    });
    const _default = new gcp.compute.TargetHttpsProxy("default", {
        name: "target-http-proxy",
        urlMap: defaultURLMap.id,
        certificateManagerCertificates: [pulumi.interpolate`//certificatemanager.googleapis.com/${defaultCertificate.id}`],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_std as std
    
    default_certificate = gcp.certificatemanager.Certificate("default",
        name="my-certificate",
        scope="ALL_REGIONS",
        self_managed={
            "pem_certificate": std.file(input="test-fixtures/cert.pem").result,
            "pem_private_key": std.file(input="test-fixtures/private-key.pem").result,
        })
    default_backend_service = gcp.compute.BackendService("default",
        name="backend-service",
        port_name="http",
        protocol="HTTP",
        timeout_sec=10,
        load_balancing_scheme="INTERNAL_MANAGED")
    default_url_map = gcp.compute.URLMap("default",
        name="url-map",
        description="a description",
        default_service=default_backend_service.id,
        host_rules=[{
            "hosts": ["mysite.com"],
            "path_matcher": "allpaths",
        }],
        path_matchers=[{
            "name": "allpaths",
            "default_service": default_backend_service.id,
            "path_rules": [{
                "paths": ["/*"],
                "service": default_backend_service.id,
            }],
        }])
    default = gcp.compute.TargetHttpsProxy("default",
        name="target-http-proxy",
        url_map=default_url_map.id,
        certificate_manager_certificates=[default_certificate.id.apply(lambda id: f"//certificatemanager.googleapis.com/{id}")])
    
    package main
    
    import (
    	"fmt"
    
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
    	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "test-fixtures/cert.pem",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile1, err := std.File(ctx, &std.FileArgs{
    			Input: "test-fixtures/private-key.pem",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		defaultCertificate, err := certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
    			Name:  pulumi.String("my-certificate"),
    			Scope: pulumi.String("ALL_REGIONS"),
    			SelfManaged: &certificatemanager.CertificateSelfManagedArgs{
    				PemCertificate: pulumi.String(invokeFile.Result),
    				PemPrivateKey:  pulumi.String(invokeFile1.Result),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:                pulumi.String("backend-service"),
    			PortName:            pulumi.String("http"),
    			Protocol:            pulumi.String("HTTP"),
    			TimeoutSec:          pulumi.Int(10),
    			LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
    		})
    		if err != nil {
    			return err
    		}
    		defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
    			Name:           pulumi.String("url-map"),
    			Description:    pulumi.String("a description"),
    			DefaultService: defaultBackendService.ID(),
    			HostRules: compute.URLMapHostRuleArray{
    				&compute.URLMapHostRuleArgs{
    					Hosts: pulumi.StringArray{
    						pulumi.String("mysite.com"),
    					},
    					PathMatcher: pulumi.String("allpaths"),
    				},
    			},
    			PathMatchers: compute.URLMapPathMatcherArray{
    				&compute.URLMapPathMatcherArgs{
    					Name:           pulumi.String("allpaths"),
    					DefaultService: defaultBackendService.ID(),
    					PathRules: compute.URLMapPathMatcherPathRuleArray{
    						&compute.URLMapPathMatcherPathRuleArgs{
    							Paths: pulumi.StringArray{
    								pulumi.String("/*"),
    							},
    							Service: defaultBackendService.ID(),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
    			Name:   pulumi.String("target-http-proxy"),
    			UrlMap: defaultURLMap.ID(),
    			CertificateManagerCertificates: pulumi.StringArray{
    				defaultCertificate.ID().ApplyT(func(id string) (string, error) {
    					return fmt.Sprintf("//certificatemanager.googleapis.com/%v", id), nil
    				}).(pulumi.StringOutput),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var defaultCertificate = new Gcp.CertificateManager.Certificate("default", new()
        {
            Name = "my-certificate",
            Scope = "ALL_REGIONS",
            SelfManaged = new Gcp.CertificateManager.Inputs.CertificateSelfManagedArgs
            {
                PemCertificate = Std.File.Invoke(new()
                {
                    Input = "test-fixtures/cert.pem",
                }).Apply(invoke => invoke.Result),
                PemPrivateKey = Std.File.Invoke(new()
                {
                    Input = "test-fixtures/private-key.pem",
                }).Apply(invoke => invoke.Result),
            },
        });
    
        var defaultBackendService = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            PortName = "http",
            Protocol = "HTTP",
            TimeoutSec = 10,
            LoadBalancingScheme = "INTERNAL_MANAGED",
        });
    
        var defaultURLMap = new Gcp.Compute.URLMap("default", new()
        {
            Name = "url-map",
            Description = "a description",
            DefaultService = defaultBackendService.Id,
            HostRules = new[]
            {
                new Gcp.Compute.Inputs.URLMapHostRuleArgs
                {
                    Hosts = new[]
                    {
                        "mysite.com",
                    },
                    PathMatcher = "allpaths",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.Compute.Inputs.URLMapPathMatcherArgs
                {
                    Name = "allpaths",
                    DefaultService = defaultBackendService.Id,
                    PathRules = new[]
                    {
                        new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
                        {
                            Paths = new[]
                            {
                                "/*",
                            },
                            Service = defaultBackendService.Id,
                        },
                    },
                },
            },
        });
    
        var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
        {
            Name = "target-http-proxy",
            UrlMap = defaultURLMap.Id,
            CertificateManagerCertificates = new[]
            {
                defaultCertificate.Id.Apply(id => $"//certificatemanager.googleapis.com/{id}"),
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.certificatemanager.Certificate;
    import com.pulumi.gcp.certificatemanager.CertificateArgs;
    import com.pulumi.gcp.certificatemanager.inputs.CertificateSelfManagedArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpsProxy;
    import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var defaultCertificate = new Certificate("defaultCertificate", CertificateArgs.builder()
                .name("my-certificate")
                .scope("ALL_REGIONS")
                .selfManaged(CertificateSelfManagedArgs.builder()
                    .pemCertificate(StdFunctions.file(FileArgs.builder()
                        .input("test-fixtures/cert.pem")
                        .build()).result())
                    .pemPrivateKey(StdFunctions.file(FileArgs.builder()
                        .input("test-fixtures/private-key.pem")
                        .build()).result())
                    .build())
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
                .name("backend-service")
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .loadBalancingScheme("INTERNAL_MANAGED")
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
                .name("url-map")
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
                .name("target-http-proxy")
                .urlMap(defaultURLMap.id())
                .certificateManagerCertificates(defaultCertificate.id().applyValue(id -> String.format("//certificatemanager.googleapis.com/%s", id)))
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:TargetHttpsProxy
        properties:
          name: target-http-proxy
          urlMap: ${defaultURLMap.id}
          certificateManagerCertificates: # [google_certificate_manager_certificate.default.id] is also acceptable
            - //certificatemanager.googleapis.com/${defaultCertificate.id}
      defaultCertificate:
        type: gcp:certificatemanager:Certificate
        name: default
        properties:
          name: my-certificate
          scope: ALL_REGIONS
          selfManaged:
            pemCertificate:
              fn::invoke:
                Function: std:file
                Arguments:
                  input: test-fixtures/cert.pem
                Return: result
            pemPrivateKey:
              fn::invoke:
                Function: std:file
                Arguments:
                  input: test-fixtures/private-key.pem
                Return: result
      defaultURLMap:
        type: gcp:compute:URLMap
        name: default
        properties:
          name: url-map
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        name: default
        properties:
          name: backend-service
          portName: http
          protocol: HTTP
          timeoutSec: 10
          loadBalancingScheme: INTERNAL_MANAGED
    

    Create TargetHttpsProxy Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new TargetHttpsProxy(name: string, args: TargetHttpsProxyArgs, opts?: CustomResourceOptions);
    @overload
    def TargetHttpsProxy(resource_name: str,
                         args: TargetHttpsProxyArgs,
                         opts: Optional[ResourceOptions] = None)
    
    @overload
    def TargetHttpsProxy(resource_name: str,
                         opts: Optional[ResourceOptions] = None,
                         url_map: Optional[str] = None,
                         proxy_bind: Optional[bool] = None,
                         description: Optional[str] = None,
                         http_keep_alive_timeout_sec: Optional[int] = None,
                         name: Optional[str] = None,
                         project: Optional[str] = None,
                         certificate_manager_certificates: Optional[Sequence[str]] = None,
                         quic_override: Optional[str] = None,
                         server_tls_policy: Optional[str] = None,
                         ssl_certificates: Optional[Sequence[str]] = None,
                         ssl_policy: Optional[str] = None,
                         tls_early_data: Optional[str] = None,
                         certificate_map: Optional[str] = None)
    func NewTargetHttpsProxy(ctx *Context, name string, args TargetHttpsProxyArgs, opts ...ResourceOption) (*TargetHttpsProxy, error)
    public TargetHttpsProxy(string name, TargetHttpsProxyArgs args, CustomResourceOptions? opts = null)
    public TargetHttpsProxy(String name, TargetHttpsProxyArgs args)
    public TargetHttpsProxy(String name, TargetHttpsProxyArgs args, CustomResourceOptions options)
    
    type: gcp:compute:TargetHttpsProxy
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args TargetHttpsProxyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args TargetHttpsProxyArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args TargetHttpsProxyArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args TargetHttpsProxyArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args TargetHttpsProxyArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var targetHttpsProxyResource = new Gcp.Compute.TargetHttpsProxy("targetHttpsProxyResource", new()
    {
        UrlMap = "string",
        ProxyBind = false,
        Description = "string",
        HttpKeepAliveTimeoutSec = 0,
        Name = "string",
        Project = "string",
        CertificateManagerCertificates = new[]
        {
            "string",
        },
        QuicOverride = "string",
        ServerTlsPolicy = "string",
        SslCertificates = new[]
        {
            "string",
        },
        SslPolicy = "string",
        TlsEarlyData = "string",
        CertificateMap = "string",
    });
    
    example, err := compute.NewTargetHttpsProxy(ctx, "targetHttpsProxyResource", &compute.TargetHttpsProxyArgs{
    	UrlMap:                  pulumi.String("string"),
    	ProxyBind:               pulumi.Bool(false),
    	Description:             pulumi.String("string"),
    	HttpKeepAliveTimeoutSec: pulumi.Int(0),
    	Name:                    pulumi.String("string"),
    	Project:                 pulumi.String("string"),
    	CertificateManagerCertificates: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	QuicOverride:    pulumi.String("string"),
    	ServerTlsPolicy: pulumi.String("string"),
    	SslCertificates: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	SslPolicy:      pulumi.String("string"),
    	TlsEarlyData:   pulumi.String("string"),
    	CertificateMap: pulumi.String("string"),
    })
    
    var targetHttpsProxyResource = new TargetHttpsProxy("targetHttpsProxyResource", TargetHttpsProxyArgs.builder()
        .urlMap("string")
        .proxyBind(false)
        .description("string")
        .httpKeepAliveTimeoutSec(0)
        .name("string")
        .project("string")
        .certificateManagerCertificates("string")
        .quicOverride("string")
        .serverTlsPolicy("string")
        .sslCertificates("string")
        .sslPolicy("string")
        .tlsEarlyData("string")
        .certificateMap("string")
        .build());
    
    target_https_proxy_resource = gcp.compute.TargetHttpsProxy("targetHttpsProxyResource",
        url_map="string",
        proxy_bind=False,
        description="string",
        http_keep_alive_timeout_sec=0,
        name="string",
        project="string",
        certificate_manager_certificates=["string"],
        quic_override="string",
        server_tls_policy="string",
        ssl_certificates=["string"],
        ssl_policy="string",
        tls_early_data="string",
        certificate_map="string")
    
    const targetHttpsProxyResource = new gcp.compute.TargetHttpsProxy("targetHttpsProxyResource", {
        urlMap: "string",
        proxyBind: false,
        description: "string",
        httpKeepAliveTimeoutSec: 0,
        name: "string",
        project: "string",
        certificateManagerCertificates: ["string"],
        quicOverride: "string",
        serverTlsPolicy: "string",
        sslCertificates: ["string"],
        sslPolicy: "string",
        tlsEarlyData: "string",
        certificateMap: "string",
    });
    
    type: gcp:compute:TargetHttpsProxy
    properties:
        certificateManagerCertificates:
            - string
        certificateMap: string
        description: string
        httpKeepAliveTimeoutSec: 0
        name: string
        project: string
        proxyBind: false
        quicOverride: string
        serverTlsPolicy: string
        sslCertificates:
            - string
        sslPolicy: string
        tlsEarlyData: string
        urlMap: string
    

    TargetHttpsProxy Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The TargetHttpsProxy resource accepts the following input properties:

    UrlMap string
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    CertificateManagerCertificates List<string>
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    CertificateMap string
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    Description string
    An optional description of this resource.
    HttpKeepAliveTimeoutSec int
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    ProxyBind bool
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    QuicOverride string
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    ServerTlsPolicy string
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    SslCertificates List<string>
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    SslPolicy string
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    TlsEarlyData string
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    UrlMap string
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    CertificateManagerCertificates []string
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    CertificateMap string
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    Description string
    An optional description of this resource.
    HttpKeepAliveTimeoutSec int
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    ProxyBind bool
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    QuicOverride string
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    ServerTlsPolicy string
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    SslCertificates []string
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    SslPolicy string
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    TlsEarlyData string
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    urlMap String
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificateManagerCertificates List<String>
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificateMap String
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    description String
    An optional description of this resource.
    httpKeepAliveTimeoutSec Integer
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxyBind Boolean
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    quicOverride String
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    serverTlsPolicy String
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    sslCertificates List<String>
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    sslPolicy String
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tlsEarlyData String
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    urlMap string
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificateManagerCertificates string[]
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificateMap string
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    description string
    An optional description of this resource.
    httpKeepAliveTimeoutSec number
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxyBind boolean
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    quicOverride string
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    serverTlsPolicy string
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    sslCertificates string[]
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    sslPolicy string
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tlsEarlyData string
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    url_map str
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificate_manager_certificates Sequence[str]
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificate_map str
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    description str
    An optional description of this resource.
    http_keep_alive_timeout_sec int
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name str
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxy_bind bool
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    quic_override str
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    server_tls_policy str
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    ssl_certificates Sequence[str]
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    ssl_policy str
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tls_early_data str
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    urlMap String
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificateManagerCertificates List<String>
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificateMap String
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    description String
    An optional description of this resource.
    httpKeepAliveTimeoutSec Number
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxyBind Boolean
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    quicOverride String
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    serverTlsPolicy String
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    sslCertificates List<String>
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    sslPolicy String
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tlsEarlyData String
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the TargetHttpsProxy resource produces the following output properties:

    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Id string
    The provider-assigned unique ID for this managed resource.
    ProxyId int
    The unique identifier for the resource.
    SelfLink string
    The URI of the created resource.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Id string
    The provider-assigned unique ID for this managed resource.
    ProxyId int
    The unique identifier for the resource.
    SelfLink string
    The URI of the created resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    id String
    The provider-assigned unique ID for this managed resource.
    proxyId Integer
    The unique identifier for the resource.
    selfLink String
    The URI of the created resource.
    creationTimestamp string
    Creation timestamp in RFC3339 text format.
    id string
    The provider-assigned unique ID for this managed resource.
    proxyId number
    The unique identifier for the resource.
    selfLink string
    The URI of the created resource.
    creation_timestamp str
    Creation timestamp in RFC3339 text format.
    id str
    The provider-assigned unique ID for this managed resource.
    proxy_id int
    The unique identifier for the resource.
    self_link str
    The URI of the created resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    id String
    The provider-assigned unique ID for this managed resource.
    proxyId Number
    The unique identifier for the resource.
    selfLink String
    The URI of the created resource.

    Look up Existing TargetHttpsProxy Resource

    Get an existing TargetHttpsProxy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: TargetHttpsProxyState, opts?: CustomResourceOptions): TargetHttpsProxy
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            certificate_manager_certificates: Optional[Sequence[str]] = None,
            certificate_map: Optional[str] = None,
            creation_timestamp: Optional[str] = None,
            description: Optional[str] = None,
            http_keep_alive_timeout_sec: Optional[int] = None,
            name: Optional[str] = None,
            project: Optional[str] = None,
            proxy_bind: Optional[bool] = None,
            proxy_id: Optional[int] = None,
            quic_override: Optional[str] = None,
            self_link: Optional[str] = None,
            server_tls_policy: Optional[str] = None,
            ssl_certificates: Optional[Sequence[str]] = None,
            ssl_policy: Optional[str] = None,
            tls_early_data: Optional[str] = None,
            url_map: Optional[str] = None) -> TargetHttpsProxy
    func GetTargetHttpsProxy(ctx *Context, name string, id IDInput, state *TargetHttpsProxyState, opts ...ResourceOption) (*TargetHttpsProxy, error)
    public static TargetHttpsProxy Get(string name, Input<string> id, TargetHttpsProxyState? state, CustomResourceOptions? opts = null)
    public static TargetHttpsProxy get(String name, Output<String> id, TargetHttpsProxyState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    CertificateManagerCertificates List<string>
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    CertificateMap string
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Description string
    An optional description of this resource.
    HttpKeepAliveTimeoutSec int
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    ProxyBind bool
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    ProxyId int
    The unique identifier for the resource.
    QuicOverride string
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    SelfLink string
    The URI of the created resource.
    ServerTlsPolicy string
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    SslCertificates List<string>
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    SslPolicy string
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    TlsEarlyData string
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    UrlMap string
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    CertificateManagerCertificates []string
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    CertificateMap string
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Description string
    An optional description of this resource.
    HttpKeepAliveTimeoutSec int
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    Name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    ProxyBind bool
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    ProxyId int
    The unique identifier for the resource.
    QuicOverride string
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    SelfLink string
    The URI of the created resource.
    ServerTlsPolicy string
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    SslCertificates []string
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    SslPolicy string
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    TlsEarlyData string
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    UrlMap string
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificateManagerCertificates List<String>
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificateMap String
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    description String
    An optional description of this resource.
    httpKeepAliveTimeoutSec Integer
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxyBind Boolean
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    proxyId Integer
    The unique identifier for the resource.
    quicOverride String
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    selfLink String
    The URI of the created resource.
    serverTlsPolicy String
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    sslCertificates List<String>
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    sslPolicy String
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tlsEarlyData String
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    urlMap String
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificateManagerCertificates string[]
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificateMap string
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    creationTimestamp string
    Creation timestamp in RFC3339 text format.
    description string
    An optional description of this resource.
    httpKeepAliveTimeoutSec number
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name string
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxyBind boolean
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    proxyId number
    The unique identifier for the resource.
    quicOverride string
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    selfLink string
    The URI of the created resource.
    serverTlsPolicy string
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    sslCertificates string[]
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    sslPolicy string
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tlsEarlyData string
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    urlMap string
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificate_manager_certificates Sequence[str]
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificate_map str
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    creation_timestamp str
    Creation timestamp in RFC3339 text format.
    description str
    An optional description of this resource.
    http_keep_alive_timeout_sec int
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name str
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxy_bind bool
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    proxy_id int
    The unique identifier for the resource.
    quic_override str
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    self_link str
    The URI of the created resource.
    server_tls_policy str
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    ssl_certificates Sequence[str]
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    ssl_policy str
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tls_early_data str
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    url_map str
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    certificateManagerCertificates List<String>
    URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer. Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED. For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead. sslCertificates and certificateManagerCertificates fields can not be defined together. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName} or just the self_link projects/{project}/locations/{location}/certificates/{resourceName}
    certificateMap String
    A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes. For INTERNAL_MANAGED, use certificate_manager_certificates instead. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    description String
    An optional description of this resource.
    httpKeepAliveTimeoutSec Number
    Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value will be used. For Global external HTTP(S) load balancer, the default value is 610 seconds, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For cross-region internal HTTP(S) load balancer, the default value is 600 seconds, the minimum allowed value is 5 seconds, and the maximum allowed value is 600 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.
    name String
    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    proxyBind Boolean
    This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
    proxyId Number
    The unique identifier for the resource.
    quicOverride String
    Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.
    selfLink String
    The URI of the created resource.
    serverTlsPolicy String
    A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted. If you remove this field from your configuration at the same time as deleting or recreating a referenced ServerTlsPolicy resource, you will receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy within the ServerTlsPolicy resource to avoid this.
    sslCertificates List<String>
    URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer. Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED. sslCertificates and certificateManagerCertificates can not be defined together.
    sslPolicy String
    A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.
    tlsEarlyData String
    Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service. Early Data allows a TLS resumption handshake to include the initial application payload (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”. This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3). Possible values are: STRICT, PERMISSIVE, DISABLED.
    urlMap String
    A reference to the UrlMap resource that defines the mapping from URL to the BackendService.


    Import

    TargetHttpsProxy can be imported using any of these accepted formats:

    • projects/{{project}}/global/targetHttpsProxies/{{name}}

    • {{project}}/{{name}}

    • {{name}}

    When using the pulumi import command, TargetHttpsProxy can be imported using one of the formats above. For example:

    $ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default projects/{{project}}/global/targetHttpsProxies/{{name}}
    
    $ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{project}}/{{name}}
    
    $ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{name}}
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v8.3.1 published on Wednesday, Sep 25, 2024 by Pulumi