gcp.compute.SSLCertificate
Explore with Pulumi AI
An SslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user.
To get more information about SslCertificate, see:
- API documentation
- How-to Guides
Example Usage
Ssl Certificate Basic
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as std from "@pulumi/std";
const _default = new gcp.compute.SSLCertificate("default", {
namePrefix: "my-certificate-",
description: "a description",
privateKey: std.file({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.file({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
});
import pulumi
import pulumi_gcp as gcp
import pulumi_std as std
default = gcp.compute.SSLCertificate("default",
name_prefix="my-certificate-",
description="a description",
private_key=std.file(input="path/to/private.key").result,
certificate=std.file(input="path/to/certificate.crt").result)
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
_, err = compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
NamePrefix: pulumi.String("my-certificate-"),
Description: pulumi.String("a description"),
PrivateKey: invokeFile.Result,
Certificate: invokeFile1.Result,
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var @default = new Gcp.Compute.SSLCertificate("default", new()
{
NamePrefix = "my-certificate-",
Description = "a description",
PrivateKey = Std.File.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result),
Certificate = Std.File.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var default_ = new SSLCertificate("default", SSLCertificateArgs.builder()
.namePrefix("my-certificate-")
.description("a description")
.privateKey(StdFunctions.file(FileArgs.builder()
.input("path/to/private.key")
.build()).result())
.certificate(StdFunctions.file(FileArgs.builder()
.input("path/to/certificate.crt")
.build()).result())
.build());
}
}
resources:
default:
type: gcp:compute:SSLCertificate
properties:
namePrefix: my-certificate-
description: a description
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:file
Arguments:
input: path/to/certificate.crt
Return: result
Ssl Certificate Random Provider
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as random from "@pulumi/random";
import * as std from "@pulumi/std";
const certificate = new random.RandomId("certificate", {
byteLength: 4,
prefix: "my-certificate-",
keepers: {
private_key: std.filebase64sha256({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.filebase64sha256({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
},
});
// You may also want to control name generation explicitly:
const _default = new gcp.compute.SSLCertificate("default", {
name: certificate.hex,
privateKey: std.file({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.file({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
});
import pulumi
import pulumi_gcp as gcp
import pulumi_random as random
import pulumi_std as std
certificate = random.RandomId("certificate",
byte_length=4,
prefix="my-certificate-",
keepers={
"private_key": std.filebase64sha256(input="path/to/private.key").result,
"certificate": std.filebase64sha256(input="path/to/certificate.crt").result,
})
# You may also want to control name generation explicitly:
default = gcp.compute.SSLCertificate("default",
name=certificate.hex,
private_key=std.file(input="path/to/private.key").result,
certificate=std.file(input="path/to/certificate.crt").result)
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi-random/sdk/v4/go/random"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFilebase64sha256, err := std.Filebase64sha256(ctx, &std.Filebase64sha256Args{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFilebase64sha2561, err := std.Filebase64sha256(ctx, &std.Filebase64sha256Args{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
certificate, err := random.NewRandomId(ctx, "certificate", &random.RandomIdArgs{
ByteLength: pulumi.Int(4),
Prefix: pulumi.String("my-certificate-"),
Keepers: pulumi.StringMap{
"private_key": invokeFilebase64sha256.Result,
"certificate": invokeFilebase64sha2561.Result,
},
})
if err != nil {
return err
}
invokeFile2, err := std.File(ctx, &std.FileArgs{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFile3, err := std.File(ctx, &std.FileArgs{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
// You may also want to control name generation explicitly:
_, err = compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
Name: certificate.Hex,
PrivateKey: invokeFile2.Result,
Certificate: invokeFile3.Result,
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Random = Pulumi.Random;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
var certificate = new Random.RandomId("certificate", new()
{
ByteLength = 4,
Prefix = "my-certificate-",
Keepers =
{
{ "private_key", Std.Filebase64sha256.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result) },
{ "certificate", Std.Filebase64sha256.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result) },
},
});
// You may also want to control name generation explicitly:
var @default = new Gcp.Compute.SSLCertificate("default", new()
{
Name = certificate.Hex,
PrivateKey = Std.File.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result),
Certificate = Std.File.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result),
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.random.RandomId;
import com.pulumi.random.RandomIdArgs;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var certificate = new RandomId("certificate", RandomIdArgs.builder()
.byteLength(4)
.prefix("my-certificate-")
.keepers(Map.ofEntries(
Map.entry("private_key", StdFunctions.filebase64sha256(Filebase64sha256Args.builder()
.input("path/to/private.key")
.build()).result()),
Map.entry("certificate", StdFunctions.filebase64sha256(Filebase64sha256Args.builder()
.input("path/to/certificate.crt")
.build()).result())
))
.build());
// You may also want to control name generation explicitly:
var default_ = new SSLCertificate("default", SSLCertificateArgs.builder()
.name(certificate.hex())
.privateKey(StdFunctions.file(FileArgs.builder()
.input("path/to/private.key")
.build()).result())
.certificate(StdFunctions.file(FileArgs.builder()
.input("path/to/certificate.crt")
.build()).result())
.build());
}
}
resources:
# You may also want to control name generation explicitly:
default:
type: gcp:compute:SSLCertificate
properties:
name: ${certificate.hex}
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:file
Arguments:
input: path/to/certificate.crt
Return: result
certificate:
type: random:RandomId
properties:
byteLength: 4
prefix: my-certificate-
keepers:
private_key:
fn::invoke:
Function: std:filebase64sha256
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:filebase64sha256
Arguments:
input: path/to/certificate.crt
Return: result
Ssl Certificate Target Https Proxies
import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";
import * as std from "@pulumi/std";
// Using with Target HTTPS Proxies
//
// SSL certificates cannot be updated after creation. In order to apply
// the specified configuration, the provider will destroy the existing
// resource and create a replacement. Example:
const _default = new gcp.compute.SSLCertificate("default", {
namePrefix: "my-certificate-",
privateKey: std.file({
input: "path/to/private.key",
}).then(invoke => invoke.result),
certificate: std.file({
input: "path/to/certificate.crt",
}).then(invoke => invoke.result),
});
const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
name: "http-health-check",
requestPath: "/",
checkIntervalSec: 1,
timeoutSec: 1,
});
const defaultBackendService = new gcp.compute.BackendService("default", {
name: "backend-service",
portName: "http",
protocol: "HTTP",
timeoutSec: 10,
healthChecks: defaultHttpHealthCheck.id,
});
const defaultURLMap = new gcp.compute.URLMap("default", {
name: "url-map",
description: "a description",
defaultService: defaultBackendService.id,
hostRules: [{
hosts: ["mysite.com"],
pathMatcher: "allpaths",
}],
pathMatchers: [{
name: "allpaths",
defaultService: defaultBackendService.id,
pathRules: [{
paths: ["/*"],
service: defaultBackendService.id,
}],
}],
});
const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("default", {
name: "test-proxy",
urlMap: defaultURLMap.id,
sslCertificates: [_default.id],
});
import pulumi
import pulumi_gcp as gcp
import pulumi_std as std
# Using with Target HTTPS Proxies
#
# SSL certificates cannot be updated after creation. In order to apply
# the specified configuration, the provider will destroy the existing
# resource and create a replacement. Example:
default = gcp.compute.SSLCertificate("default",
name_prefix="my-certificate-",
private_key=std.file(input="path/to/private.key").result,
certificate=std.file(input="path/to/certificate.crt").result)
default_http_health_check = gcp.compute.HttpHealthCheck("default",
name="http-health-check",
request_path="/",
check_interval_sec=1,
timeout_sec=1)
default_backend_service = gcp.compute.BackendService("default",
name="backend-service",
port_name="http",
protocol="HTTP",
timeout_sec=10,
health_checks=default_http_health_check.id)
default_url_map = gcp.compute.URLMap("default",
name="url-map",
description="a description",
default_service=default_backend_service.id,
host_rules=[gcp.compute.URLMapHostRuleArgs(
hosts=["mysite.com"],
path_matcher="allpaths",
)],
path_matchers=[gcp.compute.URLMapPathMatcherArgs(
name="allpaths",
default_service=default_backend_service.id,
path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
paths=["/*"],
service=default_backend_service.id,
)],
)])
default_target_https_proxy = gcp.compute.TargetHttpsProxy("default",
name="test-proxy",
url_map=default_url_map.id,
ssl_certificates=[default.id])
package main
import (
"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
"github.com/pulumi/pulumi-std/sdk/go/std"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
invokeFile, err := std.File(ctx, &std.FileArgs{
Input: "path/to/private.key",
}, nil)
if err != nil {
return err
}
invokeFile1, err := std.File(ctx, &std.FileArgs{
Input: "path/to/certificate.crt",
}, nil)
if err != nil {
return err
}
// Using with Target HTTPS Proxies
//
// SSL certificates cannot be updated after creation. In order to apply
// the specified configuration, the provider will destroy the existing
// resource and create a replacement. Example:
_, err = compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
NamePrefix: pulumi.String("my-certificate-"),
PrivateKey: invokeFile.Result,
Certificate: invokeFile1.Result,
})
if err != nil {
return err
}
defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
Name: pulumi.String("http-health-check"),
RequestPath: pulumi.String("/"),
CheckIntervalSec: pulumi.Int(1),
TimeoutSec: pulumi.Int(1),
})
if err != nil {
return err
}
defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
Name: pulumi.String("backend-service"),
PortName: pulumi.String("http"),
Protocol: pulumi.String("HTTP"),
TimeoutSec: pulumi.Int(10),
HealthChecks: defaultHttpHealthCheck.ID(),
})
if err != nil {
return err
}
defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
Name: pulumi.String("url-map"),
Description: pulumi.String("a description"),
DefaultService: defaultBackendService.ID(),
HostRules: compute.URLMapHostRuleArray{
&compute.URLMapHostRuleArgs{
Hosts: pulumi.StringArray{
pulumi.String("mysite.com"),
},
PathMatcher: pulumi.String("allpaths"),
},
},
PathMatchers: compute.URLMapPathMatcherArray{
&compute.URLMapPathMatcherArgs{
Name: pulumi.String("allpaths"),
DefaultService: defaultBackendService.ID(),
PathRules: compute.URLMapPathMatcherPathRuleArray{
&compute.URLMapPathMatcherPathRuleArgs{
Paths: pulumi.StringArray{
pulumi.String("/*"),
},
Service: defaultBackendService.ID(),
},
},
},
},
})
if err != nil {
return err
}
_, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
Name: pulumi.String("test-proxy"),
UrlMap: defaultURLMap.ID(),
SslCertificates: pulumi.StringArray{
_default.ID(),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;
using Std = Pulumi.Std;
return await Deployment.RunAsync(() =>
{
// Using with Target HTTPS Proxies
//
// SSL certificates cannot be updated after creation. In order to apply
// the specified configuration, the provider will destroy the existing
// resource and create a replacement. Example:
var @default = new Gcp.Compute.SSLCertificate("default", new()
{
NamePrefix = "my-certificate-",
PrivateKey = Std.File.Invoke(new()
{
Input = "path/to/private.key",
}).Apply(invoke => invoke.Result),
Certificate = Std.File.Invoke(new()
{
Input = "path/to/certificate.crt",
}).Apply(invoke => invoke.Result),
});
var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
{
Name = "http-health-check",
RequestPath = "/",
CheckIntervalSec = 1,
TimeoutSec = 1,
});
var defaultBackendService = new Gcp.Compute.BackendService("default", new()
{
Name = "backend-service",
PortName = "http",
Protocol = "HTTP",
TimeoutSec = 10,
HealthChecks = defaultHttpHealthCheck.Id,
});
var defaultURLMap = new Gcp.Compute.URLMap("default", new()
{
Name = "url-map",
Description = "a description",
DefaultService = defaultBackendService.Id,
HostRules = new[]
{
new Gcp.Compute.Inputs.URLMapHostRuleArgs
{
Hosts = new[]
{
"mysite.com",
},
PathMatcher = "allpaths",
},
},
PathMatchers = new[]
{
new Gcp.Compute.Inputs.URLMapPathMatcherArgs
{
Name = "allpaths",
DefaultService = defaultBackendService.Id,
PathRules = new[]
{
new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
{
Paths = new[]
{
"/*",
},
Service = defaultBackendService.Id,
},
},
},
},
});
var defaultTargetHttpsProxy = new Gcp.Compute.TargetHttpsProxy("default", new()
{
Name = "test-proxy",
UrlMap = defaultURLMap.Id,
SslCertificates = new[]
{
@default.Id,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import com.pulumi.gcp.compute.HttpHealthCheck;
import com.pulumi.gcp.compute.HttpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpsProxy;
import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
// Using with Target HTTPS Proxies
//
// SSL certificates cannot be updated after creation. In order to apply
// the specified configuration, the provider will destroy the existing
// resource and create a replacement. Example:
var default_ = new SSLCertificate("default", SSLCertificateArgs.builder()
.namePrefix("my-certificate-")
.privateKey(StdFunctions.file(FileArgs.builder()
.input("path/to/private.key")
.build()).result())
.certificate(StdFunctions.file(FileArgs.builder()
.input("path/to/certificate.crt")
.build()).result())
.build());
var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
.name("http-health-check")
.requestPath("/")
.checkIntervalSec(1)
.timeoutSec(1)
.build());
var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
.name("backend-service")
.portName("http")
.protocol("HTTP")
.timeoutSec(10)
.healthChecks(defaultHttpHealthCheck.id())
.build());
var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
.name("url-map")
.description("a description")
.defaultService(defaultBackendService.id())
.hostRules(URLMapHostRuleArgs.builder()
.hosts("mysite.com")
.pathMatcher("allpaths")
.build())
.pathMatchers(URLMapPathMatcherArgs.builder()
.name("allpaths")
.defaultService(defaultBackendService.id())
.pathRules(URLMapPathMatcherPathRuleArgs.builder()
.paths("/*")
.service(defaultBackendService.id())
.build())
.build())
.build());
var defaultTargetHttpsProxy = new TargetHttpsProxy("defaultTargetHttpsProxy", TargetHttpsProxyArgs.builder()
.name("test-proxy")
.urlMap(defaultURLMap.id())
.sslCertificates(default_.id())
.build());
}
}
resources:
# Using with Target HTTPS Proxies
# //
# // SSL certificates cannot be updated after creation. In order to apply
# // the specified configuration, the provider will destroy the existing
# // resource and create a replacement. Example:
default:
type: gcp:compute:SSLCertificate
properties:
namePrefix: my-certificate-
privateKey:
fn::invoke:
Function: std:file
Arguments:
input: path/to/private.key
Return: result
certificate:
fn::invoke:
Function: std:file
Arguments:
input: path/to/certificate.crt
Return: result
defaultTargetHttpsProxy:
type: gcp:compute:TargetHttpsProxy
name: default
properties:
name: test-proxy
urlMap: ${defaultURLMap.id}
sslCertificates:
- ${default.id}
defaultURLMap:
type: gcp:compute:URLMap
name: default
properties:
name: url-map
description: a description
defaultService: ${defaultBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultBackendService.id}
defaultBackendService:
type: gcp:compute:BackendService
name: default
properties:
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
healthChecks: ${defaultHttpHealthCheck.id}
defaultHttpHealthCheck:
type: gcp:compute:HttpHealthCheck
name: default
properties:
name: http-health-check
requestPath: /
checkIntervalSec: 1
timeoutSec: 1
Create SSLCertificate Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new SSLCertificate(name: string, args: SSLCertificateArgs, opts?: CustomResourceOptions);
@overload
def SSLCertificate(resource_name: str,
args: SSLCertificateArgs,
opts: Optional[ResourceOptions] = None)
@overload
def SSLCertificate(resource_name: str,
opts: Optional[ResourceOptions] = None,
certificate: Optional[str] = None,
private_key: Optional[str] = None,
description: Optional[str] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
project: Optional[str] = None)
func NewSSLCertificate(ctx *Context, name string, args SSLCertificateArgs, opts ...ResourceOption) (*SSLCertificate, error)
public SSLCertificate(string name, SSLCertificateArgs args, CustomResourceOptions? opts = null)
public SSLCertificate(String name, SSLCertificateArgs args)
public SSLCertificate(String name, SSLCertificateArgs args, CustomResourceOptions options)
type: gcp:compute:SSLCertificate
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args SSLCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args SSLCertificateArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args SSLCertificateArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args SSLCertificateArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args SSLCertificateArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Example
The following reference example uses placeholder values for all input properties.
var sslcertificateResource = new Gcp.Compute.SSLCertificate("sslcertificateResource", new()
{
Certificate = "string",
PrivateKey = "string",
Description = "string",
Name = "string",
NamePrefix = "string",
Project = "string",
});
example, err := compute.NewSSLCertificate(ctx, "sslcertificateResource", &compute.SSLCertificateArgs{
Certificate: pulumi.String("string"),
PrivateKey: pulumi.String("string"),
Description: pulumi.String("string"),
Name: pulumi.String("string"),
NamePrefix: pulumi.String("string"),
Project: pulumi.String("string"),
})
var sslcertificateResource = new SSLCertificate("sslcertificateResource", SSLCertificateArgs.builder()
.certificate("string")
.privateKey("string")
.description("string")
.name("string")
.namePrefix("string")
.project("string")
.build());
sslcertificate_resource = gcp.compute.SSLCertificate("sslcertificateResource",
certificate="string",
private_key="string",
description="string",
name="string",
name_prefix="string",
project="string")
const sslcertificateResource = new gcp.compute.SSLCertificate("sslcertificateResource", {
certificate: "string",
privateKey: "string",
description: "string",
name: "string",
namePrefix: "string",
project: "string",
});
type: gcp:compute:SSLCertificate
properties:
certificate: string
description: string
name: string
namePrefix: string
privateKey: string
project: string
SSLCertificate Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The SSLCertificate resource accepts the following input properties:
- Certificate string
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- Private
Key string - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- Description string
- An optional description of this resource.
- Name string
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- Name
Prefix string - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Certificate string
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- Private
Key string - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- Description string
- An optional description of this resource.
- Name string
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- Name
Prefix string - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- certificate String
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- private
Key String - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- description String
- An optional description of this resource.
- name String
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name
Prefix String - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- certificate string
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- private
Key string - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- description string
- An optional description of this resource.
- name string
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name
Prefix string - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- certificate str
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- private_
key str - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- description str
- An optional description of this resource.
- name str
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name_
prefix str - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- certificate String
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- private
Key String - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- description String
- An optional description of this resource.
- name String
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name
Prefix String - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
Outputs
All input properties are implicitly available as output properties. Additionally, the SSLCertificate resource produces the following output properties:
- Certificate
Id int - The unique identifier for the resource.
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Expire
Time string - Expire time of the certificate in RFC3339 text format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Self
Link string - The URI of the created resource.
- Certificate
Id int - The unique identifier for the resource.
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Expire
Time string - Expire time of the certificate in RFC3339 text format.
- Id string
- The provider-assigned unique ID for this managed resource.
- Self
Link string - The URI of the created resource.
- certificate
Id Integer - The unique identifier for the resource.
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- expire
Time String - Expire time of the certificate in RFC3339 text format.
- id String
- The provider-assigned unique ID for this managed resource.
- self
Link String - The URI of the created resource.
- certificate
Id number - The unique identifier for the resource.
- creation
Timestamp string - Creation timestamp in RFC3339 text format.
- expire
Time string - Expire time of the certificate in RFC3339 text format.
- id string
- The provider-assigned unique ID for this managed resource.
- self
Link string - The URI of the created resource.
- certificate_
id int - The unique identifier for the resource.
- creation_
timestamp str - Creation timestamp in RFC3339 text format.
- expire_
time str - Expire time of the certificate in RFC3339 text format.
- id str
- The provider-assigned unique ID for this managed resource.
- self_
link str - The URI of the created resource.
- certificate
Id Number - The unique identifier for the resource.
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- expire
Time String - Expire time of the certificate in RFC3339 text format.
- id String
- The provider-assigned unique ID for this managed resource.
- self
Link String - The URI of the created resource.
Look up Existing SSLCertificate Resource
Get an existing SSLCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: SSLCertificateState, opts?: CustomResourceOptions): SSLCertificate
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
certificate: Optional[str] = None,
certificate_id: Optional[int] = None,
creation_timestamp: Optional[str] = None,
description: Optional[str] = None,
expire_time: Optional[str] = None,
name: Optional[str] = None,
name_prefix: Optional[str] = None,
private_key: Optional[str] = None,
project: Optional[str] = None,
self_link: Optional[str] = None) -> SSLCertificate
func GetSSLCertificate(ctx *Context, name string, id IDInput, state *SSLCertificateState, opts ...ResourceOption) (*SSLCertificate, error)
public static SSLCertificate Get(string name, Input<string> id, SSLCertificateState? state, CustomResourceOptions? opts = null)
public static SSLCertificate get(String name, Output<String> id, SSLCertificateState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Certificate string
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- Certificate
Id int - The unique identifier for the resource.
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Description string
- An optional description of this resource.
- Expire
Time string - Expire time of the certificate in RFC3339 text format.
- Name string
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- Name
Prefix string - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - Private
Key string - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Self
Link string - The URI of the created resource.
- Certificate string
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- Certificate
Id int - The unique identifier for the resource.
- Creation
Timestamp string - Creation timestamp in RFC3339 text format.
- Description string
- An optional description of this resource.
- Expire
Time string - Expire time of the certificate in RFC3339 text format.
- Name string
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- Name
Prefix string - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - Private
Key string - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- Project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- Self
Link string - The URI of the created resource.
- certificate String
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- certificate
Id Integer - The unique identifier for the resource.
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- description String
- An optional description of this resource.
- expire
Time String - Expire time of the certificate in RFC3339 text format.
- name String
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name
Prefix String - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - private
Key String - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- self
Link String - The URI of the created resource.
- certificate string
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- certificate
Id number - The unique identifier for the resource.
- creation
Timestamp string - Creation timestamp in RFC3339 text format.
- description string
- An optional description of this resource.
- expire
Time string - Expire time of the certificate in RFC3339 text format.
- name string
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name
Prefix string - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - private
Key string - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- project string
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- self
Link string - The URI of the created resource.
- certificate str
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- certificate_
id int - The unique identifier for the resource.
- creation_
timestamp str - Creation timestamp in RFC3339 text format.
- description str
- An optional description of this resource.
- expire_
time str - Expire time of the certificate in RFC3339 text format.
- name str
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name_
prefix str - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - private_
key str - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- project str
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- self_
link str - The URI of the created resource.
- certificate String
- The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
- certificate
Id Number - The unique identifier for the resource.
- creation
Timestamp String - Creation timestamp in RFC3339 text format.
- description String
- An optional description of this resource.
- expire
Time String - Expire time of the certificate in RFC3339 text format.
- name String
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression
a-z?
which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.These are in the same namespace as the managed SSL certificates.
- name
Prefix String - Creates a unique name beginning with the
specified prefix. Conflicts with
name
. - private
Key String - The write-only private key in PEM format.
Note: This property is sensitive and will not be displayed in the plan.
- project String
- The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
- self
Link String - The URI of the created resource.
Import
SslCertificate can be imported using any of these accepted formats:
projects/{{project}}/global/sslCertificates/{{name}}
{{project}}/{{name}}
{{name}}
When using the pulumi import
command, SslCertificate can be imported using one of the formats above. For example:
$ pulumi import gcp:compute/sSLCertificate:SSLCertificate default projects/{{project}}/global/sslCertificates/{{name}}
$ pulumi import gcp:compute/sSLCertificate:SSLCertificate default {{project}}/{{name}}
$ pulumi import gcp:compute/sSLCertificate:SSLCertificate default {{name}}
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- Google Cloud (GCP) Classic pulumi/pulumi-gcp
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
google-beta
Terraform Provider.