2015-11-02 15:15:19 +00:00
|
|
|
---
|
|
|
|
layout: "google"
|
|
|
|
page_title: "Google: google_compute_ssl_certificate"
|
|
|
|
sidebar_current: "docs-google-compute-ssl-certificate"
|
|
|
|
description: |-
|
|
|
|
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
|
|
|
---
|
|
|
|
|
|
|
|
# google\_compute\_ssl\_certificate
|
|
|
|
|
2016-03-31 10:37:17 +00:00
|
|
|
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
2015-11-02 15:15:19 +00:00
|
|
|
For more information see
|
|
|
|
[the official documentation](https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates) and
|
|
|
|
[API](https://cloud.google.com/compute/docs/reference/latest/sslCertificates).
|
|
|
|
|
|
|
|
|
|
|
|
## Example Usage
|
|
|
|
|
2017-04-17 10:17:54 +00:00
|
|
|
```hcl
|
2015-11-02 15:15:19 +00:00
|
|
|
resource "google_compute_ssl_certificate" "default" {
|
2016-12-12 23:57:58 +00:00
|
|
|
name_prefix = "my-certificate-"
|
2016-04-10 21:34:15 +00:00
|
|
|
description = "a description"
|
|
|
|
private_key = "${file("path/to/private.key")}"
|
|
|
|
certificate = "${file("path/to/certificate.crt")}"
|
2015-11-02 15:15:19 +00:00
|
|
|
}
|
|
|
|
```
|
|
|
|
|
2017-07-28 17:45:32 +00:00
|
|
|
## Using with Target HTTPS Proxies
|
|
|
|
|
|
|
|
SSL certificates cannot be updated after creation. In order to apply the
|
|
|
|
specified configuration, Terraform will destroy the existing resource
|
|
|
|
and create a replacement. To effectively use an SSL certificate resource
|
|
|
|
with a [Target HTTPS Proxy resource][1], it's recommended to specify
|
|
|
|
`create_before_destroy` in a [lifecycle][2] block. Either omit the
|
|
|
|
Instance Template `name` attribute, or specify a partial name with
|
|
|
|
`name_prefix`. Example:
|
|
|
|
|
|
|
|
```hcl
|
|
|
|
resource "google_compute_ssl_certificate" "default" {
|
|
|
|
name_prefix = "my-certificate-"
|
|
|
|
description = "a description"
|
|
|
|
private_key = "${file("path/to/private.key")}"
|
|
|
|
certificate = "${file("path/to/certificate.crt")}"
|
|
|
|
|
|
|
|
lifecycle {
|
|
|
|
create_before_destroy = true
|
|
|
|
}
|
|
|
|
}
|
|
|
|
|
|
|
|
resource "google_compute_target_https_proxy" "my_proxy" {
|
|
|
|
name = "public-proxy"
|
|
|
|
url_map = # ...
|
|
|
|
ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"]
|
|
|
|
}
|
|
|
|
```
|
|
|
|
|
2015-11-02 15:15:19 +00:00
|
|
|
## Argument Reference
|
|
|
|
|
|
|
|
The following arguments are supported:
|
|
|
|
|
2016-04-10 21:34:15 +00:00
|
|
|
* `certificate` - (Required) A local certificate file in PEM format. The chain
|
|
|
|
may be at most 5 certs long, and must include at least one intermediate
|
|
|
|
cert. Changing this forces a new resource to be created.
|
|
|
|
|
2015-11-02 15:15:19 +00:00
|
|
|
* `private_key` - (Required) Write only private key in PEM format.
|
|
|
|
Changing this forces a new resource to be created.
|
2016-04-10 21:34:15 +00:00
|
|
|
|
|
|
|
- - -
|
|
|
|
|
2016-12-12 23:57:58 +00:00
|
|
|
* `name` - (Optional) A unique name for the SSL certificate. If you leave
|
|
|
|
this blank, Terraform will auto-generate a unique name.
|
|
|
|
|
|
|
|
* `name_prefix` - (Optional) Creates a unique name beginning with the specified
|
|
|
|
prefix. Conflicts with `name`.
|
|
|
|
|
2016-04-10 21:34:15 +00:00
|
|
|
* `description` - (Optional) An optional description of this resource.
|
2015-11-02 15:15:19 +00:00
|
|
|
Changing this forces a new resource to be created.
|
|
|
|
|
2016-04-10 21:34:15 +00:00
|
|
|
* `project` - (Optional) The project in which the resource belongs. If it
|
|
|
|
is not provided, the provider project is used.
|
|
|
|
|
2015-11-02 15:15:19 +00:00
|
|
|
## Attributes Reference
|
|
|
|
|
2016-04-10 21:34:15 +00:00
|
|
|
In addition to the arguments listed above, the following computed attributes are
|
|
|
|
exported:
|
|
|
|
|
2017-09-25 14:23:46 +00:00
|
|
|
* `certificate_id` - A unique ID for the certificate, assigned by GCE.
|
2015-11-02 15:15:19 +00:00
|
|
|
|
|
|
|
* `self_link` - The URI of the created resource.
|
2017-07-28 17:45:32 +00:00
|
|
|
|
|
|
|
[1]: /docs/providers/google/r/compute_target_https_proxy.html
|
2017-09-25 14:23:46 +00:00
|
|
|
[2]: /docs/configuration/resources.html#lifecycle
|
2017-11-09 18:16:57 +00:00
|
|
|
|
|
|
|
## Import
|
|
|
|
|
|
|
|
SSL certificate can be imported using the `name`, e.g.
|
|
|
|
|
|
|
|
```
|
|
|
|
$ terraform import compute_ssl_certificate.html.foobar foobar
|
|
|
|
```
|