Represents a TargetSslProxy resource, which is used by one or more global forwarding rule to route incoming SSL requests to a backend service.
To get more information about TargetSslProxy, see:
resource "google_compute_target_ssl_proxy" "default" {
name = "test-proxy"
backend_service = google_compute_backend_service.default.id
ssl_certificates = [google_compute_ssl_certificate.default.id]
}
resource "google_compute_ssl_certificate" "default" {
name = "default-cert"
private_key = file("path/to/private.key")
certificate = file("path/to/certificate.crt")
}
resource "google_compute_backend_service" "default" {
name = "backend-service"
protocol = "SSL"
health_checks = [google_compute_health_check.default.id]
}
resource "google_compute_health_check" "default" {
name = "health-check"
check_interval_sec = 1
timeout_sec = 1
tcp_health_check {
port = "443"
}
}
The following arguments are supported:
name
-
(Required)
Name of the resource. Provided by the client when the resource is
created. The name must be 1-63 characters long, and comply with
RFC1035. Specifically, the name must be 1-63 characters long and match
the regular expression [a-z]([-a-z0-9]*[a-z0-9])?
which means the
first character must be a lowercase letter, and all following
characters must be a dash, lowercase letter, or digit, except the last
character, which cannot be a dash.
backend_service
-
(Required)
A reference to the BackendService resource.
description
-
(Optional)
An optional description of this resource.
proxy_header
-
(Optional)
Specifies the type of proxy header to append before sending data to
the backend.
Default value is NONE
.
Possible values are: NONE
, PROXY_V1
.
ssl_certificates
-
(Optional)
A list of SslCertificate resources that are used to authenticate
connections between users and the load balancer. At least one
SSL certificate must be specified.
certificate_map
-
(Optional)
A reference to the CertificateMap resource uri that identifies a certificate map
associated with the given target proxy. This field can only be set for global target proxies.
Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}
.
ssl_policy
-
(Optional)
A reference to the SslPolicy resource that will be associated with
the TargetSslProxy resource. If not set, the TargetSslProxy
resource will not have any SSL policy configured.
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/global/targetSslProxies/{{name}}
creation_timestamp
-
Creation timestamp in RFC3339 text format.
proxy_id
-
The unique identifier for the resource.
self_link
- The URI of the created resource.This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.TargetSslProxy can be imported using any of these accepted formats:
projects/{{project}}/global/targetSslProxies/{{name}}
{{project}}/{{name}}
{{name}}
In Terraform v1.5.0 and later, use an import
block to import TargetSslProxy using one of the formats above. For example:
import {
id = "projects/{{project}}/global/targetSslProxies/{{name}}"
to = google_compute_target_ssl_proxy.default
}
When using the terraform import
command, TargetSslProxy can be imported using one of the formats above. For example:
$ terraform import google_compute_target_ssl_proxy.default projects/{{project}}/global/targetSslProxies/{{name}}
$ terraform import google_compute_target_ssl_proxy.default {{project}}/{{name}}
$ terraform import google_compute_target_ssl_proxy.default {{name}}
This resource supports User Project Overrides.