google::compute-ssl-policy¶
Creates an SSL policy.
Example¶
google::compute-ssl-policy ssl-policy-example
name: "ssl-policy-example"
profile: "MODERN"
min-tls-version: "TLS_1_0"
end
google::compute-ssl-policy custom-ssl-policy-example
name: "custom-ssl-policy-example"
profile: "CUSTOM"
min-tls-version: "TLS_1_2"
custom-features: [ "TLS_ECDHE_ECDSA_WITH_AES_128_CBC_SHA", "TLS_ECDHE_ECDSA_WITH_AES_128_GCM_SHA256" ]
end
Attributes¶
| Attribute | Description |
|---|---|
| custom-features list | A list of features enabled when the selected profile is CUSTOM. |
| description | An optional description of this SSL policy. |
| min-tls-version | The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Valid values are TLS_1_0, TLS_1_1 or TLS_1_2. (Required) |
| name | The name of the SSL policy. Must be a string 1-63 characters long and the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. Valid values satisfy the regex: [[a-z](?:[-a-z0-9]{0,61}[a-z0-9])?]. (Required) |
| profile | Specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using CUSTOM, the set of SSL features to enable must be specified in the custom-features field. Valid values are COMPATIBLE, MODERN, RESTRICTED or CUSTOM. (Required) |
Outputs¶
| Attribute | Description |
|---|---|
| fingerprint | Fingerprint of this SSL policy. |
| enabled-features list | The list of features enabled in the SSL policy. |
| self-link | Server-defined URL for the SSL policy. |
| warning list subresource | If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
|