Setting up how to follow request redirects
You can deactivate request redirects via the API when creating or updating a CDN resource.
Note
The option works only if the origin shielding function is on.
To enable the option, add the followRedirects section when using the create or update method for a Resource:
"followRedirects": {
"enabled": "<true_or_false>",
"codes": [
"<list_of_codes>"
],
"useCustomHost": "<true_or_false>"
}
Where:
-
enabled: Enabling the option:trueenables the option.falsedisables the option.
-
codes: List of redirect codes Cloud CDN will follow. The possible values are:301: Moved Permanently.302: Found.303: See Other.307: Temporary Redirect.308: Permanent Redirect.
-
useCustomHost: Managing theHostheader:true: Using theHostheader from the primary origin. For example, if theexample.comorigin returns a redirect toya.ru, the request will be sent withHost: example.com.false: Using theHostheader from the redirect domain. For example, if theexample.comorigin returns a redirect toya.ru, the request will be sent withHost: ya.ru.
To enable the option, add the follow_redirects section when using the ResourceService/Create or ResourceService/Update call:
"follow_redirects": {
"enabled": "<true_or_false>",
"codes": [
"<list_of_codes>"
],
"use_custom_host": "<true_or_false>"
}
Where:
-
enabled: Enabling the option:trueenables the option.falsedisables the option.
-
codes: List of redirect codes Cloud CDN will follow. The possible values are:301: Moved Permanently.302: Found.303: See Other.307: Temporary Redirect.308: Permanent Redirect.
-
use_custom_host: Managing theHostheader:true: Using theHostheader from the primary origin. For example, if theexample.comorigin returns a redirect toya.ru, the request will be sent withHost: example.com.false: Using theHostheader from the redirect domain. For example, if theexample.comorigin returns a redirect toya.ru, the request will be sent withHost: ya.ru.
Example
In this example, we will create a CDN resource for an online store that uses multiple domains. The primary origin, shop.example.com, can redirect requests to cdn-content.example.net to optimize delivery of static files. Here, we are allowed to follow redirects for codes 301 and 302 while preserving the original Host header to correctly process the requests.
-
Get an IAM token for API authentication and write it into a variable:
export IAM_TOKEN=`yc iam create-token` -
Create a CDN resource that allows to follow request redirects:
cURLgRPCurlcurl \ --request POST \ --header "Authorization: Bearer $IAM_TOKEN" \ --header "Content-Type: application/json" \ --url 'https://cdn.api.cloud.yandex.net/cdn/v1/resources' \ --data '{ "folderId": "b12m81qm6abc********", "cname": "cdn-shop.example.com", "origin": { "originSourceParams": { "source": "shop.example.com", "meta": { "common": { "name": "shop.example.com" } } } }, "originProtocol": "HTTPS", "options": { "followRedirects": { "enabled": true, "codes": ["301", "302"], "useCustomHost": true } } }'Result:
{ "done": true, "metadata": { "@type": "type.googleapis.com/yandex.cloud.cdn.v1.CreateResourceMetadata", "resourceId": "bc8rt2ynimae********" }, "response": { ... "followRedirects": { "enabled": true, "codes": [ "301", "302" ], "useCustomHost": true } }, ... "id": "bc82j4x6n6pb********", "description": "Create resource", "createdAt": "2026-02-03T09:27:51.714683Z", "createdBy": "aje9k8luj4qf********", "modifiedAt": "2026-02-03T09:27:51.714683Z" }grpcurl \ -rpc-header "Authorization: Bearer $IAM_TOKEN" \ -d '{ "folder_id": "b12m81qm6abc********", "cname": "cdn-shop.example.com", "origin": { "origin_source_params": { "source": "shop.example.com", "meta": { "common": { "name": "shop.example.com" } } } }, "origin_protocol": "HTTPS", "options": { "follow_redirects": { "enabled": true, "codes": ["301", "302"], "use_custom_host": true } } }' \ cdn.api.cloud.yandex.net:443 \ yandex.cloud.cdn.v1.ResourceService/CreateResult:
{ "id": "bc87tcdmptuy********", "description": "Create resource", "createdAt": "2026-02-03T09:09:04.967980Z", "createdBy": "aje8m8lur3qf********", "modifiedAt": "2026-02-03T09:09:04.967980Z", "done": true, "metadata": {"@type":"type.googleapis.com/yandex.cloud.cdn.v1.CreateResourceMetadata","resourceId":"bc8rskqqnd23********"}, "response": {"@type":"type.googleapis.com/yandex.cloud.cdn.v1.Resource","active":true,"cname":"altaraskin.online","createdAt":"2026-02-03T09:09:04.808428Z","folderId":"b1g652qoimb4********","id":"bc8rskqqnd23********","options":{ ... "followRedirects":{"enabled":true,"codes":["301","302"],"useCustomHost":true}}, ... } } -
Enable origin shielding:
Management consolegRPCurl- In the management console, select the folder where your resource is located.
- Go to Cloud CDN.
- Click the resource name.
- Navigate to the Origin shielding tab.
- In the top-right corner, enable the origin shielding option.
- In the Shielding settings window, select the required location in the Location field.
- Click Activate.
Once enabled, the shielding status will change from
Not activatedtoActive.grpcurl \ -import-path ~/cloudapi/ \ -import-path ~/cloudapi/third_party/googleapis/ \ -proto ~/cloudapi/yandex/cloud/cdn/v1/shielding_service.proto \ -rpc-header "Authorization: Bearer $IAM_TOKEN" \ -d '{ "resource_id": "bc8rskqqnd23********", "location_id": "1" }' \ cdn.api.cloud.yandex.net:443 \ yandex.cloud.cdn.v1.ShieldingService/ActivateResult:
{ "id": "bc8yiwltf3hg********", "description": "Activate Origin Shielding", "createdAt": "2026-02-03T09:13:43.226165Z", "createdBy": "aje9k8luj4qf********", "modifiedAt": "2026-02-03T09:13:43.226165Z", "done": true, "metadata": {"@type":"type.googleapis.com/yandex.cloud.cdn.v1.ActivateShieldingMetadata","resourceId":"bc8rskqqnd23********"}, "response": {"@type":"type.googleapis.com/yandex.cloud.cdn.v1.ShieldingDetails","city":"Moscow","country":"Russia","dataCenter":"msk","locationId":"1"} }