OpenStack v5.0.3, Feb 12 25

OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi

openstack.loadbalancer.Listener

Explore with Pulumi AI

OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi

pulumi/pulumi-openstack

Example Usage

Simple listener

import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";

const listener1 = new openstack.loadbalancer.Listener("listener_1", {
    protocol: "HTTP",
    protocolPort: 8080,
    loadbalancerId: "d9415786-5f1a-428b-b35f-2f1523e146d2",
    insertHeaders: {
        "X-Forwarded-For": "true",
    },
});

import pulumi
import pulumi_openstack as openstack

listener1 = openstack.loadbalancer.Listener("listener_1",
    protocol="HTTP",
    protocol_port=8080,
    loadbalancer_id="d9415786-5f1a-428b-b35f-2f1523e146d2",
    insert_headers={
        "X-Forwarded-For": "true",
    })

package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/loadbalancer"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := loadbalancer.NewListener(ctx, "listener_1", &loadbalancer.ListenerArgs{
			Protocol:       pulumi.String("HTTP"),
			ProtocolPort:   pulumi.Int(8080),
			LoadbalancerId: pulumi.String("d9415786-5f1a-428b-b35f-2f1523e146d2"),
			InsertHeaders: pulumi.StringMap{
				"X-Forwarded-For": pulumi.String("true"),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;

return await Deployment.RunAsync(() => 
{
    var listener1 = new OpenStack.LoadBalancer.Listener("listener_1", new()
    {
        Protocol = "HTTP",
        ProtocolPort = 8080,
        LoadbalancerId = "d9415786-5f1a-428b-b35f-2f1523e146d2",
        InsertHeaders = 
        {
            { "X-Forwarded-For", "true" },
        },
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.loadbalancer.Listener;
import com.pulumi.openstack.loadbalancer.ListenerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var listener1 = new Listener("listener1", ListenerArgs.builder()
            .protocol("HTTP")
            .protocolPort(8080)
            .loadbalancerId("d9415786-5f1a-428b-b35f-2f1523e146d2")
            .insertHeaders(Map.of("X-Forwarded-For", "true"))
            .build());

    }
}

resources:
  listener1:
    type: openstack:loadbalancer:Listener
    name: listener_1
    properties:
      protocol: HTTP
      protocolPort: 8080
      loadbalancerId: d9415786-5f1a-428b-b35f-2f1523e146d2
      insertHeaders:
        X-Forwarded-For: 'true'

Listener with TLS and client certificate authentication

import * as pulumi from "@pulumi/pulumi";
import * as openstack from "@pulumi/openstack";
import * as std from "@pulumi/std";

const certificate1 = new openstack.keymanager.SecretV1("certificate_1", {
    name: "certificate",
    payload: std.filebase64({
        input: "snakeoil.p12",
    }).then(invoke => invoke.result),
    payloadContentEncoding: "base64",
    payloadContentType: "application/octet-stream",
});
const caCertificate1 = new openstack.keymanager.SecretV1("ca_certificate_1", {
    name: "certificate",
    payload: std.file({
        input: "CA.pem",
    }).then(invoke => invoke.result),
    secretType: "certificate",
    payloadContentType: "text/plain",
});
const subnet1 = openstack.networking.getSubnet({
    name: "my-subnet",
});
const lb1 = new openstack.LbLoadbalancerV2("lb_1", {
    name: "loadbalancer",
    vipSubnetId: subnet1.then(subnet1 => subnet1.id),
});
const listener1 = new openstack.loadbalancer.Listener("listener_1", {
    name: "https",
    protocol: "TERMINATED_HTTPS",
    protocolPort: 443,
    loadbalancerId: lb1.id,
    defaultTlsContainerRef: certificate1,
    clientAuthentication: "OPTIONAL",
    clientCaTlsContainerRef: caCertificate2.secretRef,
});

import pulumi
import pulumi_openstack as openstack
import pulumi_std as std

certificate1 = openstack.keymanager.SecretV1("certificate_1",
    name="certificate",
    payload=std.filebase64(input="snakeoil.p12").result,
    payload_content_encoding="base64",
    payload_content_type="application/octet-stream")
ca_certificate1 = openstack.keymanager.SecretV1("ca_certificate_1",
    name="certificate",
    payload=std.file(input="CA.pem").result,
    secret_type="certificate",
    payload_content_type="text/plain")
subnet1 = openstack.networking.get_subnet(name="my-subnet")
lb1 = openstack.LbLoadbalancerV2("lb_1",
    name="loadbalancer",
    vip_subnet_id=subnet1.id)
listener1 = openstack.loadbalancer.Listener("listener_1",
    name="https",
    protocol="TERMINATED_HTTPS",
    protocol_port=443,
    loadbalancer_id=lb1.id,
    default_tls_container_ref=certificate1,
    client_authentication="OPTIONAL",
    client_ca_tls_container_ref=ca_certificate2["secretRef"])

package main

import (
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack"
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/keymanager"
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/loadbalancer"
	"github.com/pulumi/pulumi-openstack/sdk/v5/go/openstack/networking"
	"github.com/pulumi/pulumi-std/sdk/go/std"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		invokeFilebase64, err := std.Filebase64(ctx, &std.Filebase64Args{
			Input: "snakeoil.p12",
		}, nil)
		if err != nil {
			return err
		}
		certificate1, err := keymanager.NewSecretV1(ctx, "certificate_1", &keymanager.SecretV1Args{
			Name:                   pulumi.String("certificate"),
			Payload:                pulumi.String(invokeFilebase64.Result),
			PayloadContentEncoding: pulumi.String("base64"),
			PayloadContentType:     pulumi.String("application/octet-stream"),
		})
		if err != nil {
			return err
		}
		invokeFile1, err := std.File(ctx, &std.FileArgs{
			Input: "CA.pem",
		}, nil)
		if err != nil {
			return err
		}
		_, err = keymanager.NewSecretV1(ctx, "ca_certificate_1", &keymanager.SecretV1Args{
			Name:               pulumi.String("certificate"),
			Payload:            pulumi.String(invokeFile1.Result),
			SecretType:         pulumi.String("certificate"),
			PayloadContentType: pulumi.String("text/plain"),
		})
		if err != nil {
			return err
		}
		subnet1, err := networking.LookupSubnet(ctx, &networking.LookupSubnetArgs{
			Name: pulumi.StringRef("my-subnet"),
		}, nil)
		if err != nil {
			return err
		}
		lb1, err := openstack.NewLbLoadbalancerV2(ctx, "lb_1", &openstack.LbLoadbalancerV2Args{
			Name:        pulumi.String("loadbalancer"),
			VipSubnetId: pulumi.String(subnet1.Id),
		})
		if err != nil {
			return err
		}
		_, err = loadbalancer.NewListener(ctx, "listener_1", &loadbalancer.ListenerArgs{
			Name:                    pulumi.String("https"),
			Protocol:                pulumi.String("TERMINATED_HTTPS"),
			ProtocolPort:            pulumi.Int(443),
			LoadbalancerId:          lb1.ID(),
			DefaultTlsContainerRef:  certificate1,
			ClientAuthentication:    pulumi.String("OPTIONAL"),
			ClientCaTlsContainerRef: pulumi.Any(caCertificate2.SecretRef),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

using System.Collections.Generic;
using System.Linq;
using Pulumi;
using OpenStack = Pulumi.OpenStack;
using Std = Pulumi.Std;

return await Deployment.RunAsync(() => 
{
    var certificate1 = new OpenStack.KeyManager.SecretV1("certificate_1", new()
    {
        Name = "certificate",
        Payload = Std.Filebase64.Invoke(new()
        {
            Input = "snakeoil.p12",
        }).Apply(invoke => invoke.Result),
        PayloadContentEncoding = "base64",
        PayloadContentType = "application/octet-stream",
    });

    var caCertificate1 = new OpenStack.KeyManager.SecretV1("ca_certificate_1", new()
    {
        Name = "certificate",
        Payload = Std.File.Invoke(new()
        {
            Input = "CA.pem",
        }).Apply(invoke => invoke.Result),
        SecretType = "certificate",
        PayloadContentType = "text/plain",
    });

    var subnet1 = OpenStack.Networking.GetSubnet.Invoke(new()
    {
        Name = "my-subnet",
    });

    var lb1 = new OpenStack.LbLoadbalancerV2("lb_1", new()
    {
        Name = "loadbalancer",
        VipSubnetId = subnet1.Apply(getSubnetResult => getSubnetResult.Id),
    });

    var listener1 = new OpenStack.LoadBalancer.Listener("listener_1", new()
    {
        Name = "https",
        Protocol = "TERMINATED_HTTPS",
        ProtocolPort = 443,
        LoadbalancerId = lb1.Id,
        DefaultTlsContainerRef = certificate1,
        ClientAuthentication = "OPTIONAL",
        ClientCaTlsContainerRef = caCertificate2.SecretRef,
    });

});

package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.openstack.keymanager.SecretV1;
import com.pulumi.openstack.keymanager.SecretV1Args;
import com.pulumi.openstack.networking.NetworkingFunctions;
import com.pulumi.openstack.networking.inputs.GetSubnetArgs;
import com.pulumi.openstack.LbLoadbalancerV2;
import com.pulumi.openstack.LbLoadbalancerV2Args;
import com.pulumi.openstack.loadbalancer.Listener;
import com.pulumi.openstack.loadbalancer.ListenerArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var certificate1 = new SecretV1("certificate1", SecretV1Args.builder()
            .name("certificate")
            .payload(StdFunctions.filebase64(Filebase64Args.builder()
                .input("snakeoil.p12")
                .build()).result())
            .payloadContentEncoding("base64")
            .payloadContentType("application/octet-stream")
            .build());

        var caCertificate1 = new SecretV1("caCertificate1", SecretV1Args.builder()
            .name("certificate")
            .payload(StdFunctions.file(FileArgs.builder()
                .input("CA.pem")
                .build()).result())
            .secretType("certificate")
            .payloadContentType("text/plain")
            .build());

        final var subnet1 = NetworkingFunctions.getSubnet(GetSubnetArgs.builder()
            .name("my-subnet")
            .build());

        var lb1 = new LbLoadbalancerV2("lb1", LbLoadbalancerV2Args.builder()
            .name("loadbalancer")
            .vipSubnetId(subnet1.applyValue(getSubnetResult -> getSubnetResult.id()))
            .build());

        var listener1 = new Listener("listener1", ListenerArgs.builder()
            .name("https")
            .protocol("TERMINATED_HTTPS")
            .protocolPort(443)
            .loadbalancerId(lb1.id())
            .defaultTlsContainerRef(certificate1)
            .clientAuthentication("OPTIONAL")
            .clientCaTlsContainerRef(caCertificate2.secretRef())
            .build());

    }
}

resources:
  certificate1:
    type: openstack:keymanager:SecretV1
    name: certificate_1
    properties:
      name: certificate
      payload:
        fn::invoke:
          function: std:filebase64
          arguments:
            input: snakeoil.p12
          return: result
      payloadContentEncoding: base64
      payloadContentType: application/octet-stream
  caCertificate1:
    type: openstack:keymanager:SecretV1
    name: ca_certificate_1
    properties:
      name: certificate
      payload:
        fn::invoke:
          function: std:file
          arguments:
            input: CA.pem
          return: result
      secretType: certificate
      payloadContentType: text/plain
  lb1:
    type: openstack:LbLoadbalancerV2
    name: lb_1
    properties:
      name: loadbalancer
      vipSubnetId: ${subnet1.id}
  listener1:
    type: openstack:loadbalancer:Listener
    name: listener_1
    properties:
      name: https
      protocol: TERMINATED_HTTPS
      protocolPort: 443
      loadbalancerId: ${lb1.id}
      defaultTlsContainerRef: ${certificate1}
      clientAuthentication: OPTIONAL
      clientCaTlsContainerRef: ${caCertificate2.secretRef}
variables:
  subnet1:
    fn::invoke:
      function: openstack:networking:getSubnet
      arguments:
        name: my-subnet

Create Listener Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Listener(name: string, args: ListenerArgs, opts?: CustomResourceOptions);

@overload
def Listener(resource_name: str,
             args: ListenerArgs,
             opts: Optional[ResourceOptions] = None)

@overload
def Listener(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             loadbalancer_id: Optional[str] = None,
             protocol_port: Optional[int] = None,
             protocol: Optional[str] = None,
             default_pool_id: Optional[str] = None,
             alpn_protocols: Optional[Sequence[str]] = None,
             client_crl_container_ref: Optional[str] = None,
             connection_limit: Optional[int] = None,
             admin_state_up: Optional[bool] = None,
             default_tls_container_ref: Optional[str] = None,
             description: Optional[str] = None,
             hsts_include_subdomains: Optional[bool] = None,
             hsts_max_age: Optional[int] = None,
             hsts_preload: Optional[bool] = None,
             insert_headers: Optional[Mapping[str, str]] = None,
             client_authentication: Optional[str] = None,
             name: Optional[str] = None,
             client_ca_tls_container_ref: Optional[str] = None,
             allowed_cidrs: Optional[Sequence[str]] = None,
             region: Optional[str] = None,
             sni_container_refs: Optional[Sequence[str]] = None,
             tags: Optional[Sequence[str]] = None,
             tenant_id: Optional[str] = None,
             timeout_client_data: Optional[int] = None,
             timeout_member_connect: Optional[int] = None,
             timeout_member_data: Optional[int] = None,
             timeout_tcp_inspect: Optional[int] = None,
             tls_ciphers: Optional[str] = None,
             tls_versions: Optional[Sequence[str]] = None)

func NewListener(ctx *Context, name string, args ListenerArgs, opts ...ResourceOption) (*Listener, error)

public Listener(string name, ListenerArgs args, CustomResourceOptions? opts = null)

public Listener(String name, ListenerArgs args)
public Listener(String name, ListenerArgs args, CustomResourceOptions options)

type: openstack:loadbalancer:Listener
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name string: The unique name of the resource.
args ListenerArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

resource_name str: The unique name of the resource.
args ListenerArgs: The arguments to resource properties.
opts ResourceOptions: Bag of options to control resource's behavior.

ctx Context: Context object for the current deployment.
name string: The unique name of the resource.
args ListenerArgs: The arguments to resource properties.
opts ResourceOption: Bag of options to control resource's behavior.

name string: The unique name of the resource.
args ListenerArgs: The arguments to resource properties.
opts CustomResourceOptions: Bag of options to control resource's behavior.

name String: The unique name of the resource.
args ListenerArgs: The arguments to resource properties.
options CustomResourceOptions: Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var listenerResource = new OpenStack.LoadBalancer.Listener("listenerResource", new()
{
    LoadbalancerId = "string",
    ProtocolPort = 0,
    Protocol = "string",
    DefaultPoolId = "string",
    AlpnProtocols = new[]
    {
        "string",
    },
    ClientCrlContainerRef = "string",
    ConnectionLimit = 0,
    AdminStateUp = false,
    DefaultTlsContainerRef = "string",
    Description = "string",
    HstsIncludeSubdomains = false,
    HstsMaxAge = 0,
    HstsPreload = false,
    InsertHeaders = 
    {
        { "string", "string" },
    },
    ClientAuthentication = "string",
    Name = "string",
    ClientCaTlsContainerRef = "string",
    AllowedCidrs = new[]
    {
        "string",
    },
    Region = "string",
    SniContainerRefs = new[]
    {
        "string",
    },
    Tags = new[]
    {
        "string",
    },
    TenantId = "string",
    TimeoutClientData = 0,
    TimeoutMemberConnect = 0,
    TimeoutMemberData = 0,
    TimeoutTcpInspect = 0,
    TlsCiphers = "string",
    TlsVersions = new[]
    {
        "string",
    },
});

example, err := loadbalancer.NewListener(ctx, "listenerResource", &loadbalancer.ListenerArgs{
	LoadbalancerId: pulumi.String("string"),
	ProtocolPort:   pulumi.Int(0),
	Protocol:       pulumi.String("string"),
	DefaultPoolId:  pulumi.String("string"),
	AlpnProtocols: pulumi.StringArray{
		pulumi.String("string"),
	},
	ClientCrlContainerRef:  pulumi.String("string"),
	ConnectionLimit:        pulumi.Int(0),
	AdminStateUp:           pulumi.Bool(false),
	DefaultTlsContainerRef: pulumi.String("string"),
	Description:            pulumi.String("string"),
	HstsIncludeSubdomains:  pulumi.Bool(false),
	HstsMaxAge:             pulumi.Int(0),
	HstsPreload:            pulumi.Bool(false),
	InsertHeaders: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	ClientAuthentication:    pulumi.String("string"),
	Name:                    pulumi.String("string"),
	ClientCaTlsContainerRef: pulumi.String("string"),
	AllowedCidrs: pulumi.StringArray{
		pulumi.String("string"),
	},
	Region: pulumi.String("string"),
	SniContainerRefs: pulumi.StringArray{
		pulumi.String("string"),
	},
	Tags: pulumi.StringArray{
		pulumi.String("string"),
	},
	TenantId:             pulumi.String("string"),
	TimeoutClientData:    pulumi.Int(0),
	TimeoutMemberConnect: pulumi.Int(0),
	TimeoutMemberData:    pulumi.Int(0),
	TimeoutTcpInspect:    pulumi.Int(0),
	TlsCiphers:           pulumi.String("string"),
	TlsVersions: pulumi.StringArray{
		pulumi.String("string"),
	},
})

var listenerResource = new Listener("listenerResource", ListenerArgs.builder()
    .loadbalancerId("string")
    .protocolPort(0)
    .protocol("string")
    .defaultPoolId("string")
    .alpnProtocols("string")
    .clientCrlContainerRef("string")
    .connectionLimit(0)
    .adminStateUp(false)
    .defaultTlsContainerRef("string")
    .description("string")
    .hstsIncludeSubdomains(false)
    .hstsMaxAge(0)
    .hstsPreload(false)
    .insertHeaders(Map.of("string", "string"))
    .clientAuthentication("string")
    .name("string")
    .clientCaTlsContainerRef("string")
    .allowedCidrs("string")
    .region("string")
    .sniContainerRefs("string")
    .tags("string")
    .tenantId("string")
    .timeoutClientData(0)
    .timeoutMemberConnect(0)
    .timeoutMemberData(0)
    .timeoutTcpInspect(0)
    .tlsCiphers("string")
    .tlsVersions("string")
    .build());

listener_resource = openstack.loadbalancer.Listener("listenerResource",
    loadbalancer_id="string",
    protocol_port=0,
    protocol="string",
    default_pool_id="string",
    alpn_protocols=["string"],
    client_crl_container_ref="string",
    connection_limit=0,
    admin_state_up=False,
    default_tls_container_ref="string",
    description="string",
    hsts_include_subdomains=False,
    hsts_max_age=0,
    hsts_preload=False,
    insert_headers={
        "string": "string",
    },
    client_authentication="string",
    name="string",
    client_ca_tls_container_ref="string",
    allowed_cidrs=["string"],
    region="string",
    sni_container_refs=["string"],
    tags=["string"],
    tenant_id="string",
    timeout_client_data=0,
    timeout_member_connect=0,
    timeout_member_data=0,
    timeout_tcp_inspect=0,
    tls_ciphers="string",
    tls_versions=["string"])

const listenerResource = new openstack.loadbalancer.Listener("listenerResource", {
    loadbalancerId: "string",
    protocolPort: 0,
    protocol: "string",
    defaultPoolId: "string",
    alpnProtocols: ["string"],
    clientCrlContainerRef: "string",
    connectionLimit: 0,
    adminStateUp: false,
    defaultTlsContainerRef: "string",
    description: "string",
    hstsIncludeSubdomains: false,
    hstsMaxAge: 0,
    hstsPreload: false,
    insertHeaders: {
        string: "string",
    },
    clientAuthentication: "string",
    name: "string",
    clientCaTlsContainerRef: "string",
    allowedCidrs: ["string"],
    region: "string",
    sniContainerRefs: ["string"],
    tags: ["string"],
    tenantId: "string",
    timeoutClientData: 0,
    timeoutMemberConnect: 0,
    timeoutMemberData: 0,
    timeoutTcpInspect: 0,
    tlsCiphers: "string",
    tlsVersions: ["string"],
});

type: openstack:loadbalancer:Listener
properties:
    adminStateUp: false
    allowedCidrs:
        - string
    alpnProtocols:
        - string
    clientAuthentication: string
    clientCaTlsContainerRef: string
    clientCrlContainerRef: string
    connectionLimit: 0
    defaultPoolId: string
    defaultTlsContainerRef: string
    description: string
    hstsIncludeSubdomains: false
    hstsMaxAge: 0
    hstsPreload: false
    insertHeaders:
        string: string
    loadbalancerId: string
    name: string
    protocol: string
    protocolPort: 0
    region: string
    sniContainerRefs:
        - string
    tags:
        - string
    tenantId: string
    timeoutClientData: 0
    timeoutMemberConnect: 0
    timeoutMemberData: 0
    timeoutTcpInspect: 0
    tlsCiphers: string
    tlsVersions:
        - string

Listener Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Listener resource accepts the following input properties:

LoadbalancerId string

The load balancer on which to provision this Listener. Changing this creates a new Listener.

Protocol string

The protocol can be either TCP, HTTP, HTTPS, TERMINATED_HTTPS, UDP, SCTP (supported only in Octavia minor version >= 2.23), or PROMETHEUS (supported only in Octavia minor version >= 2.25). Changing this creates a new Listener.

ProtocolPort int

The port on which to listen for client traffic.

Changing this creates a new Listener.

AdminStateUp bool

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

AllowedCidrs List<string>

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

AlpnProtocols List<string>

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

ClientAuthentication string

The TLS client authentication mode. Available options: NONE, OPTIONAL or MANDATORY. Requires TERMINATED_HTTPS listener protocol and the client_ca_tls_container_ref. Supported only in Octavia minor version >= 2.8.

ClientCaTlsContainerRef string

The ref of the key manager service secret containing a PEM format client CA certificate bundle for TERMINATED_HTTPS listeners. Required if client_authentication is OPTIONAL or MANDATORY. Supported only in Octavia minor version >= 2.8.

ClientCrlContainerRef string

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

ConnectionLimit int

The maximum number of connections allowed for the Listener.

DefaultPoolId string

The ID of the default pool with which the Listener is associated.

DefaultTlsContainerRef string

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

Description string

Human-readable description for the Listener.

HstsIncludeSubdomains bool

Defines whether the includeSubDomains directive should be added to the Strict-Transport-Security HTTP response header. This requires setting the hsts_max_age option as well in order to become effective. Requires TERMINATED_HTTPS listener protocol. Supported only in Octavia minor version >= 2.27.

HstsMaxAge int

The value of the max_age directive for the Strict-Transport-Security HTTP response header. Setting this enables HTTP Strict Transport Security (HSTS) for the TLS-terminated listener. Requires TERMINATED_HTTPS listener protocol. Supported only in Octavia minor version >= 2.27.

HstsPreload bool

Defines whether the preload directive should be added to the Strict-Transport-Security HTTP response header. This requires setting the hsts_max_age option as well in order to become effective. Requires TERMINATED_HTTPS listener protocol. Supported only in Octavia minor version >= 2.27.

InsertHeaders Dictionary<string, string>

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

Name string

Human-readable name for the Listener. Does not have to be unique.

Region string

The region in which to obtain the V2 Networking client. A Networking client is needed to create a listener. If omitted, the region argument of the provider is used. Changing this creates a new Listener.

SniContainerRefs List<string>

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

Tags List<string>

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

TenantId string

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

TimeoutClientData int

The client inactivity timeout in milliseconds.

TimeoutMemberConnect int

The member connection timeout in milliseconds.

TimeoutMemberData int

The member inactivity timeout in milliseconds.

TimeoutTcpInspect int

The time in milliseconds, to wait for additional TCP packets for content inspection.

TlsCiphers string

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

TlsVersions List<string>

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

LoadbalancerId string

The load balancer on which to provision this Listener. Changing this creates a new Listener.

Protocol string

ProtocolPort int

The port on which to listen for client traffic.

Changing this creates a new Listener.

AdminStateUp bool

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

AllowedCidrs []string

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

AlpnProtocols []string

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

ClientAuthentication string

ClientCaTlsContainerRef string

ClientCrlContainerRef string

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

ConnectionLimit int

The maximum number of connections allowed for the Listener.

DefaultPoolId string

The ID of the default pool with which the Listener is associated.

DefaultTlsContainerRef string

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

Description string

Human-readable description for the Listener.

HstsIncludeSubdomains bool

HstsMaxAge int

HstsPreload bool

InsertHeaders map[string]string

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

Name string

Human-readable name for the Listener. Does not have to be unique.

Region string

SniContainerRefs []string

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

Tags []string

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

TenantId string

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

TimeoutClientData int

The client inactivity timeout in milliseconds.

TimeoutMemberConnect int

The member connection timeout in milliseconds.

TimeoutMemberData int

The member inactivity timeout in milliseconds.

TimeoutTcpInspect int

The time in milliseconds, to wait for additional TCP packets for content inspection.

TlsCiphers string

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

TlsVersions []string

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

loadbalancerId String

The load balancer on which to provision this Listener. Changing this creates a new Listener.

protocol String

protocolPort Integer

The port on which to listen for client traffic.

Changing this creates a new Listener.

adminStateUp Boolean

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowedCidrs List<String>

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpnProtocols List<String>

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

clientAuthentication String

clientCaTlsContainerRef String

clientCrlContainerRef String

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connectionLimit Integer

The maximum number of connections allowed for the Listener.

defaultPoolId String

The ID of the default pool with which the Listener is associated.

defaultTlsContainerRef String

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description String

Human-readable description for the Listener.

hstsIncludeSubdomains Boolean

hstsMaxAge Integer

hstsPreload Boolean

insertHeaders Map<String,String>

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

name String

Human-readable name for the Listener. Does not have to be unique.

region String

sniContainerRefs List<String>

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags List<String>

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenantId String

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeoutClientData Integer

The client inactivity timeout in milliseconds.

timeoutMemberConnect Integer

The member connection timeout in milliseconds.

timeoutMemberData Integer

The member inactivity timeout in milliseconds.

timeoutTcpInspect Integer

The time in milliseconds, to wait for additional TCP packets for content inspection.

tlsCiphers String

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tlsVersions List<String>

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

loadbalancerId string

The load balancer on which to provision this Listener. Changing this creates a new Listener.

protocol string

protocolPort number

The port on which to listen for client traffic.

Changing this creates a new Listener.

adminStateUp boolean

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowedCidrs string[]

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpnProtocols string[]

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

clientAuthentication string

clientCaTlsContainerRef string

clientCrlContainerRef string

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connectionLimit number

The maximum number of connections allowed for the Listener.

defaultPoolId string

The ID of the default pool with which the Listener is associated.

defaultTlsContainerRef string

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description string

Human-readable description for the Listener.

hstsIncludeSubdomains boolean

hstsMaxAge number

hstsPreload boolean

insertHeaders {[key: string]: string}

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

name string

Human-readable name for the Listener. Does not have to be unique.

region string

sniContainerRefs string[]

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags string[]

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenantId string

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeoutClientData number

The client inactivity timeout in milliseconds.

timeoutMemberConnect number

The member connection timeout in milliseconds.

timeoutMemberData number

The member inactivity timeout in milliseconds.

timeoutTcpInspect number

The time in milliseconds, to wait for additional TCP packets for content inspection.

tlsCiphers string

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tlsVersions string[]

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

loadbalancer_id str

The load balancer on which to provision this Listener. Changing this creates a new Listener.

protocol str

protocol_port int

The port on which to listen for client traffic.

Changing this creates a new Listener.

admin_state_up bool

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowed_cidrs Sequence[str]

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpn_protocols Sequence[str]

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

client_authentication str

client_ca_tls_container_ref str

client_crl_container_ref str

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connection_limit int

The maximum number of connections allowed for the Listener.

default_pool_id str

The ID of the default pool with which the Listener is associated.

default_tls_container_ref str

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description str

Human-readable description for the Listener.

hsts_include_subdomains bool

hsts_max_age int

hsts_preload bool

insert_headers Mapping[str, str]

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

name str

Human-readable name for the Listener. Does not have to be unique.

region str

sni_container_refs Sequence[str]

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags Sequence[str]

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenant_id str

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeout_client_data int

The client inactivity timeout in milliseconds.

timeout_member_connect int

The member connection timeout in milliseconds.

timeout_member_data int

The member inactivity timeout in milliseconds.

timeout_tcp_inspect int

The time in milliseconds, to wait for additional TCP packets for content inspection.

tls_ciphers str

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tls_versions Sequence[str]

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

loadbalancerId String

The load balancer on which to provision this Listener. Changing this creates a new Listener.

protocol String

protocolPort Number

The port on which to listen for client traffic.

Changing this creates a new Listener.

adminStateUp Boolean

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowedCidrs List<String>

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpnProtocols List<String>

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

clientAuthentication String

clientCaTlsContainerRef String

clientCrlContainerRef String

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connectionLimit Number

The maximum number of connections allowed for the Listener.

defaultPoolId String

The ID of the default pool with which the Listener is associated.

defaultTlsContainerRef String

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description String

Human-readable description for the Listener.

hstsIncludeSubdomains Boolean

hstsMaxAge Number

hstsPreload Boolean

insertHeaders Map<String>

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

name String

Human-readable name for the Listener. Does not have to be unique.

region String

sniContainerRefs List<String>

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags List<String>

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenantId String

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeoutClientData Number

The client inactivity timeout in milliseconds.

timeoutMemberConnect Number

The member connection timeout in milliseconds.

timeoutMemberData Number

The member inactivity timeout in milliseconds.

timeoutTcpInspect Number

The time in milliseconds, to wait for additional TCP packets for content inspection.

tlsCiphers String

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tlsVersions List<String>

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

Outputs

All input properties are implicitly available as output properties. Additionally, the Listener resource produces the following output properties:

Id string: The provider-assigned unique ID for this managed resource.

Id string: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

id string: The provider-assigned unique ID for this managed resource.

id str: The provider-assigned unique ID for this managed resource.

id String: The provider-assigned unique ID for this managed resource.

Look up Existing Listener Resource

Get an existing Listener resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ListenerState, opts?: CustomResourceOptions): Listener

@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        admin_state_up: Optional[bool] = None,
        allowed_cidrs: Optional[Sequence[str]] = None,
        alpn_protocols: Optional[Sequence[str]] = None,
        client_authentication: Optional[str] = None,
        client_ca_tls_container_ref: Optional[str] = None,
        client_crl_container_ref: Optional[str] = None,
        connection_limit: Optional[int] = None,
        default_pool_id: Optional[str] = None,
        default_tls_container_ref: Optional[str] = None,
        description: Optional[str] = None,
        hsts_include_subdomains: Optional[bool] = None,
        hsts_max_age: Optional[int] = None,
        hsts_preload: Optional[bool] = None,
        insert_headers: Optional[Mapping[str, str]] = None,
        loadbalancer_id: Optional[str] = None,
        name: Optional[str] = None,
        protocol: Optional[str] = None,
        protocol_port: Optional[int] = None,
        region: Optional[str] = None,
        sni_container_refs: Optional[Sequence[str]] = None,
        tags: Optional[Sequence[str]] = None,
        tenant_id: Optional[str] = None,
        timeout_client_data: Optional[int] = None,
        timeout_member_connect: Optional[int] = None,
        timeout_member_data: Optional[int] = None,
        timeout_tcp_inspect: Optional[int] = None,
        tls_ciphers: Optional[str] = None,
        tls_versions: Optional[Sequence[str]] = None) -> Listener

func GetListener(ctx *Context, name string, id IDInput, state *ListenerState, opts ...ResourceOption) (*Listener, error)

public static Listener Get(string name, Input<string> id, ListenerState? state, CustomResourceOptions? opts = null)

public static Listener get(String name, Output<String> id, ListenerState state, CustomResourceOptions options)

resources:  _:    type: openstack:loadbalancer:Listener    get:      id: ${id}

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

resource_name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

name: The unique name of the resulting resource.
id: The unique provider ID of the resource to lookup.
state: Any extra arguments used during the lookup.
opts: A bag of options that control this resource's behavior.

The following state arguments are supported:

AdminStateUp bool

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

AllowedCidrs List<string>

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

AlpnProtocols List<string>

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

ClientAuthentication string

ClientCaTlsContainerRef string

ClientCrlContainerRef string

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

ConnectionLimit int

The maximum number of connections allowed for the Listener.

DefaultPoolId string

The ID of the default pool with which the Listener is associated.

DefaultTlsContainerRef string

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

Description string

Human-readable description for the Listener.

HstsIncludeSubdomains bool

HstsMaxAge int

HstsPreload bool

InsertHeaders Dictionary<string, string>

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

LoadbalancerId string

The load balancer on which to provision this Listener. Changing this creates a new Listener.

Name string

Human-readable name for the Listener. Does not have to be unique.

Protocol string

ProtocolPort int

The port on which to listen for client traffic.

Changing this creates a new Listener.

Region string

SniContainerRefs List<string>

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

Tags List<string>

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

TenantId string

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

TimeoutClientData int

The client inactivity timeout in milliseconds.

TimeoutMemberConnect int

The member connection timeout in milliseconds.

TimeoutMemberData int

The member inactivity timeout in milliseconds.

TimeoutTcpInspect int

The time in milliseconds, to wait for additional TCP packets for content inspection.

TlsCiphers string

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

TlsVersions List<string>

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

AdminStateUp bool

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

AllowedCidrs []string

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

AlpnProtocols []string

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

ClientAuthentication string

ClientCaTlsContainerRef string

ClientCrlContainerRef string

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

ConnectionLimit int

The maximum number of connections allowed for the Listener.

DefaultPoolId string

The ID of the default pool with which the Listener is associated.

DefaultTlsContainerRef string

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

Description string

Human-readable description for the Listener.

HstsIncludeSubdomains bool

HstsMaxAge int

HstsPreload bool

InsertHeaders map[string]string

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

LoadbalancerId string

The load balancer on which to provision this Listener. Changing this creates a new Listener.

Name string

Human-readable name for the Listener. Does not have to be unique.

Protocol string

ProtocolPort int

The port on which to listen for client traffic.

Changing this creates a new Listener.

Region string

SniContainerRefs []string

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

Tags []string

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

TenantId string

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

TimeoutClientData int

The client inactivity timeout in milliseconds.

TimeoutMemberConnect int

The member connection timeout in milliseconds.

TimeoutMemberData int

The member inactivity timeout in milliseconds.

TimeoutTcpInspect int

The time in milliseconds, to wait for additional TCP packets for content inspection.

TlsCiphers string

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

TlsVersions []string

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

adminStateUp Boolean

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowedCidrs List<String>

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpnProtocols List<String>

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

clientAuthentication String

clientCaTlsContainerRef String

clientCrlContainerRef String

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connectionLimit Integer

The maximum number of connections allowed for the Listener.

defaultPoolId String

The ID of the default pool with which the Listener is associated.

defaultTlsContainerRef String

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description String

Human-readable description for the Listener.

hstsIncludeSubdomains Boolean

hstsMaxAge Integer

hstsPreload Boolean

insertHeaders Map<String,String>

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

loadbalancerId String

The load balancer on which to provision this Listener. Changing this creates a new Listener.

name String

Human-readable name for the Listener. Does not have to be unique.

protocol String

protocolPort Integer

The port on which to listen for client traffic.

Changing this creates a new Listener.

region String

sniContainerRefs List<String>

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags List<String>

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenantId String

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeoutClientData Integer

The client inactivity timeout in milliseconds.

timeoutMemberConnect Integer

The member connection timeout in milliseconds.

timeoutMemberData Integer

The member inactivity timeout in milliseconds.

timeoutTcpInspect Integer

The time in milliseconds, to wait for additional TCP packets for content inspection.

tlsCiphers String

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tlsVersions List<String>

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

adminStateUp boolean

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowedCidrs string[]

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpnProtocols string[]

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

clientAuthentication string

clientCaTlsContainerRef string

clientCrlContainerRef string

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connectionLimit number

The maximum number of connections allowed for the Listener.

defaultPoolId string

The ID of the default pool with which the Listener is associated.

defaultTlsContainerRef string

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description string

Human-readable description for the Listener.

hstsIncludeSubdomains boolean

hstsMaxAge number

hstsPreload boolean

insertHeaders {[key: string]: string}

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

loadbalancerId string

The load balancer on which to provision this Listener. Changing this creates a new Listener.

name string

Human-readable name for the Listener. Does not have to be unique.

protocol string

protocolPort number

The port on which to listen for client traffic.

Changing this creates a new Listener.

region string

sniContainerRefs string[]

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags string[]

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenantId string

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeoutClientData number

The client inactivity timeout in milliseconds.

timeoutMemberConnect number

The member connection timeout in milliseconds.

timeoutMemberData number

The member inactivity timeout in milliseconds.

timeoutTcpInspect number

The time in milliseconds, to wait for additional TCP packets for content inspection.

tlsCiphers string

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tlsVersions string[]

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

admin_state_up bool

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowed_cidrs Sequence[str]

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpn_protocols Sequence[str]

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

client_authentication str

client_ca_tls_container_ref str

client_crl_container_ref str

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connection_limit int

The maximum number of connections allowed for the Listener.

default_pool_id str

The ID of the default pool with which the Listener is associated.

default_tls_container_ref str

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description str

Human-readable description for the Listener.

hsts_include_subdomains bool

hsts_max_age int

hsts_preload bool

insert_headers Mapping[str, str]

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

loadbalancer_id str

The load balancer on which to provision this Listener. Changing this creates a new Listener.

name str

Human-readable name for the Listener. Does not have to be unique.

protocol str

protocol_port int

The port on which to listen for client traffic.

Changing this creates a new Listener.

region str

sni_container_refs Sequence[str]

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags Sequence[str]

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenant_id str

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeout_client_data int

The client inactivity timeout in milliseconds.

timeout_member_connect int

The member connection timeout in milliseconds.

timeout_member_data int

The member inactivity timeout in milliseconds.

timeout_tcp_inspect int

The time in milliseconds, to wait for additional TCP packets for content inspection.

tls_ciphers str

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tls_versions Sequence[str]

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

adminStateUp Boolean

The administrative state of the Listener. A valid value is true (UP) or false (DOWN).

allowedCidrs List<String>

A list of CIDR blocks that are permitted to connect to this listener, denying all other source addresses. If not present, defaults to allow all.

alpnProtocols List<String>

A list of ALPN protocols. Available protocols: http/1.0, http/1.1, h2. Supported only in Octavia minor version >= 2.20.

clientAuthentication String

clientCaTlsContainerRef String

clientCrlContainerRef String

The URI of the key manager service secret containing a PEM format CA revocation list file for TERMINATED_HTTPS listeners. Supported only in Octavia minor version >= 2.8.

connectionLimit Number

The maximum number of connections allowed for the Listener.

defaultPoolId String

The ID of the default pool with which the Listener is associated.

defaultTlsContainerRef String

A reference to a Barbican Secrets container which stores TLS information. This is required if the protocol is TERMINATED_HTTPS. See here for more information.

description String

Human-readable description for the Listener.

hstsIncludeSubdomains Boolean

hstsMaxAge Number

hstsPreload Boolean

insertHeaders Map<String>

The list of key value pairs representing headers to insert into the request before it is sent to the backend members. Changing this updates the headers of the existing listener.

loadbalancerId String

The load balancer on which to provision this Listener. Changing this creates a new Listener.

name String

Human-readable name for the Listener. Does not have to be unique.

protocol String

protocolPort Number

The port on which to listen for client traffic.

Changing this creates a new Listener.

region String

sniContainerRefs List<String>

A list of references to Barbican Secrets containers which store SNI information. See here for more information.

tags List<String>

A list of simple strings assigned to the pool. Available for Octavia minor version 2.5 or later.

tenantId String

Required for admins. The UUID of the tenant who owns the Listener. Only administrative users can specify a tenant UUID other than their own. Changing this creates a new Listener.

timeoutClientData Number

The client inactivity timeout in milliseconds.

timeoutMemberConnect Number

The member connection timeout in milliseconds.

timeoutMemberData Number

The member inactivity timeout in milliseconds.

timeoutTcpInspect Number

The time in milliseconds, to wait for additional TCP packets for content inspection.

tlsCiphers String

List of ciphers in OpenSSL format (colon-separated). See https://www.openssl.org/docs/man1.1.1/man1/ciphers.html for more information. Supported only in Octavia minor version >= 2.15.

tlsVersions List<String>

A list of TLS protocol versions. Available versions: TLSv1, TLSv1.1, TLSv1.2, TLSv1.3. Supported only in Octavia minor version >= 2.17.

Import

Load Balancer Listener can be imported using the Listener ID, e.g.:

$ pulumi import openstack:loadbalancer/listener:Listener listener_1 b67ce64e-8b26-405d-afeb-4a078901f15a

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository: OpenStack pulumi/pulumi-openstack
License: Apache-2.0
Notes: This Pulumi package is based on the openstack Terraform Provider.

OpenStack v5.0.3 published on Wednesday, Feb 12, 2025 by Pulumi

pulumi/pulumi-openstack

openstack.loadbalancer.Listener

On this page

On this page

Example Usage

Simple listener

Listener with TLS and client certificate authentication

Create Listener Resource

Constructor syntax

Parameters

Constructor example

Listener Resource Properties

Inputs

Outputs

Look up Existing Listener Resource

Import

Package Details

On this page

On this page