CertificateMapEntry is a list of certificate configurations, that have been issued for a particular hostname
resource "google_certificate_manager_certificate_map" "certificate_map" {
name = "cert-map-entry"
description = "My acceptance test certificate map"
labels = {
"terraform" : true,
"acc-test" : true,
}
}
resource "google_certificate_manager_certificate_map_entry" "default" {
name = "cert-map-entry"
description = "My acceptance test certificate map entry"
map = google_certificate_manager_certificate_map.certificate_map.name
labels = {
"terraform" : true,
"acc-test" : true,
}
certificates = [google_certificate_manager_certificate.certificate.id]
matcher = "PRIMARY"
}
resource "google_certificate_manager_certificate" "certificate" {
name = "cert-map-entry"
description = "The default cert"
scope = "DEFAULT"
managed {
domains = [
google_certificate_manager_dns_authorization.instance.domain,
google_certificate_manager_dns_authorization.instance2.domain,
]
dns_authorizations = [
google_certificate_manager_dns_authorization.instance.id,
google_certificate_manager_dns_authorization.instance2.id,
]
}
}
resource "google_certificate_manager_dns_authorization" "instance" {
name = "dns-auth"
description = "The default dnss"
domain = "subdomain.hashicorptest.com"
}
resource "google_certificate_manager_dns_authorization" "instance2" {
name = "dns-auth2"
description = "The default dnss"
domain = "subdomain2.hashicorptest.com"
}
The following arguments are supported:
certificates
-
(Required)
A set of Certificates defines for the given hostname.
There can be defined up to fifteen certificates in each Certificate Map Entry.
Each certificate must match pattern projects//locations//certificates/*.
name
-
(Required)
A user-defined name of the Certificate Map Entry. Certificate Map Entry
names must be unique globally and match pattern
'projects//locations//certificateMaps//certificateMapEntries/'
map
-
(Required)
A map entry that is inputted into the cetrificate map
description
-
(Optional)
A human-readable description of the resource.
labels
-
(Optional)
Set of labels associated with a Certificate Map Entry.
An object containing a list of "key": value pairs.
Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }.
Note: This field is non-authoritative, and will only manage the labels present in your configuration.
Please refer to the field effective_labels
for all of the labels present on the resource.
hostname
-
(Optional)
A Hostname (FQDN, e.g. example.com) or a wildcard hostname expression (*.example.com)
for a set of hostnames with common suffix. Used as Server Name Indication (SNI) for
selecting a proper certificate.
matcher
-
(Optional)
A predefined matcher for particular cases, other than SNI selection
project
- (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
In addition to the arguments listed above, the following computed attributes are exported:
id
- an identifier for the resource with format projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}
create_time
-
Creation timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format,
with nanosecond resolution and up to nine fractional digits.
Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
update_time
-
Update timestamp of a Certificate Map Entry. Timestamp in RFC3339 UTC "Zulu" format,
with nanosecond resolution and up to nine fractional digits.
Examples: "2014-10-02T15:01:23Z" and "2014-10-02T15:01:23.045123456Z".
state
-
A serving state of this Certificate Map Entry.
terraform_labels
-
The combination of labels configured directly on the resource
and default labels configured on the provider.
effective_labels
-
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Terraform, other clients and services.
This resource provides the following Timeouts configuration options:
create
- Default is 20 minutes.update
- Default is 20 minutes.delete
- Default is 20 minutes.CertificateMapEntry can be imported using any of these accepted formats:
projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}
{{project}}/{{map}}/{{name}}
{{map}}/{{name}}
In Terraform v1.5.0 and later, use an import
block to import CertificateMapEntry using one of the formats above. For example:
import {
id = "projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}"
to = google_certificate_manager_certificate_map_entry.default
}
When using the terraform import
command, CertificateMapEntry can be imported using one of the formats above. For example:
$ terraform import google_certificate_manager_certificate_map_entry.default projects/{{project}}/locations/global/certificateMaps/{{map}}/certificateMapEntries/{{name}}
$ terraform import google_certificate_manager_certificate_map_entry.default {{project}}/{{map}}/{{name}}
$ terraform import google_certificate_manager_certificate_map_entry.default {{map}}/{{name}}
This resource supports User Project Overrides.