devops0776
/
devops0776-cicd-lab
Watch 1
Star 0
Fork 0
Code Issues 0 Pull Requests 0 Releases 0 Wiki Activity
Browse Source

Add Akamai configuration files

master
devopsae61 10 months ago
parent
060d42a0d4
commit
7ab8c03079
3 changed files with 771 additions and 0 deletions
Unified View Show Diff Stats
  1. 196
    0
      property-snippets/Accelerate_delivery.json
  2. 405
    0
      property-snippets/Offload_origin.json
  3. 170
    0
      property-snippets/Strengthen_security.json

+ 196
- 0
property-snippets/Accelerate_delivery.json View File

{
"name": "Accelerate delivery",
"children": [
{
"name": "Origin connectivity",
"children": [],
"behaviors": [
{
"name": "dnsAsyncRefresh",
"options": {
"enabled": true,
"timeout": "1h"
}
},
{
"name": "timeout",
"options": {
"value": "5s"
}
},
{
"name": "readTimeout",
"options": {
"value": "120s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Optimize the connection between edge and origin."
},
{
"name": "Protocol optimizations",
"children": [],
"behaviors": [
{
"name": "enhancedAkamaiProtocol",
"options": {
"display": ""
}
},
{
"name": "http2",
"options": {
"enabled": ""
}
},
{
"name": "allowTransferEncoding",
"options": {
"enabled": true
}
},
{
"name": "sureRoute",
"options": {
"enableCustomKey": false,
"enabled": true,
"forceSslForward": false,
"raceStatTtl": "30m",
"srDownloadLinkTitle": "",
"testObjectUrl": "/akamai/sure-route-test-object.html",
"toHostStatus": "INCOMING_HH",
"type": "PERFORMANCE"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Serve your website using modern and fast protocols."
},
{
"name": "Prefetching",
"children": [
{
"name": "Prefetching objects",
"children": [
{
"name": "Bots",
"children": [],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "userAgent",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"*bot*",
"*crawl*",
"*spider*"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Disable prefetching for specific clients identifying themselves as bots and crawlers. This avoids requesting unnecessary resources from the origin."
}
],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Define for which HTML pages prefetching should be enabled."
},
{
"name": "Prefetchable objects",
"children": [],
"behaviors": [
{
"name": "prefetchable",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js",
"jpg",
"jpeg",
"jp2",
"png",
"gif",
"svg",
"svgz",
"webp",
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Define which resources should be prefetched."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Instruct edge servers to retrieve embedded resources before the browser requests them."
},
{
"name": "Adaptive acceleration",
"children": [],
"behaviors": [
{
"name": "adaptiveAcceleration",
"options": {
"abLogic": "DISABLED",
"enableBrotliCompression": false,
"enablePreconnect": true,
"enablePush": true,
"enableRo": false,
"preloadEnable": true,
"source": "mPulse",
"titleHttp2ServerPush": "",
"titlePreconnect": "",
"titlePreload": "",
"titleRo": ""
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Automatically and continuously apply performance optimizations to your website using machine learning."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to improving the performance of delivering objects to your users."
}

+ 405
- 0
property-snippets/Offload_origin.json View File

{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "tieredDistribution",
"options": {
"enabled": true
}
},
{
"name": "validateEntityTag",
"options": {
"enabled": false
}
},
{
"name": "removeVary",
"options": {
"enabled": false
}
},
{
"name": "cacheError",
"options": {
"enabled": true,
"preserveStale": true,
"ttl": "10s"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "INCLUDE_ALL_ALPHABETIZE_ORDER"
}
},
{
"name": "prefreshCache",
"options": {
"enabled": true,
"prefreshval": 90
}
},
{
"name": "downstreamCache",
"options": {
"allowBehavior": "LESSER",
"behavior": "ALLOW",
"sendHeaders": "CACHE_CONTROL",
"sendPrivate": false
}
}
],
"children": [
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"comments": "Override the default caching behavior for CSS and JavaScript",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js"
]
}
}
],
"name": "CSS and JavaScript",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"comments": "Override the default caching behavior for fonts.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"name": "Fonts",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"comments": "Override the default caching behavior for images.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"jpg",
"jpeg",
"png",
"gif",
"webp",
"jp2",
"ico",
"svg",
"svgz"
]
}
}
],
"name": "Images",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"comments": "Override the default caching behavior for files. Files containing Personal Identified Information (PII) should require Edge authentication or not be cached at all.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"pdf",
"doc",
"docx",
"odt"
]
}
}
],
"name": "Files",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"comments": "Override the default caching behavior for other static objects.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"aif",
"aiff",
"au",
"avi",
"bin",
"bmp",
"cab",
"carb",
"cct",
"cdf",
"class",
"dcr",
"dtd",
"exe",
"flv",
"gcf",
"gff",
"grv",
"hdml",
"hqx",
"ini",
"mov",
"mp3",
"nc",
"pct",
"ppc",
"pws",
"swa",
"swf",
"txt",
"vbs",
"w32",
"wav",
"midi",
"wbmp",
"wml",
"wmlc",
"wmls",
"wmlsc",
"xsd",
"zip",
"pict",
"tif",
"tiff",
"mid",
"jxr",
"jar"
]
}
}
],
"name": "Other static objects",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "IGNORE",
"exactMatch": true,
"parameters": [
"gclid",
"fbclid",
"utm_source",
"utm_campaign",
"utm_medium",
"utm_content"
]
}
}
],
"comments": "Override the default caching behavior for HTML pages cached on edge servers.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"html",
"htm",
"php",
"jsp",
"aspx",
"EMPTY_STRING"
]
}
}
],
"name": "HTML pages",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cacheRedirect",
"options": {
"enabled": "false"
}
},
{
"name": "chaseRedirects",
"options": {
"enabled": false
}
}
],
"comments": "Configure caching for HTTP redirects. The redirect is cached for the same TTL as a 200 HTTP response when this feature is enabled.",
"name": "Redirects",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cachePost",
"options": {
"enabled": false
}
}
],
"comments": "Define when HTTP POST requests should be cached. You should enable it under a criteria match.",
"name": "POST responses",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "graphqlCaching",
"options": {
"enabled": false
}
}
],
"comments": "Define when your GraphQL queries should be cached.",
"criteria": [
{
"name": "path",
"options": {
"matchCaseSensitive": false,
"matchOperator": "MATCHES_ONE_OF",
"normalize": false,
"values": [
"/graphql"
]
}
}
],
"name": "GraphQL",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "downstreamCache",
"options": {
"behavior": "BUST"
}
}
],
"comments": "Configure the default client caching behavior for uncacheable content at the edge.",
"criteria": [
{
"name": "cacheability",
"options": {
"matchOperator": "IS_NOT",
"value": "CACHEABLE"
}
},
{
"name": "hostname",
"options": {
"matchOperator": "IS_ONE_OF",
"values": [
"${env.UserID}${env.labname}-test.akaudevops.com"
]
}
}
],
"name": "Uncacheable objects",
"options": {},
"criteriaMustSatisfy": "any"
}
],
"comments": "Control the settings related to caching content at the edge and in the browser. As a result, fewer requests go to your origin, fewer bytes leave your data centers, and your assets are closer to your users.",
"name": "Offload origin",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 170
- 0
property-snippets/Strengthen_security.json View File

{
"name": "Strengthen security",
"children": [
{
"name": "Allowed methods",
"children": [
{
"name": "POST",
"children": [],
"behaviors": [
{
"name": "allowPost",
"options": {
"allowWithoutContentLength": false,
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the POST HTTP request method."
},
{
"name": "OPTIONS",
"children": [],
"behaviors": [
{
"name": "allowOptions",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the OPTIONS HTTP request method."
},
{
"name": "PUT",
"children": [],
"behaviors": [
{
"name": "allowPut",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PUT HTTP request method."
},
{
"name": "DELETE",
"children": [],
"behaviors": [
{
"name": "allowDelete",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the DELETE HTTP request method."
},
{
"name": "PATCH",
"children": [],
"behaviors": [
{
"name": "allowPatch",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PATCH HTTP request method."
}
],
"behaviors": [
{
"name": "allHttpInCacheHierarchy",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow the use of HTTP methods. Consider enabling additional methods under a path match for increased origin security."
},
{
"name": "Obfuscate debug info",
"children": [],
"behaviors": [
{
"name": "cacheTagVisible",
"options": {
"behavior": "PRAGMA_HEADER"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains the Pragma debug header."
},
{
"name": "Obfuscate backend info",
"children": [],
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "X-Powered-By",
"standardDeleteHeaderName": "OTHER"
}
},
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "Server",
"standardDeleteHeaderName": "OTHER"
}
}
],
"criteria": [
{
"name": "requestHeader",
"options": {
"headerName": "X-Akamai-Debug",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_NOT_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"true"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains an additional secret header. Regularly change the criteria to use a specific unique value for the secret header."
},
{
"name": "HSTS",
"children": [],
"behaviors": [
{
"name": "httpStrictTransportSecurity",
"options": {
"enable": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Require all browsers to connect to your site using HTTPS."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that minimize the information your website shares with clients and malicious entities to reduce your exposure to threats."
}

Write Preview
Loading…
Cancel
Save