com.pulumi.gcp.compute.kotlin.TargetHttpsProxyArgs.kt Maven / Gradle / Ivy
Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-gcp-kotlin Show documentation
Show all versions of pulumi-gcp-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
@file:Suppress("NAME_SHADOWING", "DEPRECATION")
package com.pulumi.gcp.compute.kotlin
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.gcp.compute.TargetHttpsProxyArgs.builder
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.Boolean
import kotlin.Int
import kotlin.String
import kotlin.Suppress
import kotlin.collections.List
import kotlin.jvm.JvmName
/**
* Represents a TargetHttpsProxy resource, which is used by one or more
* global forwarding rule to route incoming HTTPS requests to a URL map.
* To get more information about TargetHttpsProxy, see:
* * [API documentation](https://cloud.google.com/compute/docs/reference/v1/targetHttpsProxies)
* * How-to Guides
* * [Official Documentation](https://cloud.google.com/compute/docs/load-balancing/http/target-proxies)
* ## Example Usage
* ### Target Https Proxy Basic
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* const defaultSSLCertificate = new gcp.compute.SSLCertificate("default", {
* name: "my-certificate",
* privateKey: std.file({
* input: "path/to/private.key",
* }).then(invoke => invoke.result),
* certificate: std.file({
* input: "path/to/certificate.crt",
* }).then(invoke => invoke.result),
* });
* const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
* name: "http-health-check",
* requestPath: "/",
* checkIntervalSec: 1,
* timeoutSec: 1,
* });
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend-service",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* healthChecks: defaultHttpHealthCheck.id,
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const _default = new gcp.compute.TargetHttpsProxy("default", {
* name: "test-proxy",
* urlMap: defaultURLMap.id,
* sslCertificates: [defaultSSLCertificate.id],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_std as std
* default_ssl_certificate = gcp.compute.SSLCertificate("default",
* name="my-certificate",
* private_key=std.file(input="path/to/private.key").result,
* certificate=std.file(input="path/to/certificate.crt").result)
* default_http_health_check = gcp.compute.HttpHealthCheck("default",
* name="http-health-check",
* request_path="/",
* check_interval_sec=1,
* timeout_sec=1)
* default_backend_service = gcp.compute.BackendService("default",
* name="backend-service",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* health_checks=default_http_health_check.id)
* default_url_map = gcp.compute.URLMap("default",
* name="url-map",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[{
* "hosts": ["mysite.com"],
* "path_matcher": "allpaths",
* }],
* path_matchers=[{
* "name": "allpaths",
* "default_service": default_backend_service.id,
* "path_rules": [{
* "paths": ["/*"],
* "service": default_backend_service.id,
* }],
* }])
* default = gcp.compute.TargetHttpsProxy("default",
* name="test-proxy",
* url_map=default_url_map.id,
* ssl_certificates=[default_ssl_certificate.id])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Std = Pulumi.Std;
* return await Deployment.RunAsync(() =>
* {
* var defaultSSLCertificate = new Gcp.Compute.SSLCertificate("default", new()
* {
* Name = "my-certificate",
* PrivateKey = Std.File.Invoke(new()
* {
* Input = "path/to/private.key",
* }).Apply(invoke => invoke.Result),
* Certificate = Std.File.Invoke(new()
* {
* Input = "path/to/certificate.crt",
* }).Apply(invoke => invoke.Result),
* });
* var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
* {
* Name = "http-health-check",
* RequestPath = "/",
* CheckIntervalSec = 1,
* TimeoutSec = 1,
* });
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend-service",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* HealthChecks = defaultHttpHealthCheck.Id,
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
* {
* Name = "test-proxy",
* UrlMap = defaultURLMap.Id,
* SslCertificates = new[]
* {
* defaultSSLCertificate.Id,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
* "github.com/pulumi/pulumi-std/sdk/go/std"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* invokeFile, err := std.File(ctx, &std.FileArgs{
* Input: "path/to/private.key",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile1, err := std.File(ctx, &std.FileArgs{
* Input: "path/to/certificate.crt",
* }, nil)
* if err != nil {
* return err
* }
* defaultSSLCertificate, err := compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
* Name: pulumi.String("my-certificate"),
* PrivateKey: pulumi.String(invokeFile.Result),
* Certificate: pulumi.String(invokeFile1.Result),
* })
* if err != nil {
* return err
* }
* defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
* Name: pulumi.String("http-health-check"),
* RequestPath: pulumi.String("/"),
* CheckIntervalSec: pulumi.Int(1),
* TimeoutSec: pulumi.Int(1),
* })
* if err != nil {
* return err
* }
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend-service"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* HealthChecks: defaultHttpHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
* Name: pulumi.String("test-proxy"),
* UrlMap: defaultURLMap.ID(),
* SslCertificates: pulumi.StringArray{
* defaultSSLCertificate.ID(),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.SSLCertificate;
* import com.pulumi.gcp.compute.SSLCertificateArgs;
* import com.pulumi.gcp.compute.HttpHealthCheck;
* import com.pulumi.gcp.compute.HttpHealthCheckArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpsProxy;
* import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
* .name("my-certificate")
* .privateKey(StdFunctions.file(FileArgs.builder()
* .input("path/to/private.key")
* .build()).result())
* .certificate(StdFunctions.file(FileArgs.builder()
* .input("path/to/certificate.crt")
* .build()).result())
* .build());
* var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
* .name("http-health-check")
* .requestPath("/")
* .checkIntervalSec(1)
* .timeoutSec(1)
* .build());
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend-service")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .healthChecks(defaultHttpHealthCheck.id())
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
* .name("test-proxy")
* .urlMap(defaultURLMap.id())
* .sslCertificates(defaultSSLCertificate.id())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:TargetHttpsProxy
* properties:
* name: test-proxy
* urlMap: ${defaultURLMap.id}
* sslCertificates:
* - ${defaultSSLCertificate.id}
* defaultSSLCertificate:
* type: gcp:compute:SSLCertificate
* name: default
* properties:
* name: my-certificate
* privateKey:
* fn::invoke:
* function: std:file
* arguments:
* input: path/to/private.key
* return: result
* certificate:
* fn::invoke:
* function: std:file
* arguments:
* input: path/to/certificate.crt
* return: result
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend-service
* portName: http
* protocol: HTTP
* timeoutSec: 10
* healthChecks: ${defaultHttpHealthCheck.id}
* defaultHttpHealthCheck:
* type: gcp:compute:HttpHealthCheck
* name: default
* properties:
* name: http-health-check
* requestPath: /
* checkIntervalSec: 1
* timeoutSec: 1
* ```
*
* ### Target Https Proxy Http Keep Alive Timeout
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* const defaultSSLCertificate = new gcp.compute.SSLCertificate("default", {
* name: "my-certificate",
* privateKey: std.file({
* input: "path/to/private.key",
* }).then(invoke => invoke.result),
* certificate: std.file({
* input: "path/to/certificate.crt",
* }).then(invoke => invoke.result),
* });
* const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
* name: "http-health-check",
* requestPath: "/",
* checkIntervalSec: 1,
* timeoutSec: 1,
* });
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend-service",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* loadBalancingScheme: "EXTERNAL_MANAGED",
* healthChecks: defaultHttpHealthCheck.id,
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const _default = new gcp.compute.TargetHttpsProxy("default", {
* name: "test-http-keep-alive-timeout-proxy",
* httpKeepAliveTimeoutSec: 610,
* urlMap: defaultURLMap.id,
* sslCertificates: [defaultSSLCertificate.id],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_std as std
* default_ssl_certificate = gcp.compute.SSLCertificate("default",
* name="my-certificate",
* private_key=std.file(input="path/to/private.key").result,
* certificate=std.file(input="path/to/certificate.crt").result)
* default_http_health_check = gcp.compute.HttpHealthCheck("default",
* name="http-health-check",
* request_path="/",
* check_interval_sec=1,
* timeout_sec=1)
* default_backend_service = gcp.compute.BackendService("default",
* name="backend-service",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* load_balancing_scheme="EXTERNAL_MANAGED",
* health_checks=default_http_health_check.id)
* default_url_map = gcp.compute.URLMap("default",
* name="url-map",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[{
* "hosts": ["mysite.com"],
* "path_matcher": "allpaths",
* }],
* path_matchers=[{
* "name": "allpaths",
* "default_service": default_backend_service.id,
* "path_rules": [{
* "paths": ["/*"],
* "service": default_backend_service.id,
* }],
* }])
* default = gcp.compute.TargetHttpsProxy("default",
* name="test-http-keep-alive-timeout-proxy",
* http_keep_alive_timeout_sec=610,
* url_map=default_url_map.id,
* ssl_certificates=[default_ssl_certificate.id])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Std = Pulumi.Std;
* return await Deployment.RunAsync(() =>
* {
* var defaultSSLCertificate = new Gcp.Compute.SSLCertificate("default", new()
* {
* Name = "my-certificate",
* PrivateKey = Std.File.Invoke(new()
* {
* Input = "path/to/private.key",
* }).Apply(invoke => invoke.Result),
* Certificate = Std.File.Invoke(new()
* {
* Input = "path/to/certificate.crt",
* }).Apply(invoke => invoke.Result),
* });
* var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
* {
* Name = "http-health-check",
* RequestPath = "/",
* CheckIntervalSec = 1,
* TimeoutSec = 1,
* });
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend-service",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* LoadBalancingScheme = "EXTERNAL_MANAGED",
* HealthChecks = defaultHttpHealthCheck.Id,
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
* {
* Name = "test-http-keep-alive-timeout-proxy",
* HttpKeepAliveTimeoutSec = 610,
* UrlMap = defaultURLMap.Id,
* SslCertificates = new[]
* {
* defaultSSLCertificate.Id,
* },
* });
* });
* ```
* ```go
* package main
* import (
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
* "github.com/pulumi/pulumi-std/sdk/go/std"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* invokeFile, err := std.File(ctx, &std.FileArgs{
* Input: "path/to/private.key",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile1, err := std.File(ctx, &std.FileArgs{
* Input: "path/to/certificate.crt",
* }, nil)
* if err != nil {
* return err
* }
* defaultSSLCertificate, err := compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
* Name: pulumi.String("my-certificate"),
* PrivateKey: pulumi.String(invokeFile.Result),
* Certificate: pulumi.String(invokeFile1.Result),
* })
* if err != nil {
* return err
* }
* defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
* Name: pulumi.String("http-health-check"),
* RequestPath: pulumi.String("/"),
* CheckIntervalSec: pulumi.Int(1),
* TimeoutSec: pulumi.Int(1),
* })
* if err != nil {
* return err
* }
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend-service"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* LoadBalancingScheme: pulumi.String("EXTERNAL_MANAGED"),
* HealthChecks: defaultHttpHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
* Name: pulumi.String("test-http-keep-alive-timeout-proxy"),
* HttpKeepAliveTimeoutSec: pulumi.Int(610),
* UrlMap: defaultURLMap.ID(),
* SslCertificates: pulumi.StringArray{
* defaultSSLCertificate.ID(),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.compute.SSLCertificate;
* import com.pulumi.gcp.compute.SSLCertificateArgs;
* import com.pulumi.gcp.compute.HttpHealthCheck;
* import com.pulumi.gcp.compute.HttpHealthCheckArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpsProxy;
* import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
* .name("my-certificate")
* .privateKey(StdFunctions.file(FileArgs.builder()
* .input("path/to/private.key")
* .build()).result())
* .certificate(StdFunctions.file(FileArgs.builder()
* .input("path/to/certificate.crt")
* .build()).result())
* .build());
* var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
* .name("http-health-check")
* .requestPath("/")
* .checkIntervalSec(1)
* .timeoutSec(1)
* .build());
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend-service")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .loadBalancingScheme("EXTERNAL_MANAGED")
* .healthChecks(defaultHttpHealthCheck.id())
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
* .name("test-http-keep-alive-timeout-proxy")
* .httpKeepAliveTimeoutSec(610)
* .urlMap(defaultURLMap.id())
* .sslCertificates(defaultSSLCertificate.id())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:TargetHttpsProxy
* properties:
* name: test-http-keep-alive-timeout-proxy
* httpKeepAliveTimeoutSec: 610
* urlMap: ${defaultURLMap.id}
* sslCertificates:
* - ${defaultSSLCertificate.id}
* defaultSSLCertificate:
* type: gcp:compute:SSLCertificate
* name: default
* properties:
* name: my-certificate
* privateKey:
* fn::invoke:
* function: std:file
* arguments:
* input: path/to/private.key
* return: result
* certificate:
* fn::invoke:
* function: std:file
* arguments:
* input: path/to/certificate.crt
* return: result
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend-service
* portName: http
* protocol: HTTP
* timeoutSec: 10
* loadBalancingScheme: EXTERNAL_MANAGED
* healthChecks: ${defaultHttpHealthCheck.id}
* defaultHttpHealthCheck:
* type: gcp:compute:HttpHealthCheck
* name: default
* properties:
* name: http-health-check
* requestPath: /
* checkIntervalSec: 1
* timeoutSec: 1
* ```
*
* ### Target Https Proxy Mtls
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* const project = gcp.organizations.getProject({});
* const defaultTrustConfig = new gcp.certificatemanager.TrustConfig("default", {
* name: "my-trust-config",
* description: "sample description for the trust config",
* location: "global",
* trustStores: [{
* trustAnchors: [{
* pemCertificate: std.file({
* input: "test-fixtures/ca_cert.pem",
* }).then(invoke => invoke.result),
* }],
* intermediateCas: [{
* pemCertificate: std.file({
* input: "test-fixtures/ca_cert.pem",
* }).then(invoke => invoke.result),
* }],
* }],
* labels: {
* foo: "bar",
* },
* });
* const defaultServerTlsPolicy = new gcp.networksecurity.ServerTlsPolicy("default", {
* name: "my-tls-policy",
* description: "my description",
* location: "global",
* allowOpen: false,
* mtlsPolicy: {
* clientValidationMode: "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
* clientValidationTrustConfig: pulumi.all([project, defaultTrustConfig.name]).apply(([project, name]) => `projects/${project.number}/locations/global/trustConfigs/${name}`),
* },
* });
* const defaultSSLCertificate = new gcp.compute.SSLCertificate("default", {
* name: "my-certificate",
* privateKey: std.file({
* input: "path/to/private.key",
* }).then(invoke => invoke.result),
* certificate: std.file({
* input: "path/to/certificate.crt",
* }).then(invoke => invoke.result),
* });
* const defaultHttpHealthCheck = new gcp.compute.HttpHealthCheck("default", {
* name: "http-health-check",
* requestPath: "/",
* checkIntervalSec: 1,
* timeoutSec: 1,
* });
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend-service",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* healthChecks: defaultHttpHealthCheck.id,
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const _default = new gcp.compute.TargetHttpsProxy("default", {
* name: "test-mtls-proxy",
* urlMap: defaultURLMap.id,
* sslCertificates: [defaultSSLCertificate.id],
* serverTlsPolicy: defaultServerTlsPolicy.id,
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_std as std
* project = gcp.organizations.get_project()
* default_trust_config = gcp.certificatemanager.TrustConfig("default",
* name="my-trust-config",
* description="sample description for the trust config",
* location="global",
* trust_stores=[{
* "trust_anchors": [{
* "pem_certificate": std.file(input="test-fixtures/ca_cert.pem").result,
* }],
* "intermediate_cas": [{
* "pem_certificate": std.file(input="test-fixtures/ca_cert.pem").result,
* }],
* }],
* labels={
* "foo": "bar",
* })
* default_server_tls_policy = gcp.networksecurity.ServerTlsPolicy("default",
* name="my-tls-policy",
* description="my description",
* location="global",
* allow_open=False,
* mtls_policy={
* "client_validation_mode": "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
* "client_validation_trust_config": default_trust_config.name.apply(lambda name: f"projects/{project.number}/locations/global/trustConfigs/{name}"),
* })
* default_ssl_certificate = gcp.compute.SSLCertificate("default",
* name="my-certificate",
* private_key=std.file(input="path/to/private.key").result,
* certificate=std.file(input="path/to/certificate.crt").result)
* default_http_health_check = gcp.compute.HttpHealthCheck("default",
* name="http-health-check",
* request_path="/",
* check_interval_sec=1,
* timeout_sec=1)
* default_backend_service = gcp.compute.BackendService("default",
* name="backend-service",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* health_checks=default_http_health_check.id)
* default_url_map = gcp.compute.URLMap("default",
* name="url-map",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[{
* "hosts": ["mysite.com"],
* "path_matcher": "allpaths",
* }],
* path_matchers=[{
* "name": "allpaths",
* "default_service": default_backend_service.id,
* "path_rules": [{
* "paths": ["/*"],
* "service": default_backend_service.id,
* }],
* }])
* default = gcp.compute.TargetHttpsProxy("default",
* name="test-mtls-proxy",
* url_map=default_url_map.id,
* ssl_certificates=[default_ssl_certificate.id],
* server_tls_policy=default_server_tls_policy.id)
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Std = Pulumi.Std;
* return await Deployment.RunAsync(() =>
* {
* var project = Gcp.Organizations.GetProject.Invoke();
* var defaultTrustConfig = new Gcp.CertificateManager.TrustConfig("default", new()
* {
* Name = "my-trust-config",
* Description = "sample description for the trust config",
* Location = "global",
* TrustStores = new[]
* {
* new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreArgs
* {
* TrustAnchors = new[]
* {
* new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreTrustAnchorArgs
* {
* PemCertificate = Std.File.Invoke(new()
* {
* Input = "test-fixtures/ca_cert.pem",
* }).Apply(invoke => invoke.Result),
* },
* },
* IntermediateCas = new[]
* {
* new Gcp.CertificateManager.Inputs.TrustConfigTrustStoreIntermediateCaArgs
* {
* PemCertificate = Std.File.Invoke(new()
* {
* Input = "test-fixtures/ca_cert.pem",
* }).Apply(invoke => invoke.Result),
* },
* },
* },
* },
* Labels =
* {
* { "foo", "bar" },
* },
* });
* var defaultServerTlsPolicy = new Gcp.NetworkSecurity.ServerTlsPolicy("default", new()
* {
* Name = "my-tls-policy",
* Description = "my description",
* Location = "global",
* AllowOpen = false,
* MtlsPolicy = new Gcp.NetworkSecurity.Inputs.ServerTlsPolicyMtlsPolicyArgs
* {
* ClientValidationMode = "ALLOW_INVALID_OR_MISSING_CLIENT_CERT",
* ClientValidationTrustConfig = Output.Tuple(project, defaultTrustConfig.Name).Apply(values =>
* {
* var project = values.Item1;
* var name = values.Item2;
* return $"projects/{project.Apply(getProjectResult => getProjectResult.Number)}/locations/global/trustConfigs/{name}";
* }),
* },
* });
* var defaultSSLCertificate = new Gcp.Compute.SSLCertificate("default", new()
* {
* Name = "my-certificate",
* PrivateKey = Std.File.Invoke(new()
* {
* Input = "path/to/private.key",
* }).Apply(invoke => invoke.Result),
* Certificate = Std.File.Invoke(new()
* {
* Input = "path/to/certificate.crt",
* }).Apply(invoke => invoke.Result),
* });
* var defaultHttpHealthCheck = new Gcp.Compute.HttpHealthCheck("default", new()
* {
* Name = "http-health-check",
* RequestPath = "/",
* CheckIntervalSec = 1,
* TimeoutSec = 1,
* });
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend-service",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* HealthChecks = defaultHttpHealthCheck.Id,
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
* {
* Name = "test-mtls-proxy",
* UrlMap = defaultURLMap.Id,
* SslCertificates = new[]
* {
* defaultSSLCertificate.Id,
* },
* ServerTlsPolicy = defaultServerTlsPolicy.Id,
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networksecurity"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/organizations"
* "github.com/pulumi/pulumi-std/sdk/go/std"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* project, err := organizations.LookupProject(ctx, &organizations.LookupProjectArgs{}, nil)
* if err != nil {
* return err
* }
* invokeFile, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/ca_cert.pem",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile1, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/ca_cert.pem",
* }, nil)
* if err != nil {
* return err
* }
* defaultTrustConfig, err := certificatemanager.NewTrustConfig(ctx, "default", &certificatemanager.TrustConfigArgs{
* Name: pulumi.String("my-trust-config"),
* Description: pulumi.String("sample description for the trust config"),
* Location: pulumi.String("global"),
* TrustStores: certificatemanager.TrustConfigTrustStoreArray{
* &certificatemanager.TrustConfigTrustStoreArgs{
* TrustAnchors: certificatemanager.TrustConfigTrustStoreTrustAnchorArray{
* &certificatemanager.TrustConfigTrustStoreTrustAnchorArgs{
* PemCertificate: pulumi.String(invokeFile.Result),
* },
* },
* IntermediateCas: certificatemanager.TrustConfigTrustStoreIntermediateCaArray{
* &certificatemanager.TrustConfigTrustStoreIntermediateCaArgs{
* PemCertificate: pulumi.String(invokeFile1.Result),
* },
* },
* },
* },
* Labels: pulumi.StringMap{
* "foo": pulumi.String("bar"),
* },
* })
* if err != nil {
* return err
* }
* defaultServerTlsPolicy, err := networksecurity.NewServerTlsPolicy(ctx, "default", &networksecurity.ServerTlsPolicyArgs{
* Name: pulumi.String("my-tls-policy"),
* Description: pulumi.String("my description"),
* Location: pulumi.String("global"),
* AllowOpen: pulumi.Bool(false),
* MtlsPolicy: &networksecurity.ServerTlsPolicyMtlsPolicyArgs{
* ClientValidationMode: pulumi.String("ALLOW_INVALID_OR_MISSING_CLIENT_CERT"),
* ClientValidationTrustConfig: defaultTrustConfig.Name.ApplyT(func(name string) (string, error) {
* return fmt.Sprintf("projects/%v/locations/global/trustConfigs/%v", project.Number, name), nil
* }).(pulumi.StringOutput),
* },
* })
* if err != nil {
* return err
* }
* invokeFile2, err := std.File(ctx, &std.FileArgs{
* Input: "path/to/private.key",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile3, err := std.File(ctx, &std.FileArgs{
* Input: "path/to/certificate.crt",
* }, nil)
* if err != nil {
* return err
* }
* defaultSSLCertificate, err := compute.NewSSLCertificate(ctx, "default", &compute.SSLCertificateArgs{
* Name: pulumi.String("my-certificate"),
* PrivateKey: pulumi.String(invokeFile2.Result),
* Certificate: pulumi.String(invokeFile3.Result),
* })
* if err != nil {
* return err
* }
* defaultHttpHealthCheck, err := compute.NewHttpHealthCheck(ctx, "default", &compute.HttpHealthCheckArgs{
* Name: pulumi.String("http-health-check"),
* RequestPath: pulumi.String("/"),
* CheckIntervalSec: pulumi.Int(1),
* TimeoutSec: pulumi.Int(1),
* })
* if err != nil {
* return err
* }
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend-service"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* HealthChecks: defaultHttpHealthCheck.ID(),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
* Name: pulumi.String("test-mtls-proxy"),
* UrlMap: defaultURLMap.ID(),
* SslCertificates: pulumi.StringArray{
* defaultSSLCertificate.ID(),
* },
* ServerTlsPolicy: defaultServerTlsPolicy.ID(),
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.organizations.OrganizationsFunctions;
* import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
* import com.pulumi.gcp.certificatemanager.TrustConfig;
* import com.pulumi.gcp.certificatemanager.TrustConfigArgs;
* import com.pulumi.gcp.certificatemanager.inputs.TrustConfigTrustStoreArgs;
* import com.pulumi.gcp.networksecurity.ServerTlsPolicy;
* import com.pulumi.gcp.networksecurity.ServerTlsPolicyArgs;
* import com.pulumi.gcp.networksecurity.inputs.ServerTlsPolicyMtlsPolicyArgs;
* import com.pulumi.gcp.compute.SSLCertificate;
* import com.pulumi.gcp.compute.SSLCertificateArgs;
* import com.pulumi.gcp.compute.HttpHealthCheck;
* import com.pulumi.gcp.compute.HttpHealthCheckArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpsProxy;
* import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* final var project = OrganizationsFunctions.getProject();
* var defaultTrustConfig = new TrustConfig("defaultTrustConfig", TrustConfigArgs.builder()
* .name("my-trust-config")
* .description("sample description for the trust config")
* .location("global")
* .trustStores(TrustConfigTrustStoreArgs.builder()
* .trustAnchors(TrustConfigTrustStoreTrustAnchorArgs.builder()
* .pemCertificate(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/ca_cert.pem")
* .build()).result())
* .build())
* .intermediateCas(TrustConfigTrustStoreIntermediateCaArgs.builder()
* .pemCertificate(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/ca_cert.pem")
* .build()).result())
* .build())
* .build())
* .labels(Map.of("foo", "bar"))
* .build());
* var defaultServerTlsPolicy = new ServerTlsPolicy("defaultServerTlsPolicy", ServerTlsPolicyArgs.builder()
* .name("my-tls-policy")
* .description("my description")
* .location("global")
* .allowOpen("false")
* .mtlsPolicy(ServerTlsPolicyMtlsPolicyArgs.builder()
* .clientValidationMode("ALLOW_INVALID_OR_MISSING_CLIENT_CERT")
* .clientValidationTrustConfig(defaultTrustConfig.name().applyValue(name -> String.format("projects/%s/locations/global/trustConfigs/%s", project.applyValue(getProjectResult -> getProjectResult.number()),name)))
* .build())
* .build());
* var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
* .name("my-certificate")
* .privateKey(StdFunctions.file(FileArgs.builder()
* .input("path/to/private.key")
* .build()).result())
* .certificate(StdFunctions.file(FileArgs.builder()
* .input("path/to/certificate.crt")
* .build()).result())
* .build());
* var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
* .name("http-health-check")
* .requestPath("/")
* .checkIntervalSec(1)
* .timeoutSec(1)
* .build());
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend-service")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .healthChecks(defaultHttpHealthCheck.id())
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
* .name("test-mtls-proxy")
* .urlMap(defaultURLMap.id())
* .sslCertificates(defaultSSLCertificate.id())
* .serverTlsPolicy(defaultServerTlsPolicy.id())
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:TargetHttpsProxy
* properties:
* name: test-mtls-proxy
* urlMap: ${defaultURLMap.id}
* sslCertificates:
* - ${defaultSSLCertificate.id}
* serverTlsPolicy: ${defaultServerTlsPolicy.id}
* defaultTrustConfig:
* type: gcp:certificatemanager:TrustConfig
* name: default
* properties:
* name: my-trust-config
* description: sample description for the trust config
* location: global
* trustStores:
* - trustAnchors:
* - pemCertificate:
* fn::invoke:
* function: std:file
* arguments:
* input: test-fixtures/ca_cert.pem
* return: result
* intermediateCas:
* - pemCertificate:
* fn::invoke:
* function: std:file
* arguments:
* input: test-fixtures/ca_cert.pem
* return: result
* labels:
* foo: bar
* defaultServerTlsPolicy:
* type: gcp:networksecurity:ServerTlsPolicy
* name: default
* properties:
* name: my-tls-policy
* description: my description
* location: global
* allowOpen: 'false'
* mtlsPolicy:
* clientValidationMode: ALLOW_INVALID_OR_MISSING_CLIENT_CERT
* clientValidationTrustConfig: projects/${project.number}/locations/global/trustConfigs/${defaultTrustConfig.name}
* defaultSSLCertificate:
* type: gcp:compute:SSLCertificate
* name: default
* properties:
* name: my-certificate
* privateKey:
* fn::invoke:
* function: std:file
* arguments:
* input: path/to/private.key
* return: result
* certificate:
* fn::invoke:
* function: std:file
* arguments:
* input: path/to/certificate.crt
* return: result
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend-service
* portName: http
* protocol: HTTP
* timeoutSec: 10
* healthChecks: ${defaultHttpHealthCheck.id}
* defaultHttpHealthCheck:
* type: gcp:compute:HttpHealthCheck
* name: default
* properties:
* name: http-health-check
* requestPath: /
* checkIntervalSec: 1
* timeoutSec: 1
* variables:
* project:
* fn::invoke:
* function: gcp:organizations:getProject
* arguments: {}
* ```
*
* ### Target Https Proxy Certificate Manager Certificate
*
* ```typescript
* import * as pulumi from "@pulumi/pulumi";
* import * as gcp from "@pulumi/gcp";
* import * as std from "@pulumi/std";
* const defaultCertificate = new gcp.certificatemanager.Certificate("default", {
* name: "my-certificate",
* scope: "ALL_REGIONS",
* selfManaged: {
* pemCertificate: std.file({
* input: "test-fixtures/cert.pem",
* }).then(invoke => invoke.result),
* pemPrivateKey: std.file({
* input: "test-fixtures/private-key.pem",
* }).then(invoke => invoke.result),
* },
* });
* const defaultBackendService = new gcp.compute.BackendService("default", {
* name: "backend-service",
* portName: "http",
* protocol: "HTTP",
* timeoutSec: 10,
* loadBalancingScheme: "INTERNAL_MANAGED",
* });
* const defaultURLMap = new gcp.compute.URLMap("default", {
* name: "url-map",
* description: "a description",
* defaultService: defaultBackendService.id,
* hostRules: [{
* hosts: ["mysite.com"],
* pathMatcher: "allpaths",
* }],
* pathMatchers: [{
* name: "allpaths",
* defaultService: defaultBackendService.id,
* pathRules: [{
* paths: ["/*"],
* service: defaultBackendService.id,
* }],
* }],
* });
* const _default = new gcp.compute.TargetHttpsProxy("default", {
* name: "target-http-proxy",
* urlMap: defaultURLMap.id,
* certificateManagerCertificates: [pulumi.interpolate`//certificatemanager.googleapis.com/${defaultCertificate.id}`],
* });
* ```
* ```python
* import pulumi
* import pulumi_gcp as gcp
* import pulumi_std as std
* default_certificate = gcp.certificatemanager.Certificate("default",
* name="my-certificate",
* scope="ALL_REGIONS",
* self_managed={
* "pem_certificate": std.file(input="test-fixtures/cert.pem").result,
* "pem_private_key": std.file(input="test-fixtures/private-key.pem").result,
* })
* default_backend_service = gcp.compute.BackendService("default",
* name="backend-service",
* port_name="http",
* protocol="HTTP",
* timeout_sec=10,
* load_balancing_scheme="INTERNAL_MANAGED")
* default_url_map = gcp.compute.URLMap("default",
* name="url-map",
* description="a description",
* default_service=default_backend_service.id,
* host_rules=[{
* "hosts": ["mysite.com"],
* "path_matcher": "allpaths",
* }],
* path_matchers=[{
* "name": "allpaths",
* "default_service": default_backend_service.id,
* "path_rules": [{
* "paths": ["/*"],
* "service": default_backend_service.id,
* }],
* }])
* default = gcp.compute.TargetHttpsProxy("default",
* name="target-http-proxy",
* url_map=default_url_map.id,
* certificate_manager_certificates=[default_certificate.id.apply(lambda id: f"//certificatemanager.googleapis.com/{id}")])
* ```
* ```csharp
* using System.Collections.Generic;
* using System.Linq;
* using Pulumi;
* using Gcp = Pulumi.Gcp;
* using Std = Pulumi.Std;
* return await Deployment.RunAsync(() =>
* {
* var defaultCertificate = new Gcp.CertificateManager.Certificate("default", new()
* {
* Name = "my-certificate",
* Scope = "ALL_REGIONS",
* SelfManaged = new Gcp.CertificateManager.Inputs.CertificateSelfManagedArgs
* {
* PemCertificate = Std.File.Invoke(new()
* {
* Input = "test-fixtures/cert.pem",
* }).Apply(invoke => invoke.Result),
* PemPrivateKey = Std.File.Invoke(new()
* {
* Input = "test-fixtures/private-key.pem",
* }).Apply(invoke => invoke.Result),
* },
* });
* var defaultBackendService = new Gcp.Compute.BackendService("default", new()
* {
* Name = "backend-service",
* PortName = "http",
* Protocol = "HTTP",
* TimeoutSec = 10,
* LoadBalancingScheme = "INTERNAL_MANAGED",
* });
* var defaultURLMap = new Gcp.Compute.URLMap("default", new()
* {
* Name = "url-map",
* Description = "a description",
* DefaultService = defaultBackendService.Id,
* HostRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapHostRuleArgs
* {
* Hosts = new[]
* {
* "mysite.com",
* },
* PathMatcher = "allpaths",
* },
* },
* PathMatchers = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherArgs
* {
* Name = "allpaths",
* DefaultService = defaultBackendService.Id,
* PathRules = new[]
* {
* new Gcp.Compute.Inputs.URLMapPathMatcherPathRuleArgs
* {
* Paths = new[]
* {
* "/*",
* },
* Service = defaultBackendService.Id,
* },
* },
* },
* },
* });
* var @default = new Gcp.Compute.TargetHttpsProxy("default", new()
* {
* Name = "target-http-proxy",
* UrlMap = defaultURLMap.Id,
* CertificateManagerCertificates = new[]
* {
* defaultCertificate.Id.Apply(id => $"//certificatemanager.googleapis.com/{id}"),
* },
* });
* });
* ```
* ```go
* package main
* import (
* "fmt"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/certificatemanager"
* "github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/compute"
* "github.com/pulumi/pulumi-std/sdk/go/std"
* "github.com/pulumi/pulumi/sdk/v3/go/pulumi"
* )
* func main() {
* pulumi.Run(func(ctx *pulumi.Context) error {
* invokeFile, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/cert.pem",
* }, nil)
* if err != nil {
* return err
* }
* invokeFile1, err := std.File(ctx, &std.FileArgs{
* Input: "test-fixtures/private-key.pem",
* }, nil)
* if err != nil {
* return err
* }
* defaultCertificate, err := certificatemanager.NewCertificate(ctx, "default", &certificatemanager.CertificateArgs{
* Name: pulumi.String("my-certificate"),
* Scope: pulumi.String("ALL_REGIONS"),
* SelfManaged: &certificatemanager.CertificateSelfManagedArgs{
* PemCertificate: pulumi.String(invokeFile.Result),
* PemPrivateKey: pulumi.String(invokeFile1.Result),
* },
* })
* if err != nil {
* return err
* }
* defaultBackendService, err := compute.NewBackendService(ctx, "default", &compute.BackendServiceArgs{
* Name: pulumi.String("backend-service"),
* PortName: pulumi.String("http"),
* Protocol: pulumi.String("HTTP"),
* TimeoutSec: pulumi.Int(10),
* LoadBalancingScheme: pulumi.String("INTERNAL_MANAGED"),
* })
* if err != nil {
* return err
* }
* defaultURLMap, err := compute.NewURLMap(ctx, "default", &compute.URLMapArgs{
* Name: pulumi.String("url-map"),
* Description: pulumi.String("a description"),
* DefaultService: defaultBackendService.ID(),
* HostRules: compute.URLMapHostRuleArray{
* &compute.URLMapHostRuleArgs{
* Hosts: pulumi.StringArray{
* pulumi.String("mysite.com"),
* },
* PathMatcher: pulumi.String("allpaths"),
* },
* },
* PathMatchers: compute.URLMapPathMatcherArray{
* &compute.URLMapPathMatcherArgs{
* Name: pulumi.String("allpaths"),
* DefaultService: defaultBackendService.ID(),
* PathRules: compute.URLMapPathMatcherPathRuleArray{
* &compute.URLMapPathMatcherPathRuleArgs{
* Paths: pulumi.StringArray{
* pulumi.String("/*"),
* },
* Service: defaultBackendService.ID(),
* },
* },
* },
* },
* })
* if err != nil {
* return err
* }
* _, err = compute.NewTargetHttpsProxy(ctx, "default", &compute.TargetHttpsProxyArgs{
* Name: pulumi.String("target-http-proxy"),
* UrlMap: defaultURLMap.ID(),
* CertificateManagerCertificates: pulumi.StringArray{
* defaultCertificate.ID().ApplyT(func(id string) (string, error) {
* return fmt.Sprintf("//certificatemanager.googleapis.com/%v", id), nil
* }).(pulumi.StringOutput),
* },
* })
* if err != nil {
* return err
* }
* return nil
* })
* }
* ```
* ```java
* package generated_program;
* import com.pulumi.Context;
* import com.pulumi.Pulumi;
* import com.pulumi.core.Output;
* import com.pulumi.gcp.certificatemanager.Certificate;
* import com.pulumi.gcp.certificatemanager.CertificateArgs;
* import com.pulumi.gcp.certificatemanager.inputs.CertificateSelfManagedArgs;
* import com.pulumi.gcp.compute.BackendService;
* import com.pulumi.gcp.compute.BackendServiceArgs;
* import com.pulumi.gcp.compute.URLMap;
* import com.pulumi.gcp.compute.URLMapArgs;
* import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
* import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
* import com.pulumi.gcp.compute.TargetHttpsProxy;
* import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
* import java.util.List;
* import java.util.ArrayList;
* import java.util.Map;
* import java.io.File;
* import java.nio.file.Files;
* import java.nio.file.Paths;
* public class App {
* public static void main(String[] args) {
* Pulumi.run(App::stack);
* }
* public static void stack(Context ctx) {
* var defaultCertificate = new Certificate("defaultCertificate", CertificateArgs.builder()
* .name("my-certificate")
* .scope("ALL_REGIONS")
* .selfManaged(CertificateSelfManagedArgs.builder()
* .pemCertificate(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/cert.pem")
* .build()).result())
* .pemPrivateKey(StdFunctions.file(FileArgs.builder()
* .input("test-fixtures/private-key.pem")
* .build()).result())
* .build())
* .build());
* var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
* .name("backend-service")
* .portName("http")
* .protocol("HTTP")
* .timeoutSec(10)
* .loadBalancingScheme("INTERNAL_MANAGED")
* .build());
* var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
* .name("url-map")
* .description("a description")
* .defaultService(defaultBackendService.id())
* .hostRules(URLMapHostRuleArgs.builder()
* .hosts("mysite.com")
* .pathMatcher("allpaths")
* .build())
* .pathMatchers(URLMapPathMatcherArgs.builder()
* .name("allpaths")
* .defaultService(defaultBackendService.id())
* .pathRules(URLMapPathMatcherPathRuleArgs.builder()
* .paths("/*")
* .service(defaultBackendService.id())
* .build())
* .build())
* .build());
* var default_ = new TargetHttpsProxy("default", TargetHttpsProxyArgs.builder()
* .name("target-http-proxy")
* .urlMap(defaultURLMap.id())
* .certificateManagerCertificates(defaultCertificate.id().applyValue(id -> String.format("//certificatemanager.googleapis.com/%s", id)))
* .build());
* }
* }
* ```
* ```yaml
* resources:
* default:
* type: gcp:compute:TargetHttpsProxy
* properties:
* name: target-http-proxy
* urlMap: ${defaultURLMap.id}
* certificateManagerCertificates: # [google_certificate_manager_certificate.default.id] is also acceptable
* - //certificatemanager.googleapis.com/${defaultCertificate.id}
* defaultCertificate:
* type: gcp:certificatemanager:Certificate
* name: default
* properties:
* name: my-certificate
* scope: ALL_REGIONS
* selfManaged:
* pemCertificate:
* fn::invoke:
* function: std:file
* arguments:
* input: test-fixtures/cert.pem
* return: result
* pemPrivateKey:
* fn::invoke:
* function: std:file
* arguments:
* input: test-fixtures/private-key.pem
* return: result
* defaultURLMap:
* type: gcp:compute:URLMap
* name: default
* properties:
* name: url-map
* description: a description
* defaultService: ${defaultBackendService.id}
* hostRules:
* - hosts:
* - mysite.com
* pathMatcher: allpaths
* pathMatchers:
* - name: allpaths
* defaultService: ${defaultBackendService.id}
* pathRules:
* - paths:
* - /*
* service: ${defaultBackendService.id}
* defaultBackendService:
* type: gcp:compute:BackendService
* name: default
* properties:
* name: backend-service
* portName: http
* protocol: HTTP
* timeoutSec: 10
* loadBalancingScheme: INTERNAL_MANAGED
* ```
*
* ## Import
* TargetHttpsProxy can be imported using any of these accepted formats:
* * `projects/{{project}}/global/targetHttpsProxies/{{name}}`
* * `{{project}}/{{name}}`
* * `{{name}}`
* When using the `pulumi import` command, TargetHttpsProxy can be imported using one of the formats above. For example:
* ```sh
* $ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default projects/{{project}}/global/targetHttpsProxies/{{name}}
* ```
* ```sh
* $ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{project}}/{{name}}
* ```
* ```sh
* $ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{name}}
* ```
* @property certificateManagerCertificates URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
* Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED.
* For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead.
* sslCertificates and certificateManagerCertificates fields can not be defined together.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}`
* @property certificateMap A reference to the CertificateMap resource uri that identifies a certificate map
* associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes.
* For INTERNAL_MANAGED, use certificate_manager_certificates instead.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`.
* @property description An optional description of this resource.
* @property httpKeepAliveTimeoutSec Specifies how long to keep a connection open, after completing a response,
* while there is no matching traffic (in seconds). If an HTTP keepalive is
* not specified, a default value will be used. For Global
* external HTTP(S) load balancer, the default value is 610 seconds, the
* minimum allowed value is 5 seconds and the maximum allowed value is 1200
* seconds. For cross-region internal HTTP(S) load balancer, the default
* value is 600 seconds, the minimum allowed value is 5 seconds, and the
* maximum allowed value is 600 seconds. For Global external HTTP(S) load
* balancer (classic), this option is not available publicly.
* @property name Name of the resource. Provided by the client when the resource is
* created. The name must be 1-63 characters long, and comply with
* RFC1035. Specifically, the name must be 1-63 characters long and match
* the regular expression `a-z?` which means the
* first character must be a lowercase letter, and all following
* characters must be a dash, lowercase letter, or digit, except the last
* character, which cannot be a dash.
* @property project The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
* @property proxyBind This field only applies when the forwarding rule that references
* this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
* @property quicOverride Specifies the QUIC override policy for this resource. This determines
* whether the load balancer will attempt to negotiate QUIC with clients
* or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is
* specified, Google manages whether QUIC is used.
* Default value is `NONE`.
* Possible values are: `NONE`, `ENABLE`, `DISABLE`.
* @property serverTlsPolicy A URL referring to a networksecurity.ServerTlsPolicy
* resource that describes how the proxy should authenticate inbound
* traffic. serverTlsPolicy only applies to a global TargetHttpsProxy
* attached to globalForwardingRules with the loadBalancingScheme
* set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED.
* For details which ServerTlsPolicy resources are accepted with
* INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
* loadBalancingScheme consult ServerTlsPolicy documentation.
* If left blank, communications are not encrypted.
* If you remove this field from your configuration at the same time as
* deleting or recreating a referenced ServerTlsPolicy resource, you will
* receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
* within the ServerTlsPolicy resource to avoid this.
* @property sslCertificates URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
* Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
* sslCertificates and certificateManagerCertificates can not be defined together.
* @property sslPolicy A reference to the SslPolicy resource that will be associated with
* the TargetHttpsProxy resource. If not set, the TargetHttpsProxy
* resource will not have any SSL policy configured.
* @property tlsEarlyData Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service.
* Early Data allows a TLS resumption handshake to include the initial application payload
* (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”.
* This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3).
* Possible values are: `STRICT`, `PERMISSIVE`, `DISABLED`.
* @property urlMap A reference to the UrlMap resource that defines the mapping from URL
* to the BackendService.
* - - -
* */*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/*/
*/
public data class TargetHttpsProxyArgs(
public val certificateManagerCertificates: Output>? = null,
public val certificateMap: Output? = null,
public val description: Output? = null,
public val httpKeepAliveTimeoutSec: Output? = null,
public val name: Output? = null,
public val project: Output? = null,
public val proxyBind: Output? = null,
public val quicOverride: Output? = null,
public val serverTlsPolicy: Output? = null,
public val sslCertificates: Output>? = null,
public val sslPolicy: Output? = null,
public val tlsEarlyData: Output? = null,
public val urlMap: Output? = null,
) : ConvertibleToJava {
override fun toJava(): com.pulumi.gcp.compute.TargetHttpsProxyArgs =
com.pulumi.gcp.compute.TargetHttpsProxyArgs.builder()
.certificateManagerCertificates(
certificateManagerCertificates?.applyValue({ args0 ->
args0.map({ args0 -> args0 })
}),
)
.certificateMap(certificateMap?.applyValue({ args0 -> args0 }))
.description(description?.applyValue({ args0 -> args0 }))
.httpKeepAliveTimeoutSec(httpKeepAliveTimeoutSec?.applyValue({ args0 -> args0 }))
.name(name?.applyValue({ args0 -> args0 }))
.project(project?.applyValue({ args0 -> args0 }))
.proxyBind(proxyBind?.applyValue({ args0 -> args0 }))
.quicOverride(quicOverride?.applyValue({ args0 -> args0 }))
.serverTlsPolicy(serverTlsPolicy?.applyValue({ args0 -> args0 }))
.sslCertificates(sslCertificates?.applyValue({ args0 -> args0.map({ args0 -> args0 }) }))
.sslPolicy(sslPolicy?.applyValue({ args0 -> args0 }))
.tlsEarlyData(tlsEarlyData?.applyValue({ args0 -> args0 }))
.urlMap(urlMap?.applyValue({ args0 -> args0 })).build()
}
/**
* Builder for [TargetHttpsProxyArgs].
*/
@PulumiTagMarker
public class TargetHttpsProxyArgsBuilder internal constructor() {
private var certificateManagerCertificates: Output>? = null
private var certificateMap: Output? = null
private var description: Output? = null
private var httpKeepAliveTimeoutSec: Output? = null
private var name: Output? = null
private var project: Output? = null
private var proxyBind: Output? = null
private var quicOverride: Output? = null
private var serverTlsPolicy: Output? = null
private var sslCertificates: Output>? = null
private var sslPolicy: Output? = null
private var tlsEarlyData: Output? = null
private var urlMap: Output? = null
/**
* @param value URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
* Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED.
* For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead.
* sslCertificates and certificateManagerCertificates fields can not be defined together.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}`
*/
@JvmName("adrhrixjlvwefuwb")
public suspend fun certificateManagerCertificates(`value`: Output>) {
this.certificateManagerCertificates = value
}
@JvmName("mwwvddfceudgpupo")
public suspend fun certificateManagerCertificates(vararg values: Output) {
this.certificateManagerCertificates = Output.all(values.asList())
}
/**
* @param values URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
* Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED.
* For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead.
* sslCertificates and certificateManagerCertificates fields can not be defined together.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}`
*/
@JvmName("mhquagtgxamgvrau")
public suspend fun certificateManagerCertificates(values: List>) {
this.certificateManagerCertificates = Output.all(values)
}
/**
* @param value A reference to the CertificateMap resource uri that identifies a certificate map
* associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes.
* For INTERNAL_MANAGED, use certificate_manager_certificates instead.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`.
*/
@JvmName("yvtemjwmsmeesfbv")
public suspend fun certificateMap(`value`: Output) {
this.certificateMap = value
}
/**
* @param value An optional description of this resource.
*/
@JvmName("gfcijatfiaaemqkr")
public suspend fun description(`value`: Output) {
this.description = value
}
/**
* @param value Specifies how long to keep a connection open, after completing a response,
* while there is no matching traffic (in seconds). If an HTTP keepalive is
* not specified, a default value will be used. For Global
* external HTTP(S) load balancer, the default value is 610 seconds, the
* minimum allowed value is 5 seconds and the maximum allowed value is 1200
* seconds. For cross-region internal HTTP(S) load balancer, the default
* value is 600 seconds, the minimum allowed value is 5 seconds, and the
* maximum allowed value is 600 seconds. For Global external HTTP(S) load
* balancer (classic), this option is not available publicly.
*/
@JvmName("eqqdpglhwvcqykql")
public suspend fun httpKeepAliveTimeoutSec(`value`: Output) {
this.httpKeepAliveTimeoutSec = value
}
/**
* @param value Name of the resource. Provided by the client when the resource is
* created. The name must be 1-63 characters long, and comply with
* RFC1035. Specifically, the name must be 1-63 characters long and match
* the regular expression `a-z?` which means the
* first character must be a lowercase letter, and all following
* characters must be a dash, lowercase letter, or digit, except the last
* character, which cannot be a dash.
*/
@JvmName("qbqdpelrwmfnjcio")
public suspend fun name(`value`: Output) {
this.name = value
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("ryuebxchejlglgod")
public suspend fun project(`value`: Output) {
this.project = value
}
/**
* @param value This field only applies when the forwarding rule that references
* this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
*/
@JvmName("qfshnvammaqqevsd")
public suspend fun proxyBind(`value`: Output) {
this.proxyBind = value
}
/**
* @param value Specifies the QUIC override policy for this resource. This determines
* whether the load balancer will attempt to negotiate QUIC with clients
* or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is
* specified, Google manages whether QUIC is used.
* Default value is `NONE`.
* Possible values are: `NONE`, `ENABLE`, `DISABLE`.
*/
@JvmName("asopapmitcqaktdp")
public suspend fun quicOverride(`value`: Output) {
this.quicOverride = value
}
/**
* @param value A URL referring to a networksecurity.ServerTlsPolicy
* resource that describes how the proxy should authenticate inbound
* traffic. serverTlsPolicy only applies to a global TargetHttpsProxy
* attached to globalForwardingRules with the loadBalancingScheme
* set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED.
* For details which ServerTlsPolicy resources are accepted with
* INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
* loadBalancingScheme consult ServerTlsPolicy documentation.
* If left blank, communications are not encrypted.
* If you remove this field from your configuration at the same time as
* deleting or recreating a referenced ServerTlsPolicy resource, you will
* receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
* within the ServerTlsPolicy resource to avoid this.
*/
@JvmName("esxjxnhmycfmyduh")
public suspend fun serverTlsPolicy(`value`: Output) {
this.serverTlsPolicy = value
}
/**
* @param value URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
* Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
* sslCertificates and certificateManagerCertificates can not be defined together.
*/
@JvmName("xrqbdbodfgnbmrnn")
public suspend fun sslCertificates(`value`: Output>) {
this.sslCertificates = value
}
@JvmName("ggbphhlubhcsjuar")
public suspend fun sslCertificates(vararg values: Output) {
this.sslCertificates = Output.all(values.asList())
}
/**
* @param values URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
* Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
* sslCertificates and certificateManagerCertificates can not be defined together.
*/
@JvmName("weemciohwbxciiqa")
public suspend fun sslCertificates(values: List>) {
this.sslCertificates = Output.all(values)
}
/**
* @param value A reference to the SslPolicy resource that will be associated with
* the TargetHttpsProxy resource. If not set, the TargetHttpsProxy
* resource will not have any SSL policy configured.
*/
@JvmName("rnachnuuugpbigjw")
public suspend fun sslPolicy(`value`: Output) {
this.sslPolicy = value
}
/**
* @param value Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service.
* Early Data allows a TLS resumption handshake to include the initial application payload
* (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”.
* This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3).
* Possible values are: `STRICT`, `PERMISSIVE`, `DISABLED`.
*/
@JvmName("wvqnjakipcgfxesy")
public suspend fun tlsEarlyData(`value`: Output) {
this.tlsEarlyData = value
}
/**
* @param value A reference to the UrlMap resource that defines the mapping from URL
* to the BackendService.
* - - -
*/
@JvmName("ulxywmbaygfjhqbt")
public suspend fun urlMap(`value`: Output) {
this.urlMap = value
}
/**
* @param value URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
* Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED.
* For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead.
* sslCertificates and certificateManagerCertificates fields can not be defined together.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}`
*/
@JvmName("uasdalsqyabdhddg")
public suspend fun certificateManagerCertificates(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.certificateManagerCertificates = mapped
}
/**
* @param values URLs to certificate manager certificate resources that are used to authenticate connections between users and the load balancer.
* Certificate manager certificates only apply when the load balancing scheme is set to INTERNAL_MANAGED.
* For EXTERNAL and EXTERNAL_MANAGED, use certificate_map instead.
* sslCertificates and certificateManagerCertificates fields can not be defined together.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificates/{resourceName}` or just the self_link `projects/{project}/locations/{location}/certificates/{resourceName}`
*/
@JvmName("vnyuiwmumbpflojl")
public suspend fun certificateManagerCertificates(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.certificateManagerCertificates = mapped
}
/**
* @param value A reference to the CertificateMap resource uri that identifies a certificate map
* associated with the given target proxy. This field is only supported for EXTERNAL and EXTERNAL_MANAGED load balancing schemes.
* For INTERNAL_MANAGED, use certificate_manager_certificates instead.
* Accepted format is `//certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}`.
*/
@JvmName("jipknojuaoaxmueq")
public suspend fun certificateMap(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.certificateMap = mapped
}
/**
* @param value An optional description of this resource.
*/
@JvmName("rgwinnssxgdiuqov")
public suspend fun description(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.description = mapped
}
/**
* @param value Specifies how long to keep a connection open, after completing a response,
* while there is no matching traffic (in seconds). If an HTTP keepalive is
* not specified, a default value will be used. For Global
* external HTTP(S) load balancer, the default value is 610 seconds, the
* minimum allowed value is 5 seconds and the maximum allowed value is 1200
* seconds. For cross-region internal HTTP(S) load balancer, the default
* value is 600 seconds, the minimum allowed value is 5 seconds, and the
* maximum allowed value is 600 seconds. For Global external HTTP(S) load
* balancer (classic), this option is not available publicly.
*/
@JvmName("kxhwhlyockvycnch")
public suspend fun httpKeepAliveTimeoutSec(`value`: Int?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.httpKeepAliveTimeoutSec = mapped
}
/**
* @param value Name of the resource. Provided by the client when the resource is
* created. The name must be 1-63 characters long, and comply with
* RFC1035. Specifically, the name must be 1-63 characters long and match
* the regular expression `a-z?` which means the
* first character must be a lowercase letter, and all following
* characters must be a dash, lowercase letter, or digit, except the last
* character, which cannot be a dash.
*/
@JvmName("tllqqterqeqqjohb")
public suspend fun name(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.name = mapped
}
/**
* @param value The ID of the project in which the resource belongs.
* If it is not provided, the provider project is used.
*/
@JvmName("uehxmaqubntqtwsb")
public suspend fun project(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.project = mapped
}
/**
* @param value This field only applies when the forwarding rule that references
* this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.
*/
@JvmName("noyrweitqvpspjvq")
public suspend fun proxyBind(`value`: Boolean?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.proxyBind = mapped
}
/**
* @param value Specifies the QUIC override policy for this resource. This determines
* whether the load balancer will attempt to negotiate QUIC with clients
* or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is
* specified, Google manages whether QUIC is used.
* Default value is `NONE`.
* Possible values are: `NONE`, `ENABLE`, `DISABLE`.
*/
@JvmName("ddkgnmyttyglcssr")
public suspend fun quicOverride(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.quicOverride = mapped
}
/**
* @param value A URL referring to a networksecurity.ServerTlsPolicy
* resource that describes how the proxy should authenticate inbound
* traffic. serverTlsPolicy only applies to a global TargetHttpsProxy
* attached to globalForwardingRules with the loadBalancingScheme
* set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED.
* For details which ServerTlsPolicy resources are accepted with
* INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED
* loadBalancingScheme consult ServerTlsPolicy documentation.
* If left blank, communications are not encrypted.
* If you remove this field from your configuration at the same time as
* deleting or recreating a referenced ServerTlsPolicy resource, you will
* receive a resourceInUseByAnotherResource error. Use lifecycle.create_before_destroy
* within the ServerTlsPolicy resource to avoid this.
*/
@JvmName("eavvuvfytsywemmq")
public suspend fun serverTlsPolicy(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.serverTlsPolicy = mapped
}
/**
* @param value URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
* Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
* sslCertificates and certificateManagerCertificates can not be defined together.
*/
@JvmName("faikfovexykdycsq")
public suspend fun sslCertificates(`value`: List?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.sslCertificates = mapped
}
/**
* @param values URLs to SslCertificate resources that are used to authenticate connections between users and the load balancer.
* Currently, you may specify up to 15 SSL certificates. sslCertificates do not apply when the load balancing scheme is set to INTERNAL_SELF_MANAGED.
* sslCertificates and certificateManagerCertificates can not be defined together.
*/
@JvmName("kmjpsyxxwffqqrgx")
public suspend fun sslCertificates(vararg values: String) {
val toBeMapped = values.toList()
val mapped = toBeMapped.let({ args0 -> of(args0) })
this.sslCertificates = mapped
}
/**
* @param value A reference to the SslPolicy resource that will be associated with
* the TargetHttpsProxy resource. If not set, the TargetHttpsProxy
* resource will not have any SSL policy configured.
*/
@JvmName("gxjqviatyqigsypc")
public suspend fun sslPolicy(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.sslPolicy = mapped
}
/**
* @param value Specifies whether TLS 1.3 0-RTT Data (“Early Data”) should be accepted for this service.
* Early Data allows a TLS resumption handshake to include the initial application payload
* (a HTTP request) alongside the handshake, reducing the effective round trips to “zero”.
* This applies to TLS 1.3 connections over TCP (HTTP/2) as well as over UDP (QUIC/h3).
* Possible values are: `STRICT`, `PERMISSIVE`, `DISABLED`.
*/
@JvmName("djggrkmjklwvroxy")
public suspend fun tlsEarlyData(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.tlsEarlyData = mapped
}
/**
* @param value A reference to the UrlMap resource that defines the mapping from URL
* to the BackendService.
* - - -
*/
@JvmName("twewamacpnnihhek")
public suspend fun urlMap(`value`: String?) {
val toBeMapped = value
val mapped = toBeMapped?.let({ args0 -> of(args0) })
this.urlMap = mapped
}
internal fun build(): TargetHttpsProxyArgs = TargetHttpsProxyArgs(
certificateManagerCertificates = certificateManagerCertificates,
certificateMap = certificateMap,
description = description,
httpKeepAliveTimeoutSec = httpKeepAliveTimeoutSec,
name = name,
project = project,
proxyBind = proxyBind,
quicOverride = quicOverride,
serverTlsPolicy = serverTlsPolicy,
sslCertificates = sslCertificates,
sslPolicy = sslPolicy,
tlsEarlyData = tlsEarlyData,
urlMap = urlMap,
)
}
© 2015 - 2025 Weber Informatics LLC | Privacy Policy