diff --git a/main.tf b/main.tf
index 57b4e3b..8ff0201 100644
--- a/main.tf
+++ b/main.tf
@@ -64,6 +64,22 @@ module "gke" {
   depends_on = [module.networking, module.service_accounts]
 }
 
+resource "google_compute_global_address" "this" {
+  name = "${var.namespace}-address"
+}
+
+resource "google_compute_managed_ssl_certificate" "this" {
+  name = "${var.namespace}-cert"
+
+  managed {
+    domains = var.domains
+  }
+
+  lifecycle {
+    create_before_destroy = true
+  }
+}
+
 module "helm_release" {
   source = "./modules/helm_release"
 
@@ -79,5 +95,8 @@ module "helm_release" {
 
   service_account_email = module.service_accounts.service_account_email
 
+  global_static_ip_name = google_compute_global_address.this.name
+  pre_shared_cert       = google_compute_managed_ssl_certificate.this.name
+
   depends_on = [module.gke]
 }
diff --git a/modules/helm_release/main.tf b/modules/helm_release/main.tf
index a3b5b58..343e0ed 100644
--- a/modules/helm_release/main.tf
+++ b/modules/helm_release/main.tf
@@ -23,6 +23,19 @@ resource "helm_release" "this" {
     })
   }
 
+  set {
+    name = "ingress"
+    value = yamlencode({
+      "enabled" = true
+      "annotations" = {
+        "kubernetes.io/ingress.class"                 = "gce"
+        "kubernetes.io/ingress.global-static-ip-name" = var.global_static_ip_name
+        "ingress.gcp.kubernetes.io/pre-shared-cert"   = var.pre_shared_cert
+        "kubernetes.io/ingress.allow-http"            = "false"
+      }
+    })
+  }
+
   set {
     name = "webservice"
     value = yamlencode({
diff --git a/modules/helm_release/variables.tf b/modules/helm_release/variables.tf
index 760fa1f..ff41594 100644
--- a/modules/helm_release/variables.tf
+++ b/modules/helm_release/variables.tf
@@ -42,3 +42,11 @@ variable "service_account_email" {
   type        = string
   description = "The service account email."
 }
+
+variable "global_static_ip_name" {
+  type = string
+}
+
+variable "pre_shared_cert" {
+  type = string
+}
\ No newline at end of file
diff --git a/variables.tf b/variables.tf
index 534febf..ee26bfd 100644
--- a/variables.tf
+++ b/variables.tf
@@ -39,3 +39,8 @@ variable "deletion_protection" {
   default     = true
 }
 
+variable "domains" {
+  description = "The domains to use for the SSL certificate."
+  type        = list(string)
+
+}
\ No newline at end of file