pulumi-gcp-kotlin/com.pulumi.gcp.compute.kotlin/TargetHttpsProxyArgs

TargetHttpsProxyArgs

data class TargetHttpsProxyArgs(val certificateMap: Output<String>? = null, val description: Output<String>? = null, val httpKeepAliveTimeoutSec: Output<Int>? = null, val name: Output<String>? = null, val project: Output<String>? = null, val proxyBind: Output<Boolean>? = null, val quicOverride: Output<String>? = null, val serverTlsPolicy: Output<String>? = null, val sslCertificates: Output<List<String>>? = null, val sslPolicy: Output<String>? = null, val urlMap: Output<String>? = null) : ConvertibleToJava<TargetHttpsProxyArgs>

Represents a TargetHttpsProxy resource, which is used by one or more global forwarding rule to route incoming HTTPS requests to a URL map. To get more information about TargetHttpsProxy, see:

Example Usage

Target Https Proxy Basic

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import com.pulumi.gcp.compute.HttpHealthCheck;
import com.pulumi.gcp.compute.HttpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpsProxy;
import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
            .privateKey(Files.readString(Paths.get("path/to/private.key")))
            .certificate(Files.readString(Paths.get("path/to/certificate.crt")))
            .build());
        var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
            .requestPath("/")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .build());
        var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
            .portName("http")
            .protocol("HTTP")
            .timeoutSec(10)
            .healthChecks(defaultHttpHealthCheck.id())
            .build());
        var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
            .description("a description")
            .defaultService(defaultBackendService.id())
            .hostRules(URLMapHostRuleArgs.builder()
                .hosts("mysite.com")
                .pathMatcher("allpaths")
                .build())
            .pathMatchers(URLMapPathMatcherArgs.builder()
                .name("allpaths")
                .defaultService(defaultBackendService.id())
                .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                    .paths("/*")
                    .service(defaultBackendService.id())
                    .build())
                .build())
            .build());
        var defaultTargetHttpsProxy = new TargetHttpsProxy("defaultTargetHttpsProxy", TargetHttpsProxyArgs.builder()
            .urlMap(defaultURLMap.id())
            .sslCertificates(defaultSSLCertificate.id())
            .build());
    }
}
Content copied to clipboard

Target Https Proxy Http Keep Alive Timeout

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import com.pulumi.gcp.compute.HttpHealthCheck;
import com.pulumi.gcp.compute.HttpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpsProxy;
import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
            .privateKey(Files.readString(Paths.get("path/to/private.key")))
            .certificate(Files.readString(Paths.get("path/to/certificate.crt")))
            .build());
        var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
            .requestPath("/")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .build());
        var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
            .portName("http")
            .protocol("HTTP")
            .timeoutSec(10)
            .loadBalancingScheme("EXTERNAL_MANAGED")
            .healthChecks(defaultHttpHealthCheck.id())
            .build());
        var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
            .description("a description")
            .defaultService(defaultBackendService.id())
            .hostRules(URLMapHostRuleArgs.builder()
                .hosts("mysite.com")
                .pathMatcher("allpaths")
                .build())
            .pathMatchers(URLMapPathMatcherArgs.builder()
                .name("allpaths")
                .defaultService(defaultBackendService.id())
                .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                    .paths("/*")
                    .service(defaultBackendService.id())
                    .build())
                .build())
            .build());
        var defaultTargetHttpsProxy = new TargetHttpsProxy("defaultTargetHttpsProxy", TargetHttpsProxyArgs.builder()
            .httpKeepAliveTimeoutSec(610)
            .urlMap(defaultURLMap.id())
            .sslCertificates(defaultSSLCertificate.id())
            .build());
    }
}
Content copied to clipboard

Target Https Proxy Mtls

package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.organizations.OrganizationsFunctions;
import com.pulumi.gcp.organizations.inputs.GetProjectArgs;
import com.pulumi.gcp.certificatemanager.TrustConfig;
import com.pulumi.gcp.certificatemanager.TrustConfigArgs;
import com.pulumi.gcp.certificatemanager.inputs.TrustConfigTrustStoreArgs;
import com.pulumi.gcp.networksecurity.ServerTlsPolicy;
import com.pulumi.gcp.networksecurity.ServerTlsPolicyArgs;
import com.pulumi.gcp.networksecurity.inputs.ServerTlsPolicyMtlsPolicyArgs;
import com.pulumi.gcp.compute.SSLCertificate;
import com.pulumi.gcp.compute.SSLCertificateArgs;
import com.pulumi.gcp.compute.HttpHealthCheck;
import com.pulumi.gcp.compute.HttpHealthCheckArgs;
import com.pulumi.gcp.compute.BackendService;
import com.pulumi.gcp.compute.BackendServiceArgs;
import com.pulumi.gcp.compute.URLMap;
import com.pulumi.gcp.compute.URLMapArgs;
import com.pulumi.gcp.compute.inputs.URLMapHostRuleArgs;
import com.pulumi.gcp.compute.inputs.URLMapPathMatcherArgs;
import com.pulumi.gcp.compute.TargetHttpsProxy;
import com.pulumi.gcp.compute.TargetHttpsProxyArgs;
import com.pulumi.resources.CustomResourceOptions;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }
    public static void stack(Context ctx) {
        final var project = OrganizationsFunctions.getProject();
        var defaultTrustConfig = new TrustConfig("defaultTrustConfig", TrustConfigArgs.builder()
            .description("sample description for the trust config")
            .location("global")
            .trustStores(TrustConfigTrustStoreArgs.builder()
                .trustAnchors(TrustConfigTrustStoreTrustAnchorArgs.builder()
                    .pemCertificate(Files.readString(Paths.get("test-fixtures/ca_cert.pem")))
                    .build())
                .intermediateCas(TrustConfigTrustStoreIntermediateCaArgs.builder()
                    .pemCertificate(Files.readString(Paths.get("test-fixtures/ca_cert.pem")))
                    .build())
                .build())
            .labels(Map.of("foo", "bar"))
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultServerTlsPolicy = new ServerTlsPolicy("defaultServerTlsPolicy", ServerTlsPolicyArgs.builder()
            .description("my description")
            .location("global")
            .allowOpen("false")
            .mtlsPolicy(ServerTlsPolicyMtlsPolicyArgs.builder()
                .clientValidationMode("ALLOW_INVALID_OR_MISSING_CLIENT_CERT")
                .clientValidationTrustConfig(defaultTrustConfig.name().applyValue(name -> String.format("projects/%s/locations/global/trustConfigs/%s", project.applyValue(getProjectResult -> getProjectResult.number()),name)))
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultSSLCertificate = new SSLCertificate("defaultSSLCertificate", SSLCertificateArgs.builder()
            .privateKey(Files.readString(Paths.get("path/to/private.key")))
            .certificate(Files.readString(Paths.get("path/to/certificate.crt")))
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultHttpHealthCheck = new HttpHealthCheck("defaultHttpHealthCheck", HttpHealthCheckArgs.builder()
            .requestPath("/")
            .checkIntervalSec(1)
            .timeoutSec(1)
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultBackendService = new BackendService("defaultBackendService", BackendServiceArgs.builder()
            .portName("http")
            .protocol("HTTP")
            .timeoutSec(10)
            .healthChecks(defaultHttpHealthCheck.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultURLMap = new URLMap("defaultURLMap", URLMapArgs.builder()
            .description("a description")
            .defaultService(defaultBackendService.id())
            .hostRules(URLMapHostRuleArgs.builder()
                .hosts("mysite.com")
                .pathMatcher("allpaths")
                .build())
            .pathMatchers(URLMapPathMatcherArgs.builder()
                .name("allpaths")
                .defaultService(defaultBackendService.id())
                .pathRules(URLMapPathMatcherPathRuleArgs.builder()
                    .paths("/*")
                    .service(defaultBackendService.id())
                    .build())
                .build())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
        var defaultTargetHttpsProxy = new TargetHttpsProxy("defaultTargetHttpsProxy", TargetHttpsProxyArgs.builder()
            .urlMap(defaultURLMap.id())
            .sslCertificates(defaultSSLCertificate.id())
            .serverTlsPolicy(defaultServerTlsPolicy.id())
            .build(), CustomResourceOptions.builder()
                .provider(google_beta)
                .build());
    }
}
Content copied to clipboard

Import

TargetHttpsProxy can be imported using any of these accepted formats

$ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default projects/{{project}}/global/targetHttpsProxies/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{project}}/{{name}}
Content copied to clipboard
$ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{name}}
Content copied to clipboard

Constructors

Link copied to clipboard
constructor(certificateMap: Output<String>? = null, description: Output<String>? = null, httpKeepAliveTimeoutSec: Output<Int>? = null, name: Output<String>? = null, project: Output<String>? = null, proxyBind: Output<Boolean>? = null, quicOverride: Output<String>? = null, serverTlsPolicy: Output<String>? = null, sslCertificates: Output<List<String>>? = null, sslPolicy: Output<String>? = null, urlMap: Output<String>? = null)

Properties

Link copied to clipboard
val certificateMap: Output<String>? = null

A reference to the CertificateMap resource uri that identifies a certificate map associated with the given target proxy. This field can only be set for global target proxies. Accepted format is //certificatemanager.googleapis.com/projects/{project}/locations/{location}/certificateMaps/{resourceName}.

Link copied to clipboard
val description: Output<String>? = null

An optional description of this resource.

Link copied to clipboard
val httpKeepAliveTimeoutSec: Output<Int>? = null

Specifies how long to keep a connection open, after completing a response, while there is no matching traffic (in seconds). If an HTTP keepalive is not specified, a default value (610 seconds) will be used. For Global external HTTP(S) load balancer, the minimum allowed value is 5 seconds and the maximum allowed value is 1200 seconds. For Global external HTTP(S) load balancer (classic), this option is not available publicly.

Link copied to clipboard
val name: Output<String>? = null

Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression a-z? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

Link copied to clipboard
val project: Output<String>? = null

The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Link copied to clipboard
val proxyBind: Output<Boolean>? = null

This field only applies when the forwarding rule that references this target proxy has a loadBalancingScheme set to INTERNAL_SELF_MANAGED.

Link copied to clipboard
val quicOverride: Output<String>? = null

Specifies the QUIC override policy for this resource. This determines whether the load balancer will attempt to negotiate QUIC with clients or not. Can specify one of NONE, ENABLE, or DISABLE. If NONE is specified, Google manages whether QUIC is used. Default value is NONE. Possible values are: NONE, ENABLE, DISABLE.

Link copied to clipboard
val serverTlsPolicy: Output<String>? = null

A URL referring to a networksecurity.ServerTlsPolicy resource that describes how the proxy should authenticate inbound traffic. serverTlsPolicy only applies to a global TargetHttpsProxy attached to globalForwardingRules with the loadBalancingScheme set to INTERNAL_SELF_MANAGED or EXTERNAL or EXTERNAL_MANAGED. For details which ServerTlsPolicy resources are accepted with INTERNAL_SELF_MANAGED and which with EXTERNAL, EXTERNAL_MANAGED loadBalancingScheme consult ServerTlsPolicy documentation. If left blank, communications are not encrypted.

Link copied to clipboard
val sslCertificates: Output<List<String>>? = null

A list of SslCertificate resource URLs or Certificate Manager certificate URLs that are used to authenticate connections between users and the load balancer. At least one resource must be specified.

Link copied to clipboard
val sslPolicy: Output<String>? = null

A reference to the SslPolicy resource that will be associated with the TargetHttpsProxy resource. If not set, the TargetHttpsProxy resource will not have any SSL policy configured.

Link copied to clipboard
val urlMap: Output<String>? = null

A reference to the UrlMap resource that defines the mapping from URL to the BackendService.

Functions

Link copied to clipboard
open override fun toJava(): TargetHttpsProxyArgs