yc cdn resource create

Flag

Description

--cname

string

CNAME

--labels

key=value[,key=value...]

Resource labels

--origin-group-id

int

Origin group ID.
Specify one of --origin-group-id, --origin-custom-source, --origin-bucket-source, --origin-balancer-source

--origin-custom-source

string

Origin custom source.
Specify one of --origin-group-id, --origin-custom-source, --origin-bucket-source, --origin-balancer-source

--origin-bucket-source

string

Origin bucket source.
Specify one of --origin-group-id, --origin-custom-source, --origin-bucket-source, --origin-balancer-source

--origin-bucket-name

string

Origin bucket name.
Mandatory argument for --origin-bucket-source

--origin-balancer-source

string

Origin balancer source.
Specify one of --origin-group-id, --origin-custom-source, --origin-bucket-source, --origin-balancer-source

--origin-balancer-id

string

Origin balancer id.
Mandatory argument for --origin-balancer-source

--secondary-hostnames

value[,value]

List of secondary hostnames.

--origin-protocol

string

Origin protocol. Valid values: HTTP, HTTPS, MATCH. Values: 'http', 'https', 'match'

--active

Specifies if create resource in active state. True by default

--dont-use-ssl-cert

Don't use SSL certificate.
Mutually exclusive with --lets-encrypt-gcore-ssl-cert, --cert-manager-ssl-cert-id

--lets-encrypt-gcore-ssl-cert

Use Lets Encrypt GCore certificate.
Mutually exclusive with --dont-use-ssl-cert, --cert-manager-ssl-cert-id

--cert-manager-ssl-cert-id

string

Certificate Manager certificate id.
Mutually exclusive with --dont-use-ssl-cert, --lets-encrypt-gcore-ssl-cert

--disable-cache

Disable cache

--cache-expiration-time

int

Caching time for a response with codes 200, 206, 301, 302 in seconds.
Responses with codes 4xx, 5xx will not be cached.
Use cache-expiration-time-custom to specify a custom caching time for a response with specific codes.
Mutually exclusive with --cache-expiration-time-default

--cache-expiration-time-custom

key=value[,key=value...]

List of pairs code=caching_time.
Caching time for a response with specific codes.
These settings have a higher priority than the cache-expiration-time value.
Response code ('304', '404' for example) to caching time in seconds ('0s', '600s' for example).

--cache-expiration-time-default

int

Content will be cached according to origin cache settings.
The value (in seconds) applies for a response with codes 200, 201, 204, 206, 301, 302, 303, 304, 307, 308
if an origin server does not have caching HTTP headers.
Responses with other codes will not be cached.
Mutually exclusive with --cache-expiration-time

--browser-cache-expiration-time

int

Cache expiration time for customers' browsers in seconds.

--cache-http-headers

value[,value]

List of HTTP Headers that must be included in the response.

--ignore-query-string

Files with different query strings will be cached as one object.
Mutually exclusive with --query-params-whitelist and --query-params-blacklist

--query-params-whitelist

value[,value]

Files with these query strings will be cached as different objects.
Mutually exclusive with --query-params-blacklist and --ignore-query-string

--query-params-blacklist

value[,value]

Files with these query strings will be cached as one object.
Mutually exclusive with --query-params-whitelist and --ignore-query-string

--slice

Files larger than 10 MB will be requested and cached in parts (no larger than 10 MB each part).
It reduces time to first byte. The origin must support HTTP Range requests.

--fetch-compressed

A CDN request and cache already compressed content.
Your server should support compression.
CDN servers won't ungzip your content even if a user's browser doesn't accept compression (nowadays almost all browsers support it).
Mutually exclusive with --gzip-on and --brotli-compression.

--gzip-on

The option allows to compress content with gzip on the CDN`s end.
CDN servers will request only uncompressed content from the origin.
Mutually exclusive with --fetch-compressed and --brotli-compression.

--brotli-compression

value[,value]

The option allows to compress content with brotli on the CDN's end.
Specify the content-type for each type of content you wish to have compressed.
CDN servers will request only uncompressed content from the origin. Compression is performed on the Origin Shielding.
If a pre-cache server doesn't active for a resource, compression does not occur even if the option is enabled.
Mutually exclusive with --fetch-compressed and --gzip-on

--redirect-http-to-https

Redirects HTTP requests to HTTPS.
Mutually exclusive with --redirect-https-to-http.

--redirect-https-to-http

Redirects HTTPS requests to HTTP.
Mutually exclusive with --redirect-http-to-https.

--host-header

string

Specify the Host header that CDN servers use when request content from an origin server.
Your server must be able to process requests with the chosen header.
If the option is in NULL state Host Header value is taken from the CNAME field.
Mutually exclusive with --forward-host-header.

--forward-host-header

When a CDN requests content from an origin server the option allows forwarding
the Host header used in the request made to a CDN.
Mutually exclusive with --host-header.

--static-headers

key=value[,key=value...]

Specify up to 50 custom HTTP Headers that a CDN server adds to response.
You can add header with multiple values if these values are different.

--cors

value[,value]

The option adds the Access-Control-Allow-Origin header to responses from CDN servers. It has 3 parameters:

1. Adds * as the Access-Control-Allow-Origin header value, "value": ["*"]
2. Adds "$http_origin" as the Access-Control-Allow-Origin header value if the origin matches one of the listed domains
   "value": ["domain.com", "second.dom.com"]
3. Adds "$http_origin" as the Access-Control-Allow-Origin header value, "value": ["$http_origin"]

--stale

value[,value]

The list of errors which the option is applied for. Possible values:
'error', 'http_403', 'http_404', 'http_429', 'http_500', 'http_502', 'http_503', 'http_504', 'invalid_header', 'timeout', 'updating'

--allowed-http-methods

value[,value]

The list of allowed HTTP methods. Available methods:
GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS.

--proxy-cache-methods-set

Allows caching for GET, HEAD and POST requests.

--disable-proxy-force-ranges

The option is enabled by default. It allows getting 206 responses regardless settings of an origin source.

--static-request-headers

key=value[,key=value...]

Specify up to 50 custom HTTP Headers for a CDN server to add to request.
Header name ('Header-One', 'Header-Two' in the example) is restricted to 255 symbols and can contain
latin letters (A-Z, a-z), numbers (0-9), dashes, and underscores.
Header value ('Value 1', 'Value 2' in the example) is restricted to 512 symbols and can contain
latin letters (a-z), numbers (0-9), spaces, underscores and symbols (-/.:). Space can be used only between words.

--custom-server-name

string

Wildcard additional CNAME. If a resource has a wildcard additional CNAME,
you can use your own certificate for content delivery via HTTPS.

--ignore-cookie

By default, files pulled from an origin source with cookies are not cached in a CDN.
Enable this option to cache such objects.

--rewrite-flag

string

Defines flag for the Rewrite option. Possible values:
last — stops processing of the current set of ngx_http_rewrite_module directives and starts a search
for a new location matching changed URI.
break — stops processing of the current set of the Rewrite option.
redirect — returns a temporary redirect with the 302 code; It is used when a replacement string
does not start with "http://", "https://", or "$scheme".
permanent — returns a permanent redirect with the 301 code.

--rewrite-body

string

The pattern for Rewrite. At least one group should be specified.
For Example: /rewrite_from/(.*) /rewrite_to/$1

--secure-key

string

A key generated on clients side that will be used for URL signing.

--enable-ip-url-signing

The type of the URL signing with secure key and IP address. The URL could be available for all IP addresses or for the only one IP.
Enable this option to give access only for specified IP address.

--policy-type

string

The policy type for ip address acl option.
Must be specified with acl-excepted-values flag. Possible values:
allow - to allow access to all IP addresses except the ones specified in the acl-excepted-values field.
deny — to block access to all IP addresses except the ones specified in the acl-excepted-values field.

--acl-excepted-values

value[,value]

The list of specified IP addresses to be allowed or denied depending on acl policy type.
Provide an IP address with a subnet mask. Example, 192.168.3.2/32 or 2a03:d000:2980:7::8/128.
The access policy operates on network addresses calculated based on the specified IP addresses.
Therefore, after saving the resource, IP addresses will be converted to network addresses.
For example, IP address 1.2.3.4/2 will be translated to network address 0.0.0.0/2.
If two or more IP addresses belong to the same network, it is sufficient to specify only one of these IP addresses.

--async

Display information about the operation in progress, without waiting for the operation to complete.

Flag

Description

--profile

string

Set the custom configuration file.

--debug

Debug logging.

--debug-grpc

Debug gRPC logging. Very verbose, used for debugging connection problems.

--no-user-output

Disable printing user intended output to stderr.

--retry

int

Enable gRPC retries. By default, retries are enabled with maximum 5 attempts.
Pass 0 to disable retries. Pass any negative value for infinite retries.
Even infinite retries are capped with 2 minutes timeout.

--cloud-id

string

Set the ID of the cloud to use.

--folder-id

string

Set the ID of the folder to use.

--folder-name

string

Set the name of the folder to use (will be resolved to id).

--endpoint

string

Set the Cloud API endpoint (host:port).

--token

string

Set the OAuth token to use.

--impersonate-service-account-id

string

Set the ID of the service account to impersonate.

--no-browser

Disable opening browser for authentication.

--format

string

Set the output format: text (default), yaml, json, json-rest.

--jq

string

Query to select values from the response using jq syntax

-h, --help

Display help for the command.