feat: enable mtls on external application application load balancer (#1979)
* feat: enable mtls on external application application load balancer * refactor: move variable inside https_proxy_config block --------- Co-authored-by: Julio Castillo <jccb@google.com>
This commit is contained in:
parent
bc506795f2
commit
1c99bae649
|
@ -1,5 +1,6 @@
|
||||||
venv/*
|
venv/*
|
||||||
*/venv/*
|
*/venv/*
|
||||||
|
**/.python-version
|
||||||
**/.terraform
|
**/.terraform
|
||||||
**/terraform.tfstate*
|
**/terraform.tfstate*
|
||||||
**/terraform.tfvars
|
**/terraform.tfvars
|
||||||
|
|
File diff suppressed because one or more lines are too long
|
@ -82,13 +82,14 @@ resource "google_compute_target_http_proxy" "default" {
|
||||||
}
|
}
|
||||||
|
|
||||||
resource "google_compute_target_https_proxy" "default" {
|
resource "google_compute_target_https_proxy" "default" {
|
||||||
count = var.protocol == "HTTPS" ? 1 : 0
|
count = var.protocol == "HTTPS" ? 1 : 0
|
||||||
project = var.project_id
|
project = var.project_id
|
||||||
name = var.name
|
name = var.name
|
||||||
description = var.description
|
description = var.description
|
||||||
certificate_map = var.https_proxy_config.certificate_map
|
certificate_map = var.https_proxy_config.certificate_map
|
||||||
quic_override = var.https_proxy_config.quic_override
|
quic_override = var.https_proxy_config.quic_override
|
||||||
ssl_certificates = local.proxy_ssl_certificates
|
ssl_certificates = local.proxy_ssl_certificates
|
||||||
ssl_policy = var.https_proxy_config.ssl_policy
|
ssl_policy = var.https_proxy_config.ssl_policy
|
||||||
url_map = google_compute_url_map.default.id
|
url_map = google_compute_url_map.default.id
|
||||||
|
server_tls_policy = var.https_proxy_config.mtls_policy
|
||||||
}
|
}
|
||||||
|
|
|
@ -77,6 +77,7 @@ variable "https_proxy_config" {
|
||||||
certificate_map = optional(string)
|
certificate_map = optional(string)
|
||||||
quic_override = optional(string)
|
quic_override = optional(string)
|
||||||
ssl_policy = optional(string)
|
ssl_policy = optional(string)
|
||||||
|
mtls_policy = optional(string) # id of the mTLS policy to use for the target proxy.
|
||||||
})
|
})
|
||||||
default = {}
|
default = {}
|
||||||
nullable = false
|
nullable = false
|
||||||
|
|
Loading…
Reference in New Issue