Google Cloud Native is in preview. Google Cloud Classic is fully supported.
google-native.networksecurity/v1.TlsInspectionPolicy
Explore with Pulumi AI
Google Cloud Native is in preview. Google Cloud Classic is fully supported.
Creates a new TlsInspectionPolicy in a given project and location.
Create TlsInspectionPolicy Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new TlsInspectionPolicy(name: string, args: TlsInspectionPolicyArgs, opts?: CustomResourceOptions);
@overload
def TlsInspectionPolicy(resource_name: str,
args: TlsInspectionPolicyArgs,
opts: Optional[ResourceOptions] = None)
@overload
def TlsInspectionPolicy(resource_name: str,
opts: Optional[ResourceOptions] = None,
ca_pool: Optional[str] = None,
tls_inspection_policy_id: Optional[str] = None,
custom_tls_features: Optional[Sequence[str]] = None,
description: Optional[str] = None,
exclude_public_ca_set: Optional[bool] = None,
location: Optional[str] = None,
min_tls_version: Optional[TlsInspectionPolicyMinTlsVersion] = None,
name: Optional[str] = None,
project: Optional[str] = None,
tls_feature_profile: Optional[TlsInspectionPolicyTlsFeatureProfile] = None,
trust_config: Optional[str] = None)
func NewTlsInspectionPolicy(ctx *Context, name string, args TlsInspectionPolicyArgs, opts ...ResourceOption) (*TlsInspectionPolicy, error)
public TlsInspectionPolicy(string name, TlsInspectionPolicyArgs args, CustomResourceOptions? opts = null)
public TlsInspectionPolicy(String name, TlsInspectionPolicyArgs args)
public TlsInspectionPolicy(String name, TlsInspectionPolicyArgs args, CustomResourceOptions options)
type: google-native:networksecurity/v1:TlsInspectionPolicy
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args TlsInspectionPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args TlsInspectionPolicyArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args TlsInspectionPolicyArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args TlsInspectionPolicyArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args TlsInspectionPolicyArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var tlsInspectionPolicyResource = new GoogleNative.NetworkSecurity.V1.TlsInspectionPolicy("tlsInspectionPolicyResource", new()
{
CaPool = "string",
TlsInspectionPolicyId = "string",
CustomTlsFeatures = new[]
{
"string",
},
Description = "string",
ExcludePublicCaSet = false,
Location = "string",
MinTlsVersion = GoogleNative.NetworkSecurity.V1.TlsInspectionPolicyMinTlsVersion.TlsVersionUnspecified,
Name = "string",
Project = "string",
TlsFeatureProfile = GoogleNative.NetworkSecurity.V1.TlsInspectionPolicyTlsFeatureProfile.ProfileUnspecified,
TrustConfig = "string",
});
example, err := networksecurity.NewTlsInspectionPolicy(ctx, "tlsInspectionPolicyResource", &networksecurity.TlsInspectionPolicyArgs{
CaPool: pulumi.String("string"),
TlsInspectionPolicyId: pulumi.String("string"),
CustomTlsFeatures: pulumi.StringArray{
pulumi.String("string"),
},
Description: pulumi.String("string"),
ExcludePublicCaSet: pulumi.Bool(false),
Location: pulumi.String("string"),
MinTlsVersion: networksecurity.TlsInspectionPolicyMinTlsVersionTlsVersionUnspecified,
Name: pulumi.String("string"),
Project: pulumi.String("string"),
TlsFeatureProfile: networksecurity.TlsInspectionPolicyTlsFeatureProfileProfileUnspecified,
TrustConfig: pulumi.String("string"),
})
var tlsInspectionPolicyResource = new TlsInspectionPolicy("tlsInspectionPolicyResource", TlsInspectionPolicyArgs.builder()
.caPool("string")
.tlsInspectionPolicyId("string")
.customTlsFeatures("string")
.description("string")
.excludePublicCaSet(false)
.location("string")
.minTlsVersion("TLS_VERSION_UNSPECIFIED")
.name("string")
.project("string")
.tlsFeatureProfile("PROFILE_UNSPECIFIED")
.trustConfig("string")
.build());
tls_inspection_policy_resource = google_native.networksecurity.v1.TlsInspectionPolicy("tlsInspectionPolicyResource",
ca_pool="string",
tls_inspection_policy_id="string",
custom_tls_features=["string"],
description="string",
exclude_public_ca_set=False,
location="string",
min_tls_version=google_native.networksecurity.v1.TlsInspectionPolicyMinTlsVersion.TLS_VERSION_UNSPECIFIED,
name="string",
project="string",
tls_feature_profile=google_native.networksecurity.v1.TlsInspectionPolicyTlsFeatureProfile.PROFILE_UNSPECIFIED,
trust_config="string")
const tlsInspectionPolicyResource = new google_native.networksecurity.v1.TlsInspectionPolicy("tlsInspectionPolicyResource", {
caPool: "string",
tlsInspectionPolicyId: "string",
customTlsFeatures: ["string"],
description: "string",
excludePublicCaSet: false,
location: "string",
minTlsVersion: google_native.networksecurity.v1.TlsInspectionPolicyMinTlsVersion.TlsVersionUnspecified,
name: "string",
project: "string",
tlsFeatureProfile: google_native.networksecurity.v1.TlsInspectionPolicyTlsFeatureProfile.ProfileUnspecified,
trustConfig: "string",
});
type: google-native:networksecurity/v1:TlsInspectionPolicy
properties:
caPool: string
customTlsFeatures:
- string
description: string
excludePublicCaSet: false
location: string
minTlsVersion: TLS_VERSION_UNSPECIFIED
name: string
project: string
tlsFeatureProfile: PROFILE_UNSPECIFIED
tlsInspectionPolicyId: string
trustConfig: string
TlsInspectionPolicy Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The TlsInspectionPolicy resource accepts the following input properties:
- Ca
Pool string - A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
- Tls
Inspection stringPolicy Id - Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
- Custom
Tls List<string>Features - Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
- Description string
- Optional. Free-text description of the resource.
- Exclude
Public boolCa Set - Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
- Location string
- Min
Tls Pulumi.Version Google Native. Network Security. V1. Tls Inspection Policy Min Tls Version - Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- Name string
- Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
- Project string
- Tls
Feature Pulumi.Profile Google Native. Network Security. V1. Tls Inspection Policy Tls Feature Profile - Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- Trust
Config string - Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
- Ca
Pool string - A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
- Tls
Inspection stringPolicy Id - Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
- Custom
Tls []stringFeatures - Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
- Description string
- Optional. Free-text description of the resource.
- Exclude
Public boolCa Set - Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
- Location string
- Min
Tls TlsVersion Inspection Policy Min Tls Version - Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- Name string
- Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
- Project string
- Tls
Feature TlsProfile Inspection Policy Tls Feature Profile - Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- Trust
Config string - Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
- ca
Pool String - A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
- tls
Inspection StringPolicy Id - Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
- custom
Tls List<String>Features - Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
- description String
- Optional. Free-text description of the resource.
- exclude
Public BooleanCa Set - Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
- location String
- min
Tls TlsVersion Inspection Policy Min Tls Version - Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- name String
- Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
- project String
- tls
Feature TlsProfile Inspection Policy Tls Feature Profile - Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- trust
Config String - Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
- ca
Pool string - A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
- tls
Inspection stringPolicy Id - Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
- custom
Tls string[]Features - Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
- description string
- Optional. Free-text description of the resource.
- exclude
Public booleanCa Set - Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
- location string
- min
Tls TlsVersion Inspection Policy Min Tls Version - Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- name string
- Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
- project string
- tls
Feature TlsProfile Inspection Policy Tls Feature Profile - Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- trust
Config string - Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
- ca_
pool str - A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
- tls_
inspection_ strpolicy_ id - Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
- custom_
tls_ Sequence[str]features - Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
- description str
- Optional. Free-text description of the resource.
- exclude_
public_ boolca_ set - Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
- location str
- min_
tls_ Tlsversion Inspection Policy Min Tls Version - Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- name str
- Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
- project str
- tls_
feature_ Tlsprofile Inspection Policy Tls Feature Profile - Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- trust_
config str - Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
- ca
Pool String - A CA pool resource used to issue interception certificates. The CA pool string has a relative resource path following the form "projects/{project}/locations/{location}/caPools/{ca_pool}".
- tls
Inspection StringPolicy Id - Required. Short name of the TlsInspectionPolicy resource to be created. This value should be 1-63 characters long, containing only letters, numbers, hyphens, and underscores, and should not start with a number. E.g. "tls_inspection_policy1".
- custom
Tls List<String>Features - Optional. List of custom TLS cipher suites selected. This field is valid only if the selected tls_feature_profile is CUSTOM. The compute.SslPoliciesService.ListAvailableFeatures method returns the set of features that can be specified in this list. Note that Secure Web Proxy does not yet honor this field.
- description String
- Optional. Free-text description of the resource.
- exclude
Public BooleanCa Set - Optional. If FALSE (the default), use our default set of public CAs in addition to any CAs specified in trust_config. These public CAs are currently based on the Mozilla Root Program and are subject to change over time. If TRUE, do not accept our default set of public CAs. Only CAs specified in trust_config will be accepted. This defaults to FALSE (use public CAs in addition to trust_config) for backwards compatibility, but trusting public root CAs is not recommended unless the traffic in question is outbound to public web servers. When possible, prefer setting this to "false" and explicitly specifying trusted CAs and certificates in a TrustConfig. Note that Secure Web Proxy does not yet honor this field.
- location String
- min
Tls "TLS_VERSION_UNSPECIFIED" | "TLS_1_0" | "TLS_1_1" | "TLS_1_2" | "TLS_1_3"Version - Optional. Minimum TLS version that the firewall should use when negotiating connections with both clients and servers. If this is not set, then the default value is to allow the broadest set of clients and servers (TLS 1.0 or higher). Setting this to more restrictive values may improve security, but may also prevent the firewall from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- name String
- Name of the resource. Name is of the form projects/{project}/locations/{location}/tlsInspectionPolicies/{tls_inspection_policy} tls_inspection_policy should match the pattern:(^a-z?$).
- project String
- tls
Feature "PROFILE_UNSPECIFIED" | "PROFILE_COMPATIBLE" | "PROFILE_MODERN" | "PROFILE_RESTRICTED" | "PROFILE_CUSTOM"Profile - Optional. The selected Profile. If this is not set, then the default value is to allow the broadest set of clients and servers ("PROFILE_COMPATIBLE"). Setting this to more restrictive values may improve security, but may also prevent the TLS inspection proxy from connecting to some clients or servers. Note that Secure Web Proxy does not yet honor this field.
- trust
Config String - Optional. A TrustConfig resource used when making a connection to the TLS server. This is a relative resource path following the form "projects/{project}/locations/{location}/trustConfigs/{trust_config}". This is necessary to intercept TLS connections to servers with certificates signed by a private CA or self-signed certificates. Note that Secure Web Proxy does not yet honor this field.
Outputs
All input properties are implicitly available as output properties. Additionally, the TlsInspectionPolicy resource produces the following output properties:
- Create
Time string - The timestamp when the resource was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time string - The timestamp when the resource was updated.
- Create
Time string - The timestamp when the resource was created.
- Id string
- The provider-assigned unique ID for this managed resource.
- Update
Time string - The timestamp when the resource was updated.
- create
Time String - The timestamp when the resource was created.
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time String - The timestamp when the resource was updated.
- create
Time string - The timestamp when the resource was created.
- id string
- The provider-assigned unique ID for this managed resource.
- update
Time string - The timestamp when the resource was updated.
- create_
time str - The timestamp when the resource was created.
- id str
- The provider-assigned unique ID for this managed resource.
- update_
time str - The timestamp when the resource was updated.
- create
Time String - The timestamp when the resource was created.
- id String
- The provider-assigned unique ID for this managed resource.
- update
Time String - The timestamp when the resource was updated.
Supporting Types
TlsInspectionPolicyMinTlsVersion, TlsInspectionPolicyMinTlsVersionArgs
- Tls
Version Unspecified - TLS_VERSION_UNSPECIFIEDIndicates no TLS version was specified.
- Tls10
- TLS_1_0TLS 1.0
- Tls11
- TLS_1_1TLS 1.1
- Tls12
- TLS_1_2TLS 1.2
- Tls13
- TLS_1_3TLS 1.3
- Tls
Inspection Policy Min Tls Version Tls Version Unspecified - TLS_VERSION_UNSPECIFIEDIndicates no TLS version was specified.
- Tls
Inspection Policy Min Tls Version Tls10 - TLS_1_0TLS 1.0
- Tls
Inspection Policy Min Tls Version Tls11 - TLS_1_1TLS 1.1
- Tls
Inspection Policy Min Tls Version Tls12 - TLS_1_2TLS 1.2
- Tls
Inspection Policy Min Tls Version Tls13 - TLS_1_3TLS 1.3
- Tls
Version Unspecified - TLS_VERSION_UNSPECIFIEDIndicates no TLS version was specified.
- Tls10
- TLS_1_0TLS 1.0
- Tls11
- TLS_1_1TLS 1.1
- Tls12
- TLS_1_2TLS 1.2
- Tls13
- TLS_1_3TLS 1.3
- Tls
Version Unspecified - TLS_VERSION_UNSPECIFIEDIndicates no TLS version was specified.
- Tls10
- TLS_1_0TLS 1.0
- Tls11
- TLS_1_1TLS 1.1
- Tls12
- TLS_1_2TLS 1.2
- Tls13
- TLS_1_3TLS 1.3
- TLS_VERSION_UNSPECIFIED
- TLS_VERSION_UNSPECIFIEDIndicates no TLS version was specified.
- TLS10
- TLS_1_0TLS 1.0
- TLS11
- TLS_1_1TLS 1.1
- TLS12
- TLS_1_2TLS 1.2
- TLS13
- TLS_1_3TLS 1.3
- "TLS_VERSION_UNSPECIFIED"
- TLS_VERSION_UNSPECIFIEDIndicates no TLS version was specified.
- "TLS_1_0"
- TLS_1_0TLS 1.0
- "TLS_1_1"
- TLS_1_1TLS 1.1
- "TLS_1_2"
- TLS_1_2TLS 1.2
- "TLS_1_3"
- TLS_1_3TLS 1.3
TlsInspectionPolicyTlsFeatureProfile, TlsInspectionPolicyTlsFeatureProfileArgs
- Profile
Unspecified - PROFILE_UNSPECIFIEDIndicates no profile was specified.
- Profile
Compatible - PROFILE_COMPATIBLECompatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
- Profile
Modern - PROFILE_MODERNModern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
- Profile
Restricted - PROFILE_RESTRICTEDRestricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
- Profile
Custom - PROFILE_CUSTOMCustom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
- Tls
Inspection Policy Tls Feature Profile Profile Unspecified - PROFILE_UNSPECIFIEDIndicates no profile was specified.
- Tls
Inspection Policy Tls Feature Profile Profile Compatible - PROFILE_COMPATIBLECompatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
- Tls
Inspection Policy Tls Feature Profile Profile Modern - PROFILE_MODERNModern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
- Tls
Inspection Policy Tls Feature Profile Profile Restricted - PROFILE_RESTRICTEDRestricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
- Tls
Inspection Policy Tls Feature Profile Profile Custom - PROFILE_CUSTOMCustom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
- Profile
Unspecified - PROFILE_UNSPECIFIEDIndicates no profile was specified.
- Profile
Compatible - PROFILE_COMPATIBLECompatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
- Profile
Modern - PROFILE_MODERNModern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
- Profile
Restricted - PROFILE_RESTRICTEDRestricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
- Profile
Custom - PROFILE_CUSTOMCustom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
- Profile
Unspecified - PROFILE_UNSPECIFIEDIndicates no profile was specified.
- Profile
Compatible - PROFILE_COMPATIBLECompatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
- Profile
Modern - PROFILE_MODERNModern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
- Profile
Restricted - PROFILE_RESTRICTEDRestricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
- Profile
Custom - PROFILE_CUSTOMCustom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
- PROFILE_UNSPECIFIED
- PROFILE_UNSPECIFIEDIndicates no profile was specified.
- PROFILE_COMPATIBLE
- PROFILE_COMPATIBLECompatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
- PROFILE_MODERN
- PROFILE_MODERNModern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
- PROFILE_RESTRICTED
- PROFILE_RESTRICTEDRestricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
- PROFILE_CUSTOM
- PROFILE_CUSTOMCustom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
- "PROFILE_UNSPECIFIED"
- PROFILE_UNSPECIFIEDIndicates no profile was specified.
- "PROFILE_COMPATIBLE"
- PROFILE_COMPATIBLECompatible profile. Allows the broadest set of clients, even those which support only out-of-date SSL features to negotiate with the TLS inspection proxy.
- "PROFILE_MODERN"
- PROFILE_MODERNModern profile. Supports a wide set of SSL features, allowing modern clients to negotiate SSL with the TLS inspection proxy.
- "PROFILE_RESTRICTED"
- PROFILE_RESTRICTEDRestricted profile. Supports a reduced set of SSL features, intended to meet stricter compliance requirements.
- "PROFILE_CUSTOM"
- PROFILE_CUSTOMCustom profile. Allow only the set of allowed SSL features specified in the custom_features field of SslPolicy.
Package Details
- Repository
- Google Cloud Native pulumi/pulumi-google-native
- License
- Apache-2.0
Google Cloud Native is in preview. Google Cloud Classic is fully supported.