1. Packages
  2. Google Cloud (GCP) Classic
  3. API Docs
  4. networkservices
  5. EdgeCacheService
Google Cloud v8.25.0 published on Thursday, Apr 3, 2025 by Pulumi

gcp.networkservices.EdgeCacheService

Explore with Pulumi AI

EdgeCacheService defines the IP addresses, protocols, security policies, cache policies and routing configuration.

Warning: These resources require allow-listing to use, and are not openly available to all Cloud customers. Engage with your Cloud account team to discuss how to onboard.

Example Usage

Network Services Edge Cache Service Basic

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const dest = new gcp.storage.Bucket("dest", {
    name: "my-bucket",
    location: "US",
    forceDestroy: true,
});
const instance = new gcp.networkservices.EdgeCacheOrigin("instance", {
    name: "my-origin",
    originAddress: dest.url,
    description: "The default bucket for media edge test",
    maxAttempts: 2,
    timeout: {
        connectTimeout: "10s",
    },
});
const instanceEdgeCacheService = new gcp.networkservices.EdgeCacheService("instance", {
    name: "my-service",
    description: "some description",
    routing: {
        hostRules: [{
            description: "host rule description",
            hosts: ["sslcert.tf-test.club"],
            pathMatcher: "routes",
        }],
        pathMatchers: [{
            name: "routes",
            routeRules: [{
                description: "a route rule to match against",
                priority: "1",
                matchRules: [{
                    prefixMatch: "/",
                }],
                origin: instance.name,
                routeAction: {
                    cdnPolicy: {
                        cacheMode: "CACHE_ALL_STATIC",
                        defaultTtl: "3600s",
                    },
                },
                headerAction: {
                    responseHeaderToAdds: [{
                        headerName: "x-cache-status",
                        headerValue: "{cdn_cache_status}",
                    }],
                },
            }],
        }],
    },
});
Copy
import pulumi
import pulumi_gcp as gcp

dest = gcp.storage.Bucket("dest",
    name="my-bucket",
    location="US",
    force_destroy=True)
instance = gcp.networkservices.EdgeCacheOrigin("instance",
    name="my-origin",
    origin_address=dest.url,
    description="The default bucket for media edge test",
    max_attempts=2,
    timeout={
        "connect_timeout": "10s",
    })
instance_edge_cache_service = gcp.networkservices.EdgeCacheService("instance",
    name="my-service",
    description="some description",
    routing={
        "host_rules": [{
            "description": "host rule description",
            "hosts": ["sslcert.tf-test.club"],
            "path_matcher": "routes",
        }],
        "path_matchers": [{
            "name": "routes",
            "route_rules": [{
                "description": "a route rule to match against",
                "priority": "1",
                "match_rules": [{
                    "prefix_match": "/",
                }],
                "origin": instance.name,
                "route_action": {
                    "cdn_policy": {
                        "cache_mode": "CACHE_ALL_STATIC",
                        "default_ttl": "3600s",
                    },
                },
                "header_action": {
                    "response_header_to_adds": [{
                        "header_name": "x-cache-status",
                        "header_value": "{cdn_cache_status}",
                    }],
                },
            }],
        }],
    })
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		dest, err := storage.NewBucket(ctx, "dest", &storage.BucketArgs{
			Name:         pulumi.String("my-bucket"),
			Location:     pulumi.String("US"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		instance, err := networkservices.NewEdgeCacheOrigin(ctx, "instance", &networkservices.EdgeCacheOriginArgs{
			Name:          pulumi.String("my-origin"),
			OriginAddress: dest.Url,
			Description:   pulumi.String("The default bucket for media edge test"),
			MaxAttempts:   pulumi.Int(2),
			Timeout: &networkservices.EdgeCacheOriginTimeoutArgs{
				ConnectTimeout: pulumi.String("10s"),
			},
		})
		if err != nil {
			return err
		}
		_, err = networkservices.NewEdgeCacheService(ctx, "instance", &networkservices.EdgeCacheServiceArgs{
			Name:        pulumi.String("my-service"),
			Description: pulumi.String("some description"),
			Routing: &networkservices.EdgeCacheServiceRoutingArgs{
				HostRules: networkservices.EdgeCacheServiceRoutingHostRuleArray{
					&networkservices.EdgeCacheServiceRoutingHostRuleArgs{
						Description: pulumi.String("host rule description"),
						Hosts: pulumi.StringArray{
							pulumi.String("sslcert.tf-test.club"),
						},
						PathMatcher: pulumi.String("routes"),
					},
				},
				PathMatchers: networkservices.EdgeCacheServiceRoutingPathMatcherArray{
					&networkservices.EdgeCacheServiceRoutingPathMatcherArgs{
						Name: pulumi.String("routes"),
						RouteRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArray{
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("a route rule to match against"),
								Priority:    pulumi.String("1"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										PrefixMatch: pulumi.String("/"),
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										CacheMode:  pulumi.String("CACHE_ALL_STATIC"),
										DefaultTtl: pulumi.String("3600s"),
									},
								},
								HeaderAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs{
									ResponseHeaderToAdds: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArray{
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs{
											HeaderName:  pulumi.String("x-cache-status"),
											HeaderValue: pulumi.String("{cdn_cache_status}"),
										},
									},
								},
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var dest = new Gcp.Storage.Bucket("dest", new()
    {
        Name = "my-bucket",
        Location = "US",
        ForceDestroy = true,
    });

    var instance = new Gcp.NetworkServices.EdgeCacheOrigin("instance", new()
    {
        Name = "my-origin",
        OriginAddress = dest.Url,
        Description = "The default bucket for media edge test",
        MaxAttempts = 2,
        Timeout = new Gcp.NetworkServices.Inputs.EdgeCacheOriginTimeoutArgs
        {
            ConnectTimeout = "10s",
        },
    });

    var instanceEdgeCacheService = new Gcp.NetworkServices.EdgeCacheService("instance", new()
    {
        Name = "my-service",
        Description = "some description",
        Routing = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingArgs
        {
            HostRules = new[]
            {
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingHostRuleArgs
                {
                    Description = "host rule description",
                    Hosts = new[]
                    {
                        "sslcert.tf-test.club",
                    },
                    PathMatcher = "routes",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherArgs
                {
                    Name = "routes",
                    RouteRules = new[]
                    {
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "a route rule to match against",
                            Priority = "1",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    PrefixMatch = "/",
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    CacheMode = "CACHE_ALL_STATIC",
                                    DefaultTtl = "3600s",
                                },
                            },
                            HeaderAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs
                            {
                                ResponseHeaderToAdds = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs
                                    {
                                        HeaderName = "x-cache-status",
                                        HeaderValue = "{cdn_cache_status}",
                                    },
                                },
                            },
                        },
                    },
                },
            },
        },
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.networkservices.EdgeCacheOrigin;
import com.pulumi.gcp.networkservices.EdgeCacheOriginArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheOriginTimeoutArgs;
import com.pulumi.gcp.networkservices.EdgeCacheService;
import com.pulumi.gcp.networkservices.EdgeCacheServiceArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheServiceRoutingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var dest = new Bucket("dest", BucketArgs.builder()
            .name("my-bucket")
            .location("US")
            .forceDestroy(true)
            .build());

        var instance = new EdgeCacheOrigin("instance", EdgeCacheOriginArgs.builder()
            .name("my-origin")
            .originAddress(dest.url())
            .description("The default bucket for media edge test")
            .maxAttempts(2)
            .timeout(EdgeCacheOriginTimeoutArgs.builder()
                .connectTimeout("10s")
                .build())
            .build());

        var instanceEdgeCacheService = new EdgeCacheService("instanceEdgeCacheService", EdgeCacheServiceArgs.builder()
            .name("my-service")
            .description("some description")
            .routing(EdgeCacheServiceRoutingArgs.builder()
                .hostRules(EdgeCacheServiceRoutingHostRuleArgs.builder()
                    .description("host rule description")
                    .hosts("sslcert.tf-test.club")
                    .pathMatcher("routes")
                    .build())
                .pathMatchers(EdgeCacheServiceRoutingPathMatcherArgs.builder()
                    .name("routes")
                    .routeRules(EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                        .description("a route rule to match against")
                        .priority(1)
                        .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                            .prefixMatch("/")
                            .build())
                        .origin(instance.name())
                        .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                            .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                .cacheMode("CACHE_ALL_STATIC")
                                .defaultTtl("3600s")
                                .build())
                            .build())
                        .headerAction(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs.builder()
                            .responseHeaderToAdds(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs.builder()
                                .headerName("x-cache-status")
                                .headerValue("{cdn_cache_status}")
                                .build())
                            .build())
                        .build())
                    .build())
                .build())
            .build());

    }
}
Copy
resources:
  dest:
    type: gcp:storage:Bucket
    properties:
      name: my-bucket
      location: US
      forceDestroy: true
  instance:
    type: gcp:networkservices:EdgeCacheOrigin
    properties:
      name: my-origin
      originAddress: ${dest.url}
      description: The default bucket for media edge test
      maxAttempts: 2
      timeout:
        connectTimeout: 10s
  instanceEdgeCacheService:
    type: gcp:networkservices:EdgeCacheService
    name: instance
    properties:
      name: my-service
      description: some description
      routing:
        hostRules:
          - description: host rule description
            hosts:
              - sslcert.tf-test.club
            pathMatcher: routes
        pathMatchers:
          - name: routes
            routeRules:
              - description: a route rule to match against
                priority: 1
                matchRules:
                  - prefixMatch: /
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    cacheMode: CACHE_ALL_STATIC
                    defaultTtl: 3600s
                headerAction:
                  responseHeaderToAdds:
                    - headerName: x-cache-status
                      headerValue: '{cdn_cache_status}'
Copy

Network Services Edge Cache Service Advanced

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const dest = new gcp.storage.Bucket("dest", {
    name: "my-bucket",
    location: "US",
    forceDestroy: true,
});
const google = new gcp.networkservices.EdgeCacheOrigin("google", {
    name: "origin-google",
    originAddress: "google.com",
    description: "The default bucket for media edge test",
    maxAttempts: 2,
    timeout: {
        connectTimeout: "10s",
    },
});
const instance = new gcp.networkservices.EdgeCacheOrigin("instance", {
    name: "my-origin",
    originAddress: dest.url,
    description: "The default bucket for media edge test",
    maxAttempts: 2,
    timeout: {
        connectTimeout: "10s",
    },
});
const instanceEdgeCacheService = new gcp.networkservices.EdgeCacheService("instance", {
    name: "my-service",
    description: "some description",
    disableQuic: true,
    disableHttp2: true,
    labels: {
        a: "b",
    },
    routing: {
        hostRules: [
            {
                description: "host rule description",
                hosts: ["sslcert.tf-test.club"],
                pathMatcher: "routes",
            },
            {
                description: "host rule2",
                hosts: ["sslcert.tf-test2.club"],
                pathMatcher: "routes",
            },
            {
                description: "host rule3",
                hosts: ["sslcert.tf-test3.club"],
                pathMatcher: "routesAdvanced",
            },
        ],
        pathMatchers: [
            {
                name: "routes",
                routeRules: [{
                    description: "a route rule to match against",
                    priority: "1",
                    matchRules: [{
                        prefixMatch: "/",
                    }],
                    origin: instance.name,
                    routeAction: {
                        cdnPolicy: {
                            cacheMode: "CACHE_ALL_STATIC",
                            defaultTtl: "3600s",
                        },
                    },
                    headerAction: {
                        responseHeaderToAdds: [{
                            headerName: "x-cache-status",
                            headerValue: "{cdn_cache_status}",
                        }],
                    },
                }],
            },
            {
                name: "routesAdvanced",
                description: "an advanced ruleset",
                routeRules: [
                    {
                        description: "an advanced route rule to match against",
                        priority: "1",
                        matchRules: [
                            {
                                prefixMatch: "/potato/",
                                queryParameterMatches: [
                                    {
                                        name: "debug",
                                        presentMatch: true,
                                    },
                                    {
                                        name: "state",
                                        exactMatch: "debug",
                                    },
                                ],
                            },
                            {
                                fullPathMatch: "/apple",
                            },
                        ],
                        headerAction: {
                            requestHeaderToAdds: [
                                {
                                    headerName: "debug",
                                    headerValue: "true",
                                    replace: true,
                                },
                                {
                                    headerName: "potato",
                                    headerValue: "plant",
                                },
                            ],
                            responseHeaderToAdds: [{
                                headerName: "potato",
                                headerValue: "plant",
                                replace: true,
                            }],
                            requestHeaderToRemoves: [{
                                headerName: "prod",
                            }],
                            responseHeaderToRemoves: [{
                                headerName: "prod",
                            }],
                        },
                        origin: instance.name,
                        routeAction: {
                            cdnPolicy: {
                                cacheMode: "CACHE_ALL_STATIC",
                                defaultTtl: "3800s",
                                clientTtl: "3600s",
                                maxTtl: "9000s",
                                cacheKeyPolicy: {
                                    includeProtocol: true,
                                    excludeHost: true,
                                    includedQueryParameters: [
                                        "apple",
                                        "dev",
                                        "santa",
                                        "claus",
                                    ],
                                    includedHeaderNames: ["banana"],
                                    includedCookieNames: ["orange"],
                                },
                                negativeCaching: true,
                                signedRequestMode: "DISABLED",
                                negativeCachingPolicy: {
                                    "500": "3000s",
                                },
                            },
                            urlRewrite: {
                                pathPrefixRewrite: "/dev",
                                hostRewrite: "dev.club",
                            },
                            corsPolicy: {
                                maxAge: "2500s",
                                allowCredentials: true,
                                allowOrigins: ["*"],
                                allowMethods: ["GET"],
                                allowHeaders: ["dev"],
                                exposeHeaders: ["prod"],
                            },
                        },
                    },
                    {
                        description: "a second route rule to match against",
                        priority: "2",
                        matchRules: [{
                            fullPathMatch: "/yay",
                        }],
                        origin: instance.name,
                        routeAction: {
                            cdnPolicy: {
                                cacheMode: "CACHE_ALL_STATIC",
                                defaultTtl: "3600s",
                                cacheKeyPolicy: {
                                    excludedQueryParameters: ["dev"],
                                },
                            },
                            corsPolicy: {
                                maxAge: "3000s",
                                allowHeaders: ["dev"],
                                disabled: true,
                            },
                        },
                    },
                ],
            },
        ],
    },
    logConfig: {
        enable: true,
        sampleRate: 0.01,
    },
});
Copy
import pulumi
import pulumi_gcp as gcp

dest = gcp.storage.Bucket("dest",
    name="my-bucket",
    location="US",
    force_destroy=True)
google = gcp.networkservices.EdgeCacheOrigin("google",
    name="origin-google",
    origin_address="google.com",
    description="The default bucket for media edge test",
    max_attempts=2,
    timeout={
        "connect_timeout": "10s",
    })
instance = gcp.networkservices.EdgeCacheOrigin("instance",
    name="my-origin",
    origin_address=dest.url,
    description="The default bucket for media edge test",
    max_attempts=2,
    timeout={
        "connect_timeout": "10s",
    })
instance_edge_cache_service = gcp.networkservices.EdgeCacheService("instance",
    name="my-service",
    description="some description",
    disable_quic=True,
    disable_http2=True,
    labels={
        "a": "b",
    },
    routing={
        "host_rules": [
            {
                "description": "host rule description",
                "hosts": ["sslcert.tf-test.club"],
                "path_matcher": "routes",
            },
            {
                "description": "host rule2",
                "hosts": ["sslcert.tf-test2.club"],
                "path_matcher": "routes",
            },
            {
                "description": "host rule3",
                "hosts": ["sslcert.tf-test3.club"],
                "path_matcher": "routesAdvanced",
            },
        ],
        "path_matchers": [
            {
                "name": "routes",
                "route_rules": [{
                    "description": "a route rule to match against",
                    "priority": "1",
                    "match_rules": [{
                        "prefix_match": "/",
                    }],
                    "origin": instance.name,
                    "route_action": {
                        "cdn_policy": {
                            "cache_mode": "CACHE_ALL_STATIC",
                            "default_ttl": "3600s",
                        },
                    },
                    "header_action": {
                        "response_header_to_adds": [{
                            "header_name": "x-cache-status",
                            "header_value": "{cdn_cache_status}",
                        }],
                    },
                }],
            },
            {
                "name": "routesAdvanced",
                "description": "an advanced ruleset",
                "route_rules": [
                    {
                        "description": "an advanced route rule to match against",
                        "priority": "1",
                        "match_rules": [
                            {
                                "prefix_match": "/potato/",
                                "query_parameter_matches": [
                                    {
                                        "name": "debug",
                                        "present_match": True,
                                    },
                                    {
                                        "name": "state",
                                        "exact_match": "debug",
                                    },
                                ],
                            },
                            {
                                "full_path_match": "/apple",
                            },
                        ],
                        "header_action": {
                            "request_header_to_adds": [
                                {
                                    "header_name": "debug",
                                    "header_value": "true",
                                    "replace": True,
                                },
                                {
                                    "header_name": "potato",
                                    "header_value": "plant",
                                },
                            ],
                            "response_header_to_adds": [{
                                "header_name": "potato",
                                "header_value": "plant",
                                "replace": True,
                            }],
                            "request_header_to_removes": [{
                                "header_name": "prod",
                            }],
                            "response_header_to_removes": [{
                                "header_name": "prod",
                            }],
                        },
                        "origin": instance.name,
                        "route_action": {
                            "cdn_policy": {
                                "cache_mode": "CACHE_ALL_STATIC",
                                "default_ttl": "3800s",
                                "client_ttl": "3600s",
                                "max_ttl": "9000s",
                                "cache_key_policy": {
                                    "include_protocol": True,
                                    "exclude_host": True,
                                    "included_query_parameters": [
                                        "apple",
                                        "dev",
                                        "santa",
                                        "claus",
                                    ],
                                    "included_header_names": ["banana"],
                                    "included_cookie_names": ["orange"],
                                },
                                "negative_caching": True,
                                "signed_request_mode": "DISABLED",
                                "negative_caching_policy": {
                                    "500": "3000s",
                                },
                            },
                            "url_rewrite": {
                                "path_prefix_rewrite": "/dev",
                                "host_rewrite": "dev.club",
                            },
                            "cors_policy": {
                                "max_age": "2500s",
                                "allow_credentials": True,
                                "allow_origins": ["*"],
                                "allow_methods": ["GET"],
                                "allow_headers": ["dev"],
                                "expose_headers": ["prod"],
                            },
                        },
                    },
                    {
                        "description": "a second route rule to match against",
                        "priority": "2",
                        "match_rules": [{
                            "full_path_match": "/yay",
                        }],
                        "origin": instance.name,
                        "route_action": {
                            "cdn_policy": {
                                "cache_mode": "CACHE_ALL_STATIC",
                                "default_ttl": "3600s",
                                "cache_key_policy": {
                                    "excluded_query_parameters": ["dev"],
                                },
                            },
                            "cors_policy": {
                                "max_age": "3000s",
                                "allow_headers": ["dev"],
                                "disabled": True,
                            },
                        },
                    },
                ],
            },
        ],
    },
    log_config={
        "enable": True,
        "sample_rate": 0.01,
    })
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/storage"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		dest, err := storage.NewBucket(ctx, "dest", &storage.BucketArgs{
			Name:         pulumi.String("my-bucket"),
			Location:     pulumi.String("US"),
			ForceDestroy: pulumi.Bool(true),
		})
		if err != nil {
			return err
		}
		_, err = networkservices.NewEdgeCacheOrigin(ctx, "google", &networkservices.EdgeCacheOriginArgs{
			Name:          pulumi.String("origin-google"),
			OriginAddress: pulumi.String("google.com"),
			Description:   pulumi.String("The default bucket for media edge test"),
			MaxAttempts:   pulumi.Int(2),
			Timeout: &networkservices.EdgeCacheOriginTimeoutArgs{
				ConnectTimeout: pulumi.String("10s"),
			},
		})
		if err != nil {
			return err
		}
		instance, err := networkservices.NewEdgeCacheOrigin(ctx, "instance", &networkservices.EdgeCacheOriginArgs{
			Name:          pulumi.String("my-origin"),
			OriginAddress: dest.Url,
			Description:   pulumi.String("The default bucket for media edge test"),
			MaxAttempts:   pulumi.Int(2),
			Timeout: &networkservices.EdgeCacheOriginTimeoutArgs{
				ConnectTimeout: pulumi.String("10s"),
			},
		})
		if err != nil {
			return err
		}
		_, err = networkservices.NewEdgeCacheService(ctx, "instance", &networkservices.EdgeCacheServiceArgs{
			Name:         pulumi.String("my-service"),
			Description:  pulumi.String("some description"),
			DisableQuic:  pulumi.Bool(true),
			DisableHttp2: pulumi.Bool(true),
			Labels: pulumi.StringMap{
				"a": pulumi.String("b"),
			},
			Routing: &networkservices.EdgeCacheServiceRoutingArgs{
				HostRules: networkservices.EdgeCacheServiceRoutingHostRuleArray{
					&networkservices.EdgeCacheServiceRoutingHostRuleArgs{
						Description: pulumi.String("host rule description"),
						Hosts: pulumi.StringArray{
							pulumi.String("sslcert.tf-test.club"),
						},
						PathMatcher: pulumi.String("routes"),
					},
					&networkservices.EdgeCacheServiceRoutingHostRuleArgs{
						Description: pulumi.String("host rule2"),
						Hosts: pulumi.StringArray{
							pulumi.String("sslcert.tf-test2.club"),
						},
						PathMatcher: pulumi.String("routes"),
					},
					&networkservices.EdgeCacheServiceRoutingHostRuleArgs{
						Description: pulumi.String("host rule3"),
						Hosts: pulumi.StringArray{
							pulumi.String("sslcert.tf-test3.club"),
						},
						PathMatcher: pulumi.String("routesAdvanced"),
					},
				},
				PathMatchers: networkservices.EdgeCacheServiceRoutingPathMatcherArray{
					&networkservices.EdgeCacheServiceRoutingPathMatcherArgs{
						Name: pulumi.String("routes"),
						RouteRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArray{
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("a route rule to match against"),
								Priority:    pulumi.String("1"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										PrefixMatch: pulumi.String("/"),
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										CacheMode:  pulumi.String("CACHE_ALL_STATIC"),
										DefaultTtl: pulumi.String("3600s"),
									},
								},
								HeaderAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs{
									ResponseHeaderToAdds: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArray{
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs{
											HeaderName:  pulumi.String("x-cache-status"),
											HeaderValue: pulumi.String("{cdn_cache_status}"),
										},
									},
								},
							},
						},
					},
					&networkservices.EdgeCacheServiceRoutingPathMatcherArgs{
						Name:        pulumi.String("routesAdvanced"),
						Description: pulumi.String("an advanced ruleset"),
						RouteRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArray{
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("an advanced route rule to match against"),
								Priority:    pulumi.String("1"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										PrefixMatch: pulumi.String("/potato/"),
										QueryParameterMatches: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArray{
											&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs{
												Name:         pulumi.String("debug"),
												PresentMatch: pulumi.Bool(true),
											},
											&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs{
												Name:       pulumi.String("state"),
												ExactMatch: pulumi.String("debug"),
											},
										},
									},
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										FullPathMatch: pulumi.String("/apple"),
									},
								},
								HeaderAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs{
									RequestHeaderToAdds: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArray{
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs{
											HeaderName:  pulumi.String("debug"),
											HeaderValue: pulumi.String("true"),
											Replace:     pulumi.Bool(true),
										},
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs{
											HeaderName:  pulumi.String("potato"),
											HeaderValue: pulumi.String("plant"),
										},
									},
									ResponseHeaderToAdds: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArray{
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs{
											HeaderName:  pulumi.String("potato"),
											HeaderValue: pulumi.String("plant"),
											Replace:     pulumi.Bool(true),
										},
									},
									RequestHeaderToRemoves: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArray{
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs{
											HeaderName: pulumi.String("prod"),
										},
									},
									ResponseHeaderToRemoves: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArray{
										&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs{
											HeaderName: pulumi.String("prod"),
										},
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										CacheMode:  pulumi.String("CACHE_ALL_STATIC"),
										DefaultTtl: pulumi.String("3800s"),
										ClientTtl:  pulumi.String("3600s"),
										MaxTtl:     pulumi.String("9000s"),
										CacheKeyPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs{
											IncludeProtocol: pulumi.Bool(true),
											ExcludeHost:     pulumi.Bool(true),
											IncludedQueryParameters: pulumi.StringArray{
												pulumi.String("apple"),
												pulumi.String("dev"),
												pulumi.String("santa"),
												pulumi.String("claus"),
											},
											IncludedHeaderNames: pulumi.StringArray{
												pulumi.String("banana"),
											},
											IncludedCookieNames: pulumi.StringArray{
												pulumi.String("orange"),
											},
										},
										NegativeCaching:   pulumi.Bool(true),
										SignedRequestMode: pulumi.String("DISABLED"),
										NegativeCachingPolicy: pulumi.StringMap{
											"500": pulumi.String("3000s"),
										},
									},
									UrlRewrite: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs{
										PathPrefixRewrite: pulumi.String("/dev"),
										HostRewrite:       pulumi.String("dev.club"),
									},
									CorsPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs{
										MaxAge:           pulumi.String("2500s"),
										AllowCredentials: pulumi.Bool(true),
										AllowOrigins: pulumi.StringArray{
											pulumi.String("*"),
										},
										AllowMethods: pulumi.StringArray{
											pulumi.String("GET"),
										},
										AllowHeaders: pulumi.StringArray{
											pulumi.String("dev"),
										},
										ExposeHeaders: pulumi.StringArray{
											pulumi.String("prod"),
										},
									},
								},
							},
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("a second route rule to match against"),
								Priority:    pulumi.String("2"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										FullPathMatch: pulumi.String("/yay"),
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										CacheMode:  pulumi.String("CACHE_ALL_STATIC"),
										DefaultTtl: pulumi.String("3600s"),
										CacheKeyPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs{
											ExcludedQueryParameters: pulumi.StringArray{
												pulumi.String("dev"),
											},
										},
									},
									CorsPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs{
										MaxAge: pulumi.String("3000s"),
										AllowHeaders: pulumi.StringArray{
											pulumi.String("dev"),
										},
										Disabled: pulumi.Bool(true),
									},
								},
							},
						},
					},
				},
			},
			LogConfig: &networkservices.EdgeCacheServiceLogConfigArgs{
				Enable:     pulumi.Bool(true),
				SampleRate: pulumi.Float64(0.01),
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var dest = new Gcp.Storage.Bucket("dest", new()
    {
        Name = "my-bucket",
        Location = "US",
        ForceDestroy = true,
    });

    var google = new Gcp.NetworkServices.EdgeCacheOrigin("google", new()
    {
        Name = "origin-google",
        OriginAddress = "google.com",
        Description = "The default bucket for media edge test",
        MaxAttempts = 2,
        Timeout = new Gcp.NetworkServices.Inputs.EdgeCacheOriginTimeoutArgs
        {
            ConnectTimeout = "10s",
        },
    });

    var instance = new Gcp.NetworkServices.EdgeCacheOrigin("instance", new()
    {
        Name = "my-origin",
        OriginAddress = dest.Url,
        Description = "The default bucket for media edge test",
        MaxAttempts = 2,
        Timeout = new Gcp.NetworkServices.Inputs.EdgeCacheOriginTimeoutArgs
        {
            ConnectTimeout = "10s",
        },
    });

    var instanceEdgeCacheService = new Gcp.NetworkServices.EdgeCacheService("instance", new()
    {
        Name = "my-service",
        Description = "some description",
        DisableQuic = true,
        DisableHttp2 = true,
        Labels = 
        {
            { "a", "b" },
        },
        Routing = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingArgs
        {
            HostRules = new[]
            {
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingHostRuleArgs
                {
                    Description = "host rule description",
                    Hosts = new[]
                    {
                        "sslcert.tf-test.club",
                    },
                    PathMatcher = "routes",
                },
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingHostRuleArgs
                {
                    Description = "host rule2",
                    Hosts = new[]
                    {
                        "sslcert.tf-test2.club",
                    },
                    PathMatcher = "routes",
                },
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingHostRuleArgs
                {
                    Description = "host rule3",
                    Hosts = new[]
                    {
                        "sslcert.tf-test3.club",
                    },
                    PathMatcher = "routesAdvanced",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherArgs
                {
                    Name = "routes",
                    RouteRules = new[]
                    {
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "a route rule to match against",
                            Priority = "1",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    PrefixMatch = "/",
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    CacheMode = "CACHE_ALL_STATIC",
                                    DefaultTtl = "3600s",
                                },
                            },
                            HeaderAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs
                            {
                                ResponseHeaderToAdds = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs
                                    {
                                        HeaderName = "x-cache-status",
                                        HeaderValue = "{cdn_cache_status}",
                                    },
                                },
                            },
                        },
                    },
                },
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherArgs
                {
                    Name = "routesAdvanced",
                    Description = "an advanced ruleset",
                    RouteRules = new[]
                    {
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "an advanced route rule to match against",
                            Priority = "1",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    PrefixMatch = "/potato/",
                                    QueryParameterMatches = new[]
                                    {
                                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs
                                        {
                                            Name = "debug",
                                            PresentMatch = true,
                                        },
                                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs
                                        {
                                            Name = "state",
                                            ExactMatch = "debug",
                                        },
                                    },
                                },
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    FullPathMatch = "/apple",
                                },
                            },
                            HeaderAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs
                            {
                                RequestHeaderToAdds = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs
                                    {
                                        HeaderName = "debug",
                                        HeaderValue = "true",
                                        Replace = true,
                                    },
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs
                                    {
                                        HeaderName = "potato",
                                        HeaderValue = "plant",
                                    },
                                },
                                ResponseHeaderToAdds = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs
                                    {
                                        HeaderName = "potato",
                                        HeaderValue = "plant",
                                        Replace = true,
                                    },
                                },
                                RequestHeaderToRemoves = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs
                                    {
                                        HeaderName = "prod",
                                    },
                                },
                                ResponseHeaderToRemoves = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs
                                    {
                                        HeaderName = "prod",
                                    },
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    CacheMode = "CACHE_ALL_STATIC",
                                    DefaultTtl = "3800s",
                                    ClientTtl = "3600s",
                                    MaxTtl = "9000s",
                                    CacheKeyPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs
                                    {
                                        IncludeProtocol = true,
                                        ExcludeHost = true,
                                        IncludedQueryParameters = new[]
                                        {
                                            "apple",
                                            "dev",
                                            "santa",
                                            "claus",
                                        },
                                        IncludedHeaderNames = new[]
                                        {
                                            "banana",
                                        },
                                        IncludedCookieNames = new[]
                                        {
                                            "orange",
                                        },
                                    },
                                    NegativeCaching = true,
                                    SignedRequestMode = "DISABLED",
                                    NegativeCachingPolicy = 
                                    {
                                        { "500", "3000s" },
                                    },
                                },
                                UrlRewrite = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs
                                {
                                    PathPrefixRewrite = "/dev",
                                    HostRewrite = "dev.club",
                                },
                                CorsPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs
                                {
                                    MaxAge = "2500s",
                                    AllowCredentials = true,
                                    AllowOrigins = new[]
                                    {
                                        "*",
                                    },
                                    AllowMethods = new[]
                                    {
                                        "GET",
                                    },
                                    AllowHeaders = new[]
                                    {
                                        "dev",
                                    },
                                    ExposeHeaders = new[]
                                    {
                                        "prod",
                                    },
                                },
                            },
                        },
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "a second route rule to match against",
                            Priority = "2",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    FullPathMatch = "/yay",
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    CacheMode = "CACHE_ALL_STATIC",
                                    DefaultTtl = "3600s",
                                    CacheKeyPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs
                                    {
                                        ExcludedQueryParameters = new[]
                                        {
                                            "dev",
                                        },
                                    },
                                },
                                CorsPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs
                                {
                                    MaxAge = "3000s",
                                    AllowHeaders = new[]
                                    {
                                        "dev",
                                    },
                                    Disabled = true,
                                },
                            },
                        },
                    },
                },
            },
        },
        LogConfig = new Gcp.NetworkServices.Inputs.EdgeCacheServiceLogConfigArgs
        {
            Enable = true,
            SampleRate = 0.01,
        },
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.storage.Bucket;
import com.pulumi.gcp.storage.BucketArgs;
import com.pulumi.gcp.networkservices.EdgeCacheOrigin;
import com.pulumi.gcp.networkservices.EdgeCacheOriginArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheOriginTimeoutArgs;
import com.pulumi.gcp.networkservices.EdgeCacheService;
import com.pulumi.gcp.networkservices.EdgeCacheServiceArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheServiceRoutingArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheServiceLogConfigArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var dest = new Bucket("dest", BucketArgs.builder()
            .name("my-bucket")
            .location("US")
            .forceDestroy(true)
            .build());

        var google = new EdgeCacheOrigin("google", EdgeCacheOriginArgs.builder()
            .name("origin-google")
            .originAddress("google.com")
            .description("The default bucket for media edge test")
            .maxAttempts(2)
            .timeout(EdgeCacheOriginTimeoutArgs.builder()
                .connectTimeout("10s")
                .build())
            .build());

        var instance = new EdgeCacheOrigin("instance", EdgeCacheOriginArgs.builder()
            .name("my-origin")
            .originAddress(dest.url())
            .description("The default bucket for media edge test")
            .maxAttempts(2)
            .timeout(EdgeCacheOriginTimeoutArgs.builder()
                .connectTimeout("10s")
                .build())
            .build());

        var instanceEdgeCacheService = new EdgeCacheService("instanceEdgeCacheService", EdgeCacheServiceArgs.builder()
            .name("my-service")
            .description("some description")
            .disableQuic(true)
            .disableHttp2(true)
            .labels(Map.of("a", "b"))
            .routing(EdgeCacheServiceRoutingArgs.builder()
                .hostRules(                
                    EdgeCacheServiceRoutingHostRuleArgs.builder()
                        .description("host rule description")
                        .hosts("sslcert.tf-test.club")
                        .pathMatcher("routes")
                        .build(),
                    EdgeCacheServiceRoutingHostRuleArgs.builder()
                        .description("host rule2")
                        .hosts("sslcert.tf-test2.club")
                        .pathMatcher("routes")
                        .build(),
                    EdgeCacheServiceRoutingHostRuleArgs.builder()
                        .description("host rule3")
                        .hosts("sslcert.tf-test3.club")
                        .pathMatcher("routesAdvanced")
                        .build())
                .pathMatchers(                
                    EdgeCacheServiceRoutingPathMatcherArgs.builder()
                        .name("routes")
                        .routeRules(EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                            .description("a route rule to match against")
                            .priority(1)
                            .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                .prefixMatch("/")
                                .build())
                            .origin(instance.name())
                            .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                                .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                    .cacheMode("CACHE_ALL_STATIC")
                                    .defaultTtl("3600s")
                                    .build())
                                .build())
                            .headerAction(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs.builder()
                                .responseHeaderToAdds(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs.builder()
                                    .headerName("x-cache-status")
                                    .headerValue("{cdn_cache_status}")
                                    .build())
                                .build())
                            .build())
                        .build(),
                    EdgeCacheServiceRoutingPathMatcherArgs.builder()
                        .name("routesAdvanced")
                        .description("an advanced ruleset")
                        .routeRules(                        
                            EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                                .description("an advanced route rule to match against")
                                .priority(1)
                                .matchRules(                                
                                    EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                        .prefixMatch("/potato/")
                                        .queryParameterMatches(                                        
                                            EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs.builder()
                                                .name("debug")
                                                .presentMatch(true)
                                                .build(),
                                            EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs.builder()
                                                .name("state")
                                                .exactMatch("debug")
                                                .build())
                                        .build(),
                                    EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                        .fullPathMatch("/apple")
                                        .build())
                                .headerAction(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs.builder()
                                    .requestHeaderToAdds(                                    
                                        EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs.builder()
                                            .headerName("debug")
                                            .headerValue("true")
                                            .replace(true)
                                            .build(),
                                        EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs.builder()
                                            .headerName("potato")
                                            .headerValue("plant")
                                            .build())
                                    .responseHeaderToAdds(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs.builder()
                                        .headerName("potato")
                                        .headerValue("plant")
                                        .replace(true)
                                        .build())
                                    .requestHeaderToRemoves(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs.builder()
                                        .headerName("prod")
                                        .build())
                                    .responseHeaderToRemoves(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs.builder()
                                        .headerName("prod")
                                        .build())
                                    .build())
                                .origin(instance.name())
                                .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                                    .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                        .cacheMode("CACHE_ALL_STATIC")
                                        .defaultTtl("3800s")
                                        .clientTtl("3600s")
                                        .maxTtl("9000s")
                                        .cacheKeyPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs.builder()
                                            .includeProtocol(true)
                                            .excludeHost(true)
                                            .includedQueryParameters(                                            
                                                "apple",
                                                "dev",
                                                "santa",
                                                "claus")
                                            .includedHeaderNames("banana")
                                            .includedCookieNames("orange")
                                            .build())
                                        .negativeCaching(true)
                                        .signedRequestMode("DISABLED")
                                        .negativeCachingPolicy(Map.of("500", "3000s"))
                                        .build())
                                    .urlRewrite(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs.builder()
                                        .pathPrefixRewrite("/dev")
                                        .hostRewrite("dev.club")
                                        .build())
                                    .corsPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs.builder()
                                        .maxAge("2500s")
                                        .allowCredentials(true)
                                        .allowOrigins("*")
                                        .allowMethods("GET")
                                        .allowHeaders("dev")
                                        .exposeHeaders("prod")
                                        .build())
                                    .build())
                                .build(),
                            EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                                .description("a second route rule to match against")
                                .priority(2)
                                .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                    .fullPathMatch("/yay")
                                    .build())
                                .origin(instance.name())
                                .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                                    .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                        .cacheMode("CACHE_ALL_STATIC")
                                        .defaultTtl("3600s")
                                        .cacheKeyPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs.builder()
                                            .excludedQueryParameters("dev")
                                            .build())
                                        .build())
                                    .corsPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs.builder()
                                        .maxAge("3000s")
                                        .allowHeaders("dev")
                                        .disabled(true)
                                        .build())
                                    .build())
                                .build())
                        .build())
                .build())
            .logConfig(EdgeCacheServiceLogConfigArgs.builder()
                .enable(true)
                .sampleRate(0.01)
                .build())
            .build());

    }
}
Copy
resources:
  dest:
    type: gcp:storage:Bucket
    properties:
      name: my-bucket
      location: US
      forceDestroy: true
  google:
    type: gcp:networkservices:EdgeCacheOrigin
    properties:
      name: origin-google
      originAddress: google.com
      description: The default bucket for media edge test
      maxAttempts: 2
      timeout:
        connectTimeout: 10s
  instance:
    type: gcp:networkservices:EdgeCacheOrigin
    properties:
      name: my-origin
      originAddress: ${dest.url}
      description: The default bucket for media edge test
      maxAttempts: 2
      timeout:
        connectTimeout: 10s
  instanceEdgeCacheService:
    type: gcp:networkservices:EdgeCacheService
    name: instance
    properties:
      name: my-service
      description: some description
      disableQuic: true
      disableHttp2: true
      labels:
        a: b
      routing:
        hostRules:
          - description: host rule description
            hosts:
              - sslcert.tf-test.club
            pathMatcher: routes
          - description: host rule2
            hosts:
              - sslcert.tf-test2.club
            pathMatcher: routes
          - description: host rule3
            hosts:
              - sslcert.tf-test3.club
            pathMatcher: routesAdvanced
        pathMatchers:
          - name: routes
            routeRules:
              - description: a route rule to match against
                priority: 1
                matchRules:
                  - prefixMatch: /
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    cacheMode: CACHE_ALL_STATIC
                    defaultTtl: 3600s
                headerAction:
                  responseHeaderToAdds:
                    - headerName: x-cache-status
                      headerValue: '{cdn_cache_status}'
          - name: routesAdvanced
            description: an advanced ruleset
            routeRules:
              - description: an advanced route rule to match against
                priority: 1
                matchRules:
                  - prefixMatch: /potato/
                    queryParameterMatches:
                      - name: debug
                        presentMatch: true
                      - name: state
                        exactMatch: debug
                  - fullPathMatch: /apple
                headerAction:
                  requestHeaderToAdds:
                    - headerName: debug
                      headerValue: 'true'
                      replace: true
                    - headerName: potato
                      headerValue: plant
                  responseHeaderToAdds:
                    - headerName: potato
                      headerValue: plant
                      replace: true
                  requestHeaderToRemoves:
                    - headerName: prod
                  responseHeaderToRemoves:
                    - headerName: prod
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    cacheMode: CACHE_ALL_STATIC
                    defaultTtl: 3800s
                    clientTtl: 3600s
                    maxTtl: 9000s
                    cacheKeyPolicy:
                      includeProtocol: true
                      excludeHost: true
                      includedQueryParameters:
                        - apple
                        - dev
                        - santa
                        - claus
                      includedHeaderNames:
                        - banana
                      includedCookieNames:
                        - orange
                    negativeCaching: true
                    signedRequestMode: DISABLED
                    negativeCachingPolicy:
                      '500': 3000s
                  urlRewrite:
                    pathPrefixRewrite: /dev
                    hostRewrite: dev.club
                  corsPolicy:
                    maxAge: 2500s
                    allowCredentials: true
                    allowOrigins:
                      - '*'
                    allowMethods:
                      - GET
                    allowHeaders:
                      - dev
                    exposeHeaders:
                      - prod
              - description: a second route rule to match against
                priority: 2
                matchRules:
                  - fullPathMatch: /yay
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    cacheMode: CACHE_ALL_STATIC
                    defaultTtl: 3600s
                    cacheKeyPolicy:
                      excludedQueryParameters:
                        - dev
                  corsPolicy:
                    maxAge: 3000s
                    allowHeaders:
                      - dev
                    disabled: true
      logConfig:
        enable: true
        sampleRate: 0.01
Copy

Network Services Edge Cache Service Dual Token

import * as pulumi from "@pulumi/pulumi";
import * as gcp from "@pulumi/gcp";

const secret_basic = new gcp.secretmanager.Secret("secret-basic", {
    secretId: "secret-name",
    replication: {
        auto: {},
    },
});
const secret_version_basic = new gcp.secretmanager.SecretVersion("secret-version-basic", {
    secret: secret_basic.id,
    secretData: "secret-data",
});
const keyset = new gcp.networkservices.EdgeCacheKeyset("keyset", {
    name: "keyset-name",
    description: "The default keyset",
    publicKeys: [{
        id: "my-public-key",
        managed: true,
    }],
    validationSharedKeys: [{
        secretVersion: secret_version_basic.id,
    }],
});
const instance = new gcp.networkservices.EdgeCacheOrigin("instance", {
    name: "my-origin",
    originAddress: "gs://media-edge-default",
    description: "The default bucket for media edge test",
});
const instanceEdgeCacheService = new gcp.networkservices.EdgeCacheService("instance", {
    name: "my-service",
    description: "some description",
    routing: {
        hostRules: [{
            description: "host rule description",
            hosts: ["sslcert.tf-test.club"],
            pathMatcher: "routes",
        }],
        pathMatchers: [{
            name: "routes",
            routeRules: [
                {
                    description: "a route rule to match against master playlist",
                    priority: "1",
                    matchRules: [{
                        pathTemplateMatch: "/master.m3u8",
                    }],
                    origin: instance.name,
                    routeAction: {
                        cdnPolicy: {
                            signedRequestMode: "REQUIRE_TOKENS",
                            signedRequestKeyset: keyset.id,
                            signedTokenOptions: {
                                tokenQueryParameter: "edge-cache-token",
                            },
                            signedRequestMaximumExpirationTtl: "600s",
                            addSignatures: {
                                actions: "GENERATE_COOKIE",
                                keyset: keyset.id,
                                copiedParameters: [
                                    "PathGlobs",
                                    "SessionID",
                                ],
                            },
                        },
                    },
                },
                {
                    description: "a route rule to match against all playlists",
                    priority: "2",
                    matchRules: [{
                        pathTemplateMatch: "/*.m3u8",
                    }],
                    origin: instance.name,
                    routeAction: {
                        cdnPolicy: {
                            signedRequestMode: "REQUIRE_TOKENS",
                            signedRequestKeyset: keyset.id,
                            signedTokenOptions: {
                                tokenQueryParameter: "hdnts",
                                allowedSignatureAlgorithms: [
                                    "ED25519",
                                    "HMAC_SHA_256",
                                    "HMAC_SHA1",
                                ],
                            },
                            addSignatures: {
                                actions: "GENERATE_TOKEN_HLS_COOKIELESS",
                                keyset: keyset.id,
                                tokenTtl: "1200s",
                                tokenQueryParameter: "hdntl",
                                copiedParameters: ["URLPrefix"],
                            },
                        },
                    },
                },
                {
                    description: "a route rule to match against",
                    priority: "3",
                    matchRules: [{
                        pathTemplateMatch: "/**.m3u8",
                    }],
                    origin: instance.name,
                    routeAction: {
                        cdnPolicy: {
                            signedRequestMode: "REQUIRE_TOKENS",
                            signedRequestKeyset: keyset.id,
                            signedTokenOptions: {
                                tokenQueryParameter: "hdntl",
                            },
                            addSignatures: {
                                actions: "PROPAGATE_TOKEN_HLS_COOKIELESS",
                                tokenQueryParameter: "hdntl",
                            },
                        },
                    },
                },
            ],
        }],
    },
});
Copy
import pulumi
import pulumi_gcp as gcp

secret_basic = gcp.secretmanager.Secret("secret-basic",
    secret_id="secret-name",
    replication={
        "auto": {},
    })
secret_version_basic = gcp.secretmanager.SecretVersion("secret-version-basic",
    secret=secret_basic.id,
    secret_data="secret-data")
keyset = gcp.networkservices.EdgeCacheKeyset("keyset",
    name="keyset-name",
    description="The default keyset",
    public_keys=[{
        "id": "my-public-key",
        "managed": True,
    }],
    validation_shared_keys=[{
        "secret_version": secret_version_basic.id,
    }])
instance = gcp.networkservices.EdgeCacheOrigin("instance",
    name="my-origin",
    origin_address="gs://media-edge-default",
    description="The default bucket for media edge test")
instance_edge_cache_service = gcp.networkservices.EdgeCacheService("instance",
    name="my-service",
    description="some description",
    routing={
        "host_rules": [{
            "description": "host rule description",
            "hosts": ["sslcert.tf-test.club"],
            "path_matcher": "routes",
        }],
        "path_matchers": [{
            "name": "routes",
            "route_rules": [
                {
                    "description": "a route rule to match against master playlist",
                    "priority": "1",
                    "match_rules": [{
                        "path_template_match": "/master.m3u8",
                    }],
                    "origin": instance.name,
                    "route_action": {
                        "cdn_policy": {
                            "signed_request_mode": "REQUIRE_TOKENS",
                            "signed_request_keyset": keyset.id,
                            "signed_token_options": {
                                "token_query_parameter": "edge-cache-token",
                            },
                            "signed_request_maximum_expiration_ttl": "600s",
                            "add_signatures": {
                                "actions": "GENERATE_COOKIE",
                                "keyset": keyset.id,
                                "copied_parameters": [
                                    "PathGlobs",
                                    "SessionID",
                                ],
                            },
                        },
                    },
                },
                {
                    "description": "a route rule to match against all playlists",
                    "priority": "2",
                    "match_rules": [{
                        "path_template_match": "/*.m3u8",
                    }],
                    "origin": instance.name,
                    "route_action": {
                        "cdn_policy": {
                            "signed_request_mode": "REQUIRE_TOKENS",
                            "signed_request_keyset": keyset.id,
                            "signed_token_options": {
                                "token_query_parameter": "hdnts",
                                "allowed_signature_algorithms": [
                                    "ED25519",
                                    "HMAC_SHA_256",
                                    "HMAC_SHA1",
                                ],
                            },
                            "add_signatures": {
                                "actions": "GENERATE_TOKEN_HLS_COOKIELESS",
                                "keyset": keyset.id,
                                "token_ttl": "1200s",
                                "token_query_parameter": "hdntl",
                                "copied_parameters": ["URLPrefix"],
                            },
                        },
                    },
                },
                {
                    "description": "a route rule to match against",
                    "priority": "3",
                    "match_rules": [{
                        "path_template_match": "/**.m3u8",
                    }],
                    "origin": instance.name,
                    "route_action": {
                        "cdn_policy": {
                            "signed_request_mode": "REQUIRE_TOKENS",
                            "signed_request_keyset": keyset.id,
                            "signed_token_options": {
                                "token_query_parameter": "hdntl",
                            },
                            "add_signatures": {
                                "actions": "PROPAGATE_TOKEN_HLS_COOKIELESS",
                                "token_query_parameter": "hdntl",
                            },
                        },
                    },
                },
            ],
        }],
    })
Copy
package main

import (
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/networkservices"
	"github.com/pulumi/pulumi-gcp/sdk/v8/go/gcp/secretmanager"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		secret_basic, err := secretmanager.NewSecret(ctx, "secret-basic", &secretmanager.SecretArgs{
			SecretId: pulumi.String("secret-name"),
			Replication: &secretmanager.SecretReplicationArgs{
				Auto: &secretmanager.SecretReplicationAutoArgs{},
			},
		})
		if err != nil {
			return err
		}
		secret_version_basic, err := secretmanager.NewSecretVersion(ctx, "secret-version-basic", &secretmanager.SecretVersionArgs{
			Secret:     secret_basic.ID(),
			SecretData: pulumi.String("secret-data"),
		})
		if err != nil {
			return err
		}
		keyset, err := networkservices.NewEdgeCacheKeyset(ctx, "keyset", &networkservices.EdgeCacheKeysetArgs{
			Name:        pulumi.String("keyset-name"),
			Description: pulumi.String("The default keyset"),
			PublicKeys: networkservices.EdgeCacheKeysetPublicKeyArray{
				&networkservices.EdgeCacheKeysetPublicKeyArgs{
					Id:      pulumi.String("my-public-key"),
					Managed: pulumi.Bool(true),
				},
			},
			ValidationSharedKeys: networkservices.EdgeCacheKeysetValidationSharedKeyArray{
				&networkservices.EdgeCacheKeysetValidationSharedKeyArgs{
					SecretVersion: secret_version_basic.ID(),
				},
			},
		})
		if err != nil {
			return err
		}
		instance, err := networkservices.NewEdgeCacheOrigin(ctx, "instance", &networkservices.EdgeCacheOriginArgs{
			Name:          pulumi.String("my-origin"),
			OriginAddress: pulumi.String("gs://media-edge-default"),
			Description:   pulumi.String("The default bucket for media edge test"),
		})
		if err != nil {
			return err
		}
		_, err = networkservices.NewEdgeCacheService(ctx, "instance", &networkservices.EdgeCacheServiceArgs{
			Name:        pulumi.String("my-service"),
			Description: pulumi.String("some description"),
			Routing: &networkservices.EdgeCacheServiceRoutingArgs{
				HostRules: networkservices.EdgeCacheServiceRoutingHostRuleArray{
					&networkservices.EdgeCacheServiceRoutingHostRuleArgs{
						Description: pulumi.String("host rule description"),
						Hosts: pulumi.StringArray{
							pulumi.String("sslcert.tf-test.club"),
						},
						PathMatcher: pulumi.String("routes"),
					},
				},
				PathMatchers: networkservices.EdgeCacheServiceRoutingPathMatcherArray{
					&networkservices.EdgeCacheServiceRoutingPathMatcherArgs{
						Name: pulumi.String("routes"),
						RouteRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArray{
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("a route rule to match against master playlist"),
								Priority:    pulumi.String("1"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										PathTemplateMatch: pulumi.String("/master.m3u8"),
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										SignedRequestMode:   pulumi.String("REQUIRE_TOKENS"),
										SignedRequestKeyset: keyset.ID(),
										SignedTokenOptions: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs{
											TokenQueryParameter: pulumi.String("edge-cache-token"),
										},
										SignedRequestMaximumExpirationTtl: pulumi.String("600s"),
										AddSignatures: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs{
											Actions: pulumi.String("GENERATE_COOKIE"),
											Keyset:  keyset.ID(),
											CopiedParameters: pulumi.StringArray{
												pulumi.String("PathGlobs"),
												pulumi.String("SessionID"),
											},
										},
									},
								},
							},
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("a route rule to match against all playlists"),
								Priority:    pulumi.String("2"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										PathTemplateMatch: pulumi.String("/*.m3u8"),
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										SignedRequestMode:   pulumi.String("REQUIRE_TOKENS"),
										SignedRequestKeyset: keyset.ID(),
										SignedTokenOptions: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs{
											TokenQueryParameter: pulumi.String("hdnts"),
											AllowedSignatureAlgorithms: pulumi.StringArray{
												pulumi.String("ED25519"),
												pulumi.String("HMAC_SHA_256"),
												pulumi.String("HMAC_SHA1"),
											},
										},
										AddSignatures: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs{
											Actions:             pulumi.String("GENERATE_TOKEN_HLS_COOKIELESS"),
											Keyset:              keyset.ID(),
											TokenTtl:            pulumi.String("1200s"),
											TokenQueryParameter: pulumi.String("hdntl"),
											CopiedParameters: pulumi.StringArray{
												pulumi.String("URLPrefix"),
											},
										},
									},
								},
							},
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
								Description: pulumi.String("a route rule to match against"),
								Priority:    pulumi.String("3"),
								MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
										PathTemplateMatch: pulumi.String("/**.m3u8"),
									},
								},
								Origin: instance.Name,
								RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
									CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
										SignedRequestMode:   pulumi.String("REQUIRE_TOKENS"),
										SignedRequestKeyset: keyset.ID(),
										SignedTokenOptions: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs{
											TokenQueryParameter: pulumi.String("hdntl"),
										},
										AddSignatures: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs{
											Actions:             pulumi.String("PROPAGATE_TOKEN_HLS_COOKIELESS"),
											TokenQueryParameter: pulumi.String("hdntl"),
										},
									},
								},
							},
						},
					},
				},
			},
		})
		if err != nil {
			return err
		}
		return nil
	})
}
Copy
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Gcp = Pulumi.Gcp;

return await Deployment.RunAsync(() => 
{
    var secret_basic = new Gcp.SecretManager.Secret("secret-basic", new()
    {
        SecretId = "secret-name",
        Replication = new Gcp.SecretManager.Inputs.SecretReplicationArgs
        {
            Auto = null,
        },
    });

    var secret_version_basic = new Gcp.SecretManager.SecretVersion("secret-version-basic", new()
    {
        Secret = secret_basic.Id,
        SecretData = "secret-data",
    });

    var keyset = new Gcp.NetworkServices.EdgeCacheKeyset("keyset", new()
    {
        Name = "keyset-name",
        Description = "The default keyset",
        PublicKeys = new[]
        {
            new Gcp.NetworkServices.Inputs.EdgeCacheKeysetPublicKeyArgs
            {
                Id = "my-public-key",
                Managed = true,
            },
        },
        ValidationSharedKeys = new[]
        {
            new Gcp.NetworkServices.Inputs.EdgeCacheKeysetValidationSharedKeyArgs
            {
                SecretVersion = secret_version_basic.Id,
            },
        },
    });

    var instance = new Gcp.NetworkServices.EdgeCacheOrigin("instance", new()
    {
        Name = "my-origin",
        OriginAddress = "gs://media-edge-default",
        Description = "The default bucket for media edge test",
    });

    var instanceEdgeCacheService = new Gcp.NetworkServices.EdgeCacheService("instance", new()
    {
        Name = "my-service",
        Description = "some description",
        Routing = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingArgs
        {
            HostRules = new[]
            {
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingHostRuleArgs
                {
                    Description = "host rule description",
                    Hosts = new[]
                    {
                        "sslcert.tf-test.club",
                    },
                    PathMatcher = "routes",
                },
            },
            PathMatchers = new[]
            {
                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherArgs
                {
                    Name = "routes",
                    RouteRules = new[]
                    {
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "a route rule to match against master playlist",
                            Priority = "1",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    PathTemplateMatch = "/master.m3u8",
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    SignedRequestMode = "REQUIRE_TOKENS",
                                    SignedRequestKeyset = keyset.Id,
                                    SignedTokenOptions = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs
                                    {
                                        TokenQueryParameter = "edge-cache-token",
                                    },
                                    SignedRequestMaximumExpirationTtl = "600s",
                                    AddSignatures = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs
                                    {
                                        Actions = "GENERATE_COOKIE",
                                        Keyset = keyset.Id,
                                        CopiedParameters = new[]
                                        {
                                            "PathGlobs",
                                            "SessionID",
                                        },
                                    },
                                },
                            },
                        },
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "a route rule to match against all playlists",
                            Priority = "2",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    PathTemplateMatch = "/*.m3u8",
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    SignedRequestMode = "REQUIRE_TOKENS",
                                    SignedRequestKeyset = keyset.Id,
                                    SignedTokenOptions = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs
                                    {
                                        TokenQueryParameter = "hdnts",
                                        AllowedSignatureAlgorithms = new[]
                                        {
                                            "ED25519",
                                            "HMAC_SHA_256",
                                            "HMAC_SHA1",
                                        },
                                    },
                                    AddSignatures = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs
                                    {
                                        Actions = "GENERATE_TOKEN_HLS_COOKIELESS",
                                        Keyset = keyset.Id,
                                        TokenTtl = "1200s",
                                        TokenQueryParameter = "hdntl",
                                        CopiedParameters = new[]
                                        {
                                            "URLPrefix",
                                        },
                                    },
                                },
                            },
                        },
                        new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                        {
                            Description = "a route rule to match against",
                            Priority = "3",
                            MatchRules = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                                {
                                    PathTemplateMatch = "/**.m3u8",
                                },
                            },
                            Origin = instance.Name,
                            RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                            {
                                CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                                {
                                    SignedRequestMode = "REQUIRE_TOKENS",
                                    SignedRequestKeyset = keyset.Id,
                                    SignedTokenOptions = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs
                                    {
                                        TokenQueryParameter = "hdntl",
                                    },
                                    AddSignatures = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs
                                    {
                                        Actions = "PROPAGATE_TOKEN_HLS_COOKIELESS",
                                        TokenQueryParameter = "hdntl",
                                    },
                                },
                            },
                        },
                    },
                },
            },
        },
    });

});
Copy
package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.gcp.secretmanager.Secret;
import com.pulumi.gcp.secretmanager.SecretArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationArgs;
import com.pulumi.gcp.secretmanager.inputs.SecretReplicationAutoArgs;
import com.pulumi.gcp.secretmanager.SecretVersion;
import com.pulumi.gcp.secretmanager.SecretVersionArgs;
import com.pulumi.gcp.networkservices.EdgeCacheKeyset;
import com.pulumi.gcp.networkservices.EdgeCacheKeysetArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheKeysetPublicKeyArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheKeysetValidationSharedKeyArgs;
import com.pulumi.gcp.networkservices.EdgeCacheOrigin;
import com.pulumi.gcp.networkservices.EdgeCacheOriginArgs;
import com.pulumi.gcp.networkservices.EdgeCacheService;
import com.pulumi.gcp.networkservices.EdgeCacheServiceArgs;
import com.pulumi.gcp.networkservices.inputs.EdgeCacheServiceRoutingArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var secret_basic = new Secret("secret-basic", SecretArgs.builder()
            .secretId("secret-name")
            .replication(SecretReplicationArgs.builder()
                .auto()
                .build())
            .build());

        var secret_version_basic = new SecretVersion("secret-version-basic", SecretVersionArgs.builder()
            .secret(secret_basic.id())
            .secretData("secret-data")
            .build());

        var keyset = new EdgeCacheKeyset("keyset", EdgeCacheKeysetArgs.builder()
            .name("keyset-name")
            .description("The default keyset")
            .publicKeys(EdgeCacheKeysetPublicKeyArgs.builder()
                .id("my-public-key")
                .managed(true)
                .build())
            .validationSharedKeys(EdgeCacheKeysetValidationSharedKeyArgs.builder()
                .secretVersion(secret_version_basic.id())
                .build())
            .build());

        var instance = new EdgeCacheOrigin("instance", EdgeCacheOriginArgs.builder()
            .name("my-origin")
            .originAddress("gs://media-edge-default")
            .description("The default bucket for media edge test")
            .build());

        var instanceEdgeCacheService = new EdgeCacheService("instanceEdgeCacheService", EdgeCacheServiceArgs.builder()
            .name("my-service")
            .description("some description")
            .routing(EdgeCacheServiceRoutingArgs.builder()
                .hostRules(EdgeCacheServiceRoutingHostRuleArgs.builder()
                    .description("host rule description")
                    .hosts("sslcert.tf-test.club")
                    .pathMatcher("routes")
                    .build())
                .pathMatchers(EdgeCacheServiceRoutingPathMatcherArgs.builder()
                    .name("routes")
                    .routeRules(                    
                        EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                            .description("a route rule to match against master playlist")
                            .priority(1)
                            .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                .pathTemplateMatch("/master.m3u8")
                                .build())
                            .origin(instance.name())
                            .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                                .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                    .signedRequestMode("REQUIRE_TOKENS")
                                    .signedRequestKeyset(keyset.id())
                                    .signedTokenOptions(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs.builder()
                                        .tokenQueryParameter("edge-cache-token")
                                        .build())
                                    .signedRequestMaximumExpirationTtl("600s")
                                    .addSignatures(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs.builder()
                                        .actions("GENERATE_COOKIE")
                                        .keyset(keyset.id())
                                        .copiedParameters(                                        
                                            "PathGlobs",
                                            "SessionID")
                                        .build())
                                    .build())
                                .build())
                            .build(),
                        EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                            .description("a route rule to match against all playlists")
                            .priority(2)
                            .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                .pathTemplateMatch("/*.m3u8")
                                .build())
                            .origin(instance.name())
                            .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                                .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                    .signedRequestMode("REQUIRE_TOKENS")
                                    .signedRequestKeyset(keyset.id())
                                    .signedTokenOptions(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs.builder()
                                        .tokenQueryParameter("hdnts")
                                        .allowedSignatureAlgorithms(                                        
                                            "ED25519",
                                            "HMAC_SHA_256",
                                            "HMAC_SHA1")
                                        .build())
                                    .addSignatures(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs.builder()
                                        .actions("GENERATE_TOKEN_HLS_COOKIELESS")
                                        .keyset(keyset.id())
                                        .tokenTtl("1200s")
                                        .tokenQueryParameter("hdntl")
                                        .copiedParameters("URLPrefix")
                                        .build())
                                    .build())
                                .build())
                            .build(),
                        EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                            .description("a route rule to match against")
                            .priority(3)
                            .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                                .pathTemplateMatch("/**.m3u8")
                                .build())
                            .origin(instance.name())
                            .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                                .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                                    .signedRequestMode("REQUIRE_TOKENS")
                                    .signedRequestKeyset(keyset.id())
                                    .signedTokenOptions(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs.builder()
                                        .tokenQueryParameter("hdntl")
                                        .build())
                                    .addSignatures(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs.builder()
                                        .actions("PROPAGATE_TOKEN_HLS_COOKIELESS")
                                        .tokenQueryParameter("hdntl")
                                        .build())
                                    .build())
                                .build())
                            .build())
                    .build())
                .build())
            .build());

    }
}
Copy
resources:
  secret-basic:
    type: gcp:secretmanager:Secret
    properties:
      secretId: secret-name
      replication:
        auto: {}
  secret-version-basic:
    type: gcp:secretmanager:SecretVersion
    properties:
      secret: ${["secret-basic"].id}
      secretData: secret-data
  keyset:
    type: gcp:networkservices:EdgeCacheKeyset
    properties:
      name: keyset-name
      description: The default keyset
      publicKeys:
        - id: my-public-key
          managed: true
      validationSharedKeys:
        - secretVersion: ${["secret-version-basic"].id}
  instance:
    type: gcp:networkservices:EdgeCacheOrigin
    properties:
      name: my-origin
      originAddress: gs://media-edge-default
      description: The default bucket for media edge test
  instanceEdgeCacheService:
    type: gcp:networkservices:EdgeCacheService
    name: instance
    properties:
      name: my-service
      description: some description
      routing:
        hostRules:
          - description: host rule description
            hosts:
              - sslcert.tf-test.club
            pathMatcher: routes
        pathMatchers:
          - name: routes
            routeRules:
              - description: a route rule to match against master playlist
                priority: 1
                matchRules:
                  - pathTemplateMatch: /master.m3u8
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    signedRequestMode: REQUIRE_TOKENS
                    signedRequestKeyset: ${keyset.id}
                    signedTokenOptions:
                      tokenQueryParameter: edge-cache-token
                    signedRequestMaximumExpirationTtl: 600s
                    addSignatures:
                      actions: GENERATE_COOKIE
                      keyset: ${keyset.id}
                      copiedParameters:
                        - PathGlobs
                        - SessionID
              - description: a route rule to match against all playlists
                priority: 2
                matchRules:
                  - pathTemplateMatch: /*.m3u8
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    signedRequestMode: REQUIRE_TOKENS
                    signedRequestKeyset: ${keyset.id}
                    signedTokenOptions:
                      tokenQueryParameter: hdnts
                      allowedSignatureAlgorithms:
                        - ED25519
                        - HMAC_SHA_256
                        - HMAC_SHA1
                    addSignatures:
                      actions: GENERATE_TOKEN_HLS_COOKIELESS
                      keyset: ${keyset.id}
                      tokenTtl: 1200s
                      tokenQueryParameter: hdntl
                      copiedParameters:
                        - URLPrefix
              - description: a route rule to match against
                priority: 3
                matchRules:
                  - pathTemplateMatch: /**.m3u8
                origin: ${instance.name}
                routeAction:
                  cdnPolicy:
                    signedRequestMode: REQUIRE_TOKENS
                    signedRequestKeyset: ${keyset.id}
                    signedTokenOptions:
                      tokenQueryParameter: hdntl
                    addSignatures:
                      actions: PROPAGATE_TOKEN_HLS_COOKIELESS
                      tokenQueryParameter: hdntl
Copy

Create EdgeCacheService Resource

Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

Constructor syntax

new EdgeCacheService(name: string, args: EdgeCacheServiceArgs, opts?: CustomResourceOptions);
@overload
def EdgeCacheService(resource_name: str,
                     args: EdgeCacheServiceArgs,
                     opts: Optional[ResourceOptions] = None)

@overload
def EdgeCacheService(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     routing: Optional[EdgeCacheServiceRoutingArgs] = None,
                     description: Optional[str] = None,
                     disable_http2: Optional[bool] = None,
                     disable_quic: Optional[bool] = None,
                     edge_security_policy: Optional[str] = None,
                     edge_ssl_certificates: Optional[Sequence[str]] = None,
                     labels: Optional[Mapping[str, str]] = None,
                     log_config: Optional[EdgeCacheServiceLogConfigArgs] = None,
                     name: Optional[str] = None,
                     project: Optional[str] = None,
                     require_tls: Optional[bool] = None,
                     ssl_policy: Optional[str] = None)
func NewEdgeCacheService(ctx *Context, name string, args EdgeCacheServiceArgs, opts ...ResourceOption) (*EdgeCacheService, error)
public EdgeCacheService(string name, EdgeCacheServiceArgs args, CustomResourceOptions? opts = null)
public EdgeCacheService(String name, EdgeCacheServiceArgs args)
public EdgeCacheService(String name, EdgeCacheServiceArgs args, CustomResourceOptions options)
type: gcp:networkservices:EdgeCacheService
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

Parameters

name This property is required. string
The unique name of the resource.
args This property is required. EdgeCacheServiceArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
resource_name This property is required. str
The unique name of the resource.
args This property is required. EdgeCacheServiceArgs
The arguments to resource properties.
opts ResourceOptions
Bag of options to control resource's behavior.
ctx Context
Context object for the current deployment.
name This property is required. string
The unique name of the resource.
args This property is required. EdgeCacheServiceArgs
The arguments to resource properties.
opts ResourceOption
Bag of options to control resource's behavior.
name This property is required. string
The unique name of the resource.
args This property is required. EdgeCacheServiceArgs
The arguments to resource properties.
opts CustomResourceOptions
Bag of options to control resource's behavior.
name This property is required. String
The unique name of the resource.
args This property is required. EdgeCacheServiceArgs
The arguments to resource properties.
options CustomResourceOptions
Bag of options to control resource's behavior.

Constructor example

The following reference example uses placeholder values for all input properties.

var edgeCacheServiceResource = new Gcp.NetworkServices.EdgeCacheService("edgeCacheServiceResource", new()
{
    Routing = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingArgs
    {
        HostRules = new[]
        {
            new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingHostRuleArgs
            {
                Hosts = new[]
                {
                    "string",
                },
                PathMatcher = "string",
                Description = "string",
            },
        },
        PathMatchers = new[]
        {
            new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherArgs
            {
                Name = "string",
                RouteRules = new[]
                {
                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs
                    {
                        MatchRules = new[]
                        {
                            new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs
                            {
                                FullPathMatch = "string",
                                HeaderMatches = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatchArgs
                                    {
                                        HeaderName = "string",
                                        ExactMatch = "string",
                                        InvertMatch = false,
                                        PrefixMatch = "string",
                                        PresentMatch = false,
                                        SuffixMatch = "string",
                                    },
                                },
                                IgnoreCase = false,
                                PathTemplateMatch = "string",
                                PrefixMatch = "string",
                                QueryParameterMatches = new[]
                                {
                                    new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs
                                    {
                                        Name = "string",
                                        ExactMatch = "string",
                                        PresentMatch = false,
                                    },
                                },
                            },
                        },
                        Priority = "string",
                        Description = "string",
                        HeaderAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs
                        {
                            RequestHeaderToAdds = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs
                                {
                                    HeaderName = "string",
                                    HeaderValue = "string",
                                    Replace = false,
                                },
                            },
                            RequestHeaderToRemoves = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs
                                {
                                    HeaderName = "string",
                                },
                            },
                            ResponseHeaderToAdds = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs
                                {
                                    HeaderName = "string",
                                    HeaderValue = "string",
                                    Replace = false,
                                },
                            },
                            ResponseHeaderToRemoves = new[]
                            {
                                new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs
                                {
                                    HeaderName = "string",
                                },
                            },
                        },
                        Origin = "string",
                        RouteAction = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs
                        {
                            CdnPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs
                            {
                                AddSignatures = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs
                                {
                                    Actions = "string",
                                    CopiedParameters = new[]
                                    {
                                        "string",
                                    },
                                    Keyset = "string",
                                    TokenQueryParameter = "string",
                                    TokenTtl = "string",
                                },
                                CacheKeyPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs
                                {
                                    ExcludeHost = false,
                                    ExcludeQueryString = false,
                                    ExcludedQueryParameters = new[]
                                    {
                                        "string",
                                    },
                                    IncludeProtocol = false,
                                    IncludedCookieNames = new[]
                                    {
                                        "string",
                                    },
                                    IncludedHeaderNames = new[]
                                    {
                                        "string",
                                    },
                                    IncludedQueryParameters = new[]
                                    {
                                        "string",
                                    },
                                },
                                CacheMode = "string",
                                ClientTtl = "string",
                                DefaultTtl = "string",
                                MaxTtl = "string",
                                NegativeCaching = false,
                                NegativeCachingPolicy = 
                                {
                                    { "string", "string" },
                                },
                                SignedRequestKeyset = "string",
                                SignedRequestMaximumExpirationTtl = "string",
                                SignedRequestMode = "string",
                                SignedTokenOptions = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs
                                {
                                    AllowedSignatureAlgorithms = new[]
                                    {
                                        "string",
                                    },
                                    TokenQueryParameter = "string",
                                },
                            },
                            CompressionMode = "string",
                            CorsPolicy = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs
                            {
                                MaxAge = "string",
                                AllowCredentials = false,
                                AllowHeaders = new[]
                                {
                                    "string",
                                },
                                AllowMethods = new[]
                                {
                                    "string",
                                },
                                AllowOrigins = new[]
                                {
                                    "string",
                                },
                                Disabled = false,
                                ExposeHeaders = new[]
                                {
                                    "string",
                                },
                            },
                            UrlRewrite = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs
                            {
                                HostRewrite = "string",
                                PathPrefixRewrite = "string",
                                PathTemplateRewrite = "string",
                            },
                        },
                        RouteMethods = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethodsArgs
                        {
                            AllowedMethods = new[]
                            {
                                "string",
                            },
                        },
                        UrlRedirect = new Gcp.NetworkServices.Inputs.EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirectArgs
                        {
                            HostRedirect = "string",
                            HttpsRedirect = false,
                            PathRedirect = "string",
                            PrefixRedirect = "string",
                            RedirectResponseCode = "string",
                            StripQuery = false,
                        },
                    },
                },
                Description = "string",
            },
        },
    },
    Description = "string",
    DisableHttp2 = false,
    DisableQuic = false,
    EdgeSecurityPolicy = "string",
    EdgeSslCertificates = new[]
    {
        "string",
    },
    Labels = 
    {
        { "string", "string" },
    },
    LogConfig = new Gcp.NetworkServices.Inputs.EdgeCacheServiceLogConfigArgs
    {
        Enable = false,
        SampleRate = 0,
    },
    Name = "string",
    Project = "string",
    RequireTls = false,
    SslPolicy = "string",
});
Copy
example, err := networkservices.NewEdgeCacheService(ctx, "edgeCacheServiceResource", &networkservices.EdgeCacheServiceArgs{
	Routing: &networkservices.EdgeCacheServiceRoutingArgs{
		HostRules: networkservices.EdgeCacheServiceRoutingHostRuleArray{
			&networkservices.EdgeCacheServiceRoutingHostRuleArgs{
				Hosts: pulumi.StringArray{
					pulumi.String("string"),
				},
				PathMatcher: pulumi.String("string"),
				Description: pulumi.String("string"),
			},
		},
		PathMatchers: networkservices.EdgeCacheServiceRoutingPathMatcherArray{
			&networkservices.EdgeCacheServiceRoutingPathMatcherArgs{
				Name: pulumi.String("string"),
				RouteRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArray{
					&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleArgs{
						MatchRules: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArray{
							&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs{
								FullPathMatch: pulumi.String("string"),
								HeaderMatches: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatchArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatchArgs{
										HeaderName:   pulumi.String("string"),
										ExactMatch:   pulumi.String("string"),
										InvertMatch:  pulumi.Bool(false),
										PrefixMatch:  pulumi.String("string"),
										PresentMatch: pulumi.Bool(false),
										SuffixMatch:  pulumi.String("string"),
									},
								},
								IgnoreCase:        pulumi.Bool(false),
								PathTemplateMatch: pulumi.String("string"),
								PrefixMatch:       pulumi.String("string"),
								QueryParameterMatches: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArray{
									&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs{
										Name:         pulumi.String("string"),
										ExactMatch:   pulumi.String("string"),
										PresentMatch: pulumi.Bool(false),
									},
								},
							},
						},
						Priority:    pulumi.String("string"),
						Description: pulumi.String("string"),
						HeaderAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs{
							RequestHeaderToAdds: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArray{
								&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs{
									HeaderName:  pulumi.String("string"),
									HeaderValue: pulumi.String("string"),
									Replace:     pulumi.Bool(false),
								},
							},
							RequestHeaderToRemoves: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArray{
								&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs{
									HeaderName: pulumi.String("string"),
								},
							},
							ResponseHeaderToAdds: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArray{
								&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs{
									HeaderName:  pulumi.String("string"),
									HeaderValue: pulumi.String("string"),
									Replace:     pulumi.Bool(false),
								},
							},
							ResponseHeaderToRemoves: networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArray{
								&networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs{
									HeaderName: pulumi.String("string"),
								},
							},
						},
						Origin: pulumi.String("string"),
						RouteAction: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs{
							CdnPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs{
								AddSignatures: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs{
									Actions: pulumi.String("string"),
									CopiedParameters: pulumi.StringArray{
										pulumi.String("string"),
									},
									Keyset:              pulumi.String("string"),
									TokenQueryParameter: pulumi.String("string"),
									TokenTtl:            pulumi.String("string"),
								},
								CacheKeyPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs{
									ExcludeHost:        pulumi.Bool(false),
									ExcludeQueryString: pulumi.Bool(false),
									ExcludedQueryParameters: pulumi.StringArray{
										pulumi.String("string"),
									},
									IncludeProtocol: pulumi.Bool(false),
									IncludedCookieNames: pulumi.StringArray{
										pulumi.String("string"),
									},
									IncludedHeaderNames: pulumi.StringArray{
										pulumi.String("string"),
									},
									IncludedQueryParameters: pulumi.StringArray{
										pulumi.String("string"),
									},
								},
								CacheMode:       pulumi.String("string"),
								ClientTtl:       pulumi.String("string"),
								DefaultTtl:      pulumi.String("string"),
								MaxTtl:          pulumi.String("string"),
								NegativeCaching: pulumi.Bool(false),
								NegativeCachingPolicy: pulumi.StringMap{
									"string": pulumi.String("string"),
								},
								SignedRequestKeyset:               pulumi.String("string"),
								SignedRequestMaximumExpirationTtl: pulumi.String("string"),
								SignedRequestMode:                 pulumi.String("string"),
								SignedTokenOptions: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs{
									AllowedSignatureAlgorithms: pulumi.StringArray{
										pulumi.String("string"),
									},
									TokenQueryParameter: pulumi.String("string"),
								},
							},
							CompressionMode: pulumi.String("string"),
							CorsPolicy: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs{
								MaxAge:           pulumi.String("string"),
								AllowCredentials: pulumi.Bool(false),
								AllowHeaders: pulumi.StringArray{
									pulumi.String("string"),
								},
								AllowMethods: pulumi.StringArray{
									pulumi.String("string"),
								},
								AllowOrigins: pulumi.StringArray{
									pulumi.String("string"),
								},
								Disabled: pulumi.Bool(false),
								ExposeHeaders: pulumi.StringArray{
									pulumi.String("string"),
								},
							},
							UrlRewrite: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs{
								HostRewrite:         pulumi.String("string"),
								PathPrefixRewrite:   pulumi.String("string"),
								PathTemplateRewrite: pulumi.String("string"),
							},
						},
						RouteMethods: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethodsArgs{
							AllowedMethods: pulumi.StringArray{
								pulumi.String("string"),
							},
						},
						UrlRedirect: &networkservices.EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirectArgs{
							HostRedirect:         pulumi.String("string"),
							HttpsRedirect:        pulumi.Bool(false),
							PathRedirect:         pulumi.String("string"),
							PrefixRedirect:       pulumi.String("string"),
							RedirectResponseCode: pulumi.String("string"),
							StripQuery:           pulumi.Bool(false),
						},
					},
				},
				Description: pulumi.String("string"),
			},
		},
	},
	Description:        pulumi.String("string"),
	DisableHttp2:       pulumi.Bool(false),
	DisableQuic:        pulumi.Bool(false),
	EdgeSecurityPolicy: pulumi.String("string"),
	EdgeSslCertificates: pulumi.StringArray{
		pulumi.String("string"),
	},
	Labels: pulumi.StringMap{
		"string": pulumi.String("string"),
	},
	LogConfig: &networkservices.EdgeCacheServiceLogConfigArgs{
		Enable:     pulumi.Bool(false),
		SampleRate: pulumi.Float64(0),
	},
	Name:       pulumi.String("string"),
	Project:    pulumi.String("string"),
	RequireTls: pulumi.Bool(false),
	SslPolicy:  pulumi.String("string"),
})
Copy
var edgeCacheServiceResource = new EdgeCacheService("edgeCacheServiceResource", EdgeCacheServiceArgs.builder()
    .routing(EdgeCacheServiceRoutingArgs.builder()
        .hostRules(EdgeCacheServiceRoutingHostRuleArgs.builder()
            .hosts("string")
            .pathMatcher("string")
            .description("string")
            .build())
        .pathMatchers(EdgeCacheServiceRoutingPathMatcherArgs.builder()
            .name("string")
            .routeRules(EdgeCacheServiceRoutingPathMatcherRouteRuleArgs.builder()
                .matchRules(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs.builder()
                    .fullPathMatch("string")
                    .headerMatches(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatchArgs.builder()
                        .headerName("string")
                        .exactMatch("string")
                        .invertMatch(false)
                        .prefixMatch("string")
                        .presentMatch(false)
                        .suffixMatch("string")
                        .build())
                    .ignoreCase(false)
                    .pathTemplateMatch("string")
                    .prefixMatch("string")
                    .queryParameterMatches(EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs.builder()
                        .name("string")
                        .exactMatch("string")
                        .presentMatch(false)
                        .build())
                    .build())
                .priority("string")
                .description("string")
                .headerAction(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs.builder()
                    .requestHeaderToAdds(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs.builder()
                        .headerName("string")
                        .headerValue("string")
                        .replace(false)
                        .build())
                    .requestHeaderToRemoves(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs.builder()
                        .headerName("string")
                        .build())
                    .responseHeaderToAdds(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs.builder()
                        .headerName("string")
                        .headerValue("string")
                        .replace(false)
                        .build())
                    .responseHeaderToRemoves(EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs.builder()
                        .headerName("string")
                        .build())
                    .build())
                .origin("string")
                .routeAction(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs.builder()
                    .cdnPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs.builder()
                        .addSignatures(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs.builder()
                            .actions("string")
                            .copiedParameters("string")
                            .keyset("string")
                            .tokenQueryParameter("string")
                            .tokenTtl("string")
                            .build())
                        .cacheKeyPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs.builder()
                            .excludeHost(false)
                            .excludeQueryString(false)
                            .excludedQueryParameters("string")
                            .includeProtocol(false)
                            .includedCookieNames("string")
                            .includedHeaderNames("string")
                            .includedQueryParameters("string")
                            .build())
                        .cacheMode("string")
                        .clientTtl("string")
                        .defaultTtl("string")
                        .maxTtl("string")
                        .negativeCaching(false)
                        .negativeCachingPolicy(Map.of("string", "string"))
                        .signedRequestKeyset("string")
                        .signedRequestMaximumExpirationTtl("string")
                        .signedRequestMode("string")
                        .signedTokenOptions(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs.builder()
                            .allowedSignatureAlgorithms("string")
                            .tokenQueryParameter("string")
                            .build())
                        .build())
                    .compressionMode("string")
                    .corsPolicy(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs.builder()
                        .maxAge("string")
                        .allowCredentials(false)
                        .allowHeaders("string")
                        .allowMethods("string")
                        .allowOrigins("string")
                        .disabled(false)
                        .exposeHeaders("string")
                        .build())
                    .urlRewrite(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs.builder()
                        .hostRewrite("string")
                        .pathPrefixRewrite("string")
                        .pathTemplateRewrite("string")
                        .build())
                    .build())
                .routeMethods(EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethodsArgs.builder()
                    .allowedMethods("string")
                    .build())
                .urlRedirect(EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirectArgs.builder()
                    .hostRedirect("string")
                    .httpsRedirect(false)
                    .pathRedirect("string")
                    .prefixRedirect("string")
                    .redirectResponseCode("string")
                    .stripQuery(false)
                    .build())
                .build())
            .description("string")
            .build())
        .build())
    .description("string")
    .disableHttp2(false)
    .disableQuic(false)
    .edgeSecurityPolicy("string")
    .edgeSslCertificates("string")
    .labels(Map.of("string", "string"))
    .logConfig(EdgeCacheServiceLogConfigArgs.builder()
        .enable(false)
        .sampleRate(0)
        .build())
    .name("string")
    .project("string")
    .requireTls(false)
    .sslPolicy("string")
    .build());
Copy
edge_cache_service_resource = gcp.networkservices.EdgeCacheService("edgeCacheServiceResource",
    routing={
        "host_rules": [{
            "hosts": ["string"],
            "path_matcher": "string",
            "description": "string",
        }],
        "path_matchers": [{
            "name": "string",
            "route_rules": [{
                "match_rules": [{
                    "full_path_match": "string",
                    "header_matches": [{
                        "header_name": "string",
                        "exact_match": "string",
                        "invert_match": False,
                        "prefix_match": "string",
                        "present_match": False,
                        "suffix_match": "string",
                    }],
                    "ignore_case": False,
                    "path_template_match": "string",
                    "prefix_match": "string",
                    "query_parameter_matches": [{
                        "name": "string",
                        "exact_match": "string",
                        "present_match": False,
                    }],
                }],
                "priority": "string",
                "description": "string",
                "header_action": {
                    "request_header_to_adds": [{
                        "header_name": "string",
                        "header_value": "string",
                        "replace": False,
                    }],
                    "request_header_to_removes": [{
                        "header_name": "string",
                    }],
                    "response_header_to_adds": [{
                        "header_name": "string",
                        "header_value": "string",
                        "replace": False,
                    }],
                    "response_header_to_removes": [{
                        "header_name": "string",
                    }],
                },
                "origin": "string",
                "route_action": {
                    "cdn_policy": {
                        "add_signatures": {
                            "actions": "string",
                            "copied_parameters": ["string"],
                            "keyset": "string",
                            "token_query_parameter": "string",
                            "token_ttl": "string",
                        },
                        "cache_key_policy": {
                            "exclude_host": False,
                            "exclude_query_string": False,
                            "excluded_query_parameters": ["string"],
                            "include_protocol": False,
                            "included_cookie_names": ["string"],
                            "included_header_names": ["string"],
                            "included_query_parameters": ["string"],
                        },
                        "cache_mode": "string",
                        "client_ttl": "string",
                        "default_ttl": "string",
                        "max_ttl": "string",
                        "negative_caching": False,
                        "negative_caching_policy": {
                            "string": "string",
                        },
                        "signed_request_keyset": "string",
                        "signed_request_maximum_expiration_ttl": "string",
                        "signed_request_mode": "string",
                        "signed_token_options": {
                            "allowed_signature_algorithms": ["string"],
                            "token_query_parameter": "string",
                        },
                    },
                    "compression_mode": "string",
                    "cors_policy": {
                        "max_age": "string",
                        "allow_credentials": False,
                        "allow_headers": ["string"],
                        "allow_methods": ["string"],
                        "allow_origins": ["string"],
                        "disabled": False,
                        "expose_headers": ["string"],
                    },
                    "url_rewrite": {
                        "host_rewrite": "string",
                        "path_prefix_rewrite": "string",
                        "path_template_rewrite": "string",
                    },
                },
                "route_methods": {
                    "allowed_methods": ["string"],
                },
                "url_redirect": {
                    "host_redirect": "string",
                    "https_redirect": False,
                    "path_redirect": "string",
                    "prefix_redirect": "string",
                    "redirect_response_code": "string",
                    "strip_query": False,
                },
            }],
            "description": "string",
        }],
    },
    description="string",
    disable_http2=False,
    disable_quic=False,
    edge_security_policy="string",
    edge_ssl_certificates=["string"],
    labels={
        "string": "string",
    },
    log_config={
        "enable": False,
        "sample_rate": 0,
    },
    name="string",
    project="string",
    require_tls=False,
    ssl_policy="string")
Copy
const edgeCacheServiceResource = new gcp.networkservices.EdgeCacheService("edgeCacheServiceResource", {
    routing: {
        hostRules: [{
            hosts: ["string"],
            pathMatcher: "string",
            description: "string",
        }],
        pathMatchers: [{
            name: "string",
            routeRules: [{
                matchRules: [{
                    fullPathMatch: "string",
                    headerMatches: [{
                        headerName: "string",
                        exactMatch: "string",
                        invertMatch: false,
                        prefixMatch: "string",
                        presentMatch: false,
                        suffixMatch: "string",
                    }],
                    ignoreCase: false,
                    pathTemplateMatch: "string",
                    prefixMatch: "string",
                    queryParameterMatches: [{
                        name: "string",
                        exactMatch: "string",
                        presentMatch: false,
                    }],
                }],
                priority: "string",
                description: "string",
                headerAction: {
                    requestHeaderToAdds: [{
                        headerName: "string",
                        headerValue: "string",
                        replace: false,
                    }],
                    requestHeaderToRemoves: [{
                        headerName: "string",
                    }],
                    responseHeaderToAdds: [{
                        headerName: "string",
                        headerValue: "string",
                        replace: false,
                    }],
                    responseHeaderToRemoves: [{
                        headerName: "string",
                    }],
                },
                origin: "string",
                routeAction: {
                    cdnPolicy: {
                        addSignatures: {
                            actions: "string",
                            copiedParameters: ["string"],
                            keyset: "string",
                            tokenQueryParameter: "string",
                            tokenTtl: "string",
                        },
                        cacheKeyPolicy: {
                            excludeHost: false,
                            excludeQueryString: false,
                            excludedQueryParameters: ["string"],
                            includeProtocol: false,
                            includedCookieNames: ["string"],
                            includedHeaderNames: ["string"],
                            includedQueryParameters: ["string"],
                        },
                        cacheMode: "string",
                        clientTtl: "string",
                        defaultTtl: "string",
                        maxTtl: "string",
                        negativeCaching: false,
                        negativeCachingPolicy: {
                            string: "string",
                        },
                        signedRequestKeyset: "string",
                        signedRequestMaximumExpirationTtl: "string",
                        signedRequestMode: "string",
                        signedTokenOptions: {
                            allowedSignatureAlgorithms: ["string"],
                            tokenQueryParameter: "string",
                        },
                    },
                    compressionMode: "string",
                    corsPolicy: {
                        maxAge: "string",
                        allowCredentials: false,
                        allowHeaders: ["string"],
                        allowMethods: ["string"],
                        allowOrigins: ["string"],
                        disabled: false,
                        exposeHeaders: ["string"],
                    },
                    urlRewrite: {
                        hostRewrite: "string",
                        pathPrefixRewrite: "string",
                        pathTemplateRewrite: "string",
                    },
                },
                routeMethods: {
                    allowedMethods: ["string"],
                },
                urlRedirect: {
                    hostRedirect: "string",
                    httpsRedirect: false,
                    pathRedirect: "string",
                    prefixRedirect: "string",
                    redirectResponseCode: "string",
                    stripQuery: false,
                },
            }],
            description: "string",
        }],
    },
    description: "string",
    disableHttp2: false,
    disableQuic: false,
    edgeSecurityPolicy: "string",
    edgeSslCertificates: ["string"],
    labels: {
        string: "string",
    },
    logConfig: {
        enable: false,
        sampleRate: 0,
    },
    name: "string",
    project: "string",
    requireTls: false,
    sslPolicy: "string",
});
Copy
type: gcp:networkservices:EdgeCacheService
properties:
    description: string
    disableHttp2: false
    disableQuic: false
    edgeSecurityPolicy: string
    edgeSslCertificates:
        - string
    labels:
        string: string
    logConfig:
        enable: false
        sampleRate: 0
    name: string
    project: string
    requireTls: false
    routing:
        hostRules:
            - description: string
              hosts:
                - string
              pathMatcher: string
        pathMatchers:
            - description: string
              name: string
              routeRules:
                - description: string
                  headerAction:
                    requestHeaderToAdds:
                        - headerName: string
                          headerValue: string
                          replace: false
                    requestHeaderToRemoves:
                        - headerName: string
                    responseHeaderToAdds:
                        - headerName: string
                          headerValue: string
                          replace: false
                    responseHeaderToRemoves:
                        - headerName: string
                  matchRules:
                    - fullPathMatch: string
                      headerMatches:
                        - exactMatch: string
                          headerName: string
                          invertMatch: false
                          prefixMatch: string
                          presentMatch: false
                          suffixMatch: string
                      ignoreCase: false
                      pathTemplateMatch: string
                      prefixMatch: string
                      queryParameterMatches:
                        - exactMatch: string
                          name: string
                          presentMatch: false
                  origin: string
                  priority: string
                  routeAction:
                    cdnPolicy:
                        addSignatures:
                            actions: string
                            copiedParameters:
                                - string
                            keyset: string
                            tokenQueryParameter: string
                            tokenTtl: string
                        cacheKeyPolicy:
                            excludeHost: false
                            excludeQueryString: false
                            excludedQueryParameters:
                                - string
                            includeProtocol: false
                            includedCookieNames:
                                - string
                            includedHeaderNames:
                                - string
                            includedQueryParameters:
                                - string
                        cacheMode: string
                        clientTtl: string
                        defaultTtl: string
                        maxTtl: string
                        negativeCaching: false
                        negativeCachingPolicy:
                            string: string
                        signedRequestKeyset: string
                        signedRequestMaximumExpirationTtl: string
                        signedRequestMode: string
                        signedTokenOptions:
                            allowedSignatureAlgorithms:
                                - string
                            tokenQueryParameter: string
                    compressionMode: string
                    corsPolicy:
                        allowCredentials: false
                        allowHeaders:
                            - string
                        allowMethods:
                            - string
                        allowOrigins:
                            - string
                        disabled: false
                        exposeHeaders:
                            - string
                        maxAge: string
                    urlRewrite:
                        hostRewrite: string
                        pathPrefixRewrite: string
                        pathTemplateRewrite: string
                  routeMethods:
                    allowedMethods:
                        - string
                  urlRedirect:
                    hostRedirect: string
                    httpsRedirect: false
                    pathRedirect: string
                    prefixRedirect: string
                    redirectResponseCode: string
                    stripQuery: false
    sslPolicy: string
Copy

EdgeCacheService Resource Properties

To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

Inputs

In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

The EdgeCacheService resource accepts the following input properties:

Routing This property is required. EdgeCacheServiceRouting
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
Description string
A human-readable description of the resource.
DisableHttp2 bool
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
DisableQuic bool
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
EdgeSecurityPolicy string
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
EdgeSslCertificates List<string>
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
Labels Dictionary<string, string>
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
LogConfig EdgeCacheServiceLogConfig
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
Name Changes to this property will trigger replacement. string
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
Project Changes to this property will trigger replacement. string
RequireTls bool
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
SslPolicy string
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
Routing This property is required. EdgeCacheServiceRoutingArgs
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
Description string
A human-readable description of the resource.
DisableHttp2 bool
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
DisableQuic bool
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
EdgeSecurityPolicy string
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
EdgeSslCertificates []string
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
Labels map[string]string
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
LogConfig EdgeCacheServiceLogConfigArgs
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
Name Changes to this property will trigger replacement. string
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
Project Changes to this property will trigger replacement. string
RequireTls bool
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
SslPolicy string
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
routing This property is required. EdgeCacheServiceRouting
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
description String
A human-readable description of the resource.
disableHttp2 Boolean
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disableQuic Boolean
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edgeSecurityPolicy String
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edgeSslCertificates List<String>
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
labels Map<String,String>
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
logConfig EdgeCacheServiceLogConfig
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. String
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. String
requireTls Boolean
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
sslPolicy String
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
routing This property is required. EdgeCacheServiceRouting
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
description string
A human-readable description of the resource.
disableHttp2 boolean
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disableQuic boolean
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edgeSecurityPolicy string
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edgeSslCertificates string[]
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
labels {[key: string]: string}
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
logConfig EdgeCacheServiceLogConfig
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. string
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. string
requireTls boolean
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
sslPolicy string
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
routing This property is required. EdgeCacheServiceRoutingArgs
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
description str
A human-readable description of the resource.
disable_http2 bool
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disable_quic bool
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edge_security_policy str
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edge_ssl_certificates Sequence[str]
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
labels Mapping[str, str]
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
log_config EdgeCacheServiceLogConfigArgs
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. str
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. str
require_tls bool
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
ssl_policy str
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
routing This property is required. Property Map
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
description String
A human-readable description of the resource.
disableHttp2 Boolean
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disableQuic Boolean
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edgeSecurityPolicy String
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edgeSslCertificates List<String>
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
labels Map<String>
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
logConfig Property Map
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. String
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. String
requireTls Boolean
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
sslPolicy String
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.

Outputs

All input properties are implicitly available as output properties. Additionally, the EdgeCacheService resource produces the following output properties:

EffectiveLabels Dictionary<string, string>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Id string
The provider-assigned unique ID for this managed resource.
Ipv4Addresses List<string>
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
Ipv6Addresses List<string>
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
PulumiLabels Dictionary<string, string>
The combination of labels configured directly on the resource and default labels configured on the provider.
EffectiveLabels map[string]string
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Id string
The provider-assigned unique ID for this managed resource.
Ipv4Addresses []string
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
Ipv6Addresses []string
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
PulumiLabels map[string]string
The combination of labels configured directly on the resource and default labels configured on the provider.
effectiveLabels Map<String,String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id String
The provider-assigned unique ID for this managed resource.
ipv4Addresses List<String>
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6Addresses List<String>
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
pulumiLabels Map<String,String>
The combination of labels configured directly on the resource and default labels configured on the provider.
effectiveLabels {[key: string]: string}
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id string
The provider-assigned unique ID for this managed resource.
ipv4Addresses string[]
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6Addresses string[]
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
pulumiLabels {[key: string]: string}
The combination of labels configured directly on the resource and default labels configured on the provider.
effective_labels Mapping[str, str]
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id str
The provider-assigned unique ID for this managed resource.
ipv4_addresses Sequence[str]
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6_addresses Sequence[str]
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
pulumi_labels Mapping[str, str]
The combination of labels configured directly on the resource and default labels configured on the provider.
effectiveLabels Map<String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
id String
The provider-assigned unique ID for this managed resource.
ipv4Addresses List<String>
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6Addresses List<String>
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
pulumiLabels Map<String>
The combination of labels configured directly on the resource and default labels configured on the provider.

Look up Existing EdgeCacheService Resource

Get an existing EdgeCacheService resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

public static get(name: string, id: Input<ID>, state?: EdgeCacheServiceState, opts?: CustomResourceOptions): EdgeCacheService
@staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        description: Optional[str] = None,
        disable_http2: Optional[bool] = None,
        disable_quic: Optional[bool] = None,
        edge_security_policy: Optional[str] = None,
        edge_ssl_certificates: Optional[Sequence[str]] = None,
        effective_labels: Optional[Mapping[str, str]] = None,
        ipv4_addresses: Optional[Sequence[str]] = None,
        ipv6_addresses: Optional[Sequence[str]] = None,
        labels: Optional[Mapping[str, str]] = None,
        log_config: Optional[EdgeCacheServiceLogConfigArgs] = None,
        name: Optional[str] = None,
        project: Optional[str] = None,
        pulumi_labels: Optional[Mapping[str, str]] = None,
        require_tls: Optional[bool] = None,
        routing: Optional[EdgeCacheServiceRoutingArgs] = None,
        ssl_policy: Optional[str] = None) -> EdgeCacheService
func GetEdgeCacheService(ctx *Context, name string, id IDInput, state *EdgeCacheServiceState, opts ...ResourceOption) (*EdgeCacheService, error)
public static EdgeCacheService Get(string name, Input<string> id, EdgeCacheServiceState? state, CustomResourceOptions? opts = null)
public static EdgeCacheService get(String name, Output<String> id, EdgeCacheServiceState state, CustomResourceOptions options)
resources:  _:    type: gcp:networkservices:EdgeCacheService    get:      id: ${id}
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
resource_name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
name This property is required.
The unique name of the resulting resource.
id This property is required.
The unique provider ID of the resource to lookup.
state
Any extra arguments used during the lookup.
opts
A bag of options that control this resource's behavior.
The following state arguments are supported:
Description string
A human-readable description of the resource.
DisableHttp2 bool
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
DisableQuic bool
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
EdgeSecurityPolicy string
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
EdgeSslCertificates List<string>
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
EffectiveLabels Dictionary<string, string>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Ipv4Addresses List<string>
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
Ipv6Addresses List<string>
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
Labels Dictionary<string, string>
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
LogConfig EdgeCacheServiceLogConfig
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
Name Changes to this property will trigger replacement. string
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
Project Changes to this property will trigger replacement. string
PulumiLabels Dictionary<string, string>
The combination of labels configured directly on the resource and default labels configured on the provider.
RequireTls bool
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
Routing EdgeCacheServiceRouting
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
SslPolicy string
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
Description string
A human-readable description of the resource.
DisableHttp2 bool
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
DisableQuic bool
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
EdgeSecurityPolicy string
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
EdgeSslCertificates []string
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
EffectiveLabels map[string]string
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
Ipv4Addresses []string
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
Ipv6Addresses []string
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
Labels map[string]string
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
LogConfig EdgeCacheServiceLogConfigArgs
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
Name Changes to this property will trigger replacement. string
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
Project Changes to this property will trigger replacement. string
PulumiLabels map[string]string
The combination of labels configured directly on the resource and default labels configured on the provider.
RequireTls bool
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
Routing EdgeCacheServiceRoutingArgs
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
SslPolicy string
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
description String
A human-readable description of the resource.
disableHttp2 Boolean
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disableQuic Boolean
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edgeSecurityPolicy String
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edgeSslCertificates List<String>
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
effectiveLabels Map<String,String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ipv4Addresses List<String>
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6Addresses List<String>
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
labels Map<String,String>
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
logConfig EdgeCacheServiceLogConfig
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. String
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. String
pulumiLabels Map<String,String>
The combination of labels configured directly on the resource and default labels configured on the provider.
requireTls Boolean
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
routing EdgeCacheServiceRouting
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
sslPolicy String
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
description string
A human-readable description of the resource.
disableHttp2 boolean
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disableQuic boolean
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edgeSecurityPolicy string
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edgeSslCertificates string[]
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
effectiveLabels {[key: string]: string}
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ipv4Addresses string[]
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6Addresses string[]
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
labels {[key: string]: string}
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
logConfig EdgeCacheServiceLogConfig
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. string
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. string
pulumiLabels {[key: string]: string}
The combination of labels configured directly on the resource and default labels configured on the provider.
requireTls boolean
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
routing EdgeCacheServiceRouting
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
sslPolicy string
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
description str
A human-readable description of the resource.
disable_http2 bool
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disable_quic bool
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edge_security_policy str
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edge_ssl_certificates Sequence[str]
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
effective_labels Mapping[str, str]
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ipv4_addresses Sequence[str]
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6_addresses Sequence[str]
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
labels Mapping[str, str]
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
log_config EdgeCacheServiceLogConfigArgs
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. str
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. str
pulumi_labels Mapping[str, str]
The combination of labels configured directly on the resource and default labels configured on the provider.
require_tls bool
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
routing EdgeCacheServiceRoutingArgs
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
ssl_policy str
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.
description String
A human-readable description of the resource.
disableHttp2 Boolean
Disables HTTP/2. HTTP/2 (h2) is enabled by default and recommended for performance. HTTP/2 improves connection re-use and reduces connection setup overhead by sending multiple streams over the same connection. Some legacy HTTP clients may have issues with HTTP/2 connections due to broken HTTP/2 implementations. Setting this to true will prevent HTTP/2 from being advertised and negotiated.
disableQuic Boolean
HTTP/3 (IETF QUIC) and Google QUIC are enabled by default.
edgeSecurityPolicy String
Resource URL that points at the Cloud Armor edge security policy that is applied on each request against the EdgeCacheService.
edgeSslCertificates List<String>
URLs to sslCertificate resources that are used to authenticate connections between users and the EdgeCacheService. Note that only "global" certificates with a "scope" of "EDGE_CACHE" can be attached to an EdgeCacheService.
effectiveLabels Map<String>
All of labels (key/value pairs) present on the resource in GCP, including the labels configured through Pulumi, other clients and services.
ipv4Addresses List<String>
The IPv4 addresses associated with this service. Addresses are static for the lifetime of the service.
ipv6Addresses List<String>
The IPv6 addresses associated with this service. Addresses are static for the lifetime of the service.
labels Map<String>
Set of label tags associated with the EdgeCache resource. Note: This field is non-authoritative, and will only manage the labels present in your configuration. Please refer to the field 'effective_labels' for all of the labels present on the resource.
logConfig Property Map
Specifies the logging options for the traffic served by this service. If logging is enabled, logs will be exported to Cloud Logging.
name Changes to this property will trigger replacement. String
Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-zA-Z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.
project Changes to this property will trigger replacement. String
pulumiLabels Map<String>
The combination of labels configured directly on the resource and default labels configured on the provider.
requireTls Boolean
Require TLS (HTTPS) for all clients connecting to this service. Clients who connect over HTTP (port 80) will receive a HTTP 301 to the same URL over HTTPS (port 443). You must have at least one (1) edgeSslCertificate specified to enable this.
routing Property Map
Defines how requests are routed, modified, cached and/or which origin content is filled from. Structure is documented below.
sslPolicy String
URL of the SslPolicy resource that will be associated with the EdgeCacheService. If not set, the EdgeCacheService has no SSL policy configured, and will default to the "COMPATIBLE" policy.

Supporting Types

EdgeCacheServiceLogConfig
, EdgeCacheServiceLogConfigArgs

Enable bool
Specifies whether to enable logging for traffic served by this service.
SampleRate double
Configures the sampling rate of requests, where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0, and the value of the field must be in [0, 1]. This field can only be specified if logging is enabled for this service.
Enable bool
Specifies whether to enable logging for traffic served by this service.
SampleRate float64
Configures the sampling rate of requests, where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0, and the value of the field must be in [0, 1]. This field can only be specified if logging is enabled for this service.
enable Boolean
Specifies whether to enable logging for traffic served by this service.
sampleRate Double
Configures the sampling rate of requests, where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0, and the value of the field must be in [0, 1]. This field can only be specified if logging is enabled for this service.
enable boolean
Specifies whether to enable logging for traffic served by this service.
sampleRate number
Configures the sampling rate of requests, where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0, and the value of the field must be in [0, 1]. This field can only be specified if logging is enabled for this service.
enable bool
Specifies whether to enable logging for traffic served by this service.
sample_rate float
Configures the sampling rate of requests, where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0, and the value of the field must be in [0, 1]. This field can only be specified if logging is enabled for this service.
enable Boolean
Specifies whether to enable logging for traffic served by this service.
sampleRate Number
Configures the sampling rate of requests, where 1.0 means all logged requests are reported and 0.0 means no logged requests are reported. The default value is 1.0, and the value of the field must be in [0, 1]. This field can only be specified if logging is enabled for this service.

EdgeCacheServiceRouting
, EdgeCacheServiceRoutingArgs

HostRules This property is required. List<EdgeCacheServiceRoutingHostRule>
The list of hostRules to match against. These rules define which hostnames the EdgeCacheService will match against, and which route configurations apply. Structure is documented below.
PathMatchers This property is required. List<EdgeCacheServiceRoutingPathMatcher>
The list of pathMatchers referenced via name by hostRules. PathMatcher is used to match the path portion of the URL when a HostRule matches the URL's host portion. Structure is documented below.
HostRules This property is required. []EdgeCacheServiceRoutingHostRule
The list of hostRules to match against. These rules define which hostnames the EdgeCacheService will match against, and which route configurations apply. Structure is documented below.
PathMatchers This property is required. []EdgeCacheServiceRoutingPathMatcher
The list of pathMatchers referenced via name by hostRules. PathMatcher is used to match the path portion of the URL when a HostRule matches the URL's host portion. Structure is documented below.
hostRules This property is required. List<EdgeCacheServiceRoutingHostRule>
The list of hostRules to match against. These rules define which hostnames the EdgeCacheService will match against, and which route configurations apply. Structure is documented below.
pathMatchers This property is required. List<EdgeCacheServiceRoutingPathMatcher>
The list of pathMatchers referenced via name by hostRules. PathMatcher is used to match the path portion of the URL when a HostRule matches the URL's host portion. Structure is documented below.
hostRules This property is required. EdgeCacheServiceRoutingHostRule[]
The list of hostRules to match against. These rules define which hostnames the EdgeCacheService will match against, and which route configurations apply. Structure is documented below.
pathMatchers This property is required. EdgeCacheServiceRoutingPathMatcher[]
The list of pathMatchers referenced via name by hostRules. PathMatcher is used to match the path portion of the URL when a HostRule matches the URL's host portion. Structure is documented below.
host_rules This property is required. Sequence[EdgeCacheServiceRoutingHostRule]
The list of hostRules to match against. These rules define which hostnames the EdgeCacheService will match against, and which route configurations apply. Structure is documented below.
path_matchers This property is required. Sequence[EdgeCacheServiceRoutingPathMatcher]
The list of pathMatchers referenced via name by hostRules. PathMatcher is used to match the path portion of the URL when a HostRule matches the URL's host portion. Structure is documented below.
hostRules This property is required. List<Property Map>
The list of hostRules to match against. These rules define which hostnames the EdgeCacheService will match against, and which route configurations apply. Structure is documented below.
pathMatchers This property is required. List<Property Map>
The list of pathMatchers referenced via name by hostRules. PathMatcher is used to match the path portion of the URL when a HostRule matches the URL's host portion. Structure is documented below.

EdgeCacheServiceRoutingHostRule
, EdgeCacheServiceRoutingHostRuleArgs

Hosts This property is required. List<string>
The list of host patterns to match. Host patterns must be valid hostnames. Ports are not allowed. Wildcard hosts are supported in the suffix or prefix form. * matches any string of ([a-z0-9-.]*). It does not match the empty string. When multiple hosts are specified, hosts are matched in the following priority:

  1. Exact domain names: www.foo.com.
  2. Suffix domain wildcards: *.foo.com or *-bar.foo.com.
  3. Prefix domain wildcards: foo.* or foo-*.
  4. Special wildcard * matching any domain. Notes: The wildcard will not match the empty string. e.g. *-bar.foo.com will match baz-bar.foo.com but not -bar.foo.com. The longest wildcards match first. Only a single host in the entire service can match on *. A domain must be unique across all configured hosts within a service. Hosts are matched against the HTTP Host header, or for HTTP/2 and HTTP/3, the ":authority" header, from the incoming request. You may specify up to 10 hosts.
PathMatcher This property is required. string
The name of the pathMatcher associated with this hostRule.
Description string
A human-readable description of the hostRule.
Hosts This property is required. []string
The list of host patterns to match. Host patterns must be valid hostnames. Ports are not allowed. Wildcard hosts are supported in the suffix or prefix form. * matches any string of ([a-z0-9-.]*). It does not match the empty string. When multiple hosts are specified, hosts are matched in the following priority:

  1. Exact domain names: www.foo.com.
  2. Suffix domain wildcards: *.foo.com or *-bar.foo.com.
  3. Prefix domain wildcards: foo.* or foo-*.
  4. Special wildcard * matching any domain. Notes: The wildcard will not match the empty string. e.g. *-bar.foo.com will match baz-bar.foo.com but not -bar.foo.com. The longest wildcards match first. Only a single host in the entire service can match on *. A domain must be unique across all configured hosts within a service. Hosts are matched against the HTTP Host header, or for HTTP/2 and HTTP/3, the ":authority" header, from the incoming request. You may specify up to 10 hosts.
PathMatcher This property is required. string
The name of the pathMatcher associated with this hostRule.
Description string
A human-readable description of the hostRule.
hosts This property is required. List<String>
The list of host patterns to match. Host patterns must be valid hostnames. Ports are not allowed. Wildcard hosts are supported in the suffix or prefix form. * matches any string of ([a-z0-9-.]*). It does not match the empty string. When multiple hosts are specified, hosts are matched in the following priority:

  1. Exact domain names: www.foo.com.
  2. Suffix domain wildcards: *.foo.com or *-bar.foo.com.
  3. Prefix domain wildcards: foo.* or foo-*.
  4. Special wildcard * matching any domain. Notes: The wildcard will not match the empty string. e.g. *-bar.foo.com will match baz-bar.foo.com but not -bar.foo.com. The longest wildcards match first. Only a single host in the entire service can match on *. A domain must be unique across all configured hosts within a service. Hosts are matched against the HTTP Host header, or for HTTP/2 and HTTP/3, the ":authority" header, from the incoming request. You may specify up to 10 hosts.
pathMatcher This property is required. String
The name of the pathMatcher associated with this hostRule.
description String
A human-readable description of the hostRule.
hosts This property is required. string[]
The list of host patterns to match. Host patterns must be valid hostnames. Ports are not allowed. Wildcard hosts are supported in the suffix or prefix form. * matches any string of ([a-z0-9-.]*). It does not match the empty string. When multiple hosts are specified, hosts are matched in the following priority:

  1. Exact domain names: www.foo.com.
  2. Suffix domain wildcards: *.foo.com or *-bar.foo.com.
  3. Prefix domain wildcards: foo.* or foo-*.
  4. Special wildcard * matching any domain. Notes: The wildcard will not match the empty string. e.g. *-bar.foo.com will match baz-bar.foo.com but not -bar.foo.com. The longest wildcards match first. Only a single host in the entire service can match on *. A domain must be unique across all configured hosts within a service. Hosts are matched against the HTTP Host header, or for HTTP/2 and HTTP/3, the ":authority" header, from the incoming request. You may specify up to 10 hosts.
pathMatcher This property is required. string
The name of the pathMatcher associated with this hostRule.
description string
A human-readable description of the hostRule.
hosts This property is required. Sequence[str]
The list of host patterns to match. Host patterns must be valid hostnames. Ports are not allowed. Wildcard hosts are supported in the suffix or prefix form. * matches any string of ([a-z0-9-.]*). It does not match the empty string. When multiple hosts are specified, hosts are matched in the following priority:

  1. Exact domain names: www.foo.com.
  2. Suffix domain wildcards: *.foo.com or *-bar.foo.com.
  3. Prefix domain wildcards: foo.* or foo-*.
  4. Special wildcard * matching any domain. Notes: The wildcard will not match the empty string. e.g. *-bar.foo.com will match baz-bar.foo.com but not -bar.foo.com. The longest wildcards match first. Only a single host in the entire service can match on *. A domain must be unique across all configured hosts within a service. Hosts are matched against the HTTP Host header, or for HTTP/2 and HTTP/3, the ":authority" header, from the incoming request. You may specify up to 10 hosts.
path_matcher This property is required. str
The name of the pathMatcher associated with this hostRule.
description str
A human-readable description of the hostRule.
hosts This property is required. List<String>
The list of host patterns to match. Host patterns must be valid hostnames. Ports are not allowed. Wildcard hosts are supported in the suffix or prefix form. * matches any string of ([a-z0-9-.]*). It does not match the empty string. When multiple hosts are specified, hosts are matched in the following priority:

  1. Exact domain names: www.foo.com.
  2. Suffix domain wildcards: *.foo.com or *-bar.foo.com.
  3. Prefix domain wildcards: foo.* or foo-*.
  4. Special wildcard * matching any domain. Notes: The wildcard will not match the empty string. e.g. *-bar.foo.com will match baz-bar.foo.com but not -bar.foo.com. The longest wildcards match first. Only a single host in the entire service can match on *. A domain must be unique across all configured hosts within a service. Hosts are matched against the HTTP Host header, or for HTTP/2 and HTTP/3, the ":authority" header, from the incoming request. You may specify up to 10 hosts.
pathMatcher This property is required. String
The name of the pathMatcher associated with this hostRule.
description String
A human-readable description of the hostRule.

EdgeCacheServiceRoutingPathMatcher
, EdgeCacheServiceRoutingPathMatcherArgs

Name This property is required. string
The name to which this PathMatcher is referred by the HostRule.
RouteRules This property is required. List<EdgeCacheServiceRoutingPathMatcherRouteRule>
The routeRules to match against. routeRules support advanced routing behaviour, and can match on paths, headers and query parameters, as well as status codes and HTTP methods. Structure is documented below.
Description string
A human-readable description of the resource.
Name This property is required. string
The name to which this PathMatcher is referred by the HostRule.
RouteRules This property is required. []EdgeCacheServiceRoutingPathMatcherRouteRule
The routeRules to match against. routeRules support advanced routing behaviour, and can match on paths, headers and query parameters, as well as status codes and HTTP methods. Structure is documented below.
Description string
A human-readable description of the resource.
name This property is required. String
The name to which this PathMatcher is referred by the HostRule.
routeRules This property is required. List<EdgeCacheServiceRoutingPathMatcherRouteRule>
The routeRules to match against. routeRules support advanced routing behaviour, and can match on paths, headers and query parameters, as well as status codes and HTTP methods. Structure is documented below.
description String
A human-readable description of the resource.
name This property is required. string
The name to which this PathMatcher is referred by the HostRule.
routeRules This property is required. EdgeCacheServiceRoutingPathMatcherRouteRule[]
The routeRules to match against. routeRules support advanced routing behaviour, and can match on paths, headers and query parameters, as well as status codes and HTTP methods. Structure is documented below.
description string
A human-readable description of the resource.
name This property is required. str
The name to which this PathMatcher is referred by the HostRule.
route_rules This property is required. Sequence[EdgeCacheServiceRoutingPathMatcherRouteRule]
The routeRules to match against. routeRules support advanced routing behaviour, and can match on paths, headers and query parameters, as well as status codes and HTTP methods. Structure is documented below.
description str
A human-readable description of the resource.
name This property is required. String
The name to which this PathMatcher is referred by the HostRule.
routeRules This property is required. List<Property Map>
The routeRules to match against. routeRules support advanced routing behaviour, and can match on paths, headers and query parameters, as well as status codes and HTTP methods. Structure is documented below.
description String
A human-readable description of the resource.

EdgeCacheServiceRoutingPathMatcherRouteRule
, EdgeCacheServiceRoutingPathMatcherRouteRuleArgs

MatchRules This property is required. List<EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRule>
The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. Structure is documented below.
Priority This property is required. string
The priority of this route rule, where 1 is the highest priority. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 1 and 999 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
Description string
A human-readable description of the routeRule.
HeaderAction EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderAction
The header actions, including adding & removing headers, for requests that match this route. Structure is documented below.
Origin string
The Origin resource that requests to this route should fetch from when a matching response is not in cache. Origins can be defined as short names ("my-origin") or fully-qualified resource URLs - e.g. "networkservices.googleapis.com/projects/my-project/global/edgecacheorigins/my-origin" Only one of origin or urlRedirect can be set.
RouteAction EdgeCacheServiceRoutingPathMatcherRouteRuleRouteAction
In response to a matching path, the routeAction performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected origin. Structure is documented below.
RouteMethods EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethods
Allow overriding the set of methods that are allowed for this route. When not set, Media CDN allows only "GET", "HEAD", and "OPTIONS". Structure is documented below.
UrlRedirect EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirect
The URL redirect configuration for requests that match this route. Structure is documented below.
MatchRules This property is required. []EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRule
The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. Structure is documented below.
Priority This property is required. string
The priority of this route rule, where 1 is the highest priority. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 1 and 999 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
Description string
A human-readable description of the routeRule.
HeaderAction EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderAction
The header actions, including adding & removing headers, for requests that match this route. Structure is documented below.
Origin string
The Origin resource that requests to this route should fetch from when a matching response is not in cache. Origins can be defined as short names ("my-origin") or fully-qualified resource URLs - e.g. "networkservices.googleapis.com/projects/my-project/global/edgecacheorigins/my-origin" Only one of origin or urlRedirect can be set.
RouteAction EdgeCacheServiceRoutingPathMatcherRouteRuleRouteAction
In response to a matching path, the routeAction performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected origin. Structure is documented below.
RouteMethods EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethods
Allow overriding the set of methods that are allowed for this route. When not set, Media CDN allows only "GET", "HEAD", and "OPTIONS". Structure is documented below.
UrlRedirect EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirect
The URL redirect configuration for requests that match this route. Structure is documented below.
matchRules This property is required. List<EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRule>
The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. Structure is documented below.
priority This property is required. String
The priority of this route rule, where 1 is the highest priority. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 1 and 999 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
description String
A human-readable description of the routeRule.
headerAction EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderAction
The header actions, including adding & removing headers, for requests that match this route. Structure is documented below.
origin String
The Origin resource that requests to this route should fetch from when a matching response is not in cache. Origins can be defined as short names ("my-origin") or fully-qualified resource URLs - e.g. "networkservices.googleapis.com/projects/my-project/global/edgecacheorigins/my-origin" Only one of origin or urlRedirect can be set.
routeAction EdgeCacheServiceRoutingPathMatcherRouteRuleRouteAction
In response to a matching path, the routeAction performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected origin. Structure is documented below.
routeMethods EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethods
Allow overriding the set of methods that are allowed for this route. When not set, Media CDN allows only "GET", "HEAD", and "OPTIONS". Structure is documented below.
urlRedirect EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirect
The URL redirect configuration for requests that match this route. Structure is documented below.
matchRules This property is required. EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRule[]
The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. Structure is documented below.
priority This property is required. string
The priority of this route rule, where 1 is the highest priority. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 1 and 999 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
description string
A human-readable description of the routeRule.
headerAction EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderAction
The header actions, including adding & removing headers, for requests that match this route. Structure is documented below.
origin string
The Origin resource that requests to this route should fetch from when a matching response is not in cache. Origins can be defined as short names ("my-origin") or fully-qualified resource URLs - e.g. "networkservices.googleapis.com/projects/my-project/global/edgecacheorigins/my-origin" Only one of origin or urlRedirect can be set.
routeAction EdgeCacheServiceRoutingPathMatcherRouteRuleRouteAction
In response to a matching path, the routeAction performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected origin. Structure is documented below.
routeMethods EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethods
Allow overriding the set of methods that are allowed for this route. When not set, Media CDN allows only "GET", "HEAD", and "OPTIONS". Structure is documented below.
urlRedirect EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirect
The URL redirect configuration for requests that match this route. Structure is documented below.
match_rules This property is required. Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRule]
The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. Structure is documented below.
priority This property is required. str
The priority of this route rule, where 1 is the highest priority. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 1 and 999 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
description str
A human-readable description of the routeRule.
header_action EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderAction
The header actions, including adding & removing headers, for requests that match this route. Structure is documented below.
origin str
The Origin resource that requests to this route should fetch from when a matching response is not in cache. Origins can be defined as short names ("my-origin") or fully-qualified resource URLs - e.g. "networkservices.googleapis.com/projects/my-project/global/edgecacheorigins/my-origin" Only one of origin or urlRedirect can be set.
route_action EdgeCacheServiceRoutingPathMatcherRouteRuleRouteAction
In response to a matching path, the routeAction performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected origin. Structure is documented below.
route_methods EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethods
Allow overriding the set of methods that are allowed for this route. When not set, Media CDN allows only "GET", "HEAD", and "OPTIONS". Structure is documented below.
url_redirect EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirect
The URL redirect configuration for requests that match this route. Structure is documented below.
matchRules This property is required. List<Property Map>
The list of criteria for matching attributes of a request to this routeRule. This list has OR semantics: the request matches this routeRule when any of the matchRules are satisfied. However predicates within a given matchRule have AND semantics. All predicates within a matchRule must match for the request to match the rule. Structure is documented below.
priority This property is required. String
The priority of this route rule, where 1 is the highest priority. You cannot configure two or more routeRules with the same priority. Priority for each rule must be set to a number between 1 and 999 inclusive. Priority numbers can have gaps, which enable you to add or remove rules in the future without affecting the rest of the rules. For example, 1, 2, 3, 4, 5, 9, 12, 16 is a valid series of priority numbers to which you could add rules numbered from 6 to 8, 10 to 11, and 13 to 15 in the future without any impact on existing rules.
description String
A human-readable description of the routeRule.
headerAction Property Map
The header actions, including adding & removing headers, for requests that match this route. Structure is documented below.
origin String
The Origin resource that requests to this route should fetch from when a matching response is not in cache. Origins can be defined as short names ("my-origin") or fully-qualified resource URLs - e.g. "networkservices.googleapis.com/projects/my-project/global/edgecacheorigins/my-origin" Only one of origin or urlRedirect can be set.
routeAction Property Map
In response to a matching path, the routeAction performs advanced routing actions like URL rewrites, header transformations, etc. prior to forwarding the request to the selected origin. Structure is documented below.
routeMethods Property Map
Allow overriding the set of methods that are allowed for this route. When not set, Media CDN allows only "GET", "HEAD", and "OPTIONS". Structure is documented below.
urlRedirect Property Map
The URL redirect configuration for requests that match this route. Structure is documented below.

EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderAction
, EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionArgs

RequestHeaderToAdds List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAdd>
Describes a header to add. Structure is documented below.
RequestHeaderToRemoves List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemove>
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
ResponseHeaderToAdds List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAdd>
Headers to add to the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response. Structure is documented below.
ResponseHeaderToRemoves List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemove>
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
RequestHeaderToAdds []EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAdd
Describes a header to add. Structure is documented below.
RequestHeaderToRemoves []EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemove
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
ResponseHeaderToAdds []EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAdd
Headers to add to the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response. Structure is documented below.
ResponseHeaderToRemoves []EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemove
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
requestHeaderToAdds List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAdd>
Describes a header to add. Structure is documented below.
requestHeaderToRemoves List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemove>
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
responseHeaderToAdds List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAdd>
Headers to add to the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response. Structure is documented below.
responseHeaderToRemoves List<EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemove>
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
requestHeaderToAdds EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAdd[]
Describes a header to add. Structure is documented below.
requestHeaderToRemoves EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemove[]
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
responseHeaderToAdds EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAdd[]
Headers to add to the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response. Structure is documented below.
responseHeaderToRemoves EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemove[]
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
request_header_to_adds Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAdd]
Describes a header to add. Structure is documented below.
request_header_to_removes Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemove]
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
response_header_to_adds Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAdd]
Headers to add to the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response. Structure is documented below.
response_header_to_removes Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemove]
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
requestHeaderToAdds List<Property Map>
Describes a header to add. Structure is documented below.
requestHeaderToRemoves List<Property Map>
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.
responseHeaderToAdds List<Property Map>
Headers to add to the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response. Structure is documented below.
responseHeaderToRemoves List<Property Map>
A list of header names for headers that need to be removed from the request prior to forwarding the request to the origin. Structure is documented below.

EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAdd
, EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToAddArgs

HeaderName This property is required. string
The name of the header to add.
HeaderValue This property is required. string
The value of the header to add.
Replace bool
Whether to replace all existing headers with the same name.
HeaderName This property is required. string
The name of the header to add.
HeaderValue This property is required. string
The value of the header to add.
Replace bool
Whether to replace all existing headers with the same name.
headerName This property is required. String
The name of the header to add.
headerValue This property is required. String
The value of the header to add.
replace Boolean
Whether to replace all existing headers with the same name.
headerName This property is required. string
The name of the header to add.
headerValue This property is required. string
The value of the header to add.
replace boolean
Whether to replace all existing headers with the same name.
header_name This property is required. str
The name of the header to add.
header_value This property is required. str
The value of the header to add.
replace bool
Whether to replace all existing headers with the same name.
headerName This property is required. String
The name of the header to add.
headerValue This property is required. String
The value of the header to add.
replace Boolean
Whether to replace all existing headers with the same name.

EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemove
, EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionRequestHeaderToRemoveArgs

HeaderName This property is required. string
The name of the header to remove.
HeaderName This property is required. string
The name of the header to remove.
headerName This property is required. String
The name of the header to remove.
headerName This property is required. string
The name of the header to remove.
header_name This property is required. str
The name of the header to remove.
headerName This property is required. String
The name of the header to remove.

EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAdd
, EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToAddArgs

HeaderName This property is required. string
The name of the header to add.
HeaderValue This property is required. string
The value of the header to add.
Replace bool
Whether to replace all existing headers with the same name.
HeaderName This property is required. string
The name of the header to add.
HeaderValue This property is required. string
The value of the header to add.
Replace bool
Whether to replace all existing headers with the same name.
headerName This property is required. String
The name of the header to add.
headerValue This property is required. String
The value of the header to add.
replace Boolean
Whether to replace all existing headers with the same name.
headerName This property is required. string
The name of the header to add.
headerValue This property is required. string
The value of the header to add.
replace boolean
Whether to replace all existing headers with the same name.
header_name This property is required. str
The name of the header to add.
header_value This property is required. str
The value of the header to add.
replace bool
Whether to replace all existing headers with the same name.
headerName This property is required. String
The name of the header to add.
headerValue This property is required. String
The value of the header to add.
replace Boolean
Whether to replace all existing headers with the same name.

EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemove
, EdgeCacheServiceRoutingPathMatcherRouteRuleHeaderActionResponseHeaderToRemoveArgs

HeaderName This property is required. string
Headers to remove from the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response.
HeaderName This property is required. string
Headers to remove from the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response.
headerName This property is required. String
Headers to remove from the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response.
headerName This property is required. string
Headers to remove from the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response.
header_name This property is required. str
Headers to remove from the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response.
headerName This property is required. String
Headers to remove from the response prior to sending it back to the client. Response headers are only sent to the client, and do not have an effect on the cache serving the response.

EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRule
, EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleArgs

FullPathMatch string
For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
HeaderMatches List<EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatch>
Specifies a list of header match criteria, all of which must match corresponding headers in the request. Structure is documented below.
IgnoreCase bool
Specifies that prefixMatch and fullPathMatch matches are case sensitive.
PathTemplateMatch string
For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch after removing any query parameters and anchor that may be part of the original URL. pathTemplateMatch must be between 1 and 255 characters (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total.
PrefixMatch string
For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
QueryParameterMatches List<EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatch>
Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Structure is documented below.
FullPathMatch string
For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
HeaderMatches []EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatch
Specifies a list of header match criteria, all of which must match corresponding headers in the request. Structure is documented below.
IgnoreCase bool
Specifies that prefixMatch and fullPathMatch matches are case sensitive.
PathTemplateMatch string
For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch after removing any query parameters and anchor that may be part of the original URL. pathTemplateMatch must be between 1 and 255 characters (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total.
PrefixMatch string
For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
QueryParameterMatches []EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatch
Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Structure is documented below.
fullPathMatch String
For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
headerMatches List<EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatch>
Specifies a list of header match criteria, all of which must match corresponding headers in the request. Structure is documented below.
ignoreCase Boolean
Specifies that prefixMatch and fullPathMatch matches are case sensitive.
pathTemplateMatch String
For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch after removing any query parameters and anchor that may be part of the original URL. pathTemplateMatch must be between 1 and 255 characters (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total.
prefixMatch String
For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
queryParameterMatches List<EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatch>
Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Structure is documented below.
fullPathMatch string
For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
headerMatches EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatch[]
Specifies a list of header match criteria, all of which must match corresponding headers in the request. Structure is documented below.
ignoreCase boolean
Specifies that prefixMatch and fullPathMatch matches are case sensitive.
pathTemplateMatch string
For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch after removing any query parameters and anchor that may be part of the original URL. pathTemplateMatch must be between 1 and 255 characters (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total.
prefixMatch string
For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
queryParameterMatches EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatch[]
Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Structure is documented below.
full_path_match str
For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
header_matches Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatch]
Specifies a list of header match criteria, all of which must match corresponding headers in the request. Structure is documented below.
ignore_case bool
Specifies that prefixMatch and fullPathMatch matches are case sensitive.
path_template_match str
For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch after removing any query parameters and anchor that may be part of the original URL. pathTemplateMatch must be between 1 and 255 characters (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total.
prefix_match str
For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
query_parameter_matches Sequence[EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatch]
Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Structure is documented below.
fullPathMatch String
For satisfying the matchRule condition, the path of the request must exactly match the value specified in fullPathMatch after removing any query parameters and anchor that may be part of the original URL.
headerMatches List<Property Map>
Specifies a list of header match criteria, all of which must match corresponding headers in the request. Structure is documented below.
ignoreCase Boolean
Specifies that prefixMatch and fullPathMatch matches are case sensitive.
pathTemplateMatch String
For satisfying the matchRule condition, the path of the request must match the wildcard pattern specified in pathTemplateMatch after removing any query parameters and anchor that may be part of the original URL. pathTemplateMatch must be between 1 and 255 characters (inclusive). The pattern specified by pathTemplateMatch may have at most 5 wildcard operators and at most 5 variable captures in total.
prefixMatch String
For satisfying the matchRule condition, the request's path must begin with the specified prefixMatch. prefixMatch must begin with a /.
queryParameterMatches List<Property Map>
Specifies a list of query parameter match criteria, all of which must match corresponding query parameters in the request. Structure is documented below.

EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatch
, EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleHeaderMatchArgs

HeaderName This property is required. string
The header name to match on.
ExactMatch string
The value of the header should exactly match contents of exactMatch.
InvertMatch bool
If set to false (default), the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
PrefixMatch string
The value of the header must start with the contents of prefixMatch.
PresentMatch bool
A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
SuffixMatch string
The value of the header must end with the contents of suffixMatch.
HeaderName This property is required. string
The header name to match on.
ExactMatch string
The value of the header should exactly match contents of exactMatch.
InvertMatch bool
If set to false (default), the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
PrefixMatch string
The value of the header must start with the contents of prefixMatch.
PresentMatch bool
A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
SuffixMatch string
The value of the header must end with the contents of suffixMatch.
headerName This property is required. String
The header name to match on.
exactMatch String
The value of the header should exactly match contents of exactMatch.
invertMatch Boolean
If set to false (default), the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
prefixMatch String
The value of the header must start with the contents of prefixMatch.
presentMatch Boolean
A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
suffixMatch String
The value of the header must end with the contents of suffixMatch.
headerName This property is required. string
The header name to match on.
exactMatch string
The value of the header should exactly match contents of exactMatch.
invertMatch boolean
If set to false (default), the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
prefixMatch string
The value of the header must start with the contents of prefixMatch.
presentMatch boolean
A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
suffixMatch string
The value of the header must end with the contents of suffixMatch.
header_name This property is required. str
The header name to match on.
exact_match str
The value of the header should exactly match contents of exactMatch.
invert_match bool
If set to false (default), the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
prefix_match str
The value of the header must start with the contents of prefixMatch.
present_match bool
A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
suffix_match str
The value of the header must end with the contents of suffixMatch.
headerName This property is required. String
The header name to match on.
exactMatch String
The value of the header should exactly match contents of exactMatch.
invertMatch Boolean
If set to false (default), the headerMatch is considered a match if the match criteria above are met. If set to true, the headerMatch is considered a match if the match criteria above are NOT met.
prefixMatch String
The value of the header must start with the contents of prefixMatch.
presentMatch Boolean
A header with the contents of headerName must exist. The match takes place whether or not the request's header has a value.
suffixMatch String
The value of the header must end with the contents of suffixMatch.

EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatch
, EdgeCacheServiceRoutingPathMatcherRouteRuleMatchRuleQueryParameterMatchArgs

Name This property is required. string
The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
ExactMatch string
The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
PresentMatch bool
Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
Name This property is required. string
The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
ExactMatch string
The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
PresentMatch bool
Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
name This property is required. String
The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
exactMatch String
The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
presentMatch Boolean
Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
name This property is required. string
The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
exactMatch string
The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
presentMatch boolean
Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
name This property is required. str
The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
exact_match str
The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
present_match bool
Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.
name This property is required. String
The name of the query parameter to match. The query parameter must exist in the request, in the absence of which the request match fails.
exactMatch String
The queryParameterMatch matches if the value of the parameter exactly matches the contents of exactMatch.
presentMatch Boolean
Specifies that the queryParameterMatch matches if the request contains the query parameter, irrespective of whether the parameter has a value or not.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteAction
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionArgs

CdnPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicy
The policy to use for defining caching and signed request behaviour for requests that match this route. Structure is documented below.
CompressionMode string
Setting the compression mode to automatic enables dynamic compression for every eligible response. When dynamic compression is enabled, it is recommended to also set a cache policy to maximize efficiency. Possible values are: DISABLED, AUTOMATIC.
CorsPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicy
CORSPolicy defines Cross-Origin-Resource-Sharing configuration, including which CORS response headers will be set. Structure is documented below.
UrlRewrite EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewrite
The URL rewrite configuration for requests that match this route. Structure is documented below.
CdnPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicy
The policy to use for defining caching and signed request behaviour for requests that match this route. Structure is documented below.
CompressionMode string
Setting the compression mode to automatic enables dynamic compression for every eligible response. When dynamic compression is enabled, it is recommended to also set a cache policy to maximize efficiency. Possible values are: DISABLED, AUTOMATIC.
CorsPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicy
CORSPolicy defines Cross-Origin-Resource-Sharing configuration, including which CORS response headers will be set. Structure is documented below.
UrlRewrite EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewrite
The URL rewrite configuration for requests that match this route. Structure is documented below.
cdnPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicy
The policy to use for defining caching and signed request behaviour for requests that match this route. Structure is documented below.
compressionMode String
Setting the compression mode to automatic enables dynamic compression for every eligible response. When dynamic compression is enabled, it is recommended to also set a cache policy to maximize efficiency. Possible values are: DISABLED, AUTOMATIC.
corsPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicy
CORSPolicy defines Cross-Origin-Resource-Sharing configuration, including which CORS response headers will be set. Structure is documented below.
urlRewrite EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewrite
The URL rewrite configuration for requests that match this route. Structure is documented below.
cdnPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicy
The policy to use for defining caching and signed request behaviour for requests that match this route. Structure is documented below.
compressionMode string
Setting the compression mode to automatic enables dynamic compression for every eligible response. When dynamic compression is enabled, it is recommended to also set a cache policy to maximize efficiency. Possible values are: DISABLED, AUTOMATIC.
corsPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicy
CORSPolicy defines Cross-Origin-Resource-Sharing configuration, including which CORS response headers will be set. Structure is documented below.
urlRewrite EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewrite
The URL rewrite configuration for requests that match this route. Structure is documented below.
cdn_policy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicy
The policy to use for defining caching and signed request behaviour for requests that match this route. Structure is documented below.
compression_mode str
Setting the compression mode to automatic enables dynamic compression for every eligible response. When dynamic compression is enabled, it is recommended to also set a cache policy to maximize efficiency. Possible values are: DISABLED, AUTOMATIC.
cors_policy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicy
CORSPolicy defines Cross-Origin-Resource-Sharing configuration, including which CORS response headers will be set. Structure is documented below.
url_rewrite EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewrite
The URL rewrite configuration for requests that match this route. Structure is documented below.
cdnPolicy Property Map
The policy to use for defining caching and signed request behaviour for requests that match this route. Structure is documented below.
compressionMode String
Setting the compression mode to automatic enables dynamic compression for every eligible response. When dynamic compression is enabled, it is recommended to also set a cache policy to maximize efficiency. Possible values are: DISABLED, AUTOMATIC.
corsPolicy Property Map
CORSPolicy defines Cross-Origin-Resource-Sharing configuration, including which CORS response headers will be set. Structure is documented below.
urlRewrite Property Map
The URL rewrite configuration for requests that match this route. Structure is documented below.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicy
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyArgs

AddSignatures EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignatures
Enable signature generation or propagation on this route. This field may only be specified when signedRequestMode is set to REQUIRE_TOKENS. Structure is documented below.
CacheKeyPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicy
Defines the request parameters that contribute to the cache key. Structure is documented below.
CacheMode string
Cache modes allow users to control the behaviour of the cache, what content it should cache automatically, whether to respect origin headers, or whether to unconditionally cache all responses. For all cache modes, Cache-Control headers will be passed to the client. Use clientTtl to override what is sent to the client. Possible values are: CACHE_ALL_STATIC, USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, BYPASS_CACHE.
ClientTtl string
Specifies a separate client (e.g. browser client) TTL, separate from the TTL used by the edge caches. Leaving this empty will use the same cache TTL for both the CDN and the client-facing response.

  • The TTL must be > 0 and <= 86400s (1 day)
  • The clientTtl cannot be larger than the defaultTtl (if set)
  • Fractions of a second are not allowed. Omit this field to use the defaultTtl, or the max-age set by the origin, as the client-facing TTL. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
DefaultTtl string
Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Defaults to 3600s (1 hour).

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate" (equivalent to must-revalidate)
  • The value of defaultTTL cannot be set to a value greater than that of maxTTL.
  • Fractions of a second are not allowed.
  • When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. Note that infrequently accessed objects may be evicted from the cache before the defined TTL. Objects that expire will be revalidated with the origin. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
MaxTtl string
Specifies the maximum allowed TTL for cached content served by this origin. Defaults to 86400s (1 day). Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTtl seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive.

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate"
  • The value of maxTtl must be equal to or greater than defaultTtl.
  • Fractions of a second are not allowed. When the cache mode is set to "USE_ORIGIN_HEADERS", "FORCE_CACHE_ALL", or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
NegativeCaching bool
Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. By default, the CDNPolicy will apply the following default TTLs to these status codes:

  • HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m
  • HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s
  • HTTP 405 (Method Not Found), 414 (URI Too Long), 501 (Not Implemented): 60s These defaults can be overridden in negativeCachingPolicy
NegativeCachingPolicy Dictionary<string, string>
Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy.

  • Omitting the policy and leaving negativeCaching enabled will use the default TTLs for each status code, defined in negativeCaching.
  • TTLs must be >= 0 (where 0 is "always revalidate") and <= 86400s (1 day) Note that when specifying an explicit negativeCachingPolicy, you should take care to specify a cache TTL for all response codes that you wish to cache. The CDNPolicy will not apply any default negative caching when a policy exists.
SignedRequestKeyset string
The EdgeCacheKeyset containing the set of public keys used to validate signed requests at the edge.
SignedRequestMaximumExpirationTtl string
Limit how far into the future the expiration time of a signed request may be. When set, a signed request is rejected if its expiration time is later than now + signedRequestMaximumExpirationTtl, where now is the time at which the signed request is first handled by the CDN.

  • The TTL must be > 0.
  • Fractions of a second are not allowed. By default, signedRequestMaximumExpirationTtl is not set and the expiration time of a signed request may be arbitrarily far into future.
SignedRequestMode string
Whether to enforce signed requests. The default value is DISABLED, which means all content is public, and does not authorize access. You must also set a signedRequestKeyset to enable signed requests. When set to REQUIRE_SIGNATURES, all matching requests will have their signature validated. Requests that were not signed with the corresponding private key, or that are otherwise invalid (expired, do not match the signature, IP address, or header) will be rejected with a HTTP 403 and (if enabled) logged. Possible values are: DISABLED, REQUIRE_SIGNATURES, REQUIRE_TOKENS.
SignedTokenOptions EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptions
Additional options for signed tokens. signedTokenOptions may only be specified when signedRequestMode is REQUIRE_TOKENS. Structure is documented below.
AddSignatures EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignatures
Enable signature generation or propagation on this route. This field may only be specified when signedRequestMode is set to REQUIRE_TOKENS. Structure is documented below.
CacheKeyPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicy
Defines the request parameters that contribute to the cache key. Structure is documented below.
CacheMode string
Cache modes allow users to control the behaviour of the cache, what content it should cache automatically, whether to respect origin headers, or whether to unconditionally cache all responses. For all cache modes, Cache-Control headers will be passed to the client. Use clientTtl to override what is sent to the client. Possible values are: CACHE_ALL_STATIC, USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, BYPASS_CACHE.
ClientTtl string
Specifies a separate client (e.g. browser client) TTL, separate from the TTL used by the edge caches. Leaving this empty will use the same cache TTL for both the CDN and the client-facing response.

  • The TTL must be > 0 and <= 86400s (1 day)
  • The clientTtl cannot be larger than the defaultTtl (if set)
  • Fractions of a second are not allowed. Omit this field to use the defaultTtl, or the max-age set by the origin, as the client-facing TTL. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
DefaultTtl string
Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Defaults to 3600s (1 hour).

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate" (equivalent to must-revalidate)
  • The value of defaultTTL cannot be set to a value greater than that of maxTTL.
  • Fractions of a second are not allowed.
  • When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. Note that infrequently accessed objects may be evicted from the cache before the defined TTL. Objects that expire will be revalidated with the origin. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
MaxTtl string
Specifies the maximum allowed TTL for cached content served by this origin. Defaults to 86400s (1 day). Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTtl seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive.

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate"
  • The value of maxTtl must be equal to or greater than defaultTtl.
  • Fractions of a second are not allowed. When the cache mode is set to "USE_ORIGIN_HEADERS", "FORCE_CACHE_ALL", or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
NegativeCaching bool
Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. By default, the CDNPolicy will apply the following default TTLs to these status codes:

  • HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m
  • HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s
  • HTTP 405 (Method Not Found), 414 (URI Too Long), 501 (Not Implemented): 60s These defaults can be overridden in negativeCachingPolicy
NegativeCachingPolicy map[string]string
Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy.

  • Omitting the policy and leaving negativeCaching enabled will use the default TTLs for each status code, defined in negativeCaching.
  • TTLs must be >= 0 (where 0 is "always revalidate") and <= 86400s (1 day) Note that when specifying an explicit negativeCachingPolicy, you should take care to specify a cache TTL for all response codes that you wish to cache. The CDNPolicy will not apply any default negative caching when a policy exists.
SignedRequestKeyset string
The EdgeCacheKeyset containing the set of public keys used to validate signed requests at the edge.
SignedRequestMaximumExpirationTtl string
Limit how far into the future the expiration time of a signed request may be. When set, a signed request is rejected if its expiration time is later than now + signedRequestMaximumExpirationTtl, where now is the time at which the signed request is first handled by the CDN.

  • The TTL must be > 0.
  • Fractions of a second are not allowed. By default, signedRequestMaximumExpirationTtl is not set and the expiration time of a signed request may be arbitrarily far into future.
SignedRequestMode string
Whether to enforce signed requests. The default value is DISABLED, which means all content is public, and does not authorize access. You must also set a signedRequestKeyset to enable signed requests. When set to REQUIRE_SIGNATURES, all matching requests will have their signature validated. Requests that were not signed with the corresponding private key, or that are otherwise invalid (expired, do not match the signature, IP address, or header) will be rejected with a HTTP 403 and (if enabled) logged. Possible values are: DISABLED, REQUIRE_SIGNATURES, REQUIRE_TOKENS.
SignedTokenOptions EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptions
Additional options for signed tokens. signedTokenOptions may only be specified when signedRequestMode is REQUIRE_TOKENS. Structure is documented below.
addSignatures EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignatures
Enable signature generation or propagation on this route. This field may only be specified when signedRequestMode is set to REQUIRE_TOKENS. Structure is documented below.
cacheKeyPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicy
Defines the request parameters that contribute to the cache key. Structure is documented below.
cacheMode String
Cache modes allow users to control the behaviour of the cache, what content it should cache automatically, whether to respect origin headers, or whether to unconditionally cache all responses. For all cache modes, Cache-Control headers will be passed to the client. Use clientTtl to override what is sent to the client. Possible values are: CACHE_ALL_STATIC, USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, BYPASS_CACHE.
clientTtl String
Specifies a separate client (e.g. browser client) TTL, separate from the TTL used by the edge caches. Leaving this empty will use the same cache TTL for both the CDN and the client-facing response.

  • The TTL must be > 0 and <= 86400s (1 day)
  • The clientTtl cannot be larger than the defaultTtl (if set)
  • Fractions of a second are not allowed. Omit this field to use the defaultTtl, or the max-age set by the origin, as the client-facing TTL. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
defaultTtl String
Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Defaults to 3600s (1 hour).

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate" (equivalent to must-revalidate)
  • The value of defaultTTL cannot be set to a value greater than that of maxTTL.
  • Fractions of a second are not allowed.
  • When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. Note that infrequently accessed objects may be evicted from the cache before the defined TTL. Objects that expire will be revalidated with the origin. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
maxTtl String
Specifies the maximum allowed TTL for cached content served by this origin. Defaults to 86400s (1 day). Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTtl seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive.

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate"
  • The value of maxTtl must be equal to or greater than defaultTtl.
  • Fractions of a second are not allowed. When the cache mode is set to "USE_ORIGIN_HEADERS", "FORCE_CACHE_ALL", or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
negativeCaching Boolean
Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. By default, the CDNPolicy will apply the following default TTLs to these status codes:

  • HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m
  • HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s
  • HTTP 405 (Method Not Found), 414 (URI Too Long), 501 (Not Implemented): 60s These defaults can be overridden in negativeCachingPolicy
negativeCachingPolicy Map<String,String>
Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy.

  • Omitting the policy and leaving negativeCaching enabled will use the default TTLs for each status code, defined in negativeCaching.
  • TTLs must be >= 0 (where 0 is "always revalidate") and <= 86400s (1 day) Note that when specifying an explicit negativeCachingPolicy, you should take care to specify a cache TTL for all response codes that you wish to cache. The CDNPolicy will not apply any default negative caching when a policy exists.
signedRequestKeyset String
The EdgeCacheKeyset containing the set of public keys used to validate signed requests at the edge.
signedRequestMaximumExpirationTtl String
Limit how far into the future the expiration time of a signed request may be. When set, a signed request is rejected if its expiration time is later than now + signedRequestMaximumExpirationTtl, where now is the time at which the signed request is first handled by the CDN.

  • The TTL must be > 0.
  • Fractions of a second are not allowed. By default, signedRequestMaximumExpirationTtl is not set and the expiration time of a signed request may be arbitrarily far into future.
signedRequestMode String
Whether to enforce signed requests. The default value is DISABLED, which means all content is public, and does not authorize access. You must also set a signedRequestKeyset to enable signed requests. When set to REQUIRE_SIGNATURES, all matching requests will have their signature validated. Requests that were not signed with the corresponding private key, or that are otherwise invalid (expired, do not match the signature, IP address, or header) will be rejected with a HTTP 403 and (if enabled) logged. Possible values are: DISABLED, REQUIRE_SIGNATURES, REQUIRE_TOKENS.
signedTokenOptions EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptions
Additional options for signed tokens. signedTokenOptions may only be specified when signedRequestMode is REQUIRE_TOKENS. Structure is documented below.
addSignatures EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignatures
Enable signature generation or propagation on this route. This field may only be specified when signedRequestMode is set to REQUIRE_TOKENS. Structure is documented below.
cacheKeyPolicy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicy
Defines the request parameters that contribute to the cache key. Structure is documented below.
cacheMode string
Cache modes allow users to control the behaviour of the cache, what content it should cache automatically, whether to respect origin headers, or whether to unconditionally cache all responses. For all cache modes, Cache-Control headers will be passed to the client. Use clientTtl to override what is sent to the client. Possible values are: CACHE_ALL_STATIC, USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, BYPASS_CACHE.
clientTtl string
Specifies a separate client (e.g. browser client) TTL, separate from the TTL used by the edge caches. Leaving this empty will use the same cache TTL for both the CDN and the client-facing response.

  • The TTL must be > 0 and <= 86400s (1 day)
  • The clientTtl cannot be larger than the defaultTtl (if set)
  • Fractions of a second are not allowed. Omit this field to use the defaultTtl, or the max-age set by the origin, as the client-facing TTL. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
defaultTtl string
Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Defaults to 3600s (1 hour).

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate" (equivalent to must-revalidate)
  • The value of defaultTTL cannot be set to a value greater than that of maxTTL.
  • Fractions of a second are not allowed.
  • When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. Note that infrequently accessed objects may be evicted from the cache before the defined TTL. Objects that expire will be revalidated with the origin. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
maxTtl string
Specifies the maximum allowed TTL for cached content served by this origin. Defaults to 86400s (1 day). Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTtl seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive.

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate"
  • The value of maxTtl must be equal to or greater than defaultTtl.
  • Fractions of a second are not allowed. When the cache mode is set to "USE_ORIGIN_HEADERS", "FORCE_CACHE_ALL", or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
negativeCaching boolean
Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. By default, the CDNPolicy will apply the following default TTLs to these status codes:

  • HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m
  • HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s
  • HTTP 405 (Method Not Found), 414 (URI Too Long), 501 (Not Implemented): 60s These defaults can be overridden in negativeCachingPolicy
negativeCachingPolicy {[key: string]: string}
Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy.

  • Omitting the policy and leaving negativeCaching enabled will use the default TTLs for each status code, defined in negativeCaching.
  • TTLs must be >= 0 (where 0 is "always revalidate") and <= 86400s (1 day) Note that when specifying an explicit negativeCachingPolicy, you should take care to specify a cache TTL for all response codes that you wish to cache. The CDNPolicy will not apply any default negative caching when a policy exists.
signedRequestKeyset string
The EdgeCacheKeyset containing the set of public keys used to validate signed requests at the edge.
signedRequestMaximumExpirationTtl string
Limit how far into the future the expiration time of a signed request may be. When set, a signed request is rejected if its expiration time is later than now + signedRequestMaximumExpirationTtl, where now is the time at which the signed request is first handled by the CDN.

  • The TTL must be > 0.
  • Fractions of a second are not allowed. By default, signedRequestMaximumExpirationTtl is not set and the expiration time of a signed request may be arbitrarily far into future.
signedRequestMode string
Whether to enforce signed requests. The default value is DISABLED, which means all content is public, and does not authorize access. You must also set a signedRequestKeyset to enable signed requests. When set to REQUIRE_SIGNATURES, all matching requests will have their signature validated. Requests that were not signed with the corresponding private key, or that are otherwise invalid (expired, do not match the signature, IP address, or header) will be rejected with a HTTP 403 and (if enabled) logged. Possible values are: DISABLED, REQUIRE_SIGNATURES, REQUIRE_TOKENS.
signedTokenOptions EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptions
Additional options for signed tokens. signedTokenOptions may only be specified when signedRequestMode is REQUIRE_TOKENS. Structure is documented below.
add_signatures EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignatures
Enable signature generation or propagation on this route. This field may only be specified when signedRequestMode is set to REQUIRE_TOKENS. Structure is documented below.
cache_key_policy EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicy
Defines the request parameters that contribute to the cache key. Structure is documented below.
cache_mode str
Cache modes allow users to control the behaviour of the cache, what content it should cache automatically, whether to respect origin headers, or whether to unconditionally cache all responses. For all cache modes, Cache-Control headers will be passed to the client. Use clientTtl to override what is sent to the client. Possible values are: CACHE_ALL_STATIC, USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, BYPASS_CACHE.
client_ttl str
Specifies a separate client (e.g. browser client) TTL, separate from the TTL used by the edge caches. Leaving this empty will use the same cache TTL for both the CDN and the client-facing response.

  • The TTL must be > 0 and <= 86400s (1 day)
  • The clientTtl cannot be larger than the defaultTtl (if set)
  • Fractions of a second are not allowed. Omit this field to use the defaultTtl, or the max-age set by the origin, as the client-facing TTL. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
default_ttl str
Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Defaults to 3600s (1 hour).

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate" (equivalent to must-revalidate)
  • The value of defaultTTL cannot be set to a value greater than that of maxTTL.
  • Fractions of a second are not allowed.
  • When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. Note that infrequently accessed objects may be evicted from the cache before the defined TTL. Objects that expire will be revalidated with the origin. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
max_ttl str
Specifies the maximum allowed TTL for cached content served by this origin. Defaults to 86400s (1 day). Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTtl seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive.

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate"
  • The value of maxTtl must be equal to or greater than defaultTtl.
  • Fractions of a second are not allowed. When the cache mode is set to "USE_ORIGIN_HEADERS", "FORCE_CACHE_ALL", or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
negative_caching bool
Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. By default, the CDNPolicy will apply the following default TTLs to these status codes:

  • HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m
  • HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s
  • HTTP 405 (Method Not Found), 414 (URI Too Long), 501 (Not Implemented): 60s These defaults can be overridden in negativeCachingPolicy
negative_caching_policy Mapping[str, str]
Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy.

  • Omitting the policy and leaving negativeCaching enabled will use the default TTLs for each status code, defined in negativeCaching.
  • TTLs must be >= 0 (where 0 is "always revalidate") and <= 86400s (1 day) Note that when specifying an explicit negativeCachingPolicy, you should take care to specify a cache TTL for all response codes that you wish to cache. The CDNPolicy will not apply any default negative caching when a policy exists.
signed_request_keyset str
The EdgeCacheKeyset containing the set of public keys used to validate signed requests at the edge.
signed_request_maximum_expiration_ttl str
Limit how far into the future the expiration time of a signed request may be. When set, a signed request is rejected if its expiration time is later than now + signedRequestMaximumExpirationTtl, where now is the time at which the signed request is first handled by the CDN.

  • The TTL must be > 0.
  • Fractions of a second are not allowed. By default, signedRequestMaximumExpirationTtl is not set and the expiration time of a signed request may be arbitrarily far into future.
signed_request_mode str
Whether to enforce signed requests. The default value is DISABLED, which means all content is public, and does not authorize access. You must also set a signedRequestKeyset to enable signed requests. When set to REQUIRE_SIGNATURES, all matching requests will have their signature validated. Requests that were not signed with the corresponding private key, or that are otherwise invalid (expired, do not match the signature, IP address, or header) will be rejected with a HTTP 403 and (if enabled) logged. Possible values are: DISABLED, REQUIRE_SIGNATURES, REQUIRE_TOKENS.
signed_token_options EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptions
Additional options for signed tokens. signedTokenOptions may only be specified when signedRequestMode is REQUIRE_TOKENS. Structure is documented below.
addSignatures Property Map
Enable signature generation or propagation on this route. This field may only be specified when signedRequestMode is set to REQUIRE_TOKENS. Structure is documented below.
cacheKeyPolicy Property Map
Defines the request parameters that contribute to the cache key. Structure is documented below.
cacheMode String
Cache modes allow users to control the behaviour of the cache, what content it should cache automatically, whether to respect origin headers, or whether to unconditionally cache all responses. For all cache modes, Cache-Control headers will be passed to the client. Use clientTtl to override what is sent to the client. Possible values are: CACHE_ALL_STATIC, USE_ORIGIN_HEADERS, FORCE_CACHE_ALL, BYPASS_CACHE.
clientTtl String
Specifies a separate client (e.g. browser client) TTL, separate from the TTL used by the edge caches. Leaving this empty will use the same cache TTL for both the CDN and the client-facing response.

  • The TTL must be > 0 and <= 86400s (1 day)
  • The clientTtl cannot be larger than the defaultTtl (if set)
  • Fractions of a second are not allowed. Omit this field to use the defaultTtl, or the max-age set by the origin, as the client-facing TTL. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
defaultTtl String
Specifies the default TTL for cached content served by this origin for responses that do not have an existing valid TTL (max-age or s-max-age). Defaults to 3600s (1 hour).

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate" (equivalent to must-revalidate)
  • The value of defaultTTL cannot be set to a value greater than that of maxTTL.
  • Fractions of a second are not allowed.
  • When the cacheMode is set to FORCE_CACHE_ALL, the defaultTTL will overwrite the TTL set in all responses. Note that infrequently accessed objects may be evicted from the cache before the defined TTL. Objects that expire will be revalidated with the origin. When the cache mode is set to "USE_ORIGIN_HEADERS" or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
maxTtl String
Specifies the maximum allowed TTL for cached content served by this origin. Defaults to 86400s (1 day). Cache directives that attempt to set a max-age or s-maxage higher than this, or an Expires header more than maxTtl seconds in the future will be capped at the value of maxTTL, as if it were the value of an s-maxage Cache-Control directive.

  • The TTL must be >= 0 and <= 31,536,000 seconds (1 year)
  • Setting a TTL of "0" means "always revalidate"
  • The value of maxTtl must be equal to or greater than defaultTtl.
  • Fractions of a second are not allowed. When the cache mode is set to "USE_ORIGIN_HEADERS", "FORCE_CACHE_ALL", or "BYPASS_CACHE", you must omit this field. A duration in seconds terminated by 's'. Example: "3s".
negativeCaching Boolean
Negative caching allows per-status code TTLs to be set, in order to apply fine-grained caching for common errors or redirects. This can reduce the load on your origin and improve end-user experience by reducing response latency. By default, the CDNPolicy will apply the following default TTLs to these status codes:

  • HTTP 300 (Multiple Choice), 301, 308 (Permanent Redirects): 10m
  • HTTP 404 (Not Found), 410 (Gone), 451 (Unavailable For Legal Reasons): 120s
  • HTTP 405 (Method Not Found), 414 (URI Too Long), 501 (Not Implemented): 60s These defaults can be overridden in negativeCachingPolicy
negativeCachingPolicy Map<String>
Sets a cache TTL for the specified HTTP status code. negativeCaching must be enabled to configure negativeCachingPolicy.

  • Omitting the policy and leaving negativeCaching enabled will use the default TTLs for each status code, defined in negativeCaching.
  • TTLs must be >= 0 (where 0 is "always revalidate") and <= 86400s (1 day) Note that when specifying an explicit negativeCachingPolicy, you should take care to specify a cache TTL for all response codes that you wish to cache. The CDNPolicy will not apply any default negative caching when a policy exists.
signedRequestKeyset String
The EdgeCacheKeyset containing the set of public keys used to validate signed requests at the edge.
signedRequestMaximumExpirationTtl String
Limit how far into the future the expiration time of a signed request may be. When set, a signed request is rejected if its expiration time is later than now + signedRequestMaximumExpirationTtl, where now is the time at which the signed request is first handled by the CDN.

  • The TTL must be > 0.
  • Fractions of a second are not allowed. By default, signedRequestMaximumExpirationTtl is not set and the expiration time of a signed request may be arbitrarily far into future.
signedRequestMode String
Whether to enforce signed requests. The default value is DISABLED, which means all content is public, and does not authorize access. You must also set a signedRequestKeyset to enable signed requests. When set to REQUIRE_SIGNATURES, all matching requests will have their signature validated. Requests that were not signed with the corresponding private key, or that are otherwise invalid (expired, do not match the signature, IP address, or header) will be rejected with a HTTP 403 and (if enabled) logged. Possible values are: DISABLED, REQUIRE_SIGNATURES, REQUIRE_TOKENS.
signedTokenOptions Property Map
Additional options for signed tokens. signedTokenOptions may only be specified when signedRequestMode is REQUIRE_TOKENS. Structure is documented below.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignatures
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyAddSignaturesArgs

Actions This property is required. string
The actions to take to add signatures to responses. Each value may be one of: GENERATE_COOKIE, GENERATE_TOKEN_HLS_COOKIELESS, PROPAGATE_TOKEN_HLS_COOKIELESS.
CopiedParameters List<string>
The parameters to copy from the verified token to the generated token. Only the following parameters may be copied:

  • PathGlobs
Keyset string
The keyset to use for signature generation. The following are both valid paths to an EdgeCacheKeyset resource:

  • projects/project/locations/global/edgeCacheKeysets/yourKeyset
  • yourKeyset This must be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. This field may not be specified otherwise.
TokenQueryParameter string
The query parameter in which to put the generated token. If not specified, defaults to edge-cache-token. If specified, the name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. This field may only be set when the GENERATE_TOKEN_HLS_COOKIELESS or PROPAGATE_TOKEN_HLS_COOKIELESS actions are specified.
TokenTtl string
The duration the token is valid starting from the moment the token is first generated. Defaults to 86400s (1 day). The TTL must be >= 0 and <= 604,800 seconds (1 week). This field may only be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
Actions This property is required. string
The actions to take to add signatures to responses. Each value may be one of: GENERATE_COOKIE, GENERATE_TOKEN_HLS_COOKIELESS, PROPAGATE_TOKEN_HLS_COOKIELESS.
CopiedParameters []string
The parameters to copy from the verified token to the generated token. Only the following parameters may be copied:

  • PathGlobs
Keyset string
The keyset to use for signature generation. The following are both valid paths to an EdgeCacheKeyset resource:

  • projects/project/locations/global/edgeCacheKeysets/yourKeyset
  • yourKeyset This must be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. This field may not be specified otherwise.
TokenQueryParameter string
The query parameter in which to put the generated token. If not specified, defaults to edge-cache-token. If specified, the name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. This field may only be set when the GENERATE_TOKEN_HLS_COOKIELESS or PROPAGATE_TOKEN_HLS_COOKIELESS actions are specified.
TokenTtl string
The duration the token is valid starting from the moment the token is first generated. Defaults to 86400s (1 day). The TTL must be >= 0 and <= 604,800 seconds (1 week). This field may only be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
actions This property is required. String
The actions to take to add signatures to responses. Each value may be one of: GENERATE_COOKIE, GENERATE_TOKEN_HLS_COOKIELESS, PROPAGATE_TOKEN_HLS_COOKIELESS.
copiedParameters List<String>
The parameters to copy from the verified token to the generated token. Only the following parameters may be copied:

  • PathGlobs
keyset String
The keyset to use for signature generation. The following are both valid paths to an EdgeCacheKeyset resource:

  • projects/project/locations/global/edgeCacheKeysets/yourKeyset
  • yourKeyset This must be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. This field may not be specified otherwise.
tokenQueryParameter String
The query parameter in which to put the generated token. If not specified, defaults to edge-cache-token. If specified, the name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. This field may only be set when the GENERATE_TOKEN_HLS_COOKIELESS or PROPAGATE_TOKEN_HLS_COOKIELESS actions are specified.
tokenTtl String
The duration the token is valid starting from the moment the token is first generated. Defaults to 86400s (1 day). The TTL must be >= 0 and <= 604,800 seconds (1 week). This field may only be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
actions This property is required. string
The actions to take to add signatures to responses. Each value may be one of: GENERATE_COOKIE, GENERATE_TOKEN_HLS_COOKIELESS, PROPAGATE_TOKEN_HLS_COOKIELESS.
copiedParameters string[]
The parameters to copy from the verified token to the generated token. Only the following parameters may be copied:

  • PathGlobs
keyset string
The keyset to use for signature generation. The following are both valid paths to an EdgeCacheKeyset resource:

  • projects/project/locations/global/edgeCacheKeysets/yourKeyset
  • yourKeyset This must be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. This field may not be specified otherwise.
tokenQueryParameter string
The query parameter in which to put the generated token. If not specified, defaults to edge-cache-token. If specified, the name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. This field may only be set when the GENERATE_TOKEN_HLS_COOKIELESS or PROPAGATE_TOKEN_HLS_COOKIELESS actions are specified.
tokenTtl string
The duration the token is valid starting from the moment the token is first generated. Defaults to 86400s (1 day). The TTL must be >= 0 and <= 604,800 seconds (1 week). This field may only be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
actions This property is required. str
The actions to take to add signatures to responses. Each value may be one of: GENERATE_COOKIE, GENERATE_TOKEN_HLS_COOKIELESS, PROPAGATE_TOKEN_HLS_COOKIELESS.
copied_parameters Sequence[str]
The parameters to copy from the verified token to the generated token. Only the following parameters may be copied:

  • PathGlobs
keyset str
The keyset to use for signature generation. The following are both valid paths to an EdgeCacheKeyset resource:

  • projects/project/locations/global/edgeCacheKeysets/yourKeyset
  • yourKeyset This must be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. This field may not be specified otherwise.
token_query_parameter str
The query parameter in which to put the generated token. If not specified, defaults to edge-cache-token. If specified, the name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. This field may only be set when the GENERATE_TOKEN_HLS_COOKIELESS or PROPAGATE_TOKEN_HLS_COOKIELESS actions are specified.
token_ttl str
The duration the token is valid starting from the moment the token is first generated. Defaults to 86400s (1 day). The TTL must be >= 0 and <= 604,800 seconds (1 week). This field may only be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
actions This property is required. String
The actions to take to add signatures to responses. Each value may be one of: GENERATE_COOKIE, GENERATE_TOKEN_HLS_COOKIELESS, PROPAGATE_TOKEN_HLS_COOKIELESS.
copiedParameters List<String>
The parameters to copy from the verified token to the generated token. Only the following parameters may be copied:

  • PathGlobs
keyset String
The keyset to use for signature generation. The following are both valid paths to an EdgeCacheKeyset resource:

  • projects/project/locations/global/edgeCacheKeysets/yourKeyset
  • yourKeyset This must be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. This field may not be specified otherwise.
tokenQueryParameter String
The query parameter in which to put the generated token. If not specified, defaults to edge-cache-token. If specified, the name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. This field may only be set when the GENERATE_TOKEN_HLS_COOKIELESS or PROPAGATE_TOKEN_HLS_COOKIELESS actions are specified.
tokenTtl String
The duration the token is valid starting from the moment the token is first generated. Defaults to 86400s (1 day). The TTL must be >= 0 and <= 604,800 seconds (1 week). This field may only be specified when the GENERATE_COOKIE or GENERATE_TOKEN_HLS_COOKIELESS actions are specified. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicy
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicyCacheKeyPolicyArgs

ExcludeHost bool
If true, requests to different hosts will be cached separately. Note: this should only be enabled if hosts share the same origin and content. Removing the host from the cache key may inadvertently result in different objects being cached than intended, depending on which route the first user matched.
ExcludeQueryString bool
If true, exclude query string parameters from the cache key If false (the default), include the query string parameters in the cache key according to includeQueryParameters and excludeQueryParameters. If neither includeQueryParameters nor excludeQueryParameters is set, the entire query string will be included.
ExcludedQueryParameters List<string>
Names of query string parameters to exclude from cache keys. All other parameters will be included. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
IncludeProtocol bool
If true, http and https requests will be cached separately.
IncludedCookieNames List<string>
Names of Cookies to include in cache keys. The cookie name and cookie value of each cookie named will be used as part of the cache key. Cookie names:

  • must be valid RFC 6265 "cookie-name" tokens
  • are case sensitive
  • cannot start with "Edge-Cache-" (case insensitive) Note that specifying several cookies, and/or cookies that have a large range of values (e.g., per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance. You may specify up to three cookie names.
IncludedHeaderNames List<string>
Names of HTTP request headers to include in cache keys. The value of the header field will be used as part of the cache key.

  • Header names must be valid HTTP RFC 7230 header field values.
  • Header field names are case insensitive
  • To include the HTTP method, use ":method" Note that specifying several headers, and/or headers that have a large range of values (e.g. per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance.
IncludedQueryParameters List<string>
Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
ExcludeHost bool
If true, requests to different hosts will be cached separately. Note: this should only be enabled if hosts share the same origin and content. Removing the host from the cache key may inadvertently result in different objects being cached than intended, depending on which route the first user matched.
ExcludeQueryString bool
If true, exclude query string parameters from the cache key If false (the default), include the query string parameters in the cache key according to includeQueryParameters and excludeQueryParameters. If neither includeQueryParameters nor excludeQueryParameters is set, the entire query string will be included.
ExcludedQueryParameters []string
Names of query string parameters to exclude from cache keys. All other parameters will be included. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
IncludeProtocol bool
If true, http and https requests will be cached separately.
IncludedCookieNames []string
Names of Cookies to include in cache keys. The cookie name and cookie value of each cookie named will be used as part of the cache key. Cookie names:

  • must be valid RFC 6265 "cookie-name" tokens
  • are case sensitive
  • cannot start with "Edge-Cache-" (case insensitive) Note that specifying several cookies, and/or cookies that have a large range of values (e.g., per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance. You may specify up to three cookie names.
IncludedHeaderNames []string
Names of HTTP request headers to include in cache keys. The value of the header field will be used as part of the cache key.

  • Header names must be valid HTTP RFC 7230 header field values.
  • Header field names are case insensitive
  • To include the HTTP method, use ":method" Note that specifying several headers, and/or headers that have a large range of values (e.g. per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance.
IncludedQueryParameters []string
Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
excludeHost Boolean
If true, requests to different hosts will be cached separately. Note: this should only be enabled if hosts share the same origin and content. Removing the host from the cache key may inadvertently result in different objects being cached than intended, depending on which route the first user matched.
excludeQueryString Boolean
If true, exclude query string parameters from the cache key If false (the default), include the query string parameters in the cache key according to includeQueryParameters and excludeQueryParameters. If neither includeQueryParameters nor excludeQueryParameters is set, the entire query string will be included.
excludedQueryParameters List<String>
Names of query string parameters to exclude from cache keys. All other parameters will be included. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
includeProtocol Boolean
If true, http and https requests will be cached separately.
includedCookieNames List<String>
Names of Cookies to include in cache keys. The cookie name and cookie value of each cookie named will be used as part of the cache key. Cookie names:

  • must be valid RFC 6265 "cookie-name" tokens
  • are case sensitive
  • cannot start with "Edge-Cache-" (case insensitive) Note that specifying several cookies, and/or cookies that have a large range of values (e.g., per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance. You may specify up to three cookie names.
includedHeaderNames List<String>
Names of HTTP request headers to include in cache keys. The value of the header field will be used as part of the cache key.

  • Header names must be valid HTTP RFC 7230 header field values.
  • Header field names are case insensitive
  • To include the HTTP method, use ":method" Note that specifying several headers, and/or headers that have a large range of values (e.g. per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance.
includedQueryParameters List<String>
Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
excludeHost boolean
If true, requests to different hosts will be cached separately. Note: this should only be enabled if hosts share the same origin and content. Removing the host from the cache key may inadvertently result in different objects being cached than intended, depending on which route the first user matched.
excludeQueryString boolean
If true, exclude query string parameters from the cache key If false (the default), include the query string parameters in the cache key according to includeQueryParameters and excludeQueryParameters. If neither includeQueryParameters nor excludeQueryParameters is set, the entire query string will be included.
excludedQueryParameters string[]
Names of query string parameters to exclude from cache keys. All other parameters will be included. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
includeProtocol boolean
If true, http and https requests will be cached separately.
includedCookieNames string[]
Names of Cookies to include in cache keys. The cookie name and cookie value of each cookie named will be used as part of the cache key. Cookie names:

  • must be valid RFC 6265 "cookie-name" tokens
  • are case sensitive
  • cannot start with "Edge-Cache-" (case insensitive) Note that specifying several cookies, and/or cookies that have a large range of values (e.g., per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance. You may specify up to three cookie names.
includedHeaderNames string[]
Names of HTTP request headers to include in cache keys. The value of the header field will be used as part of the cache key.

  • Header names must be valid HTTP RFC 7230 header field values.
  • Header field names are case insensitive
  • To include the HTTP method, use ":method" Note that specifying several headers, and/or headers that have a large range of values (e.g. per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance.
includedQueryParameters string[]
Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
exclude_host bool
If true, requests to different hosts will be cached separately. Note: this should only be enabled if hosts share the same origin and content. Removing the host from the cache key may inadvertently result in different objects being cached than intended, depending on which route the first user matched.
exclude_query_string bool
If true, exclude query string parameters from the cache key If false (the default), include the query string parameters in the cache key according to includeQueryParameters and excludeQueryParameters. If neither includeQueryParameters nor excludeQueryParameters is set, the entire query string will be included.
excluded_query_parameters Sequence[str]
Names of query string parameters to exclude from cache keys. All other parameters will be included. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
include_protocol bool
If true, http and https requests will be cached separately.
included_cookie_names Sequence[str]
Names of Cookies to include in cache keys. The cookie name and cookie value of each cookie named will be used as part of the cache key. Cookie names:

  • must be valid RFC 6265 "cookie-name" tokens
  • are case sensitive
  • cannot start with "Edge-Cache-" (case insensitive) Note that specifying several cookies, and/or cookies that have a large range of values (e.g., per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance. You may specify up to three cookie names.
included_header_names Sequence[str]
Names of HTTP request headers to include in cache keys. The value of the header field will be used as part of the cache key.

  • Header names must be valid HTTP RFC 7230 header field values.
  • Header field names are case insensitive
  • To include the HTTP method, use ":method" Note that specifying several headers, and/or headers that have a large range of values (e.g. per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance.
included_query_parameters Sequence[str]
Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
excludeHost Boolean
If true, requests to different hosts will be cached separately. Note: this should only be enabled if hosts share the same origin and content. Removing the host from the cache key may inadvertently result in different objects being cached than intended, depending on which route the first user matched.
excludeQueryString Boolean
If true, exclude query string parameters from the cache key If false (the default), include the query string parameters in the cache key according to includeQueryParameters and excludeQueryParameters. If neither includeQueryParameters nor excludeQueryParameters is set, the entire query string will be included.
excludedQueryParameters List<String>
Names of query string parameters to exclude from cache keys. All other parameters will be included. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.
includeProtocol Boolean
If true, http and https requests will be cached separately.
includedCookieNames List<String>
Names of Cookies to include in cache keys. The cookie name and cookie value of each cookie named will be used as part of the cache key. Cookie names:

  • must be valid RFC 6265 "cookie-name" tokens
  • are case sensitive
  • cannot start with "Edge-Cache-" (case insensitive) Note that specifying several cookies, and/or cookies that have a large range of values (e.g., per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance. You may specify up to three cookie names.
includedHeaderNames List<String>
Names of HTTP request headers to include in cache keys. The value of the header field will be used as part of the cache key.

  • Header names must be valid HTTP RFC 7230 header field values.
  • Header field names are case insensitive
  • To include the HTTP method, use ":method" Note that specifying several headers, and/or headers that have a large range of values (e.g. per-user) will dramatically impact the cache hit rate, and may result in a higher eviction rate and reduced performance.
includedQueryParameters List<String>
Names of query string parameters to include in cache keys. All other parameters will be excluded. Either specify includedQueryParameters or excludedQueryParameters, not both. '&' and '=' will be percent encoded and not treated as delimiters.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptions
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCdnPolicySignedTokenOptionsArgs

AllowedSignatureAlgorithms List<string>
The allowed signature algorithms to use. Defaults to using only ED25519. You may specify up to 3 signature algorithms to use. Each value may be one of: ED25519, HMAC_SHA_256, HMAC_SHA1.
TokenQueryParameter string
The query parameter in which to find the token. The name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. Defaults to edge-cache-token.
AllowedSignatureAlgorithms []string
The allowed signature algorithms to use. Defaults to using only ED25519. You may specify up to 3 signature algorithms to use. Each value may be one of: ED25519, HMAC_SHA_256, HMAC_SHA1.
TokenQueryParameter string
The query parameter in which to find the token. The name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. Defaults to edge-cache-token.
allowedSignatureAlgorithms List<String>
The allowed signature algorithms to use. Defaults to using only ED25519. You may specify up to 3 signature algorithms to use. Each value may be one of: ED25519, HMAC_SHA_256, HMAC_SHA1.
tokenQueryParameter String
The query parameter in which to find the token. The name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. Defaults to edge-cache-token.
allowedSignatureAlgorithms string[]
The allowed signature algorithms to use. Defaults to using only ED25519. You may specify up to 3 signature algorithms to use. Each value may be one of: ED25519, HMAC_SHA_256, HMAC_SHA1.
tokenQueryParameter string
The query parameter in which to find the token. The name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. Defaults to edge-cache-token.
allowed_signature_algorithms Sequence[str]
The allowed signature algorithms to use. Defaults to using only ED25519. You may specify up to 3 signature algorithms to use. Each value may be one of: ED25519, HMAC_SHA_256, HMAC_SHA1.
token_query_parameter str
The query parameter in which to find the token. The name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. Defaults to edge-cache-token.
allowedSignatureAlgorithms List<String>
The allowed signature algorithms to use. Defaults to using only ED25519. You may specify up to 3 signature algorithms to use. Each value may be one of: ED25519, HMAC_SHA_256, HMAC_SHA1.
tokenQueryParameter String
The query parameter in which to find the token. The name must be 1-64 characters long and match the regular expression a-zA-Z* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit. Defaults to edge-cache-token.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicy
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionCorsPolicyArgs

MaxAge This property is required. string
Specifies how long results of a preflight request can be cached by a client in seconds. Note that many browser clients enforce a maximum TTL of 600s (10 minutes).

  • Setting the value to -1 forces a pre-flight check for all requests (not recommended)
  • A maximum TTL of 86400s can be set, but note that (as above) some clients may force pre-flight checks at a more regular interval.
  • This translates to the Access-Control-Max-Age header. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
AllowCredentials bool
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials response header.
AllowHeaders List<string>
Specifies the content for the Access-Control-Allow-Headers response header.
AllowMethods List<string>
Specifies the content for the Access-Control-Allow-Methods response header.
AllowOrigins List<string>
Specifies the list of origins that will be allowed to do CORS requests. This translates to the Access-Control-Allow-Origin response header.
Disabled bool
If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect.
ExposeHeaders List<string>
Specifies the content for the Access-Control-Allow-Headers response header.
MaxAge This property is required. string
Specifies how long results of a preflight request can be cached by a client in seconds. Note that many browser clients enforce a maximum TTL of 600s (10 minutes).

  • Setting the value to -1 forces a pre-flight check for all requests (not recommended)
  • A maximum TTL of 86400s can be set, but note that (as above) some clients may force pre-flight checks at a more regular interval.
  • This translates to the Access-Control-Max-Age header. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
AllowCredentials bool
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials response header.
AllowHeaders []string
Specifies the content for the Access-Control-Allow-Headers response header.
AllowMethods []string
Specifies the content for the Access-Control-Allow-Methods response header.
AllowOrigins []string
Specifies the list of origins that will be allowed to do CORS requests. This translates to the Access-Control-Allow-Origin response header.
Disabled bool
If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect.
ExposeHeaders []string
Specifies the content for the Access-Control-Allow-Headers response header.
maxAge This property is required. String
Specifies how long results of a preflight request can be cached by a client in seconds. Note that many browser clients enforce a maximum TTL of 600s (10 minutes).

  • Setting the value to -1 forces a pre-flight check for all requests (not recommended)
  • A maximum TTL of 86400s can be set, but note that (as above) some clients may force pre-flight checks at a more regular interval.
  • This translates to the Access-Control-Max-Age header. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
allowCredentials Boolean
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials response header.
allowHeaders List<String>
Specifies the content for the Access-Control-Allow-Headers response header.
allowMethods List<String>
Specifies the content for the Access-Control-Allow-Methods response header.
allowOrigins List<String>
Specifies the list of origins that will be allowed to do CORS requests. This translates to the Access-Control-Allow-Origin response header.
disabled Boolean
If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect.
exposeHeaders List<String>
Specifies the content for the Access-Control-Allow-Headers response header.
maxAge This property is required. string
Specifies how long results of a preflight request can be cached by a client in seconds. Note that many browser clients enforce a maximum TTL of 600s (10 minutes).

  • Setting the value to -1 forces a pre-flight check for all requests (not recommended)
  • A maximum TTL of 86400s can be set, but note that (as above) some clients may force pre-flight checks at a more regular interval.
  • This translates to the Access-Control-Max-Age header. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
allowCredentials boolean
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials response header.
allowHeaders string[]
Specifies the content for the Access-Control-Allow-Headers response header.
allowMethods string[]
Specifies the content for the Access-Control-Allow-Methods response header.
allowOrigins string[]
Specifies the list of origins that will be allowed to do CORS requests. This translates to the Access-Control-Allow-Origin response header.
disabled boolean
If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect.
exposeHeaders string[]
Specifies the content for the Access-Control-Allow-Headers response header.
max_age This property is required. str
Specifies how long results of a preflight request can be cached by a client in seconds. Note that many browser clients enforce a maximum TTL of 600s (10 minutes).

  • Setting the value to -1 forces a pre-flight check for all requests (not recommended)
  • A maximum TTL of 86400s can be set, but note that (as above) some clients may force pre-flight checks at a more regular interval.
  • This translates to the Access-Control-Max-Age header. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
allow_credentials bool
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials response header.
allow_headers Sequence[str]
Specifies the content for the Access-Control-Allow-Headers response header.
allow_methods Sequence[str]
Specifies the content for the Access-Control-Allow-Methods response header.
allow_origins Sequence[str]
Specifies the list of origins that will be allowed to do CORS requests. This translates to the Access-Control-Allow-Origin response header.
disabled bool
If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect.
expose_headers Sequence[str]
Specifies the content for the Access-Control-Allow-Headers response header.
maxAge This property is required. String
Specifies how long results of a preflight request can be cached by a client in seconds. Note that many browser clients enforce a maximum TTL of 600s (10 minutes).

  • Setting the value to -1 forces a pre-flight check for all requests (not recommended)
  • A maximum TTL of 86400s can be set, but note that (as above) some clients may force pre-flight checks at a more regular interval.
  • This translates to the Access-Control-Max-Age header. A duration in seconds with up to nine fractional digits, terminated by 's'. Example: "3.5s".
allowCredentials Boolean
In response to a preflight request, setting this to true indicates that the actual request can include user credentials. This translates to the Access-Control-Allow-Credentials response header.
allowHeaders List<String>
Specifies the content for the Access-Control-Allow-Headers response header.
allowMethods List<String>
Specifies the content for the Access-Control-Allow-Methods response header.
allowOrigins List<String>
Specifies the list of origins that will be allowed to do CORS requests. This translates to the Access-Control-Allow-Origin response header.
disabled Boolean
If true, specifies the CORS policy is disabled. The default value is false, which indicates that the CORS policy is in effect.
exposeHeaders List<String>
Specifies the content for the Access-Control-Allow-Headers response header.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewrite
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteActionUrlRewriteArgs

HostRewrite string
Prior to forwarding the request to the selected origin, the request's host header is replaced with contents of hostRewrite.
PathPrefixRewrite string
Prior to forwarding the request to the selected origin, the matching portion of the request's path is replaced by pathPrefixRewrite.
PathTemplateRewrite string
Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the request's path is replaced re-written using the pattern specified by pathTemplateRewrite. pathTemplateRewrite must be between 1 and 255 characters (inclusive), must start with a '/', and must only use variables captured by the route's pathTemplate matchers. pathTemplateRewrite may only be used when all of a route's MatchRules specify pathTemplate. Only one of pathPrefixRewrite and pathTemplateRewrite may be specified.
HostRewrite string
Prior to forwarding the request to the selected origin, the request's host header is replaced with contents of hostRewrite.
PathPrefixRewrite string
Prior to forwarding the request to the selected origin, the matching portion of the request's path is replaced by pathPrefixRewrite.
PathTemplateRewrite string
Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the request's path is replaced re-written using the pattern specified by pathTemplateRewrite. pathTemplateRewrite must be between 1 and 255 characters (inclusive), must start with a '/', and must only use variables captured by the route's pathTemplate matchers. pathTemplateRewrite may only be used when all of a route's MatchRules specify pathTemplate. Only one of pathPrefixRewrite and pathTemplateRewrite may be specified.
hostRewrite String
Prior to forwarding the request to the selected origin, the request's host header is replaced with contents of hostRewrite.
pathPrefixRewrite String
Prior to forwarding the request to the selected origin, the matching portion of the request's path is replaced by pathPrefixRewrite.
pathTemplateRewrite String
Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the request's path is replaced re-written using the pattern specified by pathTemplateRewrite. pathTemplateRewrite must be between 1 and 255 characters (inclusive), must start with a '/', and must only use variables captured by the route's pathTemplate matchers. pathTemplateRewrite may only be used when all of a route's MatchRules specify pathTemplate. Only one of pathPrefixRewrite and pathTemplateRewrite may be specified.
hostRewrite string
Prior to forwarding the request to the selected origin, the request's host header is replaced with contents of hostRewrite.
pathPrefixRewrite string
Prior to forwarding the request to the selected origin, the matching portion of the request's path is replaced by pathPrefixRewrite.
pathTemplateRewrite string
Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the request's path is replaced re-written using the pattern specified by pathTemplateRewrite. pathTemplateRewrite must be between 1 and 255 characters (inclusive), must start with a '/', and must only use variables captured by the route's pathTemplate matchers. pathTemplateRewrite may only be used when all of a route's MatchRules specify pathTemplate. Only one of pathPrefixRewrite and pathTemplateRewrite may be specified.
host_rewrite str
Prior to forwarding the request to the selected origin, the request's host header is replaced with contents of hostRewrite.
path_prefix_rewrite str
Prior to forwarding the request to the selected origin, the matching portion of the request's path is replaced by pathPrefixRewrite.
path_template_rewrite str
Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the request's path is replaced re-written using the pattern specified by pathTemplateRewrite. pathTemplateRewrite must be between 1 and 255 characters (inclusive), must start with a '/', and must only use variables captured by the route's pathTemplate matchers. pathTemplateRewrite may only be used when all of a route's MatchRules specify pathTemplate. Only one of pathPrefixRewrite and pathTemplateRewrite may be specified.
hostRewrite String
Prior to forwarding the request to the selected origin, the request's host header is replaced with contents of hostRewrite.
pathPrefixRewrite String
Prior to forwarding the request to the selected origin, the matching portion of the request's path is replaced by pathPrefixRewrite.
pathTemplateRewrite String
Prior to forwarding the request to the selected origin, if the request matched a pathTemplateMatch, the matching portion of the request's path is replaced re-written using the pattern specified by pathTemplateRewrite. pathTemplateRewrite must be between 1 and 255 characters (inclusive), must start with a '/', and must only use variables captured by the route's pathTemplate matchers. pathTemplateRewrite may only be used when all of a route's MatchRules specify pathTemplate. Only one of pathPrefixRewrite and pathTemplateRewrite may be specified.

EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethods
, EdgeCacheServiceRoutingPathMatcherRouteRuleRouteMethodsArgs

AllowedMethods List<string>
The non-empty set of HTTP methods that are allowed for this route. Any combination of "GET", "HEAD", "OPTIONS", "PUT", "POST", "DELETE", and "PATCH".
AllowedMethods []string
The non-empty set of HTTP methods that are allowed for this route. Any combination of "GET", "HEAD", "OPTIONS", "PUT", "POST", "DELETE", and "PATCH".
allowedMethods List<String>
The non-empty set of HTTP methods that are allowed for this route. Any combination of "GET", "HEAD", "OPTIONS", "PUT", "POST", "DELETE", and "PATCH".
allowedMethods string[]
The non-empty set of HTTP methods that are allowed for this route. Any combination of "GET", "HEAD", "OPTIONS", "PUT", "POST", "DELETE", and "PATCH".
allowed_methods Sequence[str]
The non-empty set of HTTP methods that are allowed for this route. Any combination of "GET", "HEAD", "OPTIONS", "PUT", "POST", "DELETE", and "PATCH".
allowedMethods List<String>
The non-empty set of HTTP methods that are allowed for this route. Any combination of "GET", "HEAD", "OPTIONS", "PUT", "POST", "DELETE", and "PATCH".

EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirect
, EdgeCacheServiceRoutingPathMatcherRouteRuleUrlRedirectArgs

HostRedirect string
The host that will be used in the redirect response instead of the one that was supplied in the request.
HttpsRedirect bool
If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This can only be set if there is at least one (1) edgeSslCertificate set on the service.
PathRedirect string
The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The path value must be between 1 and 1024 characters.
PrefixRedirect string
The prefix that replaces the prefixMatch specified in the routeRule, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
RedirectResponseCode string
The HTTP Status code to use for this RedirectAction. The supported values are:

  • MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
  • FOUND, which corresponds to 302.
  • SEE_OTHER which corresponds to 303.
  • TEMPORARY_REDIRECT, which corresponds to 307. in this case, the request method will be retained.
  • PERMANENT_REDIRECT, which corresponds to 308. in this case, the request method will be retained. Possible values are: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT.
StripQuery bool
If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.


HostRedirect string
The host that will be used in the redirect response instead of the one that was supplied in the request.
HttpsRedirect bool
If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This can only be set if there is at least one (1) edgeSslCertificate set on the service.
PathRedirect string
The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The path value must be between 1 and 1024 characters.
PrefixRedirect string
The prefix that replaces the prefixMatch specified in the routeRule, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
RedirectResponseCode string
The HTTP Status code to use for this RedirectAction. The supported values are:

  • MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
  • FOUND, which corresponds to 302.
  • SEE_OTHER which corresponds to 303.
  • TEMPORARY_REDIRECT, which corresponds to 307. in this case, the request method will be retained.
  • PERMANENT_REDIRECT, which corresponds to 308. in this case, the request method will be retained. Possible values are: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT.
StripQuery bool
If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.


hostRedirect String
The host that will be used in the redirect response instead of the one that was supplied in the request.
httpsRedirect Boolean
If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This can only be set if there is at least one (1) edgeSslCertificate set on the service.
pathRedirect String
The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The path value must be between 1 and 1024 characters.
prefixRedirect String
The prefix that replaces the prefixMatch specified in the routeRule, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
redirectResponseCode String
The HTTP Status code to use for this RedirectAction. The supported values are:

  • MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
  • FOUND, which corresponds to 302.
  • SEE_OTHER which corresponds to 303.
  • TEMPORARY_REDIRECT, which corresponds to 307. in this case, the request method will be retained.
  • PERMANENT_REDIRECT, which corresponds to 308. in this case, the request method will be retained. Possible values are: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT.
stripQuery Boolean
If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.


hostRedirect string
The host that will be used in the redirect response instead of the one that was supplied in the request.
httpsRedirect boolean
If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This can only be set if there is at least one (1) edgeSslCertificate set on the service.
pathRedirect string
The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The path value must be between 1 and 1024 characters.
prefixRedirect string
The prefix that replaces the prefixMatch specified in the routeRule, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
redirectResponseCode string
The HTTP Status code to use for this RedirectAction. The supported values are:

  • MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
  • FOUND, which corresponds to 302.
  • SEE_OTHER which corresponds to 303.
  • TEMPORARY_REDIRECT, which corresponds to 307. in this case, the request method will be retained.
  • PERMANENT_REDIRECT, which corresponds to 308. in this case, the request method will be retained. Possible values are: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT.
stripQuery boolean
If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.


host_redirect str
The host that will be used in the redirect response instead of the one that was supplied in the request.
https_redirect bool
If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This can only be set if there is at least one (1) edgeSslCertificate set on the service.
path_redirect str
The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The path value must be between 1 and 1024 characters.
prefix_redirect str
The prefix that replaces the prefixMatch specified in the routeRule, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
redirect_response_code str
The HTTP Status code to use for this RedirectAction. The supported values are:

  • MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
  • FOUND, which corresponds to 302.
  • SEE_OTHER which corresponds to 303.
  • TEMPORARY_REDIRECT, which corresponds to 307. in this case, the request method will be retained.
  • PERMANENT_REDIRECT, which corresponds to 308. in this case, the request method will be retained. Possible values are: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT.
strip_query bool
If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.


hostRedirect String
The host that will be used in the redirect response instead of the one that was supplied in the request.
httpsRedirect Boolean
If set to true, the URL scheme in the redirected request is set to https. If set to false, the URL scheme of the redirected request will remain the same as that of the request. This can only be set if there is at least one (1) edgeSslCertificate set on the service.
pathRedirect String
The path that will be used in the redirect response instead of the one that was supplied in the request. pathRedirect cannot be supplied together with prefixRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect. The path value must be between 1 and 1024 characters.
prefixRedirect String
The prefix that replaces the prefixMatch specified in the routeRule, retaining the remaining portion of the URL before redirecting the request. prefixRedirect cannot be supplied together with pathRedirect. Supply one alone or neither. If neither is supplied, the path of the original request will be used for the redirect.
redirectResponseCode String
The HTTP Status code to use for this RedirectAction. The supported values are:

  • MOVED_PERMANENTLY_DEFAULT, which is the default value and corresponds to 301.
  • FOUND, which corresponds to 302.
  • SEE_OTHER which corresponds to 303.
  • TEMPORARY_REDIRECT, which corresponds to 307. in this case, the request method will be retained.
  • PERMANENT_REDIRECT, which corresponds to 308. in this case, the request method will be retained. Possible values are: MOVED_PERMANENTLY_DEFAULT, FOUND, SEE_OTHER, TEMPORARY_REDIRECT, PERMANENT_REDIRECT.
stripQuery Boolean
If set to true, any accompanying query portion of the original URL is removed prior to redirecting the request. If set to false, the query portion of the original URL is retained.


Import

EdgeCacheService can be imported using any of these accepted formats:

  • projects/{{project}}/locations/global/edgeCacheServices/{{name}}

  • {{project}}/{{name}}

  • {{name}}

When using the pulumi import command, EdgeCacheService can be imported using one of the formats above. For example:

$ pulumi import gcp:networkservices/edgeCacheService:EdgeCacheService default projects/{{project}}/locations/global/edgeCacheServices/{{name}}
Copy
$ pulumi import gcp:networkservices/edgeCacheService:EdgeCacheService default {{project}}/{{name}}
Copy
$ pulumi import gcp:networkservices/edgeCacheService:EdgeCacheService default {{name}}
Copy

To learn more about importing existing cloud resources, see Importing resources.

Package Details

Repository
Google Cloud (GCP) Classic pulumi/pulumi-gcp
License
Apache-2.0
Notes
This Pulumi package is based on the google-beta Terraform Provider.