Class: Google::Cloud::Compute::V1::SslPolicy

Inherits:
Object
  • Object
show all
Extended by:
Protobuf::MessageExts::ClassMethods
Includes:
Protobuf::MessageExts
Defined in:
proto_docs/google/cloud/compute/v1/compute.rb

Overview

Represents an SSL Policy resource.

Use SSL policies to control SSL features, such as versions and cipher suites, that are offered by Application Load Balancers and proxy Network Load Balancers. For more information, read SSL policies overview.

Defined Under Namespace

Modules: MinTlsVersion, PostQuantumKeyExchange, Profile

Instance Attribute Summary collapse

Instance Attribute Details

#creation_timestamp::String

Returns Output only. [Output Only] Creation timestamp inRFC3339 text format.

Returns:

  • (::String)

    Output only. [Output Only] Creation timestamp inRFC3339 text format.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#custom_features::Array<::String>

Returns A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is notCUSTOM.

Returns:

  • (::Array<::String>)

    A list of features enabled when the selected profile is CUSTOM. The method returns the set of features that can be specified in this list. This field must be empty if the profile is notCUSTOM.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#description::String

Returns An optional description of this resource. Provide this property when you create the resource.

Returns:

  • (::String)

    An optional description of this resource. Provide this property when you create the resource.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#enabled_features::Array<::String>

Returns Output only. [Output Only] The list of features enabled in the SSL policy.

Returns:

  • (::Array<::String>)

    Output only. [Output Only] The list of features enabled in the SSL policy.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#fingerprint::String

Returns Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.

To see the latest fingerprint, make a get() request to retrieve an SslPolicy.

Returns:

  • (::String)

    Fingerprint of this resource. A hash of the contents stored in this object. This field is used in optimistic locking. This field will be ignored when inserting a SslPolicy. An up-to-date fingerprint must be provided in order to update the SslPolicy, otherwise the request will fail with error 412 conditionNotMet.

    To see the latest fingerprint, make a get() request to retrieve an SslPolicy.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#id::Integer

Returns Output only. [Output Only] The unique identifier for the resource. This identifier is defined by the server.

Returns:

  • (::Integer)

    Output only. [Output Only] The unique identifier for the resource. This identifier is defined by the server.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#kind::String

Returns Output only. [Output only] Type of the resource. Alwayscompute#sslPolicyfor SSL policies.

Returns:

  • (::String)

    Output only. [Output only] Type of the resource. Alwayscompute#sslPolicyfor SSL policies.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#min_tls_version::String

Returns The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field must be set to RESTRICTED. Check the MinTlsVersion enum for the list of possible values.

Returns:

  • (::String)

    The minimum version of SSL protocol that can be used by the clients to establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field must be set to RESTRICTED. Check the MinTlsVersion enum for the list of possible values.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#name::String

Returns Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.

Returns:

  • (::String)

    Name of the resource. The name must be 1-63 characters long, and comply with RFC1035. Specifically, the name must be 1-63 characters long and match the regular expression [a-z]([-a-z0-9]*[a-z0-9])? which means the first character must be a lowercase letter, and all following characters must be a dash, lowercase letter, or digit, except the last character, which cannot be a dash.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#post_quantum_key_exchange::String

Returns One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates X25519MLKEM768 key exchange when clients advertise support for it. When set to DEFAULT, or if no SSL Policy is attached to the target proxy, the load balancer disallows X25519MLKEM768 key exchange before October 2026, and allows it afterward. When set to ENABLED, the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key exchange until October 2027, and allows it afterward. Check the PostQuantumKeyExchange enum for the list of possible values.

Returns:

  • (::String)

    One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates X25519MLKEM768 key exchange when clients advertise support for it. When set to DEFAULT, or if no SSL Policy is attached to the target proxy, the load balancer disallows X25519MLKEM768 key exchange before October 2026, and allows it afterward. When set to ENABLED, the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key exchange until October 2027, and allows it afterward. Check the PostQuantumKeyExchange enum for the list of possible values.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#profile::String

Returns Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in the customFeatures field. If using FIPS_202205, the min_tls_version field must be set to TLS_1_2. Check the Profile enum for the list of possible values.

Returns:

  • (::String)

    Profile specifies the set of SSL features that can be used by the load balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in the customFeatures field. If using FIPS_202205, the min_tls_version field must be set to TLS_1_2. Check the Profile enum for the list of possible values.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#region::String

Returns Output only. [Output Only] URL of the region where the regional SSL policy resides. This field is not applicable to global SSL policies.

Returns:

  • (::String)

    Output only. [Output Only] URL of the region where the regional SSL policy resides. This field is not applicable to global SSL policies.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#self_link::String

Returns Output only. [Output Only] Server-defined URL for the resource.

Returns:

  • (::String)

    Output only. [Output Only] Server-defined URL for the resource.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end

#warnings::Array<::Google::Cloud::Compute::V1::Warnings>

Returns Output only. [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.

Returns:

  • (::Array<::Google::Cloud::Compute::V1::Warnings>)

    Output only. [Output Only] If potential misconfigurations are detected for this SSL policy, this field will be populated with warning messages.



75848
75849
75850
75851
75852
75853
75854
75855
75856
75857
75858
75859
75860
75861
75862
75863
75864
75865
75866
75867
75868
75869
75870
75871
75872
75873
75874
75875
75876
75877
75878
75879
75880
75881
75882
75883
75884
75885
75886
75887
75888
75889
75890
75891
75892
75893
75894
75895
75896
75897
75898
75899
75900
75901
75902
75903
75904
75905
75906
75907
75908
75909
75910
75911
75912
75913
75914
75915
75916
75917
75918
75919
75920
75921
75922
 
# File 'proto_docs/google/cloud/compute/v1/compute.rb', line 75848

class SslPolicy
  include ::Google::Protobuf::MessageExts
  extend ::Google::Protobuf::MessageExts::ClassMethods

  # The minimum version of SSL protocol that can be used by the clients to
  # establish a connection with the load balancer. This can be one ofTLS_1_0, TLS_1_1, TLS_1_2,TLS_1_3. When set to TLS_1_3, the profile field
  # must be set to RESTRICTED.
  module MinTlsVersion
    # A value indicating that the enum field is not set.
    UNDEFINED_MIN_TLS_VERSION = 0

    # TLS 1.0
    TLS_1_0 = 33_116_734

    # TLS 1.1
    TLS_1_1 = 33_116_735

    # TLS 1.2
    TLS_1_2 = 33_116_736

    # TLS 1.3
    TLS_1_3 = 33_116_737
  end

  # One of DEFAULT, ENABLED, orDEFERRED. Controls whether the load balancer negotiates
  # X25519MLKEM768 key exchange when clients advertise support for it. When set
  # to DEFAULT, or if no SSL Policy is attached to the target
  # proxy, the load balancer disallows X25519MLKEM768 key exchange before
  # October 2026, and allows it afterward. When set to ENABLED,
  # the load balancer allows X25519MLKEM768 key exchange. When set toDEFERRED, the load balancer disallows X25519MLKEM768 key
  # exchange until October 2027, and allows it afterward.
  module PostQuantumKeyExchange
    # A value indicating that the enum field is not set.
    UNDEFINED_POST_QUANTUM_KEY_EXCHANGE = 0

    # Default behavior: disabled until October 2026, enabled afterward.
    DEFAULT = 115_302_945

    # Disabled until October 2027, enabled afterward.
    DEFERRED = 356_775_903

    # Enabled now.
    ENABLED = 182_130_465
  end

  # Profile specifies the set of SSL features that can be used by the load
  # balancer when negotiating SSL with clients. This can be one ofCOMPATIBLE, MODERN, RESTRICTED,FIPS_202205, or CUSTOM. If usingCUSTOM, the set of SSL features to enable must be specified in
  # the customFeatures field. If using FIPS_202205,
  # the min_tls_version field must be set to TLS_1_2.
  module Profile
    # A value indicating that the enum field is not set.
    UNDEFINED_PROFILE = 0

    # Compatible profile. Allows the broadset set of clients, even those which
    # support only out-of-date SSL features to negotiate with the load
    # balancer.
    COMPATIBLE = 179_357_396

    # Custom profile. Allow only the set of allowed SSL features specified in
    # the customFeatures field.
    CUSTOM = 388_595_569

    # FIPS compatible profile. Supports a reduced set of SSL features,
    # intended to meet FIPS 140-3 compliance requirements.
    FIPS_202205 = 475_828_188

    # Modern profile. Supports a wide set of SSL features, allowing modern
    # clients to negotiate SSL with the load balancer.
    MODERN = 132_013_855

    # Restricted profile. Supports a reduced set of SSL features, intended to
    # meet stricter compliance requirements.
    RESTRICTED = 261_551_195
  end
end