1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. compute
  5. SSLCertificate
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

gcp.compute.SSLCertificate

Explore with Pulumi AI

gcp logo
Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi

    An SslCertificate resource, used for HTTPS load balancing. This resource provides a mechanism to upload an SSL key and certificate to the load balancer to serve secure connections from the user.

    To get more information about SslCertificate, see:

    Example Usage

    Ssl Certificate Basic

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as std from "@pulumi/std";
    
    const _default = new gcp.compute.SSLCertificate("default", {
        namePrefix: "my-certificate-",
        description: "a description",
        privateKey: std.file({
            input: "path/to/private.key",
        }).then(invoke => invoke.result),
        certificate: std.file({
            input: "path/to/certificate.crt",
        }).then(invoke => invoke.result),
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_std as std
    
    default = gcp.compute.SSLCertificate("default",
        name_prefix="my-certificate-",
        description="a description",
        private_key=std.file(input="path/to/private.key").result,
        certificate=std.file(input="path/to/certificate.crt").result)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile1, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
    			NamePrefix:  pulumi.String("my-certificate-"),
    			Description: pulumi.String("a description"),
    			PrivateKey:  invokeFile.Result,
    			Certificate: invokeFile1.Result,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var @default = new Gcp.Compute.SSLCertificate("default", new()
        {
            NamePrefix = "my-certificate-",
            Description = "a description",
            PrivateKey = Std.File.Invoke(new()
            {
                Input = "path/to/private.key",
            }).Apply(invoke => invoke.Result),
            Certificate = Std.File.Invoke(new()
            {
                Input = "path/to/certificate.crt",
            }).Apply(invoke => invoke.Result),
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new SSLCertificate("default", SSLCertificateArgs.builder()        
                .namePrefix("my-certificate-")
                .description("a description")
                .privateKey(StdFunctions.file(FileArgs.builder()
                    .input("path/to/private.key")
                    .build()).result())
                .certificate(StdFunctions.file(FileArgs.builder()
                    .input("path/to/certificate.crt")
                    .build()).result())
                .build());
    
        }
    }
    
    resources:
      default:
        type: gcp:compute:SSLCertificate
        properties:
          namePrefix: my-certificate-
          description: a description
          privateKey:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/private.key
              Return: result
          certificate:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/certificate.crt
              Return: result
    

    Ssl Certificate Random Provider

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as random from "@pulumi/random";
    import * as std from "@pulumi/std";
    
    const certificate = new random.RandomId("certificate", {
        byteLength: 4,
        prefix: "my-certificate-",
        keepers: {
            private_key: std.filebase64sha256({
                input: "path/to/private.key",
            }).then(invoke => invoke.result),
            certificate: std.filebase64sha256({
                input: "path/to/certificate.crt",
            }).then(invoke => invoke.result),
        },
    });
    // You may also want to control name generation explicitly:
    const _default = new gcp.compute.SSLCertificate("default", {
        name: certificate.hex,
        privateKey: std.file({
            input: "path/to/private.key",
        }).then(invoke => invoke.result),
        certificate: std.file({
            input: "path/to/certificate.crt",
        }).then(invoke => invoke.result),
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_random as random
    import pulumi_std as std
    
    certificate = random.RandomId("certificate",
        byte_length=4,
        prefix="my-certificate-",
        keepers={
            "private_key": std.filebase64sha256(input="path/to/private.key").result,
            "certificate": std.filebase64sha256(input="path/to/certificate.crt").result,
        })
    # You may also want to control name generation explicitly:
    default = gcp.compute.SSLCertificate("default",
        name=certificate.hex,
        private_key=std.file(input="path/to/private.key").result,
        certificate=std.file(input="path/to/certificate.crt").result)
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi-random/sdk/v4/go/random"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFilebase64sha256, err := std.Filebase64sha256(ctx, &std.Filebase64sha256Args{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFilebase64sha2561, err := std.Filebase64sha256(ctx, &std.Filebase64sha256Args{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		certificate, err := random.NewRandomId(ctx, "certificate", &random.RandomIdArgs{
    			ByteLength: pulumi.Int(4),
    			Prefix:     pulumi.String("my-certificate-"),
    			Keepers: pulumi.StringMap{
    				"private_key": invokeFilebase64sha256.Result,
    				"certificate": invokeFilebase64sha2561.Result,
    			},
    		})
    		if err != nil {
    			return err
    		}
    		invokeFile2, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile3, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		// You may also want to control name generation explicitly:
    		_, err = compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
    			Name:        certificate.Hex,
    			PrivateKey:  invokeFile2.Result,
    			Certificate: invokeFile3.Result,
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Random = Pulumi.Random;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        var certificate = new Random.RandomId("certificate", new()
        {
            ByteLength = 4,
            Prefix = "my-certificate-",
            Keepers = 
            {
                { "private_key", Std.Filebase64sha256.Invoke(new()
                {
                    Input = "path/to/private.key",
                }).Apply(invoke => invoke.Result) },
                { "certificate", Std.Filebase64sha256.Invoke(new()
                {
                    Input = "path/to/certificate.crt",
                }).Apply(invoke => invoke.Result) },
            },
        });
    
        // You may also want to control name generation explicitly:
        var @default = new Gcp.Compute.SSLCertificate("default", new()
        {
            Name = certificate.Hex,
            PrivateKey = Std.File.Invoke(new()
            {
                Input = "path/to/private.key",
            }).Apply(invoke => invoke.Result),
            Certificate = Std.File.Invoke(new()
            {
                Input = "path/to/certificate.crt",
            }).Apply(invoke => invoke.Result),
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.random.RandomId;
    import com.pulumi.random.RandomIdArgs;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var certificate = new RandomId("certificate", RandomIdArgs.builder()        
                .byteLength(4)
                .prefix("my-certificate-")
                .keepers(Map.ofEntries(
                    Map.entry("private_key", StdFunctions.filebase64sha256(Filebase64sha256Args.builder()
                        .input("path/to/private.key")
                        .build()).result()),
                    Map.entry("certificate", StdFunctions.filebase64sha256(Filebase64sha256Args.builder()
                        .input("path/to/certificate.crt")
                        .build()).result())
                ))
                .build());
    
            var default_ = new SSLCertificate("default", SSLCertificateArgs.builder()        
                .name(certificate.hex())
                .privateKey(StdFunctions.file(FileArgs.builder()
                    .input("path/to/private.key")
                    .build()).result())
                .certificate(StdFunctions.file(FileArgs.builder()
                    .input("path/to/certificate.crt")
                    .build()).result())
                .build());
    
        }
    }
    
    resources:
      # You may also want to control name generation explicitly:
      default:
        type: gcp:compute:SSLCertificate
        properties:
          name: ${certificate.hex}
          privateKey:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/private.key
              Return: result
          certificate:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/certificate.crt
              Return: result
      certificate:
        type: random:RandomId
        properties:
          byteLength: 4
          prefix: my-certificate-
          keepers:
            private_key:
              fn::invoke:
                Function: std:filebase64sha256
                Arguments:
                  input: path/to/private.key
                Return: result
            certificate:
              fn::invoke:
                Function: std:filebase64sha256
                Arguments:
                  input: path/to/certificate.crt
                Return: result
    

    Ssl Certificate Target Https Proxies

    import * as pulumi from "@pulumi/pulumi";
    import * as gcp from "@pulumi/gcp";
    import * as std from "@pulumi/std";
    
    // Using with Target HTTPS Proxies
    //
    // SSL certificates cannot be updated after creation. In order to apply
    // the specified configuration, the provider will destroy the existing
    // resource and create a replacement. Example:
    const _default = new gcp.compute.SSLCertificate("default", {
        namePrefix: "my-certificate-",
        privateKey: std.file({
            input: "path/to/private.key",
        }).then(invoke => invoke.result),
        certificate: std.file({
            input: "path/to/certificate.crt",
        }).then(invoke => invoke.result),
    });
    const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
        name: "http-health-check",
        requestPath: "/",
        checkIntervalSec: 1,
        timeoutSec: 1,
    });
    const defaultBackendService = new gcp.compute.BackendService("default", {
        name: "backend-service",
        portName: "http",
        protocol: "HTTP",
        timeoutSec: 10,
        healthChecks: defaultHttpHealthCheck.id,
    });
    const defaultURLMap = new gcp.compute.URLMap("default", {
        name: "url-map",
        description: "a description",
        defaultService: defaultBackendService.id,
        hostRules: [{
            hosts: ["mysite.com"],
            pathMatcher: "allpaths",
        }],
        pathMatchers: [{
            name: "allpaths",
            defaultService: defaultBackendService.id,
            pathRules: [{
                paths: ["/*"],
                service: defaultBackendService.id,
            }],
        }],
    });
    const defaultTargetHttpsProxy = new gcp.compute.TargetHttpsProxy("default", {
        name: "test-proxy",
        urlMap: defaultURLMap.id,
        sslCertificates: [_default.id],
    });
    
    import pulumi
    import pulumi_gcp as gcp
    import pulumi_std as std
    
    # Using with Target HTTPS Proxies
    #
    # SSL certificates cannot be updated after creation. In order to apply
    # the specified configuration, the provider will destroy the existing
    # resource and create a replacement. Example:
    default = gcp.compute.SSLCertificate("default",
        name_prefix="my-certificate-",
        private_key=std.file(input="path/to/private.key").result,
        certificate=std.file(input="path/to/certificate.crt").result)
    default_http_health_check = gcp.compute.HttpHealthCheck("default",
        name="http-health-check",
        request_path="/",
        check_interval_sec=1,
        timeout_sec=1)
    default_backend_service = gcp.compute.BackendService("default",
        name="backend-service",
        port_name="http",
        protocol="HTTP",
        timeout_sec=10,
        health_checks=default_http_health_check.id)
    default_url_map = gcp.compute.URLMap("default",
        name="url-map",
        description="a description",
        default_service=default_backend_service.id,
        host_rules=[gcp.compute.URLMapHostRuleArgs(
            hosts=["mysite.com"],
            path_matcher="allpaths",
        )],
        path_matchers=[gcp.compute.URLMapPathMatcherArgs(
            name="allpaths",
            default_service=default_backend_service.id,
            path_rules=[gcp.compute.URLMapPathMatcherPathRuleArgs(
                paths=["/*"],
                service=default_backend_service.id,
            )],
        )])
    default_target_https_proxy = gcp.compute.TargetHttpsProxy("default",
        name="test-proxy",
        url_map=default_url_map.id,
        ssl_certificates=[default.id])
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-gcp/sdk/v7/go/gcp/compute"
    	"github.com/pulumi/pulumi-std/sdk/go/std"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		invokeFile, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/private.key",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		invokeFile1, err := std.File(ctx, &std.FileArgs{
    			Input: "path/to/certificate.crt",
    		}, nil)
    		if err != nil {
    			return err
    		}
    		// Using with Target HTTPS Proxies
    		//
    		// SSL certificates cannot be updated after creation. In order to apply
    		// the specified configuration, the provider will destroy the existing
    		// resource and create a replacement. Example:
    		_, err = compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
    			NamePrefix:  pulumi.String("my-certificate-"),
    			PrivateKey:  invokeFile.Result,
    			Certificate: invokeFile1.Result,
    		})
    		if err != nil {
    			return err
    		}
    		defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
    			Name:             pulumi.String("http-health-check"),
    			RequestPath:      pulumi.String("/"),
    			CheckIntervalSec: pulumi.Int(1),
    			TimeoutSec:       pulumi.Int(1),
    		})
    		if err != nil {
    			return err
    		}
    		defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
    			Name:         pulumi.String("backend-service"),
    			PortName:     pulumi.String("http"),
    			Protocol:     pulumi.String("HTTP"),
    			TimeoutSec:   pulumi.Int(10),
    			HealthChecks: defaultHttpHealthCheck.ID(),
    		})
    		if err != nil {
    			return err
    		}
    		defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
    			Name:           pulumi.String("url-map"),
    			Description:    pulumi.String("a description"),
    			DefaultService: defaultBackendService.ID(),
    			HostRules: compute.URLMapHostRuleArray{
    				&compute.URLMapHostRuleArgs{
    					Hosts: pulumi.StringArray{
    						pulumi.String("mysite.com"),
    					},
    					PathMatcher: pulumi.String("allpaths"),
    				},
    			},
    			PathMatchers: compute.URLMapPathMatcherArray{
    				&compute.URLMapPathMatcherArgs{
    					Name:           pulumi.String("allpaths"),
    					DefaultService: defaultBackendService.ID(),
    					PathRules: compute.URLMapPathMatcherPathRuleArray{
    						&compute.URLMapPathMatcherPathRuleArgs{
    							Paths: pulumi.StringArray{
    								pulumi.String("/*"),
    							},
    							Service: defaultBackendService.ID(),
    						},
    					},
    				},
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
    			Name:   pulumi.String("test-proxy"),
    			UrlMap: defaultURLMap.ID(),
    			SslCertificates: pulumi.StringArray{
    				_default.ID(),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Gcp = Pulumi.Gcp;
    using Std = Pulumi.Std;
    
    return await Deployment.RunAsync(() => 
    {
        // Using with Target HTTPS Proxies
        //
        // SSL certificates cannot be updated after creation. In order to apply
        // the specified configuration, the provider will destroy the existing
        // resource and create a replacement. Example:
        var @default = new Gcp.Compute.SSLCertificate("default", new()
        {
            NamePrefix = "my-certificate-",
            PrivateKey = Std.File.Invoke(new()
            {
                Input = "path/to/private.key",
            }).Apply(invoke => invoke.Result),
            Certificate = Std.File.Invoke(new()
            {
                Input = "path/to/certificate.crt",
            }).Apply(invoke => invoke.Result),
        });
    
        var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
        {
            Name = "http-health-check",
            RequestPath = "/",
            CheckIntervalSec = 1,
            TimeoutSec = 1,
        });
    
        var defaultBackendService = new Gcp.Compute.BackendService("default", new()
        {
            Name = "backend-service",
            PortName = "http",
            Protocol = "HTTP",
            TimeoutSec = 10,
            HealthChecks = defaultHttpHealthCheck.Id,
        });
    
        var defaultURLMap = new Gcp.Compute.URLMap("default", new()
        {
            Name = "url-map",
            Description = "a description",
            DefaultService = defaultBackendService.Id,
            HostRules = new[]
            {
                new Gcp.Compute.Inputs.URLMapHostRuleArgs
                {
                    Hosts = new[]
                    {
                        "mysite.com",
                    },
                    PathMatcher = "allpaths",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.Compute.Inputs.URLMapPathMatcherArgs
                {
                    Name = "allpaths",
                    DefaultService = defaultBackendService.Id,
                    PathRules = new[]
                    {
                        new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
                        {
                            Paths = new[]
                            {
                                "/*",
                            },
                            Service = defaultBackendService.Id,
                        },
                    },
                },
            },
        });
    
        var defaultTargetHttpsProxy = new Gcp.Compute.TargetHttpsProxy("default", new()
        {
            Name = "test-proxy",
            UrlMap = defaultURLMap.Id,
            SslCertificates = new[]
            {
                @default.Id,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.gcp.compute.SSLCertificate;
    import com.pulumi.gcp.compute.SSLCertificateArgs;
    import com.pulumi.gcp.compute.HttpHealthCheck;
    import com.pulumi.gcp.compute.HttpHealthCheckArgs;
    import com.pulumi.gcp.compute.BackendService;
    import com.pulumi.gcp.compute.BackendServiceArgs;
    import com.pulumi.gcp.compute.URLMap;
    import com.pulumi.gcp.compute.URLMapArgs;
    import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
    import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
    import com.pulumi.gcp.compute.TargetHttpsProxy;
    import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var default_ = new SSLCertificate("default", SSLCertificateArgs.builder()        
                .namePrefix("my-certificate-")
                .privateKey(StdFunctions.file(FileArgs.builder()
                    .input("path/to/private.key")
                    .build()).result())
                .certificate(StdFunctions.file(FileArgs.builder()
                    .input("path/to/certificate.crt")
                    .build()).result())
                .build());
    
            var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()        
                .name("http-health-check")
                .requestPath("/")
                .checkIntervalSec(1)
                .timeoutSec(1)
                .build());
    
            var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()        
                .name("backend-service")
                .portName("http")
                .protocol("HTTP")
                .timeoutSec(10)
                .healthChecks(defaultHttpHealthCheck.id())
                .build());
    
            var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()        
                .name("url-map")
                .description("a description")
                .defaultService(defaultBackendService.id())
                .hostRules(URLMapHostRuleArgs.builder()
                    .hosts("mysite.com")
                    .pathMatcher("allpaths")
                    .build())
                .pathMatchers(URLMapPathMatcherArgs.builder()
                    .name("allpaths")
                    .defaultService(defaultBackendService.id())
                    .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                        .paths("/*")
                        .service(defaultBackendService.id())
                        .build())
                    .build())
                .build());
    
            var defaultTargetHttpsProxy = new TargetHttpsProxy("defaultTargetHttpsProxy", TargetHttpsProxyArgs.builder()        
                .name("test-proxy")
                .urlMap(defaultURLMap.id())
                .sslCertificates(default_.id())
                .build());
    
        }
    }
    
    resources:
      # Using with Target HTTPS Proxies
      # //
      # // SSL certificates cannot be updated after creation. In order to apply
      # // the specified configuration, the provider will destroy the existing
      # // resource and create a replacement. Example:
      default:
        type: gcp:compute:SSLCertificate
        properties:
          namePrefix: my-certificate-
          privateKey:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/private.key
              Return: result
          certificate:
            fn::invoke:
              Function: std:file
              Arguments:
                input: path/to/certificate.crt
              Return: result
      defaultTargetHttpsProxy:
        type: gcp:compute:TargetHttpsProxy
        name: default
        properties:
          name: test-proxy
          urlMap: ${defaultURLMap.id}
          sslCertificates:
            - ${default.id}
      defaultURLMap:
        type: gcp:compute:URLMap
        name: default
        properties:
          name: url-map
          description: a description
          defaultService: ${defaultBackendService.id}
          hostRules:
            - hosts:
                - mysite.com
              pathMatcher: allpaths
          pathMatchers:
            - name: allpaths
              defaultService: ${defaultBackendService.id}
              pathRules:
                - paths:
                    - /*
                  service: ${defaultBackendService.id}
      defaultBackendService:
        type: gcp:compute:BackendService
        name: default
        properties:
          name: backend-service
          portName: http
          protocol: HTTP
          timeoutSec: 10
          healthChecks: ${defaultHttpHealthCheck.id}
      defaultHttpHealthCheck:
        type: gcp:compute:HttpHealthCheck
        name: default
        properties:
          name: http-health-check
          requestPath: /
          checkIntervalSec: 1
          timeoutSec: 1
    

    Create SSLCertificate Resource

    new SSLCertificate(name: string, args: SSLCertificateArgs, opts?: CustomResourceOptions);
    @overload
    def SSLCertificate(resource_name: str,
                       opts: Optional[ResourceOptions] = None,
                       certificate: Optional[str] = None,
                       description: Optional[str] = None,
                       name: Optional[str] = None,
                       name_prefix: Optional[str] = None,
                       private_key: Optional[str] = None,
                       project: Optional[str] = None)
    @overload
    def SSLCertificate(resource_name: str,
                       args: SSLCertificateArgs,
                       opts: Optional[ResourceOptions] = None)
    func NewSSLCertificate(ctx *Context, name string, args SSLCertificateArgs, opts ...ResourceOption) (*SSLCertificate, error)
    public SSLCertificate(string name, SSLCertificateArgs args, CustomResourceOptions? opts = null)
    public SSLCertificate(String name, SSLCertificateArgs args)
    public SSLCertificate(String name, SSLCertificateArgs args, CustomResourceOptions options)
    
    type: gcp:compute:SSLCertificate
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    
    name string
    The unique name of the resource.
    args SSLCertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args SSLCertificateArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args SSLCertificateArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args SSLCertificateArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args SSLCertificateArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    SSLCertificate Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The SSLCertificate resource accepts the following input properties:

    Certificate string
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    PrivateKey string
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    Description string
    An optional description of this resource.
    Name string

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    NamePrefix string
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    Certificate string
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    PrivateKey string
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    Description string
    An optional description of this resource.
    Name string

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    NamePrefix string
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificate String
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    privateKey String
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    description String
    An optional description of this resource.
    name String

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    namePrefix String
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificate string
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    privateKey string
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    description string
    An optional description of this resource.
    name string

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    namePrefix string
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificate str
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    private_key str
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    description str
    An optional description of this resource.
    name str

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    name_prefix str
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    certificate String
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    privateKey String
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    description String
    An optional description of this resource.
    name String

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    namePrefix String
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the SSLCertificate resource produces the following output properties:

    CertificateId int
    The unique identifier for the resource.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    ExpireTime string
    Expire time of the certificate in RFC3339 text format.
    Id string
    The provider-assigned unique ID for this managed resource.
    SelfLink string
    The URI of the created resource.
    CertificateId int
    The unique identifier for the resource.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    ExpireTime string
    Expire time of the certificate in RFC3339 text format.
    Id string
    The provider-assigned unique ID for this managed resource.
    SelfLink string
    The URI of the created resource.
    certificateId Integer
    The unique identifier for the resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    expireTime String
    Expire time of the certificate in RFC3339 text format.
    id String
    The provider-assigned unique ID for this managed resource.
    selfLink String
    The URI of the created resource.
    certificateId number
    The unique identifier for the resource.
    creationTimestamp string
    Creation timestamp in RFC3339 text format.
    expireTime string
    Expire time of the certificate in RFC3339 text format.
    id string
    The provider-assigned unique ID for this managed resource.
    selfLink string
    The URI of the created resource.
    certificate_id int
    The unique identifier for the resource.
    creation_timestamp str
    Creation timestamp in RFC3339 text format.
    expire_time str
    Expire time of the certificate in RFC3339 text format.
    id str
    The provider-assigned unique ID for this managed resource.
    self_link str
    The URI of the created resource.
    certificateId Number
    The unique identifier for the resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    expireTime String
    Expire time of the certificate in RFC3339 text format.
    id String
    The provider-assigned unique ID for this managed resource.
    selfLink String
    The URI of the created resource.

    Look up Existing SSLCertificate Resource

    Get an existing SSLCertificate resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: SSLCertificateState, opts?: CustomResourceOptions): SSLCertificate
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            certificate: Optional[str] = None,
            certificate_id: Optional[int] = None,
            creation_timestamp: Optional[str] = None,
            description: Optional[str] = None,
            expire_time: Optional[str] = None,
            name: Optional[str] = None,
            name_prefix: Optional[str] = None,
            private_key: Optional[str] = None,
            project: Optional[str] = None,
            self_link: Optional[str] = None) -> SSLCertificate
    func GetSSLCertificate(ctx *Context, name string, id IDInput, state *SSLCertificateState, opts ...ResourceOption) (*SSLCertificate, error)
    public static SSLCertificate Get(string name, Input<string> id, SSLCertificateState? state, CustomResourceOptions? opts = null)
    public static SSLCertificate get(String name, Output<String> id, SSLCertificateState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Certificate string
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    CertificateId int
    The unique identifier for the resource.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Description string
    An optional description of this resource.
    ExpireTime string
    Expire time of the certificate in RFC3339 text format.
    Name string

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    NamePrefix string
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    PrivateKey string
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    SelfLink string
    The URI of the created resource.
    Certificate string
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    CertificateId int
    The unique identifier for the resource.
    CreationTimestamp string
    Creation timestamp in RFC3339 text format.
    Description string
    An optional description of this resource.
    ExpireTime string
    Expire time of the certificate in RFC3339 text format.
    Name string

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    NamePrefix string
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    PrivateKey string
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    Project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    SelfLink string
    The URI of the created resource.
    certificate String
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    certificateId Integer
    The unique identifier for the resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    description String
    An optional description of this resource.
    expireTime String
    Expire time of the certificate in RFC3339 text format.
    name String

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    namePrefix String
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    privateKey String
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    selfLink String
    The URI of the created resource.
    certificate string
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    certificateId number
    The unique identifier for the resource.
    creationTimestamp string
    Creation timestamp in RFC3339 text format.
    description string
    An optional description of this resource.
    expireTime string
    Expire time of the certificate in RFC3339 text format.
    name string

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    namePrefix string
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    privateKey string
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    project string
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    selfLink string
    The URI of the created resource.
    certificate str
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    certificate_id int
    The unique identifier for the resource.
    creation_timestamp str
    Creation timestamp in RFC3339 text format.
    description str
    An optional description of this resource.
    expire_time str
    Expire time of the certificate in RFC3339 text format.
    name str

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    name_prefix str
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    private_key str
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    project str
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    self_link str
    The URI of the created resource.
    certificate String
    The certificate in PEM format. The certificate chain must be no greater than 5 certs long. The chain must include at least one intermediate cert. Note: This property is sensitive and will not be displayed in the plan.
    certificateId Number
    The unique identifier for the resource.
    creationTimestamp String
    Creation timestamp in RFC3339 text format.
    description String
    An optional description of this resource.
    expireTime String
    Expire time of the certificate in RFC3339 text format.
    name String

    Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

    These are in the same namespace as the managed SSL certificates.

    namePrefix String
    Creates a unique name beginning with the specified prefix. Conflicts with name.
    privateKey String
    The write-only private key in PEM format. Note: This property is sensitive and will not be displayed in the plan.


    project String
    The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
    selfLink String
    The URI of the created resource.

    Import

    SslCertificate can be imported using any of these accepted formats:

    • projects/{{project}}/global/sslCertificates/{{name}}

    • {{project}}/{{name}}

    • {{name}}

    When using the pulumi import command, SslCertificate can be imported using one of the formats above. For example:

    $ pulumi import gcp:compute/sSLCertificate:SSLCertificate default projects/{{project}}/global/sslCertificates/{{name}}
    
    $ pulumi import gcp:compute/sSLCertificate:SSLCertificate default {{project}}/{{name}}
    
    $ pulumi import gcp:compute/sSLCertificate:SSLCertificate default {{name}}
    

    Package Details

    Repository
    Google Cloud (GCP) Classic pulumi/pulumi-gcp
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the google-beta Terraform Provider.
    gcp logo
    Google Cloud Classic v7.16.0 published on Wednesday, Mar 27, 2024 by Pulumi