1. Packages
  2. Oracle Cloud Infrastructure
  3. API Docs
  4. LoadBalancer
  5. Listener
Oracle Cloud Infrastructure v2.31.0 published on Thursday, Apr 17, 2025 by Pulumi

oci.LoadBalancer.Listener

Explore with Pulumi AI

This resource provides the Listener resource in Oracle Cloud Infrastructure Load Balancer service.

Adds a listener to a load balancer.

Example Usage

import * as pulumi from "@pulumi/pulumi";
import * as oci from "@pulumi/oci";

const testListener = new oci.loadbalancer.Listener("test_listener", {
    defaultBackendSetName: testBackendSet.name,
    loadBalancerId: testLoadBalancer.id,
    name: listenerName,
    port: listenerPort,
    protocol: listenerProtocol,
    connectionConfiguration: {
        idleTimeoutInSeconds: listenerConnectionConfigurationIdleTimeoutInSeconds,
        backendTcpProxyProtocolOptions: listenerConnectionConfigurationBackendTcpProxyProtocolOptions,
        backendTcpProxyProtocolVersion: listenerConnectionConfigurationBackendTcpProxyProtocolVersion,
    },
    hostnameNames: [testHostname.name],
    pathRouteSetName: testPathRouteSet.name,
    routingPolicyName: testLoadBalancerRoutingPolicy.name,
    ruleSetNames: [testRuleSet.name],
    sslConfiguration: {
        certificateName: testCertificate.name,
        hasSessionResumption: listenerSslConfigurationHasSessionResumption,
        certificateIds: listenerSslConfigurationCertificateIds,
        cipherSuiteName: listenerSslConfigurationCipherSuiteName,
        protocols: listenerSslConfigurationProtocols,
        serverOrderPreference: listenerSslConfigurationServerOrderPreference,
        trustedCertificateAuthorityIds: listenerSslConfigurationTrustedCertificateAuthorityIds,
        verifyDepth: listenerSslConfigurationVerifyDepth,
        verifyPeerCertificate: listenerSslConfigurationVerifyPeerCertificate,
    },
});
Copy
import pulumi
import pulumi_oci as oci

test_listener = oci.load_balancer.Listener("test_listener",
    default_backend_set_name=test_backend_set["name"],
    load_balancer_id=test_load_balancer["id"],
    name=listener_name,
    port=listener_port,
    protocol=listener_protocol,
    connection_configuration={
        "idle_timeout_in_seconds": listener_connection_configuration_idle_timeout_in_seconds,
        "backend_tcp_proxy_protocol_options": listener_connection_configuration_backend_tcp_proxy_protocol_options,
        "backend_tcp_proxy_protocol_version": listener_connection_configuration_backend_tcp_proxy_protocol_version,
    },
    hostname_names=[test_hostname["name"]],
    path_route_set_name=test_path_route_set["name"],
    routing_policy_name=test_load_balancer_routing_policy["name"],
    rule_set_names=[test_rule_set["name"]],
    ssl_configuration={
        "certificate_name": test_certificate["name"],
        "has_session_resumption": listener_ssl_configuration_has_session_resumption,
        "certificate_ids": listener_ssl_configuration_certificate_ids,
        "cipher_suite_name": listener_ssl_configuration_cipher_suite_name,
        "protocols": listener_ssl_configuration_protocols,
        "server_order_preference": listener_ssl_configuration_server_order_preference,
        "trusted_certificate_authority_ids": listener_ssl_configuration_trusted_certificate_authority_ids,
        "verify_depth": listener_ssl_configuration_verify_depth,
        "verify_peer_certificate": listener_ssl_configuration_verify_peer_certificate,
    })
Copy
package main

import (
	"github.com/pulumi/pulumi-oci/sdk/v2/go/oci/loadbalancer"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := loadbalancer.NewListener(ctx, "test_listener", &loadbalancer.ListenerArgs{
			DefaultBackendSetName: pulumi.Any(testBackendSet.Name),
			LoadBalancerId:        pulumi.Any(testLoadBalancer.Id),
			Name:                  pulumi.Any(listenerName),
			Port:                  pulumi.Any(listenerPort),
			Protocol:              pulumi.Any(listenerProtocol),
			ConnectionConfiguration: &loadbalancer.ListenerConnectionConfigurationArgs{
				IdleTimeoutInSeconds:           pulumi.Any(listenerConnectionConfigurationIdleTimeoutInSeconds),
				BackendTcpProxyProtocolOptions: pulumi.Any(listenerConnectionConfigurationBackendTcpProxyProtocolOptions),
				BackendTcpProxyProtocolVersion: pulumi.Any(listenerConnectionConfigurationBackendTcpProxyProtocolVersion),
			},
			HostnameNames: pulumi.StringArray{
				testHostname.Name,
			},
			PathRouteSetName:  pulumi.Any(testPathRouteSet.Name),
			RoutingPolicyName: pulumi.Any(testLoadBalancerRoutingPolicy.Name),
			RuleSetNames: pulumi.StringArray{
				testRuleSet.Name,
			},
			SslConfiguration: &loadbalancer.ListenerSslConfigurationArgs{
				CertificateName:                pulumi.Any(testCertificate.Name),
				HasSessionResumption:           pulumi.Any(listenerSslConfigurationHasSessionResumption),
				CertificateIds:                 pulumi.Any(listenerSslConfigurationCertificateIds),
				CipherSuiteName:                pulumi.Any(listenerSslConfigurationCipherSuiteName),
				Protocols:                      pulumi.Any(listenerSslConfigurationProtocols),
				ServerOrderPreference:          pulumi.Any(listenerSslConfigurationServerOrderPreference),
				TrustedCertificateAuthorityIds: pulumi.Any(listenerSslConfigurationTrustedCertificateAuthorityIds),
				VerifyDepth:                    pulumi.Any(listenerSslConfigurationVerifyDepth),
				VerifyPeerCertificate:          pulumi.Any(listenerSslConfigurationVerifyPeerCertificate),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Oci = Pulumi.Oci;

return await Deployment.RunAsync(() => 
{
    var testListener = new Oci.LoadBalancer.Listener("test_listener", new()
    {
        DefaultBackendSetName = testBackendSet.Name,
        LoadBalancerId = testLoadBalancer.Id,
        Name = listenerName,
        Port = listenerPort,
        Protocol = listenerProtocol,
        ConnectionConfiguration = new Oci.LoadBalancer.Inputs.ListenerConnectionConfigurationArgs
        {
            IdleTimeoutInSeconds = listenerConnectionConfigurationIdleTimeoutInSeconds,
            BackendTcpProxyProtocolOptions = listenerConnectionConfigurationBackendTcpProxyProtocolOptions,
            BackendTcpProxyProtocolVersion = listenerConnectionConfigurationBackendTcpProxyProtocolVersion,
        },
        HostnameNames = new[]
        {
            testHostname.Name,
        },
        PathRouteSetName = testPathRouteSet.Name,
        RoutingPolicyName = testLoadBalancerRoutingPolicy.Name,
        RuleSetNames = new[]
        {
            testRuleSet.Name,
        },
        SslConfiguration = new Oci.LoadBalancer.Inputs.ListenerSslConfigurationArgs
        {
            CertificateName = testCertificate.Name,
            HasSessionResumption = listenerSslConfigurationHasSessionResumption,
            CertificateIds = listenerSslConfigurationCertificateIds,
            CipherSuiteName = listenerSslConfigurationCipherSuiteName,
            Protocols = listenerSslConfigurationProtocols,
            ServerOrderPreference = listenerSslConfigurationServerOrderPreference,
            TrustedCertificateAuthorityIds = listenerSslConfigurationTrustedCertificateAuthorityIds,
            VerifyDepth = listenerSslConfigurationVerifyDepth,
            VerifyPeerCertificate = listenerSslConfigurationVerifyPeerCertificate,
        },
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.oci.LoadBalancer.Listener;
import com.pulumi.oci.LoadBalancer.ListenerArgs;
import com.pulumi.oci.LoadBalancer.inputs.ListenerConnectionConfigurationArgs;
import com.pulumi.oci.LoadBalancer.inputs.ListenerSslConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testListener = new Listener("testListener", ListenerArgs.builder()
            .defaultBackendSetName(testBackendSet.name())
            .loadBalancerId(testLoadBalancer.id())
            .name(listenerName)
            .port(listenerPort)
            .protocol(listenerProtocol)
            .connectionConfiguration(ListenerConnectionConfigurationArgs.builder()
                .idleTimeoutInSeconds(listenerConnectionConfigurationIdleTimeoutInSeconds)
                .backendTcpProxyProtocolOptions(listenerConnectionConfigurationBackendTcpProxyProtocolOptions)
                .backendTcpProxyProtocolVersion(listenerConnectionConfigurationBackendTcpProxyProtocolVersion)
                .build())
            .hostnameNames(testHostname.name())
            .pathRouteSetName(testPathRouteSet.name())
            .routingPolicyName(testLoadBalancerRoutingPolicy.name())
            .ruleSetNames(testRuleSet.name())
            .sslConfiguration(ListenerSslConfigurationArgs.builder()
                .certificateName(testCertificate.name())
                .hasSessionResumption(listenerSslConfigurationHasSessionResumption)
                .certificateIds(listenerSslConfigurationCertificateIds)
                .cipherSuiteName(listenerSslConfigurationCipherSuiteName)
                .protocols(listenerSslConfigurationProtocols)
                .serverOrderPreference(listenerSslConfigurationServerOrderPreference)
                .trustedCertificateAuthorityIds(listenerSslConfigurationTrustedCertificateAuthorityIds)
                .verifyDepth(listenerSslConfigurationVerifyDepth)
                .verifyPeerCertificate(listenerSslConfigurationVerifyPeerCertificate)
                .build())
            .build());

    }
}
Copy
resources:
  testListener:
    type: oci:LoadBalancer:Listener
    name: test_listener
    properties:
      defaultBackendSetName: ${testBackendSet.name}
      loadBalancerId: ${testLoadBalancer.id}
      name: ${listenerName}
      port: ${listenerPort}
      protocol: ${listenerProtocol}
      connectionConfiguration:
        idleTimeoutInSeconds: ${listenerConnectionConfigurationIdleTimeoutInSeconds}
        backendTcpProxyProtocolOptions: ${listenerConnectionConfigurationBackendTcpProxyProtocolOptions}
        backendTcpProxyProtocolVersion: ${listenerConnectionConfigurationBackendTcpProxyProtocolVersion}
      hostnameNames:
        - ${testHostname.name}
      pathRouteSetName: ${testPathRouteSet.name}
      routingPolicyName: ${testLoadBalancerRoutingPolicy.name}
      ruleSetNames:
        - ${testRuleSet.name}
      sslConfiguration:
        certificateName: ${testCertificate.name}
        hasSessionResumption: ${listenerSslConfigurationHasSessionResumption}
        certificateIds: ${listenerSslConfigurationCertificateIds}
        cipherSuiteName: ${listenerSslConfigurationCipherSuiteName}
        protocols: ${listenerSslConfigurationProtocols}
        serverOrderPreference: ${listenerSslConfigurationServerOrderPreference}
        trustedCertificateAuthorityIds: ${listenerSslConfigurationTrustedCertificateAuthorityIds}
        verifyDepth: ${listenerSslConfigurationVerifyDepth}
        verifyPeerCertificate: ${listenerSslConfigurationVerifyPeerCertificate}
Copy

Create Listener Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new Listener(name: string, args: ListenerArgs, opts?: CustomResourceOptions);
@overload
def Listener(resource_name: str,
             args: ListenerArgs,
             opts: Optional[ResourceOptions] = None)

@overload
def Listener(resource_name: str,
             opts: Optional[ResourceOptions] = None,
             default_backend_set_name: Optional[str] = None,
             load_balancer_id: Optional[str] = None,
             port: Optional[int] = None,
             protocol: Optional[str] = None,
             connection_configuration: Optional[_loadbalancer.ListenerConnectionConfigurationArgs] = None,
             hostname_names: Optional[Sequence[str]] = None,
             name: Optional[str] = None,
             path_route_set_name: Optional[str] = None,
             routing_policy_name: Optional[str] = None,
             rule_set_names: Optional[Sequence[str]] = None,
             ssl_configuration: Optional[_loadbalancer.ListenerSslConfigurationArgs] = None)
func NewListener(ctx *Context, name string, args ListenerArgs, opts ...ResourceOption) (*Listener, error)
public Listener(string name, ListenerArgs args, CustomResourceOptions? opts = null)
public Listener(String name, ListenerArgs args)
public Listener(String name, ListenerArgs args, CustomResourceOptions options)
type: oci:LoadBalancer:Listener
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. ListenerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. ListenerArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. ListenerArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. ListenerArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. ListenerArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var listenerResource = new Oci.LoadBalancer.Listener("listenerResource", new()
{
    DefaultBackendSetName = "string",
    LoadBalancerId = "string",
    Port = 0,
    Protocol = "string",
    ConnectionConfiguration = new Oci.LoadBalancer.Inputs.ListenerConnectionConfigurationArgs
    {
        IdleTimeoutInSeconds = "string",
        BackendTcpProxyProtocolOptions = new[]
        {
            "string",
        },
        BackendTcpProxyProtocolVersion = 0,
    },
    HostnameNames = new[]
    {
        "string",
    },
    Name = "string",
    PathRouteSetName = "string",
    RoutingPolicyName = "string",
    RuleSetNames = new[]
    {
        "string",
    },
    SslConfiguration = new Oci.LoadBalancer.Inputs.ListenerSslConfigurationArgs
    {
        CertificateIds = new[]
        {
            "string",
        },
        CertificateName = "string",
        CipherSuiteName = "string",
        HasSessionResumption = false,
        Protocols = new[]
        {
            "string",
        },
        ServerOrderPreference = "string",
        TrustedCertificateAuthorityIds = new[]
        {
            "string",
        },
        VerifyDepth = 0,
        VerifyPeerCertificate = false,
    },
});
Copy
example, err := LoadBalancer.NewListener(ctx, "listenerResource", &LoadBalancer.ListenerArgs{
	DefaultBackendSetName: pulumi.String("string"),
	LoadBalancerId:        pulumi.String("string"),
	Port:                  pulumi.Int(0),
	Protocol:              pulumi.String("string"),
	ConnectionConfiguration: &loadbalancer.ListenerConnectionConfigurationArgs{
		IdleTimeoutInSeconds: pulumi.String("string"),
		BackendTcpProxyProtocolOptions: pulumi.StringArray{
			pulumi.String("string"),
		},
		BackendTcpProxyProtocolVersion: pulumi.Int(0),
	},
	HostnameNames: pulumi.StringArray{
		pulumi.String("string"),
	},
	Name:              pulumi.String("string"),
	PathRouteSetName:  pulumi.String("string"),
	RoutingPolicyName: pulumi.String("string"),
	RuleSetNames: pulumi.StringArray{
		pulumi.String("string"),
	},
	SslConfiguration: &loadbalancer.ListenerSslConfigurationArgs{
		CertificateIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		CertificateName:      pulumi.String("string"),
		CipherSuiteName:      pulumi.String("string"),
		HasSessionResumption: pulumi.Bool(false),
		Protocols: pulumi.StringArray{
			pulumi.String("string"),
		},
		ServerOrderPreference: pulumi.String("string"),
		TrustedCertificateAuthorityIds: pulumi.StringArray{
			pulumi.String("string"),
		},
		VerifyDepth:           pulumi.Int(0),
		VerifyPeerCertificate: pulumi.Bool(false),
	},
})
Copy
var listenerResource = new Listener("listenerResource", ListenerArgs.builder()
    .defaultBackendSetName("string")
    .loadBalancerId("string")
    .port(0)
    .protocol("string")
    .connectionConfiguration(ListenerConnectionConfigurationArgs.builder()
        .idleTimeoutInSeconds("string")
        .backendTcpProxyProtocolOptions("string")
        .backendTcpProxyProtocolVersion(0)
        .build())
    .hostnameNames("string")
    .name("string")
    .pathRouteSetName("string")
    .routingPolicyName("string")
    .ruleSetNames("string")
    .sslConfiguration(ListenerSslConfigurationArgs.builder()
        .certificateIds("string")
        .certificateName("string")
        .cipherSuiteName("string")
        .hasSessionResumption(false)
        .protocols("string")
        .serverOrderPreference("string")
        .trustedCertificateAuthorityIds("string")
        .verifyDepth(0)
        .verifyPeerCertificate(false)
        .build())
    .build());
Copy
listener_resource = oci.load_balancer.Listener("listenerResource",
    default_backend_set_name="string",
    load_balancer_id="string",
    port=0,
    protocol="string",
    connection_configuration={
        "idle_timeout_in_seconds": "string",
        "backend_tcp_proxy_protocol_options": ["string"],
        "backend_tcp_proxy_protocol_version": 0,
    },
    hostname_names=["string"],
    name="string",
    path_route_set_name="string",
    routing_policy_name="string",
    rule_set_names=["string"],
    ssl_configuration={
        "certificate_ids": ["string"],
        "certificate_name": "string",
        "cipher_suite_name": "string",
        "has_session_resumption": False,
        "protocols": ["string"],
        "server_order_preference": "string",
        "trusted_certificate_authority_ids": ["string"],
        "verify_depth": 0,
        "verify_peer_certificate": False,
    })
Copy
const listenerResource = new oci.loadbalancer.Listener("listenerResource", {
    defaultBackendSetName: "string",
    loadBalancerId: "string",
    port: 0,
    protocol: "string",
    connectionConfiguration: {
        idleTimeoutInSeconds: "string",
        backendTcpProxyProtocolOptions: ["string"],
        backendTcpProxyProtocolVersion: 0,
    },
    hostnameNames: ["string"],
    name: "string",
    pathRouteSetName: "string",
    routingPolicyName: "string",
    ruleSetNames: ["string"],
    sslConfiguration: {
        certificateIds: ["string"],
        certificateName: "string",
        cipherSuiteName: "string",
        hasSessionResumption: false,
        protocols: ["string"],
        serverOrderPreference: "string",
        trustedCertificateAuthorityIds: ["string"],
        verifyDepth: 0,
        verifyPeerCertificate: false,
    },
});
Copy
type: oci:LoadBalancer:Listener
properties:
    connectionConfiguration:
        backendTcpProxyProtocolOptions:
            - string
        backendTcpProxyProtocolVersion: 0
        idleTimeoutInSeconds: string
    defaultBackendSetName: string
    hostnameNames:
        - string
    loadBalancerId: string
    name: string
    pathRouteSetName: string
    port: 0
    protocol: string
    routingPolicyName: string
    ruleSetNames:
        - string
    sslConfiguration:
        certificateIds:
            - string
        certificateName: string
        cipherSuiteName: string
        hasSessionResumption: false
        protocols:
            - string
        serverOrderPreference: string
        trustedCertificateAuthorityIds:
            - string
        verifyDepth: 0
        verifyPeerCertificate: false
Copy

Listener Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The Listener resource accepts the following input properties:

DefaultBackendSetName This property is required. string
(Updatable) The name of the associated backend set. Example: example_backend_set
LoadBalancerId
This property is required.
Changes to this property will trigger replacement.
string
The OCID of the load balancer on which to add a listener.
Port This property is required. int
(Updatable) The communication port for the listener. Example: 80
Protocol This property is required. string
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
ConnectionConfiguration ListenerConnectionConfiguration
(Updatable) Configuration details for the connection between the client and backend servers.
HostnameNames List<string>
(Updatable) An array of hostname resource names.
Name Changes to this property will trigger replacement. string
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
PathRouteSetName string

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

RoutingPolicyName string
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
RuleSetNames List<string>
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
SslConfiguration ListenerSslConfiguration

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

DefaultBackendSetName This property is required. string
(Updatable) The name of the associated backend set. Example: example_backend_set
LoadBalancerId
This property is required.
Changes to this property will trigger replacement.
string
The OCID of the load balancer on which to add a listener.
Port This property is required. int
(Updatable) The communication port for the listener. Example: 80
Protocol This property is required. string
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
ConnectionConfiguration ListenerConnectionConfigurationArgs
(Updatable) Configuration details for the connection between the client and backend servers.
HostnameNames []string
(Updatable) An array of hostname resource names.
Name Changes to this property will trigger replacement. string
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
PathRouteSetName string

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

RoutingPolicyName string
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
RuleSetNames []string
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
SslConfiguration ListenerSslConfigurationArgs

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

defaultBackendSetName This property is required. String
(Updatable) The name of the associated backend set. Example: example_backend_set
loadBalancerId
This property is required.
Changes to this property will trigger replacement.
String
The OCID of the load balancer on which to add a listener.
port This property is required. Integer
(Updatable) The communication port for the listener. Example: 80
protocol This property is required. String
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
connectionConfiguration ListenerConnectionConfiguration
(Updatable) Configuration details for the connection between the client and backend servers.
hostnameNames List<String>
(Updatable) An array of hostname resource names.
name Changes to this property will trigger replacement. String
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
pathRouteSetName String

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

routingPolicyName String
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
ruleSetNames List<String>
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
sslConfiguration ListenerSslConfiguration

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

defaultBackendSetName This property is required. string
(Updatable) The name of the associated backend set. Example: example_backend_set
loadBalancerId
This property is required.
Changes to this property will trigger replacement.
string
The OCID of the load balancer on which to add a listener.
port This property is required. number
(Updatable) The communication port for the listener. Example: 80
protocol This property is required. string
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
connectionConfiguration ListenerConnectionConfiguration
(Updatable) Configuration details for the connection between the client and backend servers.
hostnameNames string[]
(Updatable) An array of hostname resource names.
name Changes to this property will trigger replacement. string
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
pathRouteSetName string

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

routingPolicyName string
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
ruleSetNames string[]
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
sslConfiguration ListenerSslConfiguration

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

default_backend_set_name This property is required. str
(Updatable) The name of the associated backend set. Example: example_backend_set
load_balancer_id
This property is required.
Changes to this property will trigger replacement.
str
The OCID of the load balancer on which to add a listener.
port This property is required. int
(Updatable) The communication port for the listener. Example: 80
protocol This property is required. str
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
connection_configuration loadbalancer.ListenerConnectionConfigurationArgs
(Updatable) Configuration details for the connection between the client and backend servers.
hostname_names Sequence[str]
(Updatable) An array of hostname resource names.
name Changes to this property will trigger replacement. str
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
path_route_set_name str

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

routing_policy_name str
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
rule_set_names Sequence[str]
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
ssl_configuration loadbalancer.ListenerSslConfigurationArgs

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

defaultBackendSetName This property is required. String
(Updatable) The name of the associated backend set. Example: example_backend_set
loadBalancerId
This property is required.
Changes to this property will trigger replacement.
String
The OCID of the load balancer on which to add a listener.
port This property is required. Number
(Updatable) The communication port for the listener. Example: 80
protocol This property is required. String
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
connectionConfiguration Property Map
(Updatable) Configuration details for the connection between the client and backend servers.
hostnameNames List<String>
(Updatable) An array of hostname resource names.
name Changes to this property will trigger replacement. String
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
pathRouteSetName String

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

routingPolicyName String
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
ruleSetNames List<String>
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
sslConfiguration Property Map

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

Outputs

All input properties are implicitly available as output properties. Additionally, the Listener resource produces the following output properties:

Id string
The provider-assigned unique ID for this managed resource.
State string
Id string
The provider-assigned unique ID for this managed resource.
State string
id String
The provider-assigned unique ID for this managed resource.
state String
id string
The provider-assigned unique ID for this managed resource.
state string
id str
The provider-assigned unique ID for this managed resource.
state str
id String
The provider-assigned unique ID for this managed resource.
state String

Look up Existing Listener Resource

Get an existing Listener resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: ListenerState, opts?: CustomResourceOptions): Listener
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        connection_configuration: Optional[_loadbalancer.ListenerConnectionConfigurationArgs] = None,
        default_backend_set_name: Optional[str] = None,
        hostname_names: Optional[Sequence[str]] = None,
        load_balancer_id: Optional[str] = None,
        name: Optional[str] = None,
        path_route_set_name: Optional[str] = None,
        port: Optional[int] = None,
        protocol: Optional[str] = None,
        routing_policy_name: Optional[str] = None,
        rule_set_names: Optional[Sequence[str]] = None,
        ssl_configuration: Optional[_loadbalancer.ListenerSslConfigurationArgs] = None,
        state: Optional[str] = None) -> Listener
func GetListener(ctx *Context, name string, id IDInput, state *ListenerState, opts ...ResourceOption) (*Listener, error)
public static Listener Get(string name, Input<string> id, ListenerState? state, CustomResourceOptions? opts = null)
public static Listener get(String name, Output<String> id, ListenerState state, CustomResourceOptions options)
resources:  _:    type: oci:LoadBalancer:Listener    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
ConnectionConfiguration ListenerConnectionConfiguration
(Updatable) Configuration details for the connection between the client and backend servers.
DefaultBackendSetName string
(Updatable) The name of the associated backend set. Example: example_backend_set
HostnameNames List<string>
(Updatable) An array of hostname resource names.
LoadBalancerId Changes to this property will trigger replacement. string
The OCID of the load balancer on which to add a listener.
Name Changes to this property will trigger replacement. string
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
PathRouteSetName string

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

Port int
(Updatable) The communication port for the listener. Example: 80
Protocol string
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
RoutingPolicyName string
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
RuleSetNames List<string>
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
SslConfiguration ListenerSslConfiguration

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

State string
ConnectionConfiguration ListenerConnectionConfigurationArgs
(Updatable) Configuration details for the connection between the client and backend servers.
DefaultBackendSetName string
(Updatable) The name of the associated backend set. Example: example_backend_set
HostnameNames []string
(Updatable) An array of hostname resource names.
LoadBalancerId Changes to this property will trigger replacement. string
The OCID of the load balancer on which to add a listener.
Name Changes to this property will trigger replacement. string
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
PathRouteSetName string

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

Port int
(Updatable) The communication port for the listener. Example: 80
Protocol string
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
RoutingPolicyName string
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
RuleSetNames []string
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
SslConfiguration ListenerSslConfigurationArgs

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

State string
connectionConfiguration ListenerConnectionConfiguration
(Updatable) Configuration details for the connection between the client and backend servers.
defaultBackendSetName String
(Updatable) The name of the associated backend set. Example: example_backend_set
hostnameNames List<String>
(Updatable) An array of hostname resource names.
loadBalancerId Changes to this property will trigger replacement. String
The OCID of the load balancer on which to add a listener.
name Changes to this property will trigger replacement. String
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
pathRouteSetName String

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

port Integer
(Updatable) The communication port for the listener. Example: 80
protocol String
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
routingPolicyName String
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
ruleSetNames List<String>
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
sslConfiguration ListenerSslConfiguration

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

state String
connectionConfiguration ListenerConnectionConfiguration
(Updatable) Configuration details for the connection between the client and backend servers.
defaultBackendSetName string
(Updatable) The name of the associated backend set. Example: example_backend_set
hostnameNames string[]
(Updatable) An array of hostname resource names.
loadBalancerId Changes to this property will trigger replacement. string
The OCID of the load balancer on which to add a listener.
name Changes to this property will trigger replacement. string
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
pathRouteSetName string

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

port number
(Updatable) The communication port for the listener. Example: 80
protocol string
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
routingPolicyName string
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
ruleSetNames string[]
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
sslConfiguration ListenerSslConfiguration

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

state string
connection_configuration loadbalancer.ListenerConnectionConfigurationArgs
(Updatable) Configuration details for the connection between the client and backend servers.
default_backend_set_name str
(Updatable) The name of the associated backend set. Example: example_backend_set
hostname_names Sequence[str]
(Updatable) An array of hostname resource names.
load_balancer_id Changes to this property will trigger replacement. str
The OCID of the load balancer on which to add a listener.
name Changes to this property will trigger replacement. str
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
path_route_set_name str

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

port int
(Updatable) The communication port for the listener. Example: 80
protocol str
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
routing_policy_name str
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
rule_set_names Sequence[str]
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
ssl_configuration loadbalancer.ListenerSslConfigurationArgs

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

state str
connectionConfiguration Property Map
(Updatable) Configuration details for the connection between the client and backend servers.
defaultBackendSetName String
(Updatable) The name of the associated backend set. Example: example_backend_set
hostnameNames List<String>
(Updatable) An array of hostname resource names.
loadBalancerId Changes to this property will trigger replacement. String
The OCID of the load balancer on which to add a listener.
name Changes to this property will trigger replacement. String
A friendly name for the listener. It must be unique and it cannot be changed. Avoid entering confidential information. Example: example_listener
pathRouteSetName String

(Updatable) Deprecated. Please use routingPolicies instead.

The name of the set of path-based routing rules, PathRouteSet, applied to this listener's traffic.

Example: example_path_route_set

port Number
(Updatable) The communication port for the listener. Example: 80
protocol String
(Updatable) The protocol on which the listener accepts connection requests. The supported protocols are HTTP, HTTP2, TCP, and GRPC. You can also use the ListProtocols operation to get a list of valid protocols. Example: HTTP
routingPolicyName String
(Updatable) The name of the routing policy applied to this listener's traffic. Example: example_routing_policy
ruleSetNames List<String>
(Updatable) The names of the rule sets to apply to the listener. Example: ["example_rule_set"]
sslConfiguration Property Map

(Updatable) The load balancer's SSL handling configuration details.

Warning: Oracle recommends that you avoid using any confidential information when you supply string values using the API.

state String

Supporting Types

ListenerConnectionConfiguration
, ListenerConnectionConfigurationArgs

IdleTimeoutInSeconds This property is required. string

(Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.

For more information, see Connection Configuration.

Example: 1200

BackendTcpProxyProtocolOptions List<string>
(Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
BackendTcpProxyProtocolVersion int
(Updatable) The backend TCP Proxy Protocol version. Example: 1
IdleTimeoutInSeconds This property is required. string

(Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.

For more information, see Connection Configuration.

Example: 1200

BackendTcpProxyProtocolOptions []string
(Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
BackendTcpProxyProtocolVersion int
(Updatable) The backend TCP Proxy Protocol version. Example: 1
idleTimeoutInSeconds This property is required. String

(Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.

For more information, see Connection Configuration.

Example: 1200

backendTcpProxyProtocolOptions List<String>
(Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
backendTcpProxyProtocolVersion Integer
(Updatable) The backend TCP Proxy Protocol version. Example: 1
idleTimeoutInSeconds This property is required. string

(Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.

For more information, see Connection Configuration.

Example: 1200

backendTcpProxyProtocolOptions string[]
(Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
backendTcpProxyProtocolVersion number
(Updatable) The backend TCP Proxy Protocol version. Example: 1
idle_timeout_in_seconds This property is required. str

(Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.

For more information, see Connection Configuration.

Example: 1200

backend_tcp_proxy_protocol_options Sequence[str]
(Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
backend_tcp_proxy_protocol_version int
(Updatable) The backend TCP Proxy Protocol version. Example: 1
idleTimeoutInSeconds This property is required. String

(Updatable) The maximum idle time, in seconds, allowed between two successive receive or two successive send operations between the client and backend servers. A send operation does not reset the timer for receive operations. A receive operation does not reset the timer for send operations.

For more information, see Connection Configuration.

Example: 1200

backendTcpProxyProtocolOptions List<String>
(Updatable) An array that represents the PPV2 Options that can be enabled on TCP Listeners. Example: ["PP2_TYPE_AUTHORITY"]
backendTcpProxyProtocolVersion Number
(Updatable) The backend TCP Proxy Protocol version. Example: 1

ListenerSslConfiguration
, ListenerSslConfigurationArgs

CertificateIds List<string>
(Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
CertificateName string
(Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example: example_certificate_bundle
CipherSuiteName string

(Updatable) The name of the cipher suite to use for HTTPS or SSL connections.

If this field is not specified, the default is oci-default-ssl-cipher-suite-v1.

Notes:

  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
  • You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
  • If the cipher configuration is not modified after load balancer creation, the GET operation returns oci-default-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • If the cipher configuration was modified using Oracle operations after load balancer creation, the GET operation returns oci-customized-ssl-cipher-suite as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • The GET operation returns oci-wider-compatible-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing backend sets that predate this feature.
  • If the GET operation on a listener returns oci-customized-ssl-cipher-suite as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource.
  • The oci-customized-ssl-cipher-suite Oracle reserved cipher suite name is not accepted as valid input for this field.

example: example_cipher_suite

HasSessionResumption bool
(Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example: true
Protocols List<string>

(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.

The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.

The Load Balancing service supports the following protocols:

  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • TLSv1.3

If this field is not specified, TLSv1.2 is the default.

Warning: All SSL listeners created on a given port must use the same set of SSL protocols.

Notes:

  • The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
  • For all existing load balancer listeners and backend sets that predate this feature, the GET operation displays a list of SSL protocols currently used by those resources.

example: ["TLSv1.1", "TLSv1.2"]

ServerOrderPreference string

(Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.

Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration object is associated with a backend set.

TrustedCertificateAuthorityIds List<string>
(Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
VerifyDepth int
(Updatable) The maximum depth for peer certificate chain verification. Example: 3
VerifyPeerCertificate bool

(Updatable) Whether the load balancer listener should verify peer certificates. Example: true

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

CertificateIds []string
(Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
CertificateName string
(Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example: example_certificate_bundle
CipherSuiteName string

(Updatable) The name of the cipher suite to use for HTTPS or SSL connections.

If this field is not specified, the default is oci-default-ssl-cipher-suite-v1.

Notes:

  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
  • You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
  • If the cipher configuration is not modified after load balancer creation, the GET operation returns oci-default-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • If the cipher configuration was modified using Oracle operations after load balancer creation, the GET operation returns oci-customized-ssl-cipher-suite as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • The GET operation returns oci-wider-compatible-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing backend sets that predate this feature.
  • If the GET operation on a listener returns oci-customized-ssl-cipher-suite as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource.
  • The oci-customized-ssl-cipher-suite Oracle reserved cipher suite name is not accepted as valid input for this field.

example: example_cipher_suite

HasSessionResumption bool
(Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example: true
Protocols []string

(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.

The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.

The Load Balancing service supports the following protocols:

  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • TLSv1.3

If this field is not specified, TLSv1.2 is the default.

Warning: All SSL listeners created on a given port must use the same set of SSL protocols.

Notes:

  • The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
  • For all existing load balancer listeners and backend sets that predate this feature, the GET operation displays a list of SSL protocols currently used by those resources.

example: ["TLSv1.1", "TLSv1.2"]

ServerOrderPreference string

(Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.

Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration object is associated with a backend set.

TrustedCertificateAuthorityIds []string
(Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
VerifyDepth int
(Updatable) The maximum depth for peer certificate chain verification. Example: 3
VerifyPeerCertificate bool

(Updatable) Whether the load balancer listener should verify peer certificates. Example: true

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

certificateIds List<String>
(Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
certificateName String
(Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example: example_certificate_bundle
cipherSuiteName String

(Updatable) The name of the cipher suite to use for HTTPS or SSL connections.

If this field is not specified, the default is oci-default-ssl-cipher-suite-v1.

Notes:

  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
  • You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
  • If the cipher configuration is not modified after load balancer creation, the GET operation returns oci-default-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • If the cipher configuration was modified using Oracle operations after load balancer creation, the GET operation returns oci-customized-ssl-cipher-suite as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • The GET operation returns oci-wider-compatible-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing backend sets that predate this feature.
  • If the GET operation on a listener returns oci-customized-ssl-cipher-suite as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource.
  • The oci-customized-ssl-cipher-suite Oracle reserved cipher suite name is not accepted as valid input for this field.

example: example_cipher_suite

hasSessionResumption Boolean
(Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example: true
protocols List<String>

(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.

The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.

The Load Balancing service supports the following protocols:

  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • TLSv1.3

If this field is not specified, TLSv1.2 is the default.

Warning: All SSL listeners created on a given port must use the same set of SSL protocols.

Notes:

  • The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
  • For all existing load balancer listeners and backend sets that predate this feature, the GET operation displays a list of SSL protocols currently used by those resources.

example: ["TLSv1.1", "TLSv1.2"]

serverOrderPreference String

(Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.

Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration object is associated with a backend set.

trustedCertificateAuthorityIds List<String>
(Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
verifyDepth Integer
(Updatable) The maximum depth for peer certificate chain verification. Example: 3
verifyPeerCertificate Boolean

(Updatable) Whether the load balancer listener should verify peer certificates. Example: true

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

certificateIds string[]
(Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
certificateName string
(Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example: example_certificate_bundle
cipherSuiteName string

(Updatable) The name of the cipher suite to use for HTTPS or SSL connections.

If this field is not specified, the default is oci-default-ssl-cipher-suite-v1.

Notes:

  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
  • You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
  • If the cipher configuration is not modified after load balancer creation, the GET operation returns oci-default-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • If the cipher configuration was modified using Oracle operations after load balancer creation, the GET operation returns oci-customized-ssl-cipher-suite as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • The GET operation returns oci-wider-compatible-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing backend sets that predate this feature.
  • If the GET operation on a listener returns oci-customized-ssl-cipher-suite as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource.
  • The oci-customized-ssl-cipher-suite Oracle reserved cipher suite name is not accepted as valid input for this field.

example: example_cipher_suite

hasSessionResumption boolean
(Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example: true
protocols string[]

(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.

The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.

The Load Balancing service supports the following protocols:

  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • TLSv1.3

If this field is not specified, TLSv1.2 is the default.

Warning: All SSL listeners created on a given port must use the same set of SSL protocols.

Notes:

  • The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
  • For all existing load balancer listeners and backend sets that predate this feature, the GET operation displays a list of SSL protocols currently used by those resources.

example: ["TLSv1.1", "TLSv1.2"]

serverOrderPreference string

(Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.

Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration object is associated with a backend set.

trustedCertificateAuthorityIds string[]
(Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
verifyDepth number
(Updatable) The maximum depth for peer certificate chain verification. Example: 3
verifyPeerCertificate boolean

(Updatable) Whether the load balancer listener should verify peer certificates. Example: true

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

certificate_ids Sequence[str]
(Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
certificate_name str
(Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example: example_certificate_bundle
cipher_suite_name str

(Updatable) The name of the cipher suite to use for HTTPS or SSL connections.

If this field is not specified, the default is oci-default-ssl-cipher-suite-v1.

Notes:

  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
  • You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
  • If the cipher configuration is not modified after load balancer creation, the GET operation returns oci-default-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • If the cipher configuration was modified using Oracle operations after load balancer creation, the GET operation returns oci-customized-ssl-cipher-suite as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • The GET operation returns oci-wider-compatible-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing backend sets that predate this feature.
  • If the GET operation on a listener returns oci-customized-ssl-cipher-suite as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource.
  • The oci-customized-ssl-cipher-suite Oracle reserved cipher suite name is not accepted as valid input for this field.

example: example_cipher_suite

has_session_resumption bool
(Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example: true
protocols Sequence[str]

(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.

The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.

The Load Balancing service supports the following protocols:

  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • TLSv1.3

If this field is not specified, TLSv1.2 is the default.

Warning: All SSL listeners created on a given port must use the same set of SSL protocols.

Notes:

  • The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
  • For all existing load balancer listeners and backend sets that predate this feature, the GET operation displays a list of SSL protocols currently used by those resources.

example: ["TLSv1.1", "TLSv1.2"]

server_order_preference str

(Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.

Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration object is associated with a backend set.

trusted_certificate_authority_ids Sequence[str]
(Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
verify_depth int
(Updatable) The maximum depth for peer certificate chain verification. Example: 3
verify_peer_certificate bool

(Updatable) Whether the load balancer listener should verify peer certificates. Example: true

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

certificateIds List<String>
(Updatable) Ids for Oracle Cloud Infrastructure certificates service certificates. Currently only a single Id may be passed. Example: [ocid1.certificate.oc1.us-ashburn-1.amaaaaaaav3bgsaa5o2q7rh5nfmkkukfkogasqhk6af2opufhjlqg7m6jqzq]
certificateName String
(Updatable) A friendly name for the certificate bundle. It must be unique and it cannot be changed. Valid certificate bundle names include only alphanumeric characters, dashes, and underscores. Certificate bundle names cannot contain spaces. Avoid entering confidential information. Example: example_certificate_bundle
cipherSuiteName String

(Updatable) The name of the cipher suite to use for HTTPS or SSL connections.

If this field is not specified, the default is oci-default-ssl-cipher-suite-v1.

Notes:

  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite. Clients cannot perform an SSL handshake if there is an incompatible configuration.
  • You must ensure compatibility between the ciphers configured in the cipher suite and the configured certificates. For example, RSA-based ciphers require RSA certificates and ECDSA-based ciphers require ECDSA certificates.
  • If the cipher configuration is not modified after load balancer creation, the GET operation returns oci-default-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • If the cipher configuration was modified using Oracle operations after load balancer creation, the GET operation returns oci-customized-ssl-cipher-suite as the value of this field in the SSL configuration for existing listeners that predate this feature.
  • The GET operation returns oci-wider-compatible-ssl-cipher-suite-v1 as the value of this field in the SSL configuration for existing backend sets that predate this feature.
  • If the GET operation on a listener returns oci-customized-ssl-cipher-suite as the value of this field, you must specify an appropriate predefined or custom cipher suite name when updating the resource.
  • The oci-customized-ssl-cipher-suite Oracle reserved cipher suite name is not accepted as valid input for this field.

example: example_cipher_suite

hasSessionResumption Boolean
(Updatable) Whether the load balancer listener should resume an encrypted session by reusing the cryptographic parameters of a previous TLS session, without having to perform a full handshake again. If "true", the service resumes the previous TLS encrypted session. If "false", the service starts a new TLS encrypted session. Enabling session resumption improves performance but provides a lower level of security. Disabling session resumption improves security but reduces performance. Example: true
protocols List<String>

(Updatable) A list of SSL protocols the load balancer must support for HTTPS or SSL connections.

The load balancer uses SSL protocols to establish a secure connection between a client and a server. A secure connection ensures that all data passed between the client and the server is private.

The Load Balancing service supports the following protocols:

  • TLSv1
  • TLSv1.1
  • TLSv1.2
  • TLSv1.3

If this field is not specified, TLSv1.2 is the default.

Warning: All SSL listeners created on a given port must use the same set of SSL protocols.

Notes:

  • The handshake to establish an SSL connection fails if the client supports none of the specified protocols.
  • You must ensure compatibility between the specified SSL protocols and the ciphers configured in the cipher suite.
  • For all existing load balancer listeners and backend sets that predate this feature, the GET operation displays a list of SSL protocols currently used by those resources.

example: ["TLSv1.1", "TLSv1.2"]

serverOrderPreference String

(Updatable) When this attribute is set to ENABLED, the system gives preference to the server ciphers over the client ciphers.

Note: This configuration is applicable only when the load balancer is acting as an SSL/HTTPS server. This field is ignored when the SSLConfiguration object is associated with a backend set.

trustedCertificateAuthorityIds List<String>
(Updatable) Ids for Oracle Cloud Infrastructure certificates service CA or CA bundles for the load balancer to trust. Example: [ocid1.cabundle.oc1.us-ashburn-1.amaaaaaaav3bgsaagl4zzyqdop5i2vuwoqewdvauuw34llqa74otq2jdsfyq]
verifyDepth Number
(Updatable) The maximum depth for peer certificate chain verification. Example: 3
verifyPeerCertificate Boolean

(Updatable) Whether the load balancer listener should verify peer certificates. Example: true

** IMPORTANT ** Any change to a property that does not support update will force the destruction and recreation of the resource with the new property values

Import

Listeners can be imported using the id, e.g.

$ pulumi import oci:LoadBalancer/listener:Listener test_listener "loadBalancers/{loadBalancerId}/listeners/{listenerName}"
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
oci pulumi/pulumi-oci
License
Apache-2.0
Notes
This Pulumi package is based on the oci Terraform Provider.