mirror of
https://github.com/letic/terraform-provider-google.git
synced 2024-09-18 17:19:58 +00:00
470f27b659
As discussed in #1326, we're not going to remove name_prefix for compute_ssl_certificate, because it makes the common use case more ergonomic by a good amount, and the only cost is it's harder to maintain the autogenerated code, and we've decided the benefits outweigh the costs in this circumstance.
101 lines
3.1 KiB
Markdown
101 lines
3.1 KiB
Markdown
---
|
|
layout: "google"
|
|
page_title: "Google: google_compute_ssl_certificate"
|
|
sidebar_current: "docs-google-compute-ssl-certificate"
|
|
description: |-
|
|
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
|
---
|
|
|
|
# google\_compute\_ssl\_certificate
|
|
|
|
Creates an SSL certificate resource necessary for HTTPS load balancing in GCE.
|
|
For more information see
|
|
[the official documentation](https://cloud.google.com/compute/docs/load-balancing/http/ssl-certificates) and
|
|
[API](https://cloud.google.com/compute/docs/reference/latest/sslCertificates).
|
|
|
|
|
|
## Example Usage
|
|
|
|
```hcl
|
|
resource "google_compute_ssl_certificate" "default" {
|
|
name_prefix = "my-certificate-"
|
|
description = "a description"
|
|
private_key = "${file("path/to/private.key")}"
|
|
certificate = "${file("path/to/certificate.crt")}"
|
|
}
|
|
```
|
|
|
|
## Using with Target HTTPS Proxies
|
|
|
|
SSL certificates cannot be updated after creation. In order to apply the
|
|
specified configuration, Terraform will destroy the existing resource
|
|
and create a replacement. To effectively use an SSL certificate resource
|
|
with a [Target HTTPS Proxy resource][1], it's recommended to specify
|
|
`create_before_destroy` in a [lifecycle][2] block. Either omit the
|
|
Instance Template `name` attribute, or specify a partial name with
|
|
`name_prefix`. Example:
|
|
|
|
```hcl
|
|
resource "google_compute_ssl_certificate" "default" {
|
|
name_prefix = "my-certificate-"
|
|
description = "a description"
|
|
private_key = "${file("path/to/private.key")}"
|
|
certificate = "${file("path/to/certificate.crt")}"
|
|
|
|
lifecycle {
|
|
create_before_destroy = true
|
|
}
|
|
}
|
|
|
|
resource "google_compute_target_https_proxy" "my_proxy" {
|
|
name = "public-proxy"
|
|
url_map = # ...
|
|
ssl_certificates = ["${google_compute_ssl_certificate.default.self_link}"]
|
|
}
|
|
```
|
|
|
|
## Argument Reference
|
|
|
|
The following arguments are supported:
|
|
|
|
* `certificate` - (Required) A local certificate file in PEM format. The chain
|
|
may be at most 5 certs long, and must include at least one intermediate
|
|
cert. Changing this forces a new resource to be created.
|
|
|
|
* `private_key` - (Required) Write only private key in PEM format.
|
|
Changing this forces a new resource to be created.
|
|
|
|
- - -
|
|
|
|
* `name` - (Optional) A unique name for the SSL certificate. If you leave
|
|
this blank, Terraform will auto-generate a unique name.
|
|
|
|
* `name_prefix` - (Optional) Creates a unique name beginning with the specified
|
|
prefix. Conflicts with `name`.
|
|
|
|
* `description` - (Optional) An optional description of this resource.
|
|
Changing this forces a new resource to be created.
|
|
|
|
* `project` - (Optional) The ID of the project in which the resource belongs. If it
|
|
is not provided, the provider project is used.
|
|
|
|
## Attributes Reference
|
|
|
|
In addition to the arguments listed above, the following computed attributes are
|
|
exported:
|
|
|
|
* `certificate_id` - A unique ID for the certificate, assigned by GCE.
|
|
|
|
* `self_link` - The URI of the created resource.
|
|
|
|
[1]: /docs/providers/google/r/compute_target_https_proxy.html
|
|
[2]: /docs/configuration/resources.html#lifecycle
|
|
|
|
## Import
|
|
|
|
SSL certificate can be imported using the `name`, e.g.
|
|
|
|
```
|
|
$ terraform import compute_ssl_certificate.html.foobar foobar
|
|
```
|