googleComputeRegionSslPolicy

Represents a Regional SSL policy. SSL policies give you the ability to control the features of SSL that your SSL proxy or HTTPS load balancer negotiates.

\~> Warning: This resource is in beta, and should be used with the terraform-provider-google-beta provider. See Provider Versions for more details on beta resources.

To get more information about RegionSslPolicy, see:

• API documentation
• How-to Guides
• Using SSL Policies

Argument Reference

The following arguments are supported:

• name - (Required) Name of the resource. Provided by the client when the resource is created. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [aZ]([AZ09]*[aZ09])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

• region - (Required) The region where the regional SSL policy resides.

• description - (Optional) An optional description of this resource.

• profile - (Optional) Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. If using custom, the set of SSL features to enable must be specified in the customFeatures field. See the official documentation for information on what cipher suites each profile provides. If custom is used, the customFeatures attribute must be set. Default value is compatible. Possible values are compatible, modern, restricted, and custom.

• minTlsVersion - (Optional) The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. Default value is tls10. Possible values are tls10, tls11, and tls12.

• customFeatures - (Optional) A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM. See the official documentation for which ciphers are available to use. Note: this argument must be present when using the custom profile. This argument must not be present when using any other profile.

• project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

Attributes Reference

In addition to the arguments listed above, the following computed attributes are exported:

• id - an identifier for the resource with format projects/{{project}}/regions/{{region}}/sslPolicies/{{name}}

• creationTimestamp - Creation timestamp in RFC3339 text format.

• enabledFeatures - The list of features enabled in the SSL policy.

• fingerprint - Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking.

• selfLink - The URI of the created resource.

Timeouts

This resource provides the following Timeouts configuration options:

• create - Default is 20 minutes.
• update - Default is 20 minutes.
• delete - Default is 20 minutes.

Import

RegionSslPolicy can be imported using any of these accepted formats:

$ terraform import google_compute_region_ssl_policy.default projects/{{project}}/regions/{{region}}/sslPolicies/{{name}}
$ terraform import google_compute_region_ssl_policy.default {{project}}/{{region}}/{{name}}
$ terraform import google_compute_region_ssl_policy.default {{region}}/{{name}}
$ terraform import google_compute_region_ssl_policy.default {{name}}

User Project Overrides

This resource supports User Project Overrides.