Google Git
Sign in
third-party-mirror / terraform-provider-google-beta / 7018e2f3f116fdacfd66c03551fbf0c3db62170a / . / v5.18.0 / website / docs / r / firebase_hosting_custom_domain.html.markdown
blob: de69128bdcf48c1e086a77c6fc4f0e5b1ff996a1 [file] [log] [blame]
---
# ----------------------------------------------------------------------------
#
# *** AUTO GENERATED CODE *** Type: MMv1 ***
#
# ----------------------------------------------------------------------------
#
# This file is automatically generated by Magic Modules and manual
# changes will be clobbered when the file is regenerated.
#
# Please read more about how to change this file in
# .github/CONTRIBUTING.md.
#
# ----------------------------------------------------------------------------
subcategory: "Firebase Hosting"
description: |-
Manages Custom Domains for Firebase Hosting.
---
# google\_firebase\_hosting\_custom\_domain
Manages Custom Domains for Firebase Hosting. Custom Domains link your
domain names with Firebase Hosting sites, allowing Hosting to serve content
on those domain names.
~> **Warning:** This resource is in beta, and should be used with the terraform-provider-google-beta provider.
See [Provider Versions](https://terraform.io/docs/providers/google/guides/provider_versions.html) for more details on beta resources.
To get more information about CustomDomain, see:
* [API documentation](https://firebase.google.com/docs/reference/hosting/rest/v1beta1/projects.sites.customDomains)
* How-to Guides
* [Official Documentation](https://firebase.google.com/docs/hosting)
## Example Usage - Firebasehosting Customdomain Basic
```hcl
resource "google_firebase_hosting_custom_domain" "default" {
provider = google-beta
project = "my-project-name"
site_id = "site-id"
custom_domain = "custom.domain.com"
}
```
## Example Usage - Firebasehosting Customdomain Full
```hcl
resource "google_firebase_hosting_site" "default" {
provider = google-beta
project = "my-project-name"
site_id = "site-id-full"
}
resource "google_firebase_hosting_custom_domain" "default" {
provider = google-beta
project = "my-project-name"
site_id = google_firebase_hosting_site.default.site_id
custom_domain = "source.domain.com"
cert_preference = "GROUPED"
redirect_target = "destination.domain.com"
wait_dns_verification = false
}
```
## Example Usage - Firebasehosting Customdomain Cloud Run
```hcl
resource "google_firebase_hosting_site" "default" {
provider = google-beta
project = "my-project-name"
site_id = "site-id"
}
resource "google_cloud_run_v2_service" "default" {
provider = google-beta
project = "my-project-name"
name = "cloud-run-service-via-hosting"
location = "us-central1"
# Warning: allows all public traffic
ingress = "INGRESS_TRAFFIC_ALL"
template {
containers {
image = "us-docker.pkg.dev/cloudrun/container/hello"
}
}
}
resource "google_firebase_hosting_version" "default" {
provider = google-beta
site_id = google_firebase_hosting_site.default.site_id
config {
rewrites {
glob = "/hello/**"
run {
service_id = google_cloud_run_v2_service.default.name
region = google_cloud_run_v2_service.default.location
}
}
}
}
resource "google_firebase_hosting_release" "default" {
provider = google-beta
site_id = google_firebase_hosting_site.default.site_id
version_name = google_firebase_hosting_version.default.name
message = "Cloud Run Integration"
}
resource "google_firebase_hosting_custom_domain" "default" {
provider = google-beta
project = "my-project-name"
site_id = google_firebase_hosting_site.default.site_id
custom_domain = "run.custom.domain.com"
wait_dns_verification = false
}
```
## Argument Reference
The following arguments are supported:
* `site_id` -
(Required)
The ID of the site in which to create this custom domain association.
* `custom_domain` -
(Required)
The ID of the `CustomDomain`, which is the domain name you'd like to use with Firebase Hosting.
- - -
* `cert_preference` -
(Optional)
A field that lets you specify which SSL certificate type Hosting creates
for your domain name. Spark plan `CustomDomain`s only have access to the
`GROUPED` cert type, while Blaze plan can select any option.
Possible values are: `GROUPED`, `PROJECT_GROUPED`, `DEDICATED`.
* `redirect_target` -
(Optional)
A domain name that this CustomDomain should direct traffic towards. If
specified, Hosting will respond to requests against this CustomDomain
with an HTTP 301 code, and route traffic to the specified `redirect_target`
instead.
* `project` - (Optional) The ID of the project in which the resource belongs.
If it is not provided, the provider project is used.
* `wait_dns_verification` - (Optional) If true, Terraform will wait for DNS records to be fully resolved on the `CustomDomain`.
If false, Terraform will not wait for DNS records on the `CustomDomain`. Any issues in
the `CustomDomain` will be returned and stored in the Terraform state.
## Attributes Reference
In addition to the arguments listed above, the following computed attributes are exported:
* `id` - an identifier for the resource with format `projects/{{project}}/sites/{{site_id}}/customDomains/{{custom_domain}}`
* `name` -
The fully-qualified name of the `CustomDomain`.
* `create_time` -
The `CustomDomain`'s create time.
* `update_time` -
The last time the `CustomDomain` was updated.
* `delete_time` -
The time the `CustomDomain` was deleted; null for `CustomDomains` that
haven't been deleted. Deleted `CustomDomains` persist for approximately 30
days, after which time Hosting removes them completely.
* `expire_time` -
The minimum time before a soft-deleted `CustomDomain` is completely removed
from Hosting; null for `CustomDomains` that haven't been deleted.
* `etag` -
A string that represents the current state of the `CustomDomain` and
allows you to confirm its initial state in requests that would modify it.
* `host_state` -
The host state of your domain name. Host state is determined by checking each
IP address associated with your domain name to see if it's serving
Hosting content.
HOST_UNHOSTED:
Your `CustomDomain`'s domain name isn't associated with any IP addresses.
HOST_UNREACHABLE:
Your `CustomDomain`'s domain name can't be reached. Hosting services' DNS
queries to find your domain name's IP addresses resulted in errors. See
your `CustomDomain`'s `issues` field for more details.
HOST_MISMATCH:
Your `CustomDomain`'s domain name has IP addresses that don't ultimately
resolve to Hosting.
HOST_CONFLICT:
Your `CustomDomain`'s domain name has IP addresses that resolve to both
Hosting and other services. To ensure consistent results, remove `A` and
`AAAA` records related to non-Hosting services.
HOST_ACTIVE:
All requests against your `CustomDomain`'s domain name are served by
Hosting. If the `CustomDomain`'s `OwnershipState` is also `ACTIVE`, Hosting
serves your Hosting Site's content on the domain name.
* `ownership_state` -
The ownership state of your domain name. Ownership is determined at a
Firebase project level, and established by adding `TXT` records to your
domain name's DNS records.
Ownership cascades to subdomains. Granting a project ownership of `foo.com`
also grants that project ownership over `bar.foo.com`, unless you add
specific `TXT` records to `bar.foo.com` that grant a different project
ownership.
If your `CustomDomain` is in an `OwnershipState` other than
`OWNERSHIP_ACTIVE` for more than 30 days and it hasn't been updated in at
least 30 days, Hosting's ownership systems delete the `CustomDomain`.
OWNERSHIP_MISSING:
Your `CustomDomain`'s domain name has no Hosting-related ownership records;
no Firebase project has permission to act on the domain name's behalf.
OWNERSHIP_UNREACHABLE:
Your `CustomDomain`'s domain name can't be reached. Hosting services' DNS
queries to find your domain name's ownership records resulted in errors.
See your `CustomDomain`'s `issues` field for more details.
OWNERSHIP_MISMATCH:
Your `CustomDomain`'s domain name is owned by another Firebase project.
Remove the conflicting `TXT` records and replace them with project-specific
records for your current Firebase project.
OWNERSHIP_CONFLICT:
Your `CustomDomain`'s domain name has conflicting `TXT` records that
indicate ownership by both your current Firebase project and another
project. Remove the other project's ownership records to grant the current
project ownership.
OWNERSHIP_PENDING:
Your `CustomDomain`'s DNS records are configured correctly. Hosting will
transfer ownership of your domain to this `CustomDomain` within 24 hours.
OWNERSHIP_ACTIVE:
Your `CustomDomain`'s domain name has `TXT` records that grant its project
permission to act on its behalf.
* `required_dns_updates` -
A set of updates you should make to the domain name's DNS records to
let Hosting serve secure content on its behalf.
Structure is [documented below](#nested_required_dns_updates).
* `issues` -
A set of errors Hosting systems encountered when trying to establish
Hosting's ability to serve secure content for your domain name. Resolve
these issues to ensure your `CustomDomain` behaves properly.
Structure is [documented below](#nested_issues).
* `cert` -
The SSL certificate Hosting has for this `CustomDomain`'s domain name.
For new `CustomDomain`s, this often represents Hosting's intent to create
a certificate, rather than an actual cert. Check the `state` field for
more.
Structure is [documented below](#nested_cert).
* `reconciling` -
if true, indicates that Hosting's systems are attmepting to
make the `CustomDomain`'s state match your preferred state. This is most
frequently `true` when initially provisioning a `CustomDomain` or when creating
a new SSL certificate to match an updated `cert_preference`
<a name="nested_required_dns_updates"></a>The `required_dns_updates` block contains:
* `check_time` -
(Output)
The last time Hosting checked your CustomDomain's DNS records.
* `discovered` -
(Optional)
The set of DNS records Hosting discovered when inspecting a domain
Structure is [documented below](#nested_discovered).
* `desired` -
(Optional)
The set of DNS records Hosting needs to serve secure content on the domain.
Structure is [documented below](#nested_desired).
<a name="nested_discovered"></a>The `discovered` block supports:
* `domain_name` -
(Optional)
The domain name the record set pertains to.
* `records` -
(Optional)
Records on the domain
Structure is [documented below](#nested_records).
<a name="nested_records"></a>The `records` block supports:
* `domain_name` -
(Optional)
The domain name the record pertains to, e.g. `foo.bar.com.`.
* `type` -
(Optional)
The record's type, which determines what data the record contains.
* `rdata` -
(Optional)
The data of the record. The meaning of the value depends on record type:
- A and AAAA: IP addresses for the domain name.
- CNAME: Another domain to check for records.
- TXT: Arbitrary text strings associated with the domain name. Hosting
uses TXT records to determine a which Firebase Projects have
permission to act on the domain name's behalf.
- CAA: The record's flags, tag, and value, e.g. `0 issue "pki.goog"`.
* `required_action` -
(Optional)
Indicates the a required action for this record.
<a name="nested_desired"></a>The `desired` block supports:
* `domain_name` -
(Optional)
The domain name the record set pertains to.
* `records` -
(Optional)
Records on the domain
Structure is [documented below](#nested_records).
<a name="nested_records"></a>The `records` block supports:
* `domain_name` -
(Optional)
The domain name the record pertains to, e.g. `foo.bar.com.`.
* `type` -
(Optional)
The record's type, which determines what data the record contains.
* `rdata` -
(Optional)
The data of the record. The meaning of the value depends on record type:
- A and AAAA: IP addresses for the domain name.
- CNAME: Another domain to check for records.
- TXT: Arbitrary text strings associated with the domain name. Hosting
uses TXT records to determine a which Firebase Projects have
permission to act on the domain name's behalf.
- CAA: The record's flags, tag, and value, e.g. `0 issue "pki.goog"`.
* `required_action` -
(Optional)
Indicates the a required action for this record.
<a name="nested_issues"></a>The `issues` block contains:
* `code` -
(Optional)
The status code, which should be an enum value of `google.rpc.Code`
* `message` -
(Optional)
Error message
* `details` -
(Optional)
A list of messages that carry the error details.
<a name="nested_cert"></a>The `cert` block contains:
* `type` -
(Optional)
The certificate's type.
* `state` -
(Optional)
The state of the certificate. Only the `CERT_ACTIVE` and
`CERT_EXPIRING_SOON` states provide SSL coverage for a domain name. If the
state is `PROPAGATING` and Hosting had an active cert for the domain name
before, that formerly-active cert provides SSL coverage for the domain name
until the current cert propagates.
* `verification` -
(Optional)
A set of ACME challenges you can add to your DNS records or existing,
non-Hosting hosting provider to allow Hosting to create an SSL certificate
for your domain name before you point traffic toward hosting. You can use
thse challenges as part of a zero downtime transition from your old
provider to Hosting.
Structure is [documented below](#nested_verification).
<a name="nested_verification"></a>The `verification` block supports:
* `dns` -
(Optional)
A `TXT` record to add to your DNS records that confirms your intent to
let Hosting create an SSL cert for your domain name.
Structure is [documented below](#nested_dns).
* `http` -
(Optional)
A file to add to your existing, non-Hosting hosting service that confirms
your intent to let Hosting create an SSL cert for your domain name.
Structure is [documented below](#nested_http).
<a name="nested_dns"></a>The `dns` block supports:
* `check_time` -
(Output)
The last time Hosting checked your CustomDomain's DNS records.
* `discovered` -
(Optional)
The set of DNS records Hosting discovered when inspecting a domain
Structure is [documented below](#nested_discovered).
* `desired` -
(Optional)
The set of DNS records Hosting needs to serve secure content on the domain.
Structure is [documented below](#nested_desired).
<a name="nested_discovered"></a>The `discovered` block supports:
* `domain_name` -
(Optional)
The domain name the record set pertains to.
* `records` -
(Optional)
Records on the domain
Structure is [documented below](#nested_records).
<a name="nested_records"></a>The `records` block supports:
* `domain_name` -
(Optional)
The domain name the record pertains to, e.g. `foo.bar.com.`.
* `type` -
(Optional)
The record's type, which determines what data the record contains.
* `rdata` -
(Optional)
The data of the record. The meaning of the value depends on record type:
- A and AAAA: IP addresses for the domain name.
- CNAME: Another domain to check for records.
- TXT: Arbitrary text strings associated with the domain name. Hosting
uses TXT records to determine a which Firebase Projects have
permission to act on the domain name's behalf.
- CAA: The record's flags, tag, and value, e.g. `0 issue "pki.goog"`.
* `required_action` -
(Optional)
Indicates the a required action for this record.
<a name="nested_desired"></a>The `desired` block supports:
* `domain_name` -
(Optional)
The domain name the record set pertains to.
* `records` -
(Optional)
Records on the domain
Structure is [documented below](#nested_records).
<a name="nested_records"></a>The `records` block supports:
* `domain_name` -
(Optional)
The domain name the record pertains to, e.g. `foo.bar.com.`.
* `type` -
(Optional)
The record's type, which determines what data the record contains.
* `rdata` -
(Optional)
The data of the record. The meaning of the value depends on record type:
- A and AAAA: IP addresses for the domain name.
- CNAME: Another domain to check for records.
- TXT: Arbitrary text strings associated with the domain name. Hosting
uses TXT records to determine a which Firebase Projects have
permission to act on the domain name's behalf.
- CAA: The record's flags, tag, and value, e.g. `0 issue "pki.goog"`.
* `required_action` -
(Optional)
Indicates the a required action for this record.
<a name="nested_http"></a>The `http` block supports:
* `path` -
(Optional)
The path to the file.
* `desired` -
(Optional)
A text string to serve at the path.
* `discovered` -
(Optional)
Whether Hosting was able to find the required file contents on the
specified path during its last check.
* `last_check_time` -
(Output)
The last time Hosting systems checked for the file contents.
## Timeouts
This resource provides the following
[Timeouts](https://developer.hashicorp.com/terraform/plugin/sdkv2/resources/retries-and-customizable-timeouts) configuration options:
- `create` - Default is 20 minutes.
- `update` - Default is 20 minutes.
- `delete` - Default is 20 minutes.
## Import
CustomDomain can be imported using any of these accepted formats:
* `projects/{{project}}/sites/{{site_id}}/customDomains/{{custom_domain}}`
* `sites/{{site_id}}/customDomains/{{custom_domain}}`
* `{{project}}/{{site_id}}/{{custom_domain}}`
* `{{site_id}}/{{custom_domain}}`
In Terraform v1.5.0 and later, use an [`import` block](https://developer.hashicorp.com/terraform/language/import) to import CustomDomain using one of the formats above. For example:
```tf
import {
id = "projects/{{project}}/sites/{{site_id}}/customDomains/{{custom_domain}}"
to = google_firebase_hosting_custom_domain.default
}
```
When using the [`terraform import` command](https://developer.hashicorp.com/terraform/cli/commands/import), CustomDomain can be imported using one of the formats above. For example:
```
$ terraform import google_firebase_hosting_custom_domain.default projects/{{project}}/sites/{{site_id}}/customDomains/{{custom_domain}}
$ terraform import google_firebase_hosting_custom_domain.default sites/{{site_id}}/customDomains/{{custom_domain}}
$ terraform import google_firebase_hosting_custom_domain.default {{project}}/{{site_id}}/{{custom_domain}}
$ terraform import google_firebase_hosting_custom_domain.default {{site_id}}/{{custom_domain}}
```
## User Project Overrides
This resource supports [User Project Overrides](https://registry.terraform.io/providers/hashicorp/google/latest/docs/guides/provider_reference#user_project_override).