cluster_domain_ssl_cert
note
The resource's API may change in subsequent versions to simplify user experience.
Manages the domain name and the SSL certificate for connections to a CelerData cluster.
You can customize a domain name for your CelerData cluster and encrypt it with an SSL certificate. It allows you to secure connections encrypted by SSL, which provides endpoint verification and data encryption to ensure that the data transmitted between clients and CelerData clusters cannot be read by unauthorized users.
Take note of the following points:
- You need to store your SSL certificate files in the S3 bucket referenced in the data credential of your cluster.
- You can call this API only when the cluster is in the Running state so that the certificate files can be successfully fetched to the cluster.
- After this resource is added successfully, you must suspend and then resume the cluster to allow the certificate to take effect.
- To connect to your cluster with the domain name you have specified in this resource, you must map your customer domain name to the cluster's domain name using CNAME. You can find the domain name of your cluster by following these steps:
- Sign in to the CelerData Cloud BYOC console.
- On the Clusters page, click the cluster that you want to view.
- In the Connection section of the Overview tab, find the cluster's domain name.
Example Usage
resource "celerdatabyoc_cluster_domain_ssl_cert" "my_ssl_cert" {
cluster_id = "<cluster_resource_id>"
domain = "<domain_name>"
s3_bucket = "<s3_bucket_name>"
s3_key_of_ssl_crt = "<s3_key_to_your_ssl_certificate>"
s3_key_of_ssl_crt_key = "<s3_key_to_your_ssl_certificate_key>"
}
Argument Reference
This resource contains the following required arguments:
cluster_id
: (String, Forces new resource) The ID of thecelerdatabyoc_classic_cluster
orcelerdatabyoc_elastic_cluster
resource.- If the cluster is a classic cluster, set this argument to
celerdatabyoc_classic_cluster.<cluster_resource_name>.id
, and replace<cluster_resource_name>
with your cluster resource name. - If the cluster is an elastic cluster, set this argument to
celerdatabyoc_elastic_cluster.<cluster_resource_name>.id
, and replace<cluster_resource_name>
with your cluster resource name.
- If the cluster is a classic cluster, set this argument to
domain
: The domain name you want to customize.s3_bucket
: The S3 bucket used to store your SSL certificate files. You need to store your certificate files in the bucket referenced in the data credential of your cluster.s3_key_of_ssl_crt
: The S3 bucket key to your SSL certificate file.s3_key_of_ssl_crt_key
: The S3 bucket key to your SSL certificate key file.
Attribute Reference
This resource exports the following attributes:
id
: (String) The ID of the cluster.cert_id
: (String) The ID of the SSL certificate in CelerData Cloud BYOC.cert_state
: The status of the SSL certificate.