Google Cloud v8.30.0, May 12 25

Google Cloud v8.30.0 published on Monday, May 12, 2025 by Pulumi

gcp.compute.SSLPolicy

Explore with Pulumi AI

Google Cloud v8.30.0 published on Monday, May 12, 2025 by Pulumi

pulumi/pulumi-gcp

Example Usage

Ssl Policy Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const prod_ssl_policy = new gcp.compute.SSLPolicy("prod-ssl-policy", {
    name: "production-ssl-policy",
    profile: "MODERN",
});
const nonprod_ssl_policy = new gcp.compute.SSLPolicy("nonprod-ssl-policy", {
    name: "nonprod-ssl-policy",
    profile: "MODERN",
    minTlsVersion: "TLS_1_2",
});
const custom_ssl_policy = new gcp.compute.SSLPolicy("custom-ssl-policy", {
    name: "custom-ssl-policy",
    minTlsVersion: "TLS_1_2",
    profile: "CUSTOM",
    customFeatures: [
        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
    ],
});

import pulumi
import pulumi_gcp as gcp

prod_ssl_policy = gcp.compute.SSLPolicy("prod-ssl-policy",
    name="production-ssl-policy",
    profile="MODERN")
nonprod_ssl_policy = gcp.compute.SSLPolicy("nonprod-ssl-policy",
    name="nonprod-ssl-policy",
    profile="MODERN",
    min_tls_version="TLS_1_2")
custom_ssl_policy = gcp.compute.SSLPolicy("custom-ssl-policy",
    name="custom-ssl-policy",
    min_tls_version="TLS_1_2",
    profile="CUSTOM",
    custom_features=[
        "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
        "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
    ])

package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := compute.NewSSLPolicy(ctx, "prod-ssl-policy", &compute.SSLPolicyArgs{
			Name:    pulumi.String("production-ssl-policy"),
			Profile: pulumi.String("MODERN"),
		})
		if err != nil {
			return err
		}
		_, err = compute.NewSSLPolicy(ctx, "nonprod-ssl-policy", &compute.SSLPolicyArgs{
			Name:          pulumi.String("nonprod-ssl-policy"),
			Profile:       pulumi.String("MODERN"),
			MinTlsVersion: pulumi.String("TLS_1_2"),
		})
		if err != nil {
			return err
		}
		_, err = compute.NewSSLPolicy(ctx, "custom-ssl-policy", &compute.SSLPolicyArgs{
			Name:          pulumi.String("custom-ssl-policy"),
			MinTlsVersion: pulumi.String("TLS_1_2"),
			Profile:       pulumi.String("CUSTOM"),
			CustomFeatures: pulumi.StringArray{
				pulumi.String("TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384"),
				pulumi.String("TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var prod_ssl_policy = new Gcp.Compute.SSLPolicy("prod-ssl-policy", new()
    {
        Name = "production-ssl-policy",
        Profile = "MODERN",
    });

    var nonprod_ssl_policy = new Gcp.Compute.SSLPolicy("nonprod-ssl-policy", new()
    {
        Name = "nonprod-ssl-policy",
        Profile = "MODERN",
        MinTlsVersion = "TLS_1_2",
    });

    var custom_ssl_policy = new Gcp.Compute.SSLPolicy("custom-ssl-policy", new()
    {
        Name = "custom-ssl-policy",
        MinTlsVersion = "TLS_1_2",
        Profile = "CUSTOM",
        CustomFeatures = new[]
        {
            "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
            "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384",
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.SSLPolicy;
import com.pulumi.gcp.compute.SSLPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var prod_ssl_policy = new SSLPolicy("prod-ssl-policy", SSLPolicyArgs.builder()
            .name("production-ssl-policy")
            .profile("MODERN")
            .build());

        var nonprod_ssl_policy = new SSLPolicy("nonprod-ssl-policy", SSLPolicyArgs.builder()
            .name("nonprod-ssl-policy")
            .profile("MODERN")
            .minTlsVersion("TLS_1_2")
            .build());

        var custom_ssl_policy = new SSLPolicy("custom-ssl-policy", SSLPolicyArgs.builder()
            .name("custom-ssl-policy")
            .minTlsVersion("TLS_1_2")
            .profile("CUSTOM")
            .customFeatures(            
                "TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
                "TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
            .build());

    }
}

resources:
  prod-ssl-policy:
    type: gcp:compute:SSLPolicy
    properties:
      name: production-ssl-policy
      profile: MODERN
  nonprod-ssl-policy:
    type: gcp:compute:SSLPolicy
    properties:
      name: nonprod-ssl-policy
      profile: MODERN
      minTlsVersion: TLS_1_2
  custom-ssl-policy:
    type: gcp:compute:SSLPolicy
    properties:
      name: custom-ssl-policy
      minTlsVersion: TLS_1_2
      profile: CUSTOM
      customFeatures:
        - TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384
        - TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384

Create SSLPolicy Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new SSLPolicy(name: string, args?: SSLPolicyArgs, opts?: CustomResourceOptions);

@overload
def SSLPolicy(resource_name: str,
              args: Optional[SSLPolicyArgs] = None,
              opts: Optional[ResourceOptions] = None)

@overload
def SSLPolicy(resource_name: str,
              opts: Optional[ResourceOptions] = None,
              custom_features: Optional[Sequence[str]] = None,
              description: Optional[str] = None,
              min_tls_version: Optional[str] = None,
              name: Optional[str] = None,
              profile: Optional[str] = None,
              project: Optional[str] = None)

func NewSSLPolicy(ctx *Context, name string, args *SSLPolicyArgs, opts ...ResourceOption) (*SSLPolicy, error)

public SSLPolicy(string name, SSLPolicyArgs? args = null, CustomResourceOptions? opts = null)

public SSLPolicy(String name, SSLPolicyArgs args)
public SSLPolicy(String name, SSLPolicyArgs args, CustomResourceOptions options)

type: gcp:compute:SSLPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args SSLPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args SSLPolicyArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args SSLPolicyArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args SSLPolicyArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args SSLPolicyArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var sslpolicyResource = new Gcp.Compute.SSLPolicy("sslpolicyResource", new()
{
    CustomFeatures = new[]
    {
        "string",
    },
    Description = "string",
    MinTlsVersion = "string",
    Name = "string",
    Profile = "string",
    Project = "string",
});

example, err := compute.NewSSLPolicy(ctx, "sslpolicyResource", &compute.SSLPolicyArgs{
	CustomFeatures: pulumi.StringArray{
		pulumi.String("string"),
	},
	Description:   pulumi.String("string"),
	MinTlsVersion: pulumi.String("string"),
	Name:          pulumi.String("string"),
	Profile:       pulumi.String("string"),
	Project:       pulumi.String("string"),
})

var sslpolicyResource = new SSLPolicy("sslpolicyResource", SSLPolicyArgs.builder()
    .customFeatures("string")
    .description("string")
    .minTlsVersion("string")
    .name("string")
    .profile("string")
    .project("string")
    .build());

sslpolicy_resource = gcp.compute.SSLPolicy("sslpolicyResource",
    custom_features=["string"],
    description="string",
    min_tls_version="string",
    name="string",
    profile="string",
    project="string")

const sslpolicyResource = new gcp.compute.SSLPolicy("sslpolicyResource", {
    customFeatures: ["string"],
    description: "string",
    minTlsVersion: "string",
    name: "string",
    profile: "string",
    project: "string",
});

type: gcp:compute:SSLPolicy
properties:
    customFeatures:
        - string
    description: string
    minTlsVersion: string
    name: string
    profile: string
    project: string

SSLPolicy Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The SSLPolicy resource accepts the following input properties:

CustomFeatures List<string>: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
Description string: An optional description of this resource.
MinTlsVersion string: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
Name string: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Profile string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

CustomFeatures []string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
Description string: An optional description of this resource.
MinTlsVersion string: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
Name string: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Profile string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

customFeatures List<String>: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description String: An optional description of this resource.
minTlsVersion String: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name String: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile String: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

customFeatures string[]: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description string: An optional description of this resource.
minTlsVersion string: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name string: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

custom_features Sequence[str]: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description str: An optional description of this resource.
min_tls_version str: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name str: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile str: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project str: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

customFeatures List<String>: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description String: An optional description of this resource.
minTlsVersion String: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name String: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile String: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Outputs

All input properties are implicitly available as output properties. Additionally, the SSLPolicy resource produces the following output properties:

CreationTimestamp string: Creation timestamp in RFC3339 text format.
EnabledFeatures List<string>: The list of features enabled in the SSL policy.
Fingerprint string: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
Id string: The provider-assigned unique ID for this managed resource.
SelfLink string: The URI of the created resource.

CreationTimestamp string: Creation timestamp in RFC3339 text format.
EnabledFeatures []string: The list of features enabled in the SSL policy.
Fingerprint string: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
Id string: The provider-assigned unique ID for this managed resource.
SelfLink string: The URI of the created resource.

creationTimestamp String: Creation timestamp in RFC3339 text format.
enabledFeatures List<String>: The list of features enabled in the SSL policy.
fingerprint String: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
id String: The provider-assigned unique ID for this managed resource.
selfLink String: The URI of the created resource.

creationTimestamp string: Creation timestamp in RFC3339 text format.
enabledFeatures string[]: The list of features enabled in the SSL policy.
fingerprint string: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
id string: The provider-assigned unique ID for this managed resource.
selfLink string: The URI of the created resource.

creation_timestamp str: Creation timestamp in RFC3339 text format.
enabled_features Sequence[str]: The list of features enabled in the SSL policy.
fingerprint str: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
id str: The provider-assigned unique ID for this managed resource.
self_link str: The URI of the created resource.

creationTimestamp String: Creation timestamp in RFC3339 text format.
enabledFeatures List<String>: The list of features enabled in the SSL policy.
fingerprint String: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
id String: The provider-assigned unique ID for this managed resource.
selfLink String: The URI of the created resource.

Look up Existing SSLPolicy Resource

Get an existing SSLPolicy resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: SSLPolicyState, opts?: CustomResourceOptions): SSLPolicy

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        creation_timestamp: Optional[str] = None,
        custom_features: Optional[Sequence[str]] = None,
        description: Optional[str] = None,
        enabled_features: Optional[Sequence[str]] = None,
        fingerprint: Optional[str] = None,
        min_tls_version: Optional[str] = None,
        name: Optional[str] = None,
        profile: Optional[str] = None,
        project: Optional[str] = None,
        self_link: Optional[str] = None) -> SSLPolicy

func GetSSLPolicy(ctx *Context, name string, id IDInput, state *SSLPolicyState, opts ...ResourceOption) (*SSLPolicy, error)

public static SSLPolicy Get(string name, Input<string> id, SSLPolicyState? state, CustomResourceOptions? opts = null)

public static SSLPolicy get(String name, Output<String> id, SSLPolicyState state, CustomResourceOptions options)

resources:  _:    type: gcp:compute:SSLPolicy    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

CreationTimestamp string: Creation timestamp in RFC3339 text format.
CustomFeatures List<string>: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
Description string: An optional description of this resource.
EnabledFeatures List<string>: The list of features enabled in the SSL policy.
Fingerprint string: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
MinTlsVersion string: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
Name string: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Profile string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
SelfLink string: The URI of the created resource.

CreationTimestamp string: Creation timestamp in RFC3339 text format.
CustomFeatures []string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
Description string: An optional description of this resource.
EnabledFeatures []string: The list of features enabled in the SSL policy.
Fingerprint string: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
MinTlsVersion string: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
Name string: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Profile string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
Project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
SelfLink string: The URI of the created resource.

creationTimestamp String: Creation timestamp in RFC3339 text format.
customFeatures List<String>: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description String: An optional description of this resource.
enabledFeatures List<String>: The list of features enabled in the SSL policy.
fingerprint String: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
minTlsVersion String: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name String: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile String: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
selfLink String: The URI of the created resource.

creationTimestamp string: Creation timestamp in RFC3339 text format.
customFeatures string[]: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description string: An optional description of this resource.
enabledFeatures string[]: The list of features enabled in the SSL policy.
fingerprint string: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
minTlsVersion string: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name string: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile string: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project string: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
selfLink string: The URI of the created resource.

creation_timestamp str: Creation timestamp in RFC3339 text format.
custom_features Sequence[str]: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description str: An optional description of this resource.
enabled_features Sequence[str]: The list of features enabled in the SSL policy.
fingerprint str: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
min_tls_version str: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name str: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile str: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project str: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
self_link str: The URI of the created resource.

creationTimestamp String: Creation timestamp in RFC3339 text format.
customFeatures List<String>: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
description String: An optional description of this resource.
enabledFeatures List<String>: The list of features enabled in the SSL policy.
fingerprint String: Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.
minTlsVersion String: The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
name String: Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
profile String: Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.
project String: The ID of the project in which the resource belongs. If it is not provided, the provider project is used.
selfLink String: The URI of the created resource.

Import

SslPolicy can be imported using any of these accepted formats:

projects/{{project}}/global/sslPolicies/{{name}}
{{project}}/{{name}}
{{name}}

When using the pulumi import command, SslPolicy can be imported using one of the formats above. For example:

$ pulumi import gcp:compute/sSLPolicy:SSLPolicy default projects/{{project}}/global/sslPolicies/{{name}}

$ pulumi import gcp:compute/sSLPolicy:SSLPolicy default {{project}}/{{name}}

$ pulumi import gcp:compute/sSLPolicy:SSLPolicy default {{name}}

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: Google Cloud (GCP) Classic pulumi/pulumi-gcp
License: Apache-2.0
Notes: This Pulumi package is based on the google-beta Terraform Provider.

Google Cloud v8.30.0 published on Monday, May 12, 2025 by Pulumi

pulumi/pulumi-gcp

gcp.compute.SSLPolicy

On this page

On this page

Example Usage

Ssl Policy Basic

Create SSLPolicy Resource

Constructor syntax

Parameters

Constructor example

SSLPolicy Resource Properties

Inputs

Outputs

Look up Existing SSLPolicy Resource

Import

Package Details

On this page

On this page