oci.LoadBalancer.Listener
Explore with Pulumi AI
This resource provides the Listener resource in Oracle Cloud Infrastructure Load Balancer service.
Adds a listener to a load balancer.
Example Usage
import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";
const testListener = new oci.loadbalancer.Listener("test_listener", {
defaultBackendSetName: testBackendSet.name,
loadBalancerId: testLoadBalancer.id,
name: listenerName,
port: listenerPort,
protocol: listenerProtocol,
connectionConfiguration: {
idleTimeoutInSeconds: listenerConnectionConfigurationIdleTimeoutInSeconds,
backendTcpProxyProtocolOptions: listenerConnectionConfigurationBackendTcpProxyProtocolOptions,
backendTcpProxyProtocolVersion: listenerConnectionConfigurationBackendTcpProxyProtocolVersion,
},
hostnameNames: [testHostname.name],
pathRouteSetName: testPathRouteSet.name,
routingPolicyName: testLoadBalancerRoutingPolicy.name,
ruleSetNames: [testRuleSet.name],
sslConfiguration: {
certificateName: testCertificate.name,
hasSessionResumption: listenerSslConfigurationHasSessionResumption,
certificateIds: listenerSslConfigurationCertificateIds,
cipherSuiteName: listenerSslConfigurationCipherSuiteName,
protocols: listenerSslConfigurationProtocols,
serverOrderPreference: listenerSslConfigurationServerOrderPreference,
trustedCertificateAuthorityIds: listenerSslConfigurationTrustedCertificateAuthorityIds,
verifyDepth: listenerSslConfigurationVerifyDepth,
verifyPeerCertificate: listenerSslConfigurationVerifyPeerCertificate,
},
});
import pulumi
import pulumi_oci as oci
test_listener = oci.load_balancer.Listener("test_listener",
default_backend_set_name=test_backend_set["name"],
load_balancer_id=test_load_balancer["id"],
name=listener_name,
port=listener_port,
protocol=listener_protocol,
connection_configuration={
"idle_timeout_in_seconds": listener_connection_configuration_idle_timeout_in_seconds,
"backend_tcp_proxy_protocol_options": listener_connection_configuration_backend_tcp_proxy_protocol_options,
"backend_tcp_proxy_protocol_version": listener_connection_configuration_backend_tcp_proxy_protocol_version,
},
hostname_names=[test_hostname["name"]],
path_route_set_name=test_path_route_set["name"],
routing_policy_name=test_load_balancer_routing_policy["name"],
rule_set_names=[test_rule_set["name"]],
ssl_configuration={
"certificate_name": test_certificate["name"],
"has_session_resumption": listener_ssl_configuration_has_session_resumption,
"certificate_ids": listener_ssl_configuration_certificate_ids,
"cipher_suite_name": listener_ssl_configuration_cipher_suite_name,
"protocols": listener_ssl_configuration_protocols,
"server_order_preference": listener_ssl_configuration_server_order_preference,
"trusted_certificate_authority_ids": listener_ssl_configuration_trusted_certificate_authority_ids,
"verify_depth": listener_ssl_configuration_verify_depth,
"verify_peer_certificate": listener_ssl_configuration_verify_peer_certificate,
})
package main
import (
"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/LoadBalancer"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := LoadBalancer.NewListener(ctx, "test_listener", &LoadBalancer.ListenerArgs{
DefaultBackendSetName: pulumi.Any(testBackendSet.Name),
LoadBalancerId: pulumi.Any(testLoadBalancer.Id),
Name: pulumi.Any(listenerName),
Port: pulumi.Any(listenerPort),
Protocol: pulumi.Any(listenerProtocol),
ConnectionConfiguration: &loadbalancer.ListenerConnectionConfigurationArgs{
IdleTimeoutInSeconds: pulumi.Any(listenerConnectionConfigurationIdleTimeoutInSeconds),
BackendTcpProxyProtocolOptions: pulumi.Any(listenerConnectionConfigurationBackendTcpProxyProtocolOptions),
BackendTcpProxyProtocolVersion: pulumi.Any(listenerConnectionConfigurationBackendTcpProxyProtocolVersion),
},
HostnameNames: pulumi.StringArray{
testHostname.Name,
},
PathRouteSetName: pulumi.Any(testPathRouteSet.Name),
RoutingPolicyName: pulumi.Any(testLoadBalancerRoutingPolicy.Name),
RuleSetNames: pulumi.StringArray{
testRuleSet.Name,
},
SslConfiguration: &loadbalancer.ListenerSslConfigurationArgs{
CertificateName: pulumi.Any(testCertificate.Name),
HasSessionResumption: pulumi.Any(listenerSslConfigurationHasSessionResumption),
CertificateIds: pulumi.Any(listenerSslConfigurationCertificateIds),
CipherSuiteName: pulumi.Any(listenerSslConfigurationCipherSuiteName),
Protocols: pulumi.Any(listenerSslConfigurationProtocols),
ServerOrderPreference: pulumi.Any(listenerSslConfigurationServerOrderPreference),
TrustedCertificateAuthorityIds: pulumi.Any(listenerSslConfigurationTrustedCertificateAuthorityIds),
VerifyDepth: pulumi.Any(listenerSslConfigurationVerifyDepth),
VerifyPeerCertificate: pulumi.Any(listenerSslConfigurationVerifyPeerCertificate),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;
return await Deployment.RunAsync(() =>
{
var testListener = new Oci.LoadBalancer.Listener("test_listener", new()
{
DefaultBackendSetName = testBackendSet.Name,
LoadBalancerId = testLoadBalancer.Id,
Name = listenerName,
Port = listenerPort,
Protocol = listenerProtocol,
ConnectionConfiguration = new Oci.LoadBalancer.Inputs.ListenerConnectionConfigurationArgs
{
IdleTimeoutInSeconds = listenerConnectionConfigurationIdleTimeoutInSeconds,
BackendTcpProxyProtocolOptions = listenerConnectionConfigurationBackendTcpProxyProtocolOptions,
BackendTcpProxyProtocolVersion = listenerConnectionConfigurationBackendTcpProxyProtocolVersion,
},
HostnameNames = new[]
{
testHostname.Name,
},
PathRouteSetName = testPathRouteSet.Name,
RoutingPolicyName = testLoadBalancerRoutingPolicy.Name,
RuleSetNames = new[]
{
testRuleSet.Name,
},
SslConfiguration = new Oci.LoadBalancer.Inputs.ListenerSslConfigurationArgs
{
CertificateName = testCertificate.Name,
HasSessionResumption = listenerSslConfigurationHasSessionResumption,
CertificateIds = listenerSslConfigurationCertificateIds,
CipherSuiteName = listenerSslConfigurationCipherSuiteName,
Protocols = listenerSslConfigurationProtocols,
ServerOrderPreference = listenerSslConfigurationServerOrderPreference,
TrustedCertificateAuthorityIds = listenerSslConfigurationTrustedCertificateAuthorityIds,
VerifyDepth = listenerSslConfigurationVerifyDepth,
VerifyPeerCertificate = listenerSslConfigurationVerifyPeerCertificate,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.LoadBalancer.Listener;
import com.pulumi.oci.LoadBalancer.ListenerArgs;
import com.pulumi.oci.LoadBalancer.inputs.ListenerConnectionConfigurationArgs;
import com.pulumi.oci.LoadBalancer.inputs.ListenerSslConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testListener = new Listener("testListener", ListenerArgs.builder()
.defaultBackendSetName(testBackendSet.name())
.loadBalancerId(testLoadBalancer.id())
.name(listenerName)
.port(listenerPort)
.protocol(listenerProtocol)
.connectionConfiguration(ListenerConnectionConfigurationArgs.builder()
.idleTimeoutInSeconds(listenerConnectionConfigurationIdleTimeoutInSeconds)
.backendTcpProxyProtocolOptions(listenerConnectionConfigurationBackendTcpProxyProtocolOptions)
.backendTcpProxyProtocolVersion(listenerConnectionConfigurationBackendTcpProxyProtocolVersion)
.build())
.hostnameNames(testHostname.name())
.pathRouteSetName(testPathRouteSet.name())
.routingPolicyName(testLoadBalancerRoutingPolicy.name())
.ruleSetNames(testRuleSet.name())
.sslConfiguration(ListenerSslConfigurationArgs.builder()
.certificateName(testCertificate.name())
.hasSessionResumption(listenerSslConfigurationHasSessionResumption)
.certificateIds(listenerSslConfigurationCertificateIds)
.cipherSuiteName(listenerSslConfigurationCipherSuiteName)
.protocols(listenerSslConfigurationProtocols)
.serverOrderPreference(listenerSslConfigurationServerOrderPreference)
.trustedCertificateAuthorityIds(listenerSslConfigurationTrustedCertificateAuthorityIds)
.verifyDepth(listenerSslConfigurationVerifyDepth)
.verifyPeerCertificate(listenerSslConfigurationVerifyPeerCertificate)
.build())
.build());
}
}
resources:
testListener:
type: oci:LoadBalancer:Listener
name: test_listener
properties:
defaultBackendSetName: ${testBackendSet.name}
loadBalancerId: ${testLoadBalancer.id}
name: ${listenerName}
port: ${listenerPort}
protocol: ${listenerProtocol}
connectionConfiguration:
idleTimeoutInSeconds: ${listenerConnectionConfigurationIdleTimeoutInSeconds}
backendTcpProxyProtocolOptions: ${listenerConnectionConfigurationBackendTcpProxyProtocolOptions}
backendTcpProxyProtocolVersion: ${listenerConnectionConfigurationBackendTcpProxyProtocolVersion}
hostnameNames:
- ${testHostname.name}
pathRouteSetName: ${testPathRouteSet.name}
routingPolicyName: ${testLoadBalancerRoutingPolicy.name}
ruleSetNames:
- ${testRuleSet.name}
sslConfiguration:
certificateName: ${testCertificate.name}
hasSessionResumption: ${listenerSslConfigurationHasSessionResumption}
certificateIds: ${listenerSslConfigurationCertificateIds}
cipherSuiteName: ${listenerSslConfigurationCipherSuiteName}
protocols: ${listenerSslConfigurationProtocols}
serverOrderPreference: ${listenerSslConfigurationServerOrderPreference}
trustedCertificateAuthorityIds: ${listenerSslConfigurationTrustedCertificateAuthorityIds}
verifyDepth: ${listenerSslConfigurationVerifyDepth}
verifyPeerCertificate: ${listenerSslConfigurationVerifyPeerCertificate}
Create Listener Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Listener(name: string, args: ListenerArgs, opts?: CustomResourceOptions);
@overload
def Listener(resource_name: str,
args: ListenerArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Listener(resource_name: str,
opts: Optional[ResourceOptions] = None,
default_backend_set_name: Optional[str] = None,
load_balancer_id: Optional[str] = None,
port: Optional[int] = None,
protocol: Optional[str] = None,
connection_configuration: Optional[_loadbalancer.ListenerConnectionConfigurationArgs] = None,
hostname_names: Optional[Sequence[str]] = None,
name: Optional[str] = None,
path_route_set_name: Optional[str] = None,
routing_policy_name: Optional[str] = None,
rule_set_names: Optional[Sequence[str]] = None,
ssl_configuration: Optional[_loadbalancer.ListenerSslConfigurationArgs] = None)
func NewListener(ctx *Context, name string, args ListenerArgs, opts ...ResourceOption) (*Listener, error)
public Listener(string name, ListenerArgs args, CustomResourceOptions? opts = null)
public Listener(String name, ListenerArgs args)
public Listener(String name, ListenerArgs args, CustomResourceOptions options)
type: oci:LoadBalancer:Listener
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args ListenerArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var listenerResource = new Oci.LoadBalancer.Listener("listenerResource", new()
{
DefaultBackendSetName = "string",
LoadBalancerId = "string",
Port = 0,
Protocol = "string",
ConnectionConfiguration = new Oci.LoadBalancer.Inputs.ListenerConnectionConfigurationArgs
{
IdleTimeoutInSeconds = "string",
BackendTcpProxyProtocolOptions = new[]
{
"string",
},
BackendTcpProxyProtocolVersion = 0,
},
HostnameNames = new[]
{
"string",
},
Name = "string",
PathRouteSetName = "string",
RoutingPolicyName = "string",
RuleSetNames = new[]
{
"string",
},
SslConfiguration = new Oci.LoadBalancer.Inputs.ListenerSslConfigurationArgs
{
CertificateIds = new[]
{
"string",
},
CertificateName = "string",
CipherSuiteName = "string",
HasSessionResumption = false,
Protocols = new[]
{
"string",
},
ServerOrderPreference = "string",
TrustedCertificateAuthorityIds = new[]
{
"string",
},
VerifyDepth = 0,
VerifyPeerCertificate = false,
},
});
example, err := LoadBalancer.NewListener(ctx, "listenerResource", &LoadBalancer.ListenerArgs{
DefaultBackendSetName: pulumi.String("string"),
LoadBalancerId: pulumi.String("string"),
Port: pulumi.Int(0),
Protocol: pulumi.String("string"),
ConnectionConfiguration: &loadbalancer.ListenerConnectionConfigurationArgs{
IdleTimeoutInSeconds: pulumi.String("string"),
BackendTcpProxyProtocolOptions: pulumi.StringArray{
pulumi.String("string"),
},
BackendTcpProxyProtocolVersion: pulumi.Int(0),
},
HostnameNames: pulumi.StringArray{
pulumi.String("string"),
},
Name: pulumi.String("string"),
PathRouteSetName: pulumi.String("string"),
RoutingPolicyName: pulumi.String("string"),
RuleSetNames: pulumi.StringArray{
pulumi.String("string"),
},
SslConfiguration: &loadbalancer.ListenerSslConfigurationArgs{
CertificateIds: pulumi.StringArray{
pulumi.String("string"),
},
CertificateName: pulumi.String("string"),
CipherSuiteName: pulumi.String("string"),
HasSessionResumption: pulumi.Bool(false),
Protocols: pulumi.StringArray{
pulumi.String("string"),
},
ServerOrderPreference: pulumi.String("string"),
TrustedCertificateAuthorityIds: pulumi.StringArray{
pulumi.String("string"),
},
VerifyDepth: pulumi.Int(0),
VerifyPeerCertificate: pulumi.Bool(false),
},
})
var listenerResource = new Listener("listenerResource", ListenerArgs.builder()
.defaultBackendSetName("string")
.loadBalancerId("string")
.port(0)
.protocol("string")
.connectionConfiguration(ListenerConnectionConfigurationArgs.builder()
.idleTimeoutInSeconds("string")
.backendTcpProxyProtocolOptions("string")
.backendTcpProxyProtocolVersion(0)
.build())
.hostnameNames("string")
.name("string")
.pathRouteSetName("string")
.routingPolicyName("string")
.ruleSetNames("string")
.sslConfiguration(ListenerSslConfigurationArgs.builder()
.certificateIds("string")
.certificateName("string")
.cipherSuiteName("string")
.hasSessionResumption(false)
.protocols("string")
.serverOrderPreference("string")
.trustedCertificateAuthorityIds("string")
.verifyDepth(0)
.verifyPeerCertificate(false)
.build())
.build());
listener_resource = oci.load_balancer.Listener("listenerResource",
default_backend_set_name="string",
load_balancer_id="string",
port=0,
protocol="string",
connection_configuration={
"idle_timeout_in_seconds": "string",
"backend_tcp_proxy_protocol_options": ["string"],
"backend_tcp_proxy_protocol_version": 0,
},
hostname_names=["string"],
name="string",
path_route_set_name="string",
routing_policy_name="string",
rule_set_names=["string"],
ssl_configuration={
"certificate_ids": ["string"],
"certificate_name": "string",
"cipher_suite_name": "string",
"has_session_resumption": False,
"protocols": ["string"],
"server_order_preference": "string",
"trusted_certificate_authority_ids": ["string"],
"verify_depth": 0,
"verify_peer_certificate": False,
})
const listenerResource = new oci.loadbalancer.Listener("listenerResource", {
defaultBackendSetName: "string",
loadBalancerId: "string",
port: 0,
protocol: "string",
connectionConfiguration: {
idleTimeoutInSeconds: "string",
backendTcpProxyProtocolOptions: ["string"],
backendTcpProxyProtocolVersion: 0,
},
hostnameNames: ["string"],
name: "string",
pathRouteSetName: "string",
routingPolicyName: "string",
ruleSetNames: ["string"],
sslConfiguration: {
certificateIds: ["string"],
certificateName: "string",
cipherSuiteName: "string",
hasSessionResumption: false,
protocols: ["string"],
serverOrderPreference: "string",
trustedCertificateAuthorityIds: ["string"],
verifyDepth: 0,
verifyPeerCertificate: false,
},
});
type: oci:LoadBalancer:Listener
properties:
connectionConfiguration:
backendTcpProxyProtocolOptions:
- string
backendTcpProxyProtocolVersion: 0
idleTimeoutInSeconds: string
defaultBackendSetName: string
hostnameNames:
- string
loadBalancerId: string
name: string
pathRouteSetName: string
port: 0
protocol: string
routingPolicyName: string
ruleSetNames:
- string
sslConfiguration:
certificateIds:
- string
certificateName: string
cipherSuiteName: string
hasSessionResumption: false
protocols:
- string
serverOrderPreference: string
trustedCertificateAuthorityIds:
- string
verifyDepth: 0
verifyPeerCertificate: false
Listener Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Listener resource accepts the following input properties:
- Default
Backend stringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- Load
Balancer stringId - The OCID of the load balancer on which to add a listener.
- Port int
- (Updatable) The communication port for the listener. Example:
80
- Protocol string
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- Connection
Configuration ListenerConnection Configuration - (Updatable) Configuration details for the connection between the client and backend servers.
- Hostname
Names List<string> - (Updatable) An array of hostname resource names.
- Name string
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- Path
Route stringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- Routing
Policy stringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- Rule
Set List<string>Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- Ssl
Configuration ListenerSsl Configuration (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- Default
Backend stringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- Load
Balancer stringId - The OCID of the load balancer on which to add a listener.
- Port int
- (Updatable) The communication port for the listener. Example:
80
- Protocol string
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- Connection
Configuration ListenerConnection Configuration Args - (Updatable) Configuration details for the connection between the client and backend servers.
- Hostname
Names []string - (Updatable) An array of hostname resource names.
- Name string
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- Path
Route stringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- Routing
Policy stringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- Rule
Set []stringNames - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- Ssl
Configuration ListenerSsl Configuration Args (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- default
Backend StringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- load
Balancer StringId - The OCID of the load balancer on which to add a listener.
- port Integer
- (Updatable) The communication port for the listener. Example:
80
- protocol String
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- connection
Configuration ListenerConnection Configuration - (Updatable) Configuration details for the connection between the client and backend servers.
- hostname
Names List<String> - (Updatable) An array of hostname resource names.
- name String
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path
Route StringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- routing
Policy StringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule
Set List<String>Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl
Configuration ListenerSsl Configuration (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- default
Backend stringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- load
Balancer stringId - The OCID of the load balancer on which to add a listener.
- port number
- (Updatable) The communication port for the listener. Example:
80
- protocol string
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- connection
Configuration ListenerConnection Configuration - (Updatable) Configuration details for the connection between the client and backend servers.
- hostname
Names string[] - (Updatable) An array of hostname resource names.
- name string
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path
Route stringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- routing
Policy stringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule
Set string[]Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl
Configuration ListenerSsl Configuration (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- default_
backend_ strset_ name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- load_
balancer_ strid - The OCID of the load balancer on which to add a listener.
- port int
- (Updatable) The communication port for the listener. Example:
80
- protocol str
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- connection_
configuration loadbalancer.Listener Connection Configuration Args - (Updatable) Configuration details for the connection between the client and backend servers.
- hostname_
names Sequence[str] - (Updatable) An array of hostname resource names.
- name str
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path_
route_ strset_ name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- routing_
policy_ strname - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule_
set_ Sequence[str]names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl_
configuration loadbalancer.Listener Ssl Configuration Args (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- default
Backend StringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- load
Balancer StringId - The OCID of the load balancer on which to add a listener.
- port Number
- (Updatable) The communication port for the listener. Example:
80
- protocol String
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- connection
Configuration Property Map - (Updatable) Configuration details for the connection between the client and backend servers.
- hostname
Names List<String> - (Updatable) An array of hostname resource names.
- name String
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path
Route StringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- routing
Policy StringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule
Set List<String>Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl
Configuration Property Map (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
Outputs
All input properties are implicitly available as output properties. Additionally, the Listener resource produces the following output properties:
Look up Existing Listener Resource
Get an existing Listener resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: ListenerState, opts?: CustomResourceOptions): Listener
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
connection_configuration: Optional[_loadbalancer.ListenerConnectionConfigurationArgs] = None,
default_backend_set_name: Optional[str] = None,
hostname_names: Optional[Sequence[str]] = None,
load_balancer_id: Optional[str] = None,
name: Optional[str] = None,
path_route_set_name: Optional[str] = None,
port: Optional[int] = None,
protocol: Optional[str] = None,
routing_policy_name: Optional[str] = None,
rule_set_names: Optional[Sequence[str]] = None,
ssl_configuration: Optional[_loadbalancer.ListenerSslConfigurationArgs] = None,
state: Optional[str] = None) -> Listener
func GetListener(ctx *Context, name string, id IDInput, state *ListenerState, opts ...ResourceOption) (*Listener, error)
public static Listener Get(string name, Input<string> id, ListenerState? state, CustomResourceOptions? opts = null)
public static Listener get(String name, Output<String> id, ListenerState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Connection
Configuration ListenerConnection Configuration - (Updatable) Configuration details for the connection between the client and backend servers.
- Default
Backend stringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- Hostname
Names List<string> - (Updatable) An array of hostname resource names.
- Load
Balancer stringId - The OCID of the load balancer on which to add a listener.
- Name string
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- Path
Route stringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- Port int
- (Updatable) The communication port for the listener. Example:
80
- Protocol string
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- Routing
Policy stringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- Rule
Set List<string>Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- Ssl
Configuration ListenerSsl Configuration (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- State string
- Connection
Configuration ListenerConnection Configuration Args - (Updatable) Configuration details for the connection between the client and backend servers.
- Default
Backend stringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- Hostname
Names []string - (Updatable) An array of hostname resource names.
- Load
Balancer stringId - The OCID of the load balancer on which to add a listener.
- Name string
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- Path
Route stringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- Port int
- (Updatable) The communication port for the listener. Example:
80
- Protocol string
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- Routing
Policy stringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- Rule
Set []stringNames - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- Ssl
Configuration ListenerSsl Configuration Args (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- State string
- connection
Configuration ListenerConnection Configuration - (Updatable) Configuration details for the connection between the client and backend servers.
- default
Backend StringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- hostname
Names List<String> - (Updatable) An array of hostname resource names.
- load
Balancer StringId - The OCID of the load balancer on which to add a listener.
- name String
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path
Route StringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- port Integer
- (Updatable) The communication port for the listener. Example:
80
- protocol String
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- routing
Policy StringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule
Set List<String>Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl
Configuration ListenerSsl Configuration (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- state String
- connection
Configuration ListenerConnection Configuration - (Updatable) Configuration details for the connection between the client and backend servers.
- default
Backend stringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- hostname
Names string[] - (Updatable) An array of hostname resource names.
- load
Balancer stringId - The OCID of the load balancer on which to add a listener.
- name string
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path
Route stringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- port number
- (Updatable) The communication port for the listener. Example:
80
- protocol string
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- routing
Policy stringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule
Set string[]Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl
Configuration ListenerSsl Configuration (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- state string
- connection_
configuration loadbalancer.Listener Connection Configuration Args - (Updatable) Configuration details for the connection between the client and backend servers.
- default_
backend_ strset_ name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- hostname_
names Sequence[str] - (Updatable) An array of hostname resource names.
- load_
balancer_ strid - The OCID of the load balancer on which to add a listener.
- name str
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path_
route_ strset_ name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- port int
- (Updatable) The communication port for the listener. Example:
80
- protocol str
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- routing_
policy_ strname - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule_
set_ Sequence[str]names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl_
configuration loadbalancer.Listener Ssl Configuration Args (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- state str
- connection
Configuration Property Map - (Updatable) Configuration details for the connection between the client and backend servers.
- default
Backend StringSet Name - (Updatable) The name of the associated backend set. Example:
example_backend_set
- hostname
Names List<String> - (Updatable) An array of hostname resource names.
- load
Balancer StringId - The OCID of the load balancer on which to add a listener.
- name String
- A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example:
example_listener
- path
Route StringSet Name (Updatable) Deprecated. Please use
routingPolicies
instead.The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.
Example:
example_path_route_set
- port Number
- (Updatable) The communication port for the listener. Example:
80
- protocol String
- (Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example:
HTTP
- routing
Policy StringName - (Updatable) The name of the routing policy applied to this listener's traffic. Example:
example_routing_policy
- rule
Set List<String>Names - (Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
- ssl
Configuration Property Map (Updatable) The load balancer's SSL handling configuration details.
Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.
- state String
Supporting Types
ListenerConnectionConfiguration, ListenerConnectionConfigurationArgs
- Idle
Timeout stringIn Seconds (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
For more information, see Connection Configuration.
Example:
1200
- Backend
Tcp List<string>Proxy Protocol Options - (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
- Backend
Tcp intProxy Protocol Version - (Updatable) The backend TCP Proxy Protocol version. Example:
1
- Idle
Timeout stringIn Seconds (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
For more information, see Connection Configuration.
Example:
1200
- Backend
Tcp []stringProxy Protocol Options - (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
- Backend
Tcp intProxy Protocol Version - (Updatable) The backend TCP Proxy Protocol version. Example:
1
- idle
Timeout StringIn Seconds (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
For more information, see Connection Configuration.
Example:
1200
- backend
Tcp List<String>Proxy Protocol Options - (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
- backend
Tcp IntegerProxy Protocol Version - (Updatable) The backend TCP Proxy Protocol version. Example:
1
- idle
Timeout stringIn Seconds (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
For more information, see Connection Configuration.
Example:
1200
- backend
Tcp string[]Proxy Protocol Options - (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
- backend
Tcp numberProxy Protocol Version - (Updatable) The backend TCP Proxy Protocol version. Example:
1
- idle_
timeout_ strin_ seconds (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
For more information, see Connection Configuration.
Example:
1200
- backend_
tcp_ Sequence[str]proxy_ protocol_ options - (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
- backend_
tcp_ intproxy_ protocol_ version - (Updatable) The backend TCP Proxy Protocol version. Example:
1
- idle
Timeout StringIn Seconds (Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.
For more information, see Connection Configuration.
Example:
1200
- backend
Tcp List<String>Proxy Protocol Options - (Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
- backend
Tcp NumberProxy Protocol Version - (Updatable) The backend TCP Proxy Protocol version. Example:
1
ListenerSslConfiguration, ListenerSslConfigurationArgs
- Certificate
Ids List<string> - (Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example:
[ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
- Certificate
Name string - (Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example:
example_certificate_bundle
- Cipher
Suite stringName (Updatable) The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is
oci-default-ssl-cipher-suite-v1
.Notes:
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
- You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
- If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. - If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. - The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. - If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. - The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example:
example_cipher_suite
- Has
Session boolResumption - (Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example:
true
- Protocols List<string>
(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
- TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
- The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
- For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example:
["TLSv1.1", "TLSv1.2"]
- Server
Order stringPreference (Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the
SSLConfiguration
object is associated with a backend set.- List<string>
- (Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example:
[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
- Verify
Depth int - (Updatable) The maximum depth for peer certificate chain verification. Example:
3
- Verify
Peer boolCertificate (Updatable) Whether the load balancer listener should verify peer certificates. Example:
true
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- Certificate
Ids []string - (Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example:
[ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
- Certificate
Name string - (Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example:
example_certificate_bundle
- Cipher
Suite stringName (Updatable) The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is
oci-default-ssl-cipher-suite-v1
.Notes:
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
- You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
- If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. - If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. - The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. - If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. - The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example:
example_cipher_suite
- Has
Session boolResumption - (Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example:
true
- Protocols []string
(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
- TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
- The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
- For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example:
["TLSv1.1", "TLSv1.2"]
- Server
Order stringPreference (Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the
SSLConfiguration
object is associated with a backend set.- []string
- (Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example:
[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
- Verify
Depth int - (Updatable) The maximum depth for peer certificate chain verification. Example:
3
- Verify
Peer boolCertificate (Updatable) Whether the load balancer listener should verify peer certificates. Example:
true
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- certificate
Ids List<String> - (Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example:
[ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
- certificate
Name String - (Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example:
example_certificate_bundle
- cipher
Suite StringName (Updatable) The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is
oci-default-ssl-cipher-suite-v1
.Notes:
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
- You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
- If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. - If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. - The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. - If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. - The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example:
example_cipher_suite
- has
Session BooleanResumption - (Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example:
true
- protocols List<String>
(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
- TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
- The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
- For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example:
["TLSv1.1", "TLSv1.2"]
- server
Order StringPreference (Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the
SSLConfiguration
object is associated with a backend set.- List<String>
- (Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example:
[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
- verify
Depth Integer - (Updatable) The maximum depth for peer certificate chain verification. Example:
3
- verify
Peer BooleanCertificate (Updatable) Whether the load balancer listener should verify peer certificates. Example:
true
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- certificate
Ids string[] - (Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example:
[ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
- certificate
Name string - (Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example:
example_certificate_bundle
- cipher
Suite stringName (Updatable) The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is
oci-default-ssl-cipher-suite-v1
.Notes:
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
- You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
- If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. - If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. - The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. - If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. - The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example:
example_cipher_suite
- has
Session booleanResumption - (Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example:
true
- protocols string[]
(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
- TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
- The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
- For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example:
["TLSv1.1", "TLSv1.2"]
- server
Order stringPreference (Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the
SSLConfiguration
object is associated with a backend set.- string[]
- (Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example:
[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
- verify
Depth number - (Updatable) The maximum depth for peer certificate chain verification. Example:
3
- verify
Peer booleanCertificate (Updatable) Whether the load balancer listener should verify peer certificates. Example:
true
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- certificate_
ids Sequence[str] - (Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example:
[ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
- certificate_
name str - (Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example:
example_certificate_bundle
- cipher_
suite_ strname (Updatable) The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is
oci-default-ssl-cipher-suite-v1
.Notes:
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
- You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
- If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. - If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. - The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. - If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. - The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example:
example_cipher_suite
- has_
session_ boolresumption - (Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example:
true
- protocols Sequence[str]
(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
- TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
- The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
- For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example:
["TLSv1.1", "TLSv1.2"]
- server_
order_ strpreference (Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the
SSLConfiguration
object is associated with a backend set.- Sequence[str]
- (Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example:
[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
- verify_
depth int - (Updatable) The maximum depth for peer certificate chain verification. Example:
3
- verify_
peer_ boolcertificate (Updatable) Whether the load balancer listener should verify peer certificates. Example:
true
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
- certificate
Ids List<String> - (Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example:
[ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
- certificate
Name String - (Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example:
example_certificate_bundle
- cipher
Suite StringName (Updatable) The name of the cipher suite to use for HTTPS or SSL connections.
If this field is not specified, the default is
oci-default-ssl-cipher-suite-v1
.Notes:
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
- You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
- If the cipher configuration is not modified after load balancer creation, the
GET
operation returnsoci-default-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing listeners that predate this feature. - If the cipher configuration was modified using Oracle operations after load balancer creation, the
GET
operation returnsoci-customized-ssl-cipher-suite
as the value of this field in the SSL configuration for existing listeners that predate this feature. - The
GET
operation returnsoci-wider-compatible-ssl-cipher-suite-v1
as the value of this field in the SSL configuration for existing backend sets that predate this feature. - If the
GET
operation on a listener returnsoci-customized-ssl-cipher-suite
as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource. - The
oci-customized-ssl-cipher-suite
Oracle reserved cipher suite name is not accepted as valid input for this field.
example:
example_cipher_suite
- has
Session BooleanResumption - (Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example:
true
- protocols List<String>
(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.
The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.
The Load Balancing service supports the following protocols:
- TLSv1
- TLSv1.1
- TLSv1.2
- TLSv1.3
If this field is not specified, TLSv1.2 is the default.
Warning: All SSL listeners created on a given port must use the same set of SSL protocols.
Notes:
- The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
- You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
- For all existing load balancer listeners and backend sets that predate this feature, the
GET
operation displays a list of SSL protocols currently used by those resources.
example:
["TLSv1.1", "TLSv1.2"]
- server
Order StringPreference (Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.
Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the
SSLConfiguration
object is associated with a backend set.- List<String>
- (Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example:
[ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
- verify
Depth Number - (Updatable) The maximum depth for peer certificate chain verification. Example:
3
- verify
Peer BooleanCertificate (Updatable) Whether the load balancer listener should verify peer certificates. Example:
true
** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values
Import
Listeners can be imported using the id
, e.g.
$ pulumi import oci:LoadBalancer/listener:Listener test_listener "loadBalancers/{loadBalancerId}/listeners/{listenerName}"
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- oci pulumi/pulumi-oci
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
oci
Terraform Provider.