This one has got me scratching my head a bit…
I have the following:
variable "domains" {
type = set(string)
default = [ "domain1", "domain2"]
}
resource "google_compute_managed_ssl_certificate" "certs" {
for_each = var.domains
name = "${each.value}"
managed {
domains = [ each.value ]
}
}
resource "google_compute_managed_ssl_certificate" "cert" {
name = "other-domain"
managed {
domains = ["otherdomain"]
}
}
This appears to work perfectly creating resources in GCP as google_compute_managed_ssl_certificate.certs["domain1"]
etc
But I’d like to now apply this to part of a load balancer config:
resource "google_compute_target_https_proxy" "https" {
name = "https-proxy"
url_map = google_compute_url_map.urlmap.self_link
ssl_certificates = [
google_compute_managed_ssl_certificate.cert.id,
google_compute_managed_ssl_certificate.certs[*].id
]
}
This will result in an error:
<snip>
google_compute_managed_ssl_certificate.cert.id is "projects/<redacted>/global/sslCertificates/other-domain"
│ │ google_compute_managed_ssl_certificate.certs is object with 2 attributes
│
│ Inappropriate value for attribute "ssl_certificates": element 1: string required.
It goes on to tell me that the certs[*].id
does not have an attribute named “id”.
I can statically reference one of the domains in the list without issue ( as certs["domain1"].id
) and the attribute “id” is certainly there.
I need to have the one domain “cert” outside of the group “certs” as its also heavily referenced else where.
ssl_certificates
seems to be expecting a list of strings but seems to be resolving to objects.
What can I do to get both my single domain cert and list of certs in to the same place for use with the load balancer?