ssl_policies

Creates, updates, deletes, gets or lists a ssl_policies resource.

Overview

Name	`ssl_policies`
Type	Resource
Id	`google.compute.ssl_policies`

Fields

The following fields are returned by SELECT queries:

get
list

Successful response

Name	Datatype	Description
`id`	`string (uint64)`	[Output Only] The unique identifier for the resource. This identifier is defined by the server.
`name`	`string`	Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash. (pattern: a-z?)
`creationTimestamp`	`string`	[Output Only] Creation timestamp in RFC3339 text format.
`customFeatures`	`array`	A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
`description`	`string`	An optional description of this resource. Provide this property when you create the resource.
`enabledFeatures`	`array`	[Output Only] The list of features enabled in the SSL policy.
`fingerprint`	`string (byte)`	Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
`kind`	`string`	[Output only] Type of the resource. Always compute#sslPolicyfor SSL policies. (default: compute#sslPolicy)
`minTlsVersion`	`string`	The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
`profile`	`string`	Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.
`region`	`string`	[Output Only] URL of the region where the regional SSL policy resides. This field is not applicable to global SSL policies.
`selfLink`	`string`	[Output Only] Server-defined URL for the resource.
`warnings`	`array`	[Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.

Successful response

Name	Datatype	Description
`id`	`string`	[Output Only] Unique identifier for the resource; defined by the server.
`items`	`array`	A list of SslPolicy resources.
`kind`	`string`	[Output Only] Type of the resource. Always compute#sslPoliciesList for lists of sslPolicies. (default: compute#sslPoliciesList)
`nextPageToken`	`string`	[Output Only] This token allows you to get the next page of results for list requests. If the number of results is larger than maxResults, use the nextPageToken as a value for the query parameter pageToken in the next list request. Subsequent list requests will have their own nextPageToken to continue paging through the results.
`selfLink`	`string`	[Output Only] Server-defined URL for this resource.
`warning`	`object`	[Output Only] Informational warning message.

Methods

The following methods are available for this resource:

Name	Accessible by	Required Params	Optional Params	Description
`get`	`select`	`project`, `region`, `sslPolicy`		Lists all of the ordered rules present in a single specified policy.
`list`	`select`	`project`, `region`	`filter`, `maxResults`, `orderBy`, `pageToken`, `returnPartialSuccess`	Lists all the SSL policies that have been configured for the specified project and region.
`insert`	`insert`	`project`, `region`	`requestId`	Creates a new policy in the specified project and region using the data included in the request.
`patch`	`update`	`project`, `region`, `sslPolicy`	`requestId`	Patches the specified SSL policy with the data included in the request.
`delete`	`delete`	`project`, `region`, `sslPolicy`	`requestId`	Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.

Parameters

Parameters can be passed in the WHERE clause of a query. Check the Methods section to see which parameters are required or optional for each operation.

Name	Datatype	Description
`project`	`string`
`region`	`string`
`sslPolicy`	`string`
`filter`	`string`
`maxResults`	`integer (uint32)`
`orderBy`	`string`
`pageToken`	`string`
`requestId`	`string`
`returnPartialSuccess`	`boolean`

`SELECT` examples

get
list

Lists all of the ordered rules present in a single specified policy.

SELECT
id,
name,
creationTimestamp,
customFeatures,
description,
enabledFeatures,
fingerprint,
kind,
minTlsVersion,
profile,
region,
selfLink,
warnings
FROM google.compute.ssl_policies
WHERE project = '{{ project }}' -- required
AND region = '{{ region }}' -- required
AND sslPolicy = '{{ sslPolicy }}' -- required;

Lists all the SSL policies that have been configured for the specified project and region.

SELECT
id,
items,
kind,
nextPageToken,
selfLink,
warning
FROM google.compute.ssl_policies
WHERE project = '{{ project }}' -- required
AND region = '{{ region }}' -- required
AND filter = '{{ filter }}'
AND maxResults = '{{ maxResults }}'
AND orderBy = '{{ orderBy }}'
AND pageToken = '{{ pageToken }}'
AND returnPartialSuccess = '{{ returnPartialSuccess }}';

`INSERT` examples

insert
Manifest

Creates a new policy in the specified project and region using the data included in the request.

INSERT INTO google.compute.ssl_policies (
data__kind,
data__id,
data__creationTimestamp,
data__selfLink,
data__name,
data__description,
data__profile,
data__minTlsVersion,
data__enabledFeatures,
data__customFeatures,
data__fingerprint,
data__warnings,
data__region,
project,
region,
requestId
)
SELECT 
'{{ kind }}',
'{{ id }}',
'{{ creationTimestamp }}',
'{{ selfLink }}',
'{{ name }}',
'{{ description }}',
'{{ profile }}',
'{{ minTlsVersion }}',
'{{ enabledFeatures }}',
'{{ customFeatures }}',
'{{ fingerprint }}',
'{{ warnings }}',
'{{ region }}',
'{{ project }}',
'{{ region }}',
'{{ requestId }}'
RETURNING
id,
name,
clientOperationId,
creationTimestamp,
description,
endTime,
error,
httpErrorMessage,
httpErrorStatusCode,
insertTime,
instancesBulkInsertOperationMetadata,
kind,
operationGroupId,
operationType,
progress,
region,
selfLink,
setCommonInstanceMetadataOperationMetadata,
startTime,
status,
statusMessage,
targetId,
targetLink,
user,
warnings,
zone
;

# Description fields are for documentation purposes
- name: ssl_policies
  props:
    - name: project
      value: string
      description: Required parameter for the ssl_policies resource.
    - name: region
      value: string
      description: Required parameter for the ssl_policies resource.
    - name: kind
      value: string
      description: >
        [Output only] Type of the resource. Always compute#sslPolicyfor SSL policies.
        
      default: compute#sslPolicy
    - name: id
      value: string
      description: >
        [Output Only] The unique identifier for the resource. This identifier is defined by the server.
        
    - name: creationTimestamp
      value: string
      description: >
        [Output Only] Creation timestamp in RFC3339 text format.
        
    - name: selfLink
      value: string
      description: >
        [Output Only] Server-defined URL for the resource.
        
    - name: name
      value: string
      description: >
        Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression `[a-z]([-a-z0-9]*[a-z0-9])?` which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.
        
    - name: description
      value: string
      description: >
        An optional description of this resource. Provide this property when you create the resource.
        
    - name: profile
      value: string
      description: >
        Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one of COMPATIBLE, MODERN, RESTRICTED, or CUSTOM. If using CUSTOM, the set of SSL features to enable must be specified in the customFeatures field.
        
      valid_values: ['COMPATIBLE', 'CUSTOM', 'MODERN', 'RESTRICTED']
    - name: minTlsVersion
      value: string
      description: >
        The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one of TLS_1_0, TLS_1_1, TLS_1_2.
        
      valid_values: ['TLS_1_0', 'TLS_1_1', 'TLS_1_2']
    - name: enabledFeatures
      value: array
      description: >
        [Output Only] The list of features enabled in the SSL policy.
        
    - name: customFeatures
      value: array
      description: >
        A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is not CUSTOM.
        
    - name: fingerprint
      value: string
      description: >
        Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet. To see the latest fingerprint, make a get() request to retrieve an SslPolicy.
        
    - name: warnings
      value: array
      description: >
        [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.
        
    - name: region
      value: string
      description: >
        [Output Only] URL of the region where the regional SSL policy resides. This field is not applicable to global SSL policies.
        
    - name: requestId
      value: string

`UPDATE` examples

patch

Patches the specified SSL policy with the data included in the request.

UPDATE google.compute.ssl_policies
SET 
data__kind = '{{ kind }}',
data__id = '{{ id }}',
data__creationTimestamp = '{{ creationTimestamp }}',
data__selfLink = '{{ selfLink }}',
data__name = '{{ name }}',
data__description = '{{ description }}',
data__profile = '{{ profile }}',
data__minTlsVersion = '{{ minTlsVersion }}',
data__enabledFeatures = '{{ enabledFeatures }}',
data__customFeatures = '{{ customFeatures }}',
data__fingerprint = '{{ fingerprint }}',
data__warnings = '{{ warnings }}',
data__region = '{{ region }}'
WHERE 
project = '{{ project }}' --required
AND region = '{{ region }}' --required
AND sslPolicy = '{{ sslPolicy }}' --required
AND requestId = '{{ requestId}}'
RETURNING
id,
name,
clientOperationId,
creationTimestamp,
description,
endTime,
error,
httpErrorMessage,
httpErrorStatusCode,
insertTime,
instancesBulkInsertOperationMetadata,
kind,
operationGroupId,
operationType,
progress,
region,
selfLink,
setCommonInstanceMetadataOperationMetadata,
startTime,
status,
statusMessage,
targetId,
targetLink,
user,
warnings,
zone;

`DELETE` examples

delete

Deletes the specified SSL policy. The SSL policy resource can be deleted only if it is not in use by any TargetHttpsProxy or TargetSslProxy resources.

DELETE FROM google.compute.ssl_policies
WHERE project = '{{ project }}' --required
AND region = '{{ region }}' --required
AND sslPolicy = '{{ sslPolicy }}' --required
AND requestId = '{{ requestId }}';

Overview​

Fields​

Methods​

Parameters​

SELECT examples​

INSERT examples​

UPDATE examples​

DELETE examples​