No matter how you like to participate in developer communities, Pulumi wants to meet you there. If you want to meet other Pulumi users to share use-cases and best practices, contribute code or documentation, see us at an event, or just tell a story about something cool you did with Pulumi, you are part of our community.

Pulumi Community

going to try using dns authorization, then use certificate manager to generate a certificate and then add load balancer with that certificate in front of the cloudrun and update the cdns to use the generated certificate

Got this working properly after a lot of trial and error, reviewing docs, and reading a lot of source code (thank goodness it's all open source).


The gist to pull this off is:

• create dns authorizations
• create one or more certificates from those authorizations
• Then use the certificates in a certificate map passed into a load balancer 
    ◦ url maps
    ◦ http proxy which forwards to https
    ◦ https proxy
    ◦ public ip address and a couple of global forwarding rules
For the cdns, use a backing bucket and for cloudrun or cloudfunction use a backend service.

Finally, add the dns authorization cnames to your dns provider.