1. Answers
  2. Setting Up SSL Certificates For Cloud Run With Custom Domains

Setting Up SSL Certificates for Cloud Run With Custom Domains

Solution for Setting up SSL Certificates for Cloud Run with Custom Domains

This solution involves setting up SSL certificates for a Google Cloud Run service with custom domains. The key services involved are Google Cloud Run, Google Cloud DNS, and Google Cloud Certificate Manager.

Step-by-Step Explanation

  1. Create a Cloud Run Service: First, create a Cloud Run service that you want to secure with SSL.
  2. Configure Custom Domain: Set up a custom domain for your Cloud Run service using Google Cloud DNS.
  3. Provision SSL Certificate: Use Google Cloud Certificate Manager to provision an SSL certificate for your custom domain.
  4. Bind SSL Certificate to Cloud Run Service: Finally, bind the SSL certificate to your Cloud Run service.

Summary and Conclusion

In this guide, we walked through the steps to set up SSL certificates for a Cloud Run service with custom domains. By using Google Cloud DNS and Certificate Manager, you can ensure secure and reliable access to your Cloud Run services.

Full Code Example

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

// Create a Cloud Run service
const cloudRunService = new gcp.cloudrun.Service("my-cloud-run-service", {
    location: "us-central1",
    template: {
        spec: {
            containers: [{
                image: "gcr.io/cloudrun/hello",
            }],
        },
    },
});

// Create a DNS managed zone
const managedZone = new gcp.dns.ManagedZone("my-managed-zone", {
    dnsName: "example.com.",
    description: "Managed zone for example.com",
});

// Create a DNS record set for the custom domain
const recordSet = new gcp.dns.RecordSet("my-record-set", {
    managedZone: managedZone.name,
    name: "www.example.com.",
    type: "A",
    ttl: 300,
    rrdatas: ["8.8.8.8"], // Replace with the actual IP address
});

// Provision an SSL certificate
const certificate = new gcp.certificatemanager.Certificate("my-certificate", {
    managed: {
        domains: ["www.example.com"],
    },
});

// Export the Cloud Run URL and Certificate ID
export const cloudRunUrl = cloudRunService.statuses[0].url;
export const certificateId = certificate.id;

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up