mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-10-15 07:27:15 +00:00
141 lines
4.8 KiB
Markdown
141 lines
4.8 KiB
Markdown
---
|
|
# ----------------------------------------------------------------------------
|
|
#
|
|
# *** AUTO GENERATED CODE *** AUTO GENERATED CODE ***
|
|
#
|
|
# ----------------------------------------------------------------------------
|
|
#
|
|
# This file is automatically generated by Magic Modules and manual
|
|
# changes will be clobbered when the file is regenerated.
|
|
#
|
|
# Please read more about how to change this file in
|
|
# .github/CONTRIBUTING.md.
|
|
#
|
|
# ----------------------------------------------------------------------------
|
|
layout: "google"
|
|
page_title: "Google: google_compute_ssl_policy"
|
|
sidebar_current: "docs-google-compute-ssl-policy"
|
|
description: |-
|
|
Represents a SSL policy.
|
|
---
|
|
|
|
# google\_compute\_ssl\_policy
|
|
|
|
Represents a SSL policy. SSL policies give you the ability to control the
|
|
features of SSL that your SSL proxy or HTTPS load balancer negotiates.
|
|
|
|
To get more information about SslPolicy, see:
|
|
|
|
* [API documentation](https://cloud.google.com/compute/docs/reference/rest/v1/sslPolicies)
|
|
* How-to Guides
|
|
* [Using SSL Policies](https://cloud.google.com/compute/docs/load-balancing/ssl-policies)
|
|
|
|
## Example Usage
|
|
|
|
```hcl
|
|
resource "google_compute_ssl_policy" "prod-ssl-policy" {
|
|
name = "production-ssl-policy"
|
|
profile = "MODERN"
|
|
}
|
|
|
|
resource "google_compute_ssl_policy" "nonprod-ssl-policy" {
|
|
name = "nonprod-ssl-policy"
|
|
profile = "MODERN"
|
|
min_tls_version = "TLS_1_2"
|
|
}
|
|
|
|
resource "google_compute_ssl_policy" "custom-ssl-policy" {
|
|
name = "custom-ssl-policy"
|
|
min_tls_version = "TLS_1_2"
|
|
profile = "CUSTOM"
|
|
custom_features = ["TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384", "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"]
|
|
}
|
|
```
|
|
|
|
## Argument Reference
|
|
|
|
The following arguments are supported:
|
|
|
|
* `name` -
|
|
(Required)
|
|
Name of the resource. Provided by the client when the resource is
|
|
created. The name must be 1-63 characters long, and comply with
|
|
RFC1035. Specifically, the name must be 1-63 characters long and match
|
|
the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the
|
|
first character must be a lowercase letter, and all following
|
|
characters must be a dash, lowercase letter, or digit, except the last
|
|
character, which cannot be a dash.
|
|
|
|
|
|
- - -
|
|
|
|
* `description` -
|
|
(Optional)
|
|
An optional description of this resource.
|
|
* `profile` -
|
|
(Optional)
|
|
Profile specifies the set of SSL features that can be used by the
|
|
load balancer when negotiating SSL with clients. This can be one of
|
|
`COMPATIBLE`, `MODERN`, `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`,
|
|
the set of SSL features to enable must be specified in the
|
|
`customFeatures` field.
|
|
|
|
See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport)
|
|
for information on what cipher suites each profile provides. If
|
|
`CUSTOM` is used, the `custom_features` attribute **must be set**.
|
|
Default is `COMPATIBLE`.
|
|
* `min_tls_version` -
|
|
(Optional)
|
|
The minimum version of SSL protocol that can be used by the clients
|
|
to establish a connection with the load balancer. This can be one of
|
|
`TLS_1_0`, `TLS_1_1`, `TLS_1_2`.
|
|
Default is `TLS_1_0`.
|
|
* `custom_features` -
|
|
(Optional)
|
|
Profile specifies the set of SSL features that can be used by the
|
|
load balancer when negotiating SSL with clients. This can be one of
|
|
`COMPATIBLE`, `MODERN`, `RESTRICTED`, or `CUSTOM`. If using `CUSTOM`,
|
|
the set of SSL features to enable must be specified in the
|
|
`customFeatures` field.
|
|
|
|
See the [official documentation](https://cloud.google.com/compute/docs/load-balancing/ssl-policies#profilefeaturesupport)
|
|
for which ciphers are available to use. **Note**: this argument
|
|
*must* be present when using the `CUSTOM` profile. This argument
|
|
*must not* be present when using any other profile.
|
|
* `project` (Optional) The ID of the project in which the resource belongs.
|
|
If it is not provided, the provider project is used.
|
|
|
|
|
|
## Attributes Reference
|
|
|
|
In addition to the arguments listed above, the following computed attributes are exported:
|
|
|
|
* `creation_timestamp` -
|
|
Creation timestamp in RFC3339 text format.
|
|
* `enabled_features` -
|
|
The list of features enabled in the SSL policy.
|
|
* `fingerprint` -
|
|
Fingerprint of this resource. A hash of the contents stored in this
|
|
object. This field is used in optimistic locking.
|
|
* `self_link` - The URI of the created resource.
|
|
|
|
|
|
## Timeouts
|
|
|
|
This resource provides the following
|
|
[Timeouts](/docs/configuration/resources.html#timeouts) configuration options:
|
|
|
|
- `create` - Default is 4 minutes.
|
|
- `update` - Default is 4 minutes.
|
|
- `delete` - Default is 4 minutes.
|
|
|
|
## Import
|
|
|
|
SslPolicy can be imported using any of these accepted formats:
|
|
|
|
```
|
|
$ terraform import google_compute_ssl_policy.default projects/{{project}}/global/sslPolicies/{{name}}
|
|
$ terraform import google_compute_ssl_policy.default {{project}}/{{name}}
|
|
$ terraform import google_compute_ssl_policy.default {{name}}
|
|
```
|