Expand description
Represents a TargetHttpsProxy resource, which is used by one or more global forwarding rule to route incoming HTTPS requests to a URL map.
To get more information about TargetHttpsProxy, see:
- API documentation
- How-to Guides
§Example Usage
§Target Https Proxy Basic
resources:
default:
type: gcp:compute:TargetHttpsProxy
properties:
name: test-proxy
urlMap: ${defaultURLMap.id}
sslCertificates:
- ${defaultSSLCertificate.id}
defaultSSLCertificate:
type: gcp:compute:SSLCertificate
name: default
properties:
name: my-certificate
privateKey:
fn::invoke:
function: std:file
arguments:
input: path/to/private.key
return: result
certificate:
fn::invoke:
function: std:file
arguments:
input: path/to/certificate.crt
return: result
defaultURLMap:
type: gcp:compute:URLMap
name: default
properties:
name: url-map
description: a description
defaultService: ${defaultBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultBackendService.id}
defaultBackendService:
type: gcp:compute:BackendService
name: default
properties:
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
healthChecks: ${defaultHttpHealthCheck.id}
defaultHttpHealthCheck:
type: gcp:compute:HttpHealthCheck
name: default
properties:
name: http-health-check
requestPath: /
checkIntervalSec: 1
timeoutSec: 1§Target Https Proxy Http Keep Alive Timeout
resources:
default:
type: gcp:compute:TargetHttpsProxy
properties:
name: test-http-keep-alive-timeout-proxy
httpKeepAliveTimeoutSec: 610
urlMap: ${defaultURLMap.id}
sslCertificates:
- ${defaultSSLCertificate.id}
defaultSSLCertificate:
type: gcp:compute:SSLCertificate
name: default
properties:
name: my-certificate
privateKey:
fn::invoke:
function: std:file
arguments:
input: path/to/private.key
return: result
certificate:
fn::invoke:
function: std:file
arguments:
input: path/to/certificate.crt
return: result
defaultURLMap:
type: gcp:compute:URLMap
name: default
properties:
name: url-map
description: a description
defaultService: ${defaultBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultBackendService.id}
defaultBackendService:
type: gcp:compute:BackendService
name: default
properties:
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
loadBalancingScheme: EXTERNAL_MANAGED
healthChecks: ${defaultHttpHealthCheck.id}
defaultHttpHealthCheck:
type: gcp:compute:HttpHealthCheck
name: default
properties:
name: http-health-check
requestPath: /
checkIntervalSec: 1
timeoutSec: 1§Target Https Proxy Mtls
resources:
default:
type: gcp:compute:TargetHttpsProxy
properties:
name: test-mtls-proxy
urlMap: ${defaultURLMap.id}
sslCertificates:
- ${defaultSSLCertificate.id}
serverTlsPolicy: ${defaultServerTlsPolicy.id}
defaultTrustConfig:
type: gcp:certificatemanager:TrustConfig
name: default
properties:
name: my-trust-config
description: sample description for the trust config
location: global
trustStores:
- trustAnchors:
- pemCertificate:
fn::invoke:
function: std:file
arguments:
input: test-fixtures/ca_cert.pem
return: result
intermediateCas:
- pemCertificate:
fn::invoke:
function: std:file
arguments:
input: test-fixtures/ca_cert.pem
return: result
labels:
foo: bar
defaultServerTlsPolicy:
type: gcp:networksecurity:ServerTlsPolicy
name: default
properties:
name: my-tls-policy
description: my description
location: global
allowOpen: 'false'
mtlsPolicy:
clientValidationMode: ALLOW_INVALID_OR_MISSING_CLIENT_CERT
clientValidationTrustConfig: projects/${project.number}/locations/global/trustConfigs/${defaultTrustConfig.name}
defaultSSLCertificate:
type: gcp:compute:SSLCertificate
name: default
properties:
name: my-certificate
privateKey:
fn::invoke:
function: std:file
arguments:
input: path/to/private.key
return: result
certificate:
fn::invoke:
function: std:file
arguments:
input: path/to/certificate.crt
return: result
defaultURLMap:
type: gcp:compute:URLMap
name: default
properties:
name: url-map
description: a description
defaultService: ${defaultBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultBackendService.id}
defaultBackendService:
type: gcp:compute:BackendService
name: default
properties:
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
healthChecks: ${defaultHttpHealthCheck.id}
defaultHttpHealthCheck:
type: gcp:compute:HttpHealthCheck
name: default
properties:
name: http-health-check
requestPath: /
checkIntervalSec: 1
timeoutSec: 1
variables:
project:
fn::invoke:
function: gcp:organizations:getProject
arguments: {}§Target Https Proxy Certificate Manager Certificate
resources:
default:
type: gcp:compute:TargetHttpsProxy
properties:
name: target-http-proxy
urlMap: ${defaultURLMap.id}
certificateManagerCertificates: # [google_certificate_manager_certificate.default.id] is also acceptable
- //certificatemanager.googleapis.com/${defaultCertificate.id}
defaultCertificate:
type: gcp:certificatemanager:Certificate
name: default
properties:
name: my-certificate
scope: ALL_REGIONS
selfManaged:
pemCertificate:
fn::invoke:
function: std:file
arguments:
input: test-fixtures/cert.pem
return: result
pemPrivateKey:
fn::invoke:
function: std:file
arguments:
input: test-fixtures/private-key.pem
return: result
defaultURLMap:
type: gcp:compute:URLMap
name: default
properties:
name: url-map
description: a description
defaultService: ${defaultBackendService.id}
hostRules:
- hosts:
- mysite.com
pathMatcher: allpaths
pathMatchers:
- name: allpaths
defaultService: ${defaultBackendService.id}
pathRules:
- paths:
- /*
service: ${defaultBackendService.id}
defaultBackendService:
type: gcp:compute:BackendService
name: default
properties:
name: backend-service
portName: http
protocol: HTTP
timeoutSec: 10
loadBalancingScheme: INTERNAL_MANAGED§Import
TargetHttpsProxy can be imported using any of these accepted formats:
-
projects/{{project}}/global/targetHttpsProxies/{{name}} -
{{project}}/{{name}} -
{{name}}
When using the pulumi import command, TargetHttpsProxy can be imported using one of the formats above. For example:
$ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default projects/{{project}}/global/targetHttpsProxies/{{name}}$ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{project}}/{{name}}$ pulumi import gcp:compute/targetHttpsProxy:TargetHttpsProxy default {{name}}Structs§
- Use builder syntax to set the inputs and finish with
build_struct().
Functions§
- Registers a new resource with the given unique name and arguments