Связаться с намиПодключиться

yandex_alb_virtual_host (Resource)

Статья создана
Обновлена 11 сентября 2025 г.

Creates a virtual host that belongs to specified HTTP router and adds the specified routes to it. For more information, see the official documentation.

Example usage

//
// Create a new ALB Virtual Host
//
resource "yandex_alb_virtual_host" "my-vhost" {
  name           = "my-virtual-host"
  http_router_id = yandex_alb_http_router.my-router.id
  route {
    name = "my-route"
    http_route {
      http_route_action {
        backend_group_id = yandex_alb_backend_group.my-bg.id
        timeout          = "3s"
      }
    }
  }
}

Schema

Required

  • http_router_id (String) The ID of the HTTP router to which the virtual host belongs.
  • name (String) The resource name.

Optional

  • authority (Set of String) A list of domains (host/authority header) that will be matched to this virtual host. Wildcard hosts are supported in the form of '.foo.com' or '-bar.foo.com'. If not specified, all domains will be matched.
  • modify_request_headers (Block List) Apply the following modifications to the Request/Response header.

Важно

Only one type of actions append or replace or remove should be specified. (see below for nested schema)

  • modify_response_headers (Block List) Apply the following modifications to the Request/Response header.

Важно

Only one type of actions append or replace or remove should be specified. (see below for nested schema)

  • rate_limit (Block List, Max: 1) Rate limit configuration applied for a whole virtual host (see below for nested schema)
  • route (Block List) A Route resource. Routes are matched in-order. Be careful when adding them to the end. For instance, having http '/' match first makes all other routes unused.

Важно

Exactly one type of routes http_route or grpc_route should be specified. (see below for nested schema)

Read-Only

  • id (String) The ID of this resource.

Nested Schema for modify_request_headers

Required:

  • name (String) Name of the header to modify.

Optional:

  • append (String) Append string to the header value.
  • remove (Boolean) If set, remove the header.
  • replace (String) New value for a header. Header values support the following formatters.

Nested Schema for modify_response_headers

Required:

  • name (String) Name of the header to modify.

Optional:

  • append (String) Append string to the header value.
  • remove (Boolean) If set, remove the header.
  • replace (String) New value for a header. Header values support the following formatters.

Nested Schema for rate_limit

Optional:

  • all_requests (Block List, Max: 1) Rate limit configuration applied to all incoming requests (see below for nested schema)
  • requests_per_ip (Block List, Max: 1) Rate limit configuration applied separately for each set of requests grouped by client IP address (see below for nested schema)

Nested Schema for rate_limit.all_requests

Optional:

  • per_minute (Number) Limit value specified with per minute time unit
  • per_second (Number) Limit value specified with per second time unit

Nested Schema for rate_limit.requests_per_ip

Optional:

  • per_minute (Number) Limit value specified with per minute time unit
  • per_second (Number) Limit value specified with per second time unit

Nested Schema for route

Optional:

  • disable_security_profile (Boolean) Disables security profile for the route
  • grpc_route (Block List, Max: 1) gRPC route resource.

Важно

Exactly one type of actions grpc_route_action or grpc_status_response_action should be specified. (see below for nested schema)

  • http_route (Block List, Max: 1) HTTP route resource.

Важно

Exactly one type of actions http_route_action or redirect_action or direct_response_action should be specified. (see below for nested schema)

  • name (String) Name of the route.
  • route_options (Block List, Max: 1) Route options for the virtual host. (see below for nested schema)

Nested Schema for route.grpc_route

Optional:

  • grpc_match (Block List) Checks / prefix by default. (see below for nested schema)
  • grpc_route_action (Block List, Max: 1) gRPC route action resource.

Важно

Only one type of host rewrite specifiers host_rewrite or auto_host_rewrite should be specified. (see below for nested schema)

  • grpc_status_response_action (Block List, Max: 1) gRPC status response action resource. (see below for nested schema)

Nested Schema for route.grpc_route.grpc_match

Optional:

  • fqmn (Block List, Max: 1) The path and fqmn blocks.

Важно

Exactly one type of string matches exact, prefix or regex should be specified. (see below for nested schema)

Nested Schema for route.grpc_route.grpc_match.fqmn

Optional:

  • exact (String) Match exactly.
  • prefix (String) Match prefix.
  • regex (String) Match regex.

Nested Schema for route.grpc_route.grpc_route_action

Required:

  • backend_group_id (String) Backend group to route requests.

Optional:

  • auto_host_rewrite (Boolean) If set, will automatically rewrite host.
  • host_rewrite (String) Host rewrite specifier.
  • idle_timeout (String) Specifies the idle timeout (time without any data transfer for the active request) for the route. It is useful for streaming scenarios - one should set idle_timeout to something meaningful and max_timeout to the maximum time the stream is allowed to be alive. If not specified, there is no per-route idle timeout.
  • max_timeout (String) Lower timeout may be specified by the client (using grpc-timeout header). If not set, default is 60 seconds.
  • rate_limit (Block List, Max: 1) Rate limit configuration applied for a whole virtual host (see below for nested schema)

Nested Schema for route.grpc_route.grpc_route_action.rate_limit

Optional:

  • all_requests (Block List, Max: 1) Rate limit configuration applied to all incoming requests (see below for nested schema)
  • requests_per_ip (Block List, Max: 1) Rate limit configuration applied separately for each set of requests grouped by client IP address (see below for nested schema)

Nested Schema for route.grpc_route.grpc_route_action.rate_limit.all_requests

Optional:

  • per_minute (Number) Limit value specified with per minute time unit
  • per_second (Number) Limit value specified with per second time unit

Nested Schema for route.grpc_route.grpc_route_action.rate_limit.requests_per_ip

Optional:

  • per_minute (Number) Limit value specified with per minute time unit
  • per_second (Number) Limit value specified with per second time unit

Nested Schema for route.grpc_route.grpc_status_response_action

Optional:

  • status (String) The status of the response. Supported values are: ok, invalid_argumet, not_found, permission_denied, unauthenticated, unimplemented, internal, unavailable.

Nested Schema for route.http_route

Optional:

  • direct_response_action (Block List, Max: 1) Direct response action resource. (see below for nested schema)
  • http_match (Block List) Checks / prefix by default. (see below for nested schema)
  • http_route_action (Block List, Max: 1) HTTP route action resource.

Важно

Only one type of host rewrite specifiers host_rewrite or auto_host_rewrite should be specified. (see below for nested schema)

  • redirect_action (Block List, Max: 1) Redirect action resource.

Важно

Only one type of paths replace_path or replace_prefix should be specified. (see below for nested schema)

Nested Schema for route.http_route.direct_response_action

Optional:

  • body (String) Response body text.
  • status (Number) HTTP response status. Should be between 100 and 599.

Nested Schema for route.http_route.http_match

Optional:

  • http_method (Set of String) List of methods (strings).
  • path (Block List, Max: 1) The path and fqmn blocks.

Важно

Exactly one type of string matches exact, prefix or regex should be specified. (see below for nested schema)

Nested Schema for route.http_route.http_match.path

Optional:

  • exact (String) Match exactly.
  • prefix (String) Match prefix.
  • regex (String) Match regex.

Nested Schema for route.http_route.http_route_action

Required:

  • backend_group_id (String) Backend group to route requests.

Optional:

  • auto_host_rewrite (Boolean) If set, will automatically rewrite host.
  • host_rewrite (String) Host rewrite specifier.
  • idle_timeout (String) Specifies the idle timeout (time without any data transfer for the active request) for the route. It is useful for streaming scenarios (i.e. long-polling, server-sent events) - one should set idle_timeout to something meaningful and timeout to the maximum time the stream is allowed to be alive. If not specified, there is no per-route idle timeout.
  • prefix_rewrite (String) If not empty, matched path prefix will be replaced by this value.
  • rate_limit (Block List, Max: 1) Rate limit configuration applied for a whole virtual host (see below for nested schema)
  • regex_rewrite (Block List, Max: 1) Replacement for path substrings that match the pattern (see below for nested schema)
  • timeout (String) Specifies the request timeout (overall time request processing is allowed to take) for the route. If not set, default is 60 seconds.
  • upgrade_types (Set of String) List of upgrade types. Only specified upgrade types will be allowed. For example, websocket.

Nested Schema for route.http_route.http_route_action.rate_limit

Optional:

  • all_requests (Block List, Max: 1) Rate limit configuration applied to all incoming requests (see below for nested schema)
  • requests_per_ip (Block List, Max: 1) Rate limit configuration applied separately for each set of requests grouped by client IP address (see below for nested schema)

Nested Schema for route.http_route.http_route_action.rate_limit.all_requests

Optional:

  • per_minute (Number) Limit value specified with per minute time unit
  • per_second (Number) Limit value specified with per second time unit

Nested Schema for route.http_route.http_route_action.rate_limit.requests_per_ip

Optional:

  • per_minute (Number) Limit value specified with per minute time unit
  • per_second (Number) Limit value specified with per second time unit

Nested Schema for route.http_route.http_route_action.regex_rewrite

Optional:

  • regex (String) RE2 regular expression
  • substitute (String) The string which should be used to substitute matched substrings

Nested Schema for route.http_route.redirect_action

Optional:

  • remove_query (Boolean) If set, remove query part.
  • replace_host (String) Replaces hostname.
  • replace_path (String) Replace path.
  • replace_port (Number) Replaces port.
  • replace_prefix (String) Replace only matched prefix. Example:
    match:{ prefix_match: /some }
    redirect: { replace_prefix: /other }
    will redirect /something to /otherthing.
  • replace_scheme (String) Replaces scheme. If the original scheme is http or https, will also remove the 80 or 443 port, if present.
  • response_code (String) The HTTP status code to use in the redirect response. Supported values are: moved_permanently, found, see_other, temporary_redirect, permanent_redirect.

Nested Schema for route.route_options

Optional:

  • rbac (Block List, Max: 1) RBAC configuration. (see below for nested schema)
  • security_profile_id (String) SWS profile ID.

Nested Schema for route.route_options.rbac

Required:

Optional:

  • action (String)

Nested Schema for route.route_options.rbac.principals

Required:

Nested Schema for route.route_options.rbac.principals.and_principals

Optional:

Nested Schema for route.route_options.rbac.principals.and_principals.header

Required:

  • name (String)

Optional:

  • value (Block List, Max: 1) The path and fqmn blocks.

Важно

Exactly one type of string matches exact, prefix or regex should be specified. (see below for nested schema)

Nested Schema for route.route_options.rbac.principals.and_principals.header.value

Optional:

  • exact (String) Match exactly.
  • prefix (String) Match prefix.
  • regex (String) Match regex.

Nested Schema for route_options

Optional:

  • rbac (Block List, Max: 1) RBAC configuration. (see below for nested schema)
  • security_profile_id (String) SWS profile ID.

Nested Schema for route_options.rbac

Required:

Optional:

  • action (String)

Nested Schema for route_options.rbac.principals

Required:

Nested Schema for route_options.rbac.principals.and_principals

Optional:

Nested Schema for route_options.rbac.principals.and_principals.header

Required:

  • name (String)

Optional:

  • value (Block List, Max: 1) The path and fqmn blocks.

Важно

Exactly one type of string matches exact, prefix or regex should be specified. (see below for nested schema)

Nested Schema for route_options.rbac.principals.and_principals.header.value

Optional:

  • exact (String) Match exactly.
  • prefix (String) Match prefix.
  • regex (String) Match regex.

Nested Schema for timeouts

Optional:

  • create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
  • delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
  • update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).

Import

The resource can be imported by using their resource ID. For getting the resource ID you can use Yandex Cloud Web Console or YC CLI.

The resource ID for the ALB virtual host is defined as its http router id separated by / from the virtual host's name.

# terraform import yandex_alb_virtual_host.<resource Name> <http_router_id>/<vhost_name>
terraform import yandex_alb_virtual_host.my_vhost ds7ph**********hm4in/route-7565bde...6ddd6-1
Предыдущая
alb_target_group
Следующая
audit_trails_trail