Represents a Regional SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates.
To get more information about RegionSslPolicy, see:
The following arguments are supported:
name
-
(Required)
Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
which means the
first character must be a lowercase letter, and all following
characters must be a dash, lowercase letter, or digit, except the last
character, which cannot be a dash.
region
-
(Required)
The region where the regional SSL policy resides.
description
-
(Optional)
An optional description of this resource.
profile
-
(Optional)
Profile specifies the set of SSL features that can be used by the
load balancer when negotiating SSL with clients. If using CUSTOM
,
the set of SSL features to enable must be specified in the
customFeatures
field.
See the official documentation
for information on what cipher suites each profile provides. If
CUSTOM
is used, the custom_features
attribute must be set.
Default value is COMPATIBLE
.
Possible values are: COMPATIBLE
, MODERN
, RESTRICTED
, CUSTOM
.
min_tls_version
-
(Optional)
The minimum version of SSL protocol that can be used by the clients
to establish a connection with the load balancer.
Default value is TLS_1_0
.
Possible values are: TLS_1_0
, TLS_1_1
, TLS_1_2
.
custom_features
-
(Optional)
A list of features enabled when the selected profile is CUSTOM. The
method returns the set of features that can be specified in this
list. This field must be empty if the profile is not CUSTOM.
See the official documentation
for which ciphers are available to use. Note: this argument
must be present when using the CUSTOM
profile. This argument
must not be present when using any other profile.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/regions/{{region}}/sslPolicies/{{name}}
creation_timestamp
-
Creation timestamp in RFC3339 text format.
enabled_features
-
The list of features enabled in the SSL policy.
fingerprint
-
Fingerprint of this resource. A hash of the contents stored in this
object. This field is used in optimistic locking.
self_link
- The URI of the created resource.This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.RegionSslPolicy can be imported using any of these accepted formats:
projects/{{project}}/regions/{{region}}/sslPolicies/{{name}}
{{project}}/{{region}}/{{name}}
{{region}}/{{name}}
{{name}}
In Terraform v1.5.0 and later, use an import
block to import RegionSslPolicy using one of the formats above. For example:
import {
id = "projects/{{project}}/regions/{{region}}/sslPolicies/{{name}}"
to = google_compute_region_ssl_policy.default
}
When using the terraform import
command, RegionSslPolicy can be imported using one of the formats above. For example:
$ terraform import google_compute_region_ssl_policy.default projects/{{project}}/regions/{{region}}/sslPolicies/{{name}}
$ terraform import google_compute_region_ssl_policy.default {{project}}/{{region}}/{{name}}
$ terraform import google_compute_region_ssl_policy.default {{region}}/{{name}}
$ terraform import google_compute_region_ssl_policy.default {{name}}
This resource supports User Project Overrides.