yandex_cdn_resource (Resource)

Allows management of Yandex Cloud CDN Resource.

Example usageExample usage

//
// Create a new CDN Resource
//
resource "yandex_cdn_resource" "my_resource" {
  cname               = "cdn1.yandex-example.ru"
  active              = false
  origin_protocol     = "https"
  secondary_hostnames = ["cdn-example-1.yandex.ru", "cdn-example-2.yandex.ru"]
  origin_group_id     = yandex_cdn_origin_group.foo_cdn_group_by_id.id

  options {
    edge_cache_settings = 345600
    ignore_cookie       = true
    static_request_headers = {
      is-from-cdn = "yes"
    }
    static_response_headers = {
      is-cdn = "yes"
    }
  }
}

SchemaSchema

RequiredRequired

• cname (String) CDN endpoint CNAME, must be unique among resources.

OptionalOptional

• active (Boolean) Flag to create Resource either in active or disabled state. True - the content from CDN is available to clients.
• folder_id (String) The folder identifier that resource belongs to. If it is not provided, the default provider folder-id is used.
• labels (Map of String) A set of key/value label pairs which assigned to resource.
• options (Block List, Max: 1) CDN Resource settings and options to tune CDN edge behavior. (see below for nested schema)
• origin_group_id (String) The ID of a specific origin group.
• origin_group_name (String) The name of a specific origin group.
• origin_protocol (String) Protocol of origin resource. http or https.
• provider_type (String) CDN provider is a content delivery service provider. Possible values: "ourcdn" (default) or "gcore"
• secondary_hostnames (Set of String) List of secondary hostname strings.
• shielding (String) Shielding is a Cloud CDN feature that helps reduce the load on content origins from CDN servers.
  Specify location id to enable shielding. See https://yandex.cloud/en/docs/cdn/operations/resources/enable-shielding
• ssl_certificate (Block Set, Max: 1) SSL certificate of CDN resource. (see below for nested schema)
• timeouts (Block, Optional) (see below for nested schema)
• updated_at (String) Last update timestamp. Computed value for read and update operations.

Read-OnlyRead-Only

• created_at (String) The creation timestamp of the resource.
• id (String) The ID of this resource.
• provider_cname (String) Provider CNAME of CDN resource, computed value for read and update operations.

Nested Schema for Nested Schema for options

Optional:

• allowed_http_methods (List of String) HTTP methods for your CDN content. By default the following methods are allowed: GET, HEAD, POST, PUT, PATCH, DELETE, OPTIONS. In case some methods are not allowed to the user, they will get the 405 (Method Not Allowed) response. If the method is not supported, the user gets the 501 (Not Implemented) response.
• browser_cache_settings (Number) Set up a cache period for the end-users browser. Content will be cached due to origin settings. If there are no cache settings on your origin, the content will not be cached. The list of HTTP response codes that can be cached in browsers: 200, 201, 204, 206, 301, 302, 303, 304, 307, 308. Other response codes will not be cached. The default value is 4 days.
• cache_http_headers (List of String, Deprecated) List HTTP headers that must be included in responses to clients.
• cors (List of String) Parameter that lets browsers get access to selected resources from a domain different to a domain from which the request is received.
• custom_host_header (String) Custom value for the Host header. Your server must be able to process requests with the chosen header.
• custom_server_name (String) Wildcard additional CNAME. If a resource has a wildcard additional CNAME, you can use your own certificate for content delivery via HTTPS.
• disable_cache (Boolean, Deprecated) Setup a cache status.
• disable_proxy_force_ranges (Boolean) Disabling proxy force ranges.
• edge_cache_settings (Number) Content will be cached according to origin cache settings. The value applies for a response with codes 200, 201, 204, 206, 301, 302, 303, 304, 307, 308 if an origin server does not have caching HTTP headers. Responses with other codes will not be cached.
• edge_cache_settings_codes (Block List, Max: 1) Set the cache expiration time for CDN servers (see below for nested schema)
• enable_ip_url_signing (Boolean) Enable access limiting by IP addresses, option available only with setting secure_key.
• fetched_compressed (Boolean) Option helps you to reduce the bandwidth between origin and CDN servers. Also, content delivery speed becomes higher because of reducing the time for compressing files in a CDN.
• forward_host_header (Boolean) Choose the Forward Host header option if is important to send in the request to the Origin the same Host header as was sent in the request to CDN server.
• gzip_on (Boolean) GZip compression at CDN servers reduces file size by 70% and can be as high as 90%.
• ignore_cookie (Boolean) Set for ignoring cookie.
• ignore_query_params (Boolean) Files with different query parameters are cached as objects with the same key regardless of the parameter value. selected by default.
• ip_address_acl (Block List, Max: 1) IP address access control list. The list of specified IP addresses to be allowed or denied depending on acl policy type. (see below for nested schema)
• proxy_cache_methods_set (Boolean) Allows caching for GET, HEAD and POST requests.
• query_params_blacklist (List of String) Files with the specified query parameters are cached as objects with the same key, files with other parameters are cached as objects with different keys.
• query_params_whitelist (List of String) Files with the specified query parameters are cached as objects with different keys, files with other parameters are cached as objects with the same key.
• redirect_http_to_https (Boolean) Set up a redirect from HTTP to HTTPS.
• redirect_https_to_http (Boolean) Set up a redirect from HTTPS to HTTP.
• rewrite_flag (String) Defines flag for the Rewrite option (default: BREAK).
  LAST - Stops processing of the current set of ngx_http_rewrite_module directives and starts a search for a new location matching changed URI.
  BREAK - Stops processing of the current set of the Rewrite option.
  REDIRECT - Returns a temporary redirect with the 302 code; It is used when a replacement string does not start with "http://", "https://", or "$scheme"
  PERMANENT - Returns a permanent redirect with the 301 code.
• rewrite_pattern (String) An option for changing or redirecting query paths. The value must have the following format: <source path> <destination path>, where both paths are regular expressions which use at least one group. E.g., /foo/(.*) /bar/$1.
• secure_key (String) Set secure key for url encoding to protect contect and limit access by IP addresses and time limits.
• slice (Boolean) Files larger than 10 MB will be requested and cached in parts (no larger than 10 MB each part). It reduces time to first byte. The origin must support HTTP Range requests.
• stale (List of String) List of errors which instruct CDN servers to serve stale content to clients. Possible values: error, http_403, http_404, http_429, http_500, http_502, http_503, http_504, invalid_header, timeout, updating.
• static_request_headers (Map of String) Set up custom headers that CDN servers will send in requests to origins.
• static_response_headers (Map of String) Set up a static response header. The header name must be lowercase.

Nested Schema for Nested Schema for options.edge_cache_settings_codes

Optional:

• custom_values (Map of Number) Caching time for a response with specific codes. These settings have a higher priority than the value field. Response code (304, 404 for example). Use any to specify caching time for all response codes.
• value (Number) Caching time for a response with codes 200, 206, 301, 302. Responses with codes 4xx, 5xx will not be cached. Use 0 disable to caching. Use custom_values field to specify a custom caching time for a response with specific codes.

Nested Schema for Nested Schema for options.ip_address_acl

Optional:

• excepted_values (List of String) The list of specified IP addresses to be allowed or denied depending on acl policy type.
• policy_type (String) The policy type for ACL. One of allow or deny values.

Nested Schema for Nested Schema for ssl_certificate

Required:

• type (String) SSL certificate type.

Optional:

• certificate_manager_id (String) Certificate Manager ID.

Read-Only:

• status (String) SSL certificate status.

Nested Schema for Nested Schema for timeouts

Optional:

• create (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).
• delete (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Setting a timeout for a Delete operation is only applicable if changes are saved into state before the destroy operation occurs.
• read (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours). Read operations occur during any refresh or planning operation when refresh is enabled.
• update (String) A string that can be parsed as a duration consisting of numbers and unit suffixes, such as "30s" or "2h45m". Valid time units are "s" (seconds), "m" (minutes), "h" (hours).

ImportImport

The resource can be imported by using their resource ID. For getting the resource ID you can use Yandex Cloud Web Console or YC CLI.

# terraform import yandex_cdn_resource.<resource Name> <resource Id>
terraform import yandex_cdn_resource.my_cdn_resource ...