SSLPolicy
Represents a SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates. To get more information about SslPolicy, see:
How-to Guides
Example Usage
Ssl Policy Basic
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.SSLPolicy;
import com.pulumi.gcp.compute.SSLPolicyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var prod_ssl_policy = new SSLPolicy("prod-ssl-policy", SSLPolicyArgs.builder()
.profile("MODERN")
.build());
var nonprod_ssl_policy = new SSLPolicy("nonprod-ssl-policy", SSLPolicyArgs.builder()
.minTlsVersion("TLS_1_2")
.profile("MODERN")
.build());
var custom_ssl_policy = new SSLPolicy("custom-ssl-policy", SSLPolicyArgs.builder()
.customFeatures(
"TLS_ECDHE_ECDSA_WITH_AES_256_GCM_SHA384",
"TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384")
.minTlsVersion("TLS_1_2")
.profile("CUSTOM")
.build());
}
}Import
SslPolicy can be imported using any of these accepted formats
$ pulumi import gcp:compute/sSLPolicy:SSLPolicy default projects/{{project}}/global/sslPolicies/{{name}}$ pulumi import gcp:compute/sSLPolicy:SSLPolicy default {{project}}/{{name}}$ pulumi import gcp:compute/sSLPolicy:SSLPolicy default {{name}}Constructors
Properties
Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the CUSTOM profile. This argument must not be present when using any other profile.
An optional description of this resource.
The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is TLS_1_0. Possible values are: TLS_1_0, TLS_1_1, TLS_1_2.
Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If CUSTOM is used, the custom_features attribute must be set. Default value is COMPATIBLE. Possible values are: COMPATIBLE, MODERN, RESTRICTED, CUSTOM.