浏览代码

new files

master
Curtis 1 个月前
父节点
当前提交
96b0a8f5ce

二进制
.plan 查看文件


+ 24
- 0
.terraform.lock.hcl 查看文件

@@ -0,0 +1,24 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.

provider "registry.terraform.io/akamai/akamai" {
version = "6.5.0"
constraints = ">= 6.3.0"
hashes = [
"h1:QtdGIWwSeU9SUjFpYjYw6uRq7tOkPfoHDWJQg3pRxEY=",
"zh:0fccfd024c9172070798d4dc79ca32b7cf9fcaa98701ed110bef1d8c5cc50c51",
"zh:439353fbd7003d8e6a7325a6a1bbfde7e73bb32ae81254513719acf4c8818245",
"zh:44398092f0fd0746e4ca686aada41017a1b8f2f24f515ebfcab1992a72cf0fc0",
"zh:65e0f7a3884ba48d9dc8936a3c701a70503ee5a65c5c26799836128559b8dc9f",
"zh:68f7aff2790c61ede76c1ada591e4e6a88014d207d64d2eb82dd911c6947b587",
"zh:834f125ddb649457a53c971496fe0580d41aacdbd7863e17cf432cc4aa8fc542",
"zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
"zh:8b2afa677189d98a9458da9dd80f3cef83a462e546fb105c10f817146148d8bd",
"zh:9f96817e99ee0a64fddf952ec805d5ceab877713475d5ce5c2d2fffa5b256202",
"zh:a6052c38fff8c7586e539d4a888160caaa8054a99292d56ecee7a306092316fa",
"zh:a6b9f9cdf7e178da10f4817e5278cf63d75931d1fb0954628c1b57167e315fc2",
"zh:a7de53fd83a84e01bae77cbb3afd3a3f122d99e0fa103ed995a50e6439946b7e",
"zh:ae30859c3388421265925a5ab3d9c42a885d8c1f65e567f16dd0826a0acafa5e",
"zh:c2f20f9f01c7d7f7a75c3b29c242946691f3f64e3617e3b741f4e7eb9ae4dc92",
]
}

+ 31
- 0
EdgeWorkers.json 查看文件

@@ -0,0 +1,31 @@
{
"name": "EdgeWorkers",
"children": [],
"behaviors": [
{
"name": "edgeWorker",
"options": {
"enabled": true,
"edgeWorkerId": "${env.edgeworker_id}",
"mPulse": false,
"createEdgeWorker": "",
"mPulseInformation": "",
"resourceTier": ""
}
}
],
"criteria": [
{
"name": "path",
"options": {
"matchOperator": "MATCHES_ONE_OF",
"matchCaseSensitive": false,
"normalize": false,
"values": ["/"]
}
}
],
"criteriaMustSatisfy": "all",
"comments": ""
}

+ 0
- 12
akamai.tf 查看文件

@@ -1,12 +0,0 @@
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
version = "6.2.0"
}
}
}
provider "akamai" {
edgerc = var.edgerc
config_section = var.section
}

+ 4
- 0
bundle.json 查看文件

@@ -0,0 +1,4 @@
{
"edgeworker-version": "0.1",
"description" : "redirect based on country"
}

二进制
bundle.tgz 查看文件


+ 0
- 58
configuration.tf 查看文件

@@ -1,58 +0,0 @@
data "akamai_property_rules_template" "rules-template" {
template_file = abspath("${path.root}/property-snippets/main.json")
variables {
name = "secure"
value = "${var.secure}"
type = "bool"
}
variables {
name = "origin_hostname"
value = "${var.origin_hostname}"
type = "string"
}
variables {
name = "cp_code_id"
value = "${var.cp_code_id}"
type = "number"
}
variables {
name = "UserID"
value = "${var.UserID}"
type = "string"
}
}

resource "akamai_property" "lab_property" {
name = "${var.UserID}-${var.labname}"
product_id = "prd_SPM"
contract_id = "ctr_${var.contract_id}"
group_id = "grp_${var.group_id}"
hostnames {
cname_from = "${var.UserID}${var.labname}.${var.hostname}"
cname_to = var.edge_hostname
cert_provisioning_type = "CPS_MANAGED"
}
hostnames {
cname_from = "${var.UserID}${var.labname}-test.${var.hostname}"
cname_to = var.edge_hostname
cert_provisioning_type = "CPS_MANAGED"
}
rule_format = "latest"
rules = data.akamai_property_rules_template.rules-template.json
}

output "property_id" {
value = "${akamai_property.lab_property.id}"
}
output "property_version" {
value = "${akamai_property.lab_property.latest_version}"
}

resource "akamai_property_activation" "activation_staging" {
property_id = "${akamai_property.lab_property.id}"
version = "${akamai_property.lab_property.latest_version}"
network = "${var.network}"
contact = ["${var.email}"]
note = "Terraform property creation lab"
auto_acknowledge_rule_warnings = true
}

+ 16
- 0
edgework.tf 查看文件

@@ -0,0 +1,16 @@
resource "akamai_edgeworker" "geo_languagecookie" {
name = "${var.user_id}-GeoLanguageCookie"
group_id = var.group_id
resource_tier_id = 100
local_bundle = "./bundle.tgz"
}

resource "akamai_edgeworkers_activation" "ew_activation" {
edgeworker_id = akamai_edgeworker.geo_languagecookie.id
network = "STAGING"
version = akamai_edgeworker.geo_languagecookie.version
}

output "edgeworker_id" {
value = akamai_edgeworker.geo_languagecookie.id
}

+ 4
- 0
import.sh 查看文件

@@ -0,0 +1,4 @@
terraform init
terraform import akamai_edge_hostname.akaudevops-com-edgekey-net ehn_5422499,ctr_W-KXID8R,grp_240886
terraform import akamai_property.devops0caa-tflab prp_1113533,ctr_W-KXID8R,grp_240886,LATEST
terraform import akamai_property_activation.devops0caa-tflab-staging prp_1113533:STAGING

+ 54
- 0
main.js 查看文件

@@ -0,0 +1,54 @@
import { logger } from 'log';
import { Cookies, SetCookie } from 'cookies';

function getLanguageCookieValue(country) {
let languageCookieValue = '';
if (country === 'US') {
languageCookieValue = 'en_US';
} else if (country === 'KR') {
languageCookieValue = 'ko_KR';
} else if (country === 'ES') {
languageCookieValue = 'es_ES';
} else if (country === 'FR') {
languageCookieValue = 'fr_FR';
} else if (country === 'DE') {
languageCookieValue = 'de_DE';
}
return languageCookieValue;
}

export function onClientRequest(request) {
let cookies = new Cookies(request.getHeader('Cookie'));
let languageCookie = cookies.get('language');
logger.log('language cookie value: %s', languageCookie);
if (languageCookie) {
logger.log('language cookie exists. Do nothing.');
} else {
let country = request.userLocation.country;
if (country) {
let languageCookieValue = getLanguageCookieValue(country);
if (languageCookieValue) {
let headers = { 'Location': ['/'], 'X-Redirect': [languageCookieValue] };
request.respondWith(302, headers, {});
} else {
logger.log('cannot find languageCookieValue. Do nothing.');
}
} else {
logger.log('cannot find country code. Do nothing.');
}
}
}

export function onClientResponse(request, response) {
logger.log('Adding a header in ClientResponse');
let languageCookieValue = response.getHeader('X-Redirect');
if (languageCookieValue) {
let cookie = new SetCookie();
cookie.name = 'language';
cookie.value = languageCookieValue;
response.setHeader('Set-Cookie', cookie.toHeader());
response.setHeader('X-GeoRedirect', 'True');
} else {
response.setHeader('X-GeoRedirect', 'False')
}
}

二进制
property-snippets/.plan 查看文件


+ 24
- 0
property-snippets/.terraform.lock.hcl 查看文件

@@ -0,0 +1,24 @@
# This file is maintained automatically by "terraform init".
# Manual edits may be lost in future updates.

provider "registry.terraform.io/akamai/akamai" {
version = "6.5.0"
constraints = ">= 6.3.0"
hashes = [
"h1:QtdGIWwSeU9SUjFpYjYw6uRq7tOkPfoHDWJQg3pRxEY=",
"zh:0fccfd024c9172070798d4dc79ca32b7cf9fcaa98701ed110bef1d8c5cc50c51",
"zh:439353fbd7003d8e6a7325a6a1bbfde7e73bb32ae81254513719acf4c8818245",
"zh:44398092f0fd0746e4ca686aada41017a1b8f2f24f515ebfcab1992a72cf0fc0",
"zh:65e0f7a3884ba48d9dc8936a3c701a70503ee5a65c5c26799836128559b8dc9f",
"zh:68f7aff2790c61ede76c1ada591e4e6a88014d207d64d2eb82dd911c6947b587",
"zh:834f125ddb649457a53c971496fe0580d41aacdbd7863e17cf432cc4aa8fc542",
"zh:890df766e9b839623b1f0437355032a3c006226a6c200cd911e15ee1a9014e9f",
"zh:8b2afa677189d98a9458da9dd80f3cef83a462e546fb105c10f817146148d8bd",
"zh:9f96817e99ee0a64fddf952ec805d5ceab877713475d5ce5c2d2fffa5b256202",
"zh:a6052c38fff8c7586e539d4a888160caaa8054a99292d56ecee7a306092316fa",
"zh:a6b9f9cdf7e178da10f4817e5278cf63d75931d1fb0954628c1b57167e315fc2",
"zh:a7de53fd83a84e01bae77cbb3afd3a3f122d99e0fa103ed995a50e6439946b7e",
"zh:ae30859c3388421265925a5ab3d9c42a885d8c1f65e567f16dd0826a0acafa5e",
"zh:c2f20f9f01c7d7f7a75c3b29c242946691f3f64e3617e3b741f4e7eb9ae4dc92",
]
}

+ 179
- 183
property-snippets/Accelerate_delivery.json 查看文件

@@ -1,196 +1,192 @@
{
"name": "Accelerate delivery",
"children": [
"children": [
{
"behaviors": [
{
"name": "Origin connectivity",
"children": [],
"behaviors": [
{
"name": "dnsAsyncRefresh",
"options": {
"enabled": true,
"timeout": "1h"
}
},
{
"name": "timeout",
"options": {
"value": "5s"
}
},
{
"name": "readTimeout",
"options": {
"value": "120s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Optimize the connection between edge and origin."
"name": "dnsAsyncRefresh",
"options": {
"enabled": true,
"timeout": "1h"
}
},
{
"name": "Protocol optimizations",
"children": [],
"behaviors": [
{
"name": "enhancedAkamaiProtocol",
"options": {
"display": ""
}
},
{
"name": "http2",
"options": {
"enabled": ""
}
},
{
"name": "allowTransferEncoding",
"options": {
"enabled": true
}
},
{
"name": "sureRoute",
"options": {
"enableCustomKey": false,
"enabled": true,
"forceSslForward": false,
"raceStatTtl": "30m",
"srDownloadLinkTitle": "",
"testObjectUrl": "/akamai/sure-route-test-object.html",
"toHostStatus": "INCOMING_HH",
"type": "PERFORMANCE"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Serve your website using modern and fast protocols."
"name": "timeout",
"options": {
"value": "5s"
}
},
{
"name": "readTimeout",
"options": {
"firstByteTimeout": "20s",
"value": "120s"
}
}
],
"comments": "Optimize the connection between edge and origin.",
"name": "Origin connectivity",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "enhancedAkamaiProtocol",
"options": {
"display": ""
}
},
{
"name": "http2",
"options": {
"enabled": ""
}
},
{
"name": "Prefetching",
"children": [
"name": "allowTransferEncoding",
"options": {
"enabled": true
}
},
{
"name": "sureRoute",
"options": {
"enableCustomKey": false,
"enabled": true,
"forceSslForward": false,
"raceStatTtl": "30m",
"srDownloadLinkTitle": "",
"testObjectUrl": "/akamai/sure-route-test-object.html",
"toHostStatus": "INCOMING_HH",
"type": "PERFORMANCE"
}
}
],
"comments": "Serve your website using modern and fast protocols.",
"name": "Protocol optimizations",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"children": [
{
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": true
}
}
],
"children": [
{
"behaviors": [
{
"name": "Prefetching objects",
"children": [
{
"name": "Bots",
"children": [],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "userAgent",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"*bot*",
"*crawl*",
"*spider*"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Disable prefetching for specific clients identifying themselves as bots and crawlers. This avoids requesting unnecessary resources from the origin."
}
],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Define for which HTML pages prefetching should be enabled."
},
"name": "prefetch",
"options": {
"enabled": false
}
}
],
"comments": "Disable prefetching for specific clients identifying themselves as bots and crawlers. This avoids requesting unnecessary resources from the origin.",
"criteria": [
{
"name": "Prefetchable objects",
"children": [],
"behaviors": [
{
"name": "prefetchable",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js",
"jpg",
"jpeg",
"jp2",
"png",
"gif",
"svg",
"svgz",
"webp",
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Define which resources should be prefetched."
"name": "userAgent",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"*bot*",
"*crawl*",
"*spider*"
]
}
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Instruct edge servers to retrieve embedded resources before the browser requests them."
],
"name": "Bots",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Define for which HTML pages prefetching should be enabled.",
"name": "Prefetching objects",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"name": "Adaptive acceleration",
"children": [],
"behaviors": [
{
"name": "adaptiveAcceleration",
"options": {
"abLogic": "DISABLED",
"enableBrotliCompression": false,
"enablePreconnect": true,
"enablePush": true,
"enableRo": false,
"preloadEnable": true,
"source": "mPulse",
"titleHttp2ServerPush": "",
"titlePreconnect": "",
"titlePreload": "",
"titleRo": ""
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Automatically and continuously apply performance optimizations to your website using machine learning."
"behaviors": [
{
"name": "prefetchable",
"options": {
"enabled": true
}
}
],
"comments": "Define which resources should be prefetched.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js",
"jpg",
"jpeg",
"jp2",
"png",
"gif",
"svg",
"svgz",
"webp",
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"name": "Prefetchable objects",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Instruct edge servers to retrieve embedded resources before the browser requests them.",
"name": "Prefetching",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "adaptiveAcceleration",
"options": {
"abLogic": "DISABLED",
"enableBrotliCompression": false,
"enablePreconnect": true,
"enablePush": true,
"enableRo": false,
"preloadEnable": true,
"source": "mPulse",
"titleHttp2ServerPush": "",
"titlePreconnect": "",
"titlePreload": "",
"titleRo": ""
}
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to improving the performance of delivering objects to your users."
],
"comments": "Automatically and continuously apply performance optimizations to your website using machine learning.",
"name": "Adaptive acceleration",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Control the settings related to improving the performance of delivering objects to your users.",
"name": "Accelerate delivery",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 24
- 24
property-snippets/Add_testheader.json 查看文件

@@ -1,27 +1,27 @@
{
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "ADD",
"customHeaderName": "X-Test-Environment",
"headerValue": "true",
"standardAddHeaderName": "OTHER"
}
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "ADD",
"customHeaderName": "X-Test-Environment",
"headerValue": "true",
"standardAddHeaderName": "OTHER"
}
],
"criteria": [
{
"name": "hostname",
"options": {
"matchOperator": "IS_ONE_OF",
"values": [
"${env.UserID}tflab-test.akaudevops.com"
]
}
}
],
"criteria": [
{
"name": "hostname",
"options": {
"matchOperator": "IS_ONE_OF",
"values": [
"devops0caatflab-test.akaudevops.com"
]
}
],
"name": "Add testheader",
"options": {},
"criteriaMustSatisfy": "all"
}
}
],
"name": "Add testheader",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 81
- 81
property-snippets/Augment_insights.json 查看文件

@@ -1,88 +1,88 @@
{
"children": [
{
"behaviors": [
{
"name": "cpCode",
"options": {
"value": {
"id": "${env.cp_code_id}"
}
"children": [
{
"behaviors": [
{
"name": "cpCode",
"options": {
"value": {
"id": 1523912
}
}
],
"comments": "Identify your main traffic segments so you can granularly zoom in your traffic statistics like hits, bandwidth, offload, response codes, and errors.",
"name": "Traffic reporting",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "mPulse",
"options": {
"apiKey": "",
"bufferSize": "",
"configOverride": "",
"enabled": true,
"loaderVersion": "V12",
"requirePci": false,
"titleOptional": ""
}
}
],
"comments": "Identify your main traffic segments so you can granularly zoom in your traffic statistics like hits, bandwidth, offload, response codes, and errors.",
"name": "Traffic reporting",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "mPulse",
"options": {
"apiKey": "",
"bufferSize": "",
"configOverride": "",
"enabled": true,
"loaderVersion": "V12",
"requirePci": false,
"titleOptional": ""
}
],
"comments": "Collect and analyze real-user data to monitor the performance of your website.",
"name": "mPulse RUM",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "edgeScape",
"options": {
"enabled": false
}
}
],
"comments": "Collect and analyze real-user data to monitor the performance of your website.",
"name": "mPulse RUM",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "edgeScape",
"options": {
"enabled": false
}
],
"comments": "Receive data about a user's geolocation and connection speed in a request header. If you change cached content based on the values of the X-Akamai-Edgescape request header, contact your account representative.",
"criteria": [
{
"name": "requestType",
"options": {
"matchOperator": "IS",
"value": "CLIENT_REQ"
}
}
],
"comments": "Receive data about a user's geolocation and connection speed in a request header. If you change cached content based on the values of the X-Akamai-Edgescape request header, contact your account representative.",
"criteria": [
{
"name": "requestType",
"options": {
"matchOperator": "IS",
"value": "CLIENT_REQ"
}
],
"name": "Geolocation",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "report",
"options": {
"logAcceptLanguage": false,
"logCookies": "OFF",
"logCustomLogField": false,
"logEdgeIP": false,
"logHost": false,
"logReferer": false,
"logUserAgent": false,
"logXForwardedFor": false
}
}
],
"name": "Geolocation",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "report",
"options": {
"logAcceptLanguage": false,
"logCookies": "OFF",
"logCustomLogField": false,
"logEdgeIP": false,
"logHost": false,
"logReferer": false,
"logUserAgent": false,
"logXForwardedFor": false
}
],
"comments": "Specify the level of detail you want to be logged in your Log Delivery Service reports. Log User-Agent Header to obtain detailed information in the Traffic by Browser and OS report.",
"name": "Log delivery",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Control the settings related to monitoring and reporting. This gives you additional visibility into your traffic and audiences.",
"name": "Augment insights",
"options": {},
"criteriaMustSatisfy": "all"
}
}
],
"comments": "Specify the level of detail you want to be logged in your Log Delivery Service reports. Log User-Agent Header to obtain detailed information in the Traffic by Browser and OS report.",
"name": "Log delivery",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Control the settings related to monitoring and reporting. This gives you additional visibility into your traffic and audiences.",
"name": "Augment insights",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 31
- 0
property-snippets/EdgeWorkers.json 查看文件

@@ -0,0 +1,31 @@
{
"name": "EdgeWorkers",
"children": [],
"behaviors": [
{
"name": "edgeWorker",
"options": {
"enabled": true,
"edgeWorkerId": "${env.edgeworker_id}",
"mPulse": false,
"createEdgeWorker": "",
"mPulseInformation": "",
"resourceTier": ""
}
}
],
"criteria": [
{
"name": "path",
"options": {
"matchOperator": "MATCHES_ONE_OF",
"matchCaseSensitive": false,
"normalize": false,
"values": ["/"]
}
}
],
"criteriaMustSatisfy": "all",
"comments": ""
}

+ 88
- 91
property-snippets/Increase_availability.json 查看文件

@@ -1,99 +1,96 @@
{
"name": "Increase availability",
"children": [
"children": [
{
"behaviors": [
{
"name": "Simulate failover",
"children": [],
"behaviors": [
{
"name": "breakConnection",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "contentDeliveryNetwork",
"options": {
"matchOperator": "IS",
"network": "STAGING"
}
},
{
"name": "requestHeader",
"options": {
"headerName": "breakconnection",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"Your-Secret-Here"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Simulate an origin connection problem and test the site failover configuration on the CDN staging network."
},
"name": "breakConnection",
"options": {
"enabled": true
}
}
],
"comments": "Simulate an origin connection problem and test the site failover configuration on the CDN staging network.",
"criteria": [
{
"name": "Site failover",
"children": [],
"behaviors": [
{
"name": "failAction",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "originTimeout",
"options": {
"matchOperator": "ORIGIN_TIMED_OUT"
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Specify how edge servers respond when the origin is not available."
"name": "contentDeliveryNetwork",
"options": {
"matchOperator": "IS",
"network": "STAGING"
}
},
{
"name": "Origin health",
"children": [],
"behaviors": [
{
"name": "healthDetection",
"options": {
"maximumReconnects": 3,
"retryCount": 3,
"retryInterval": "10s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Monitor the health of your origin by tracking unsuccessful IP connection attempts."
},
"name": "requestHeader",
"options": {
"headerName": "breakconnection",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"Your-Secret-Here"
]
}
}
],
"name": "Simulate failover",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "failAction",
"options": {
"enabled": false
}
}
],
"comments": "Specify how edge servers respond when the origin is not available.",
"criteria": [
{
"name": "originTimeout",
"options": {
"matchOperator": "ORIGIN_TIMED_OUT"
}
}
],
"name": "Site failover",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "healthDetection",
"options": {
"maximumReconnects": 3,
"retryCount": 3,
"retryInterval": "10s"
}
}
],
"comments": "Monitor the health of your origin by tracking unsuccessful IP connection attempts.",
"name": "Origin health",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "Script management",
"children": [],
"behaviors": [
{
"name": "scriptManagement",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Enable Script Management to minimize performance and availability impacts from third-party JavaScripts."
"name": "scriptManagement",
"options": {
"enabled": false
}
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control how to respond when your origin or third parties are slow or even down to minimize the negative impact on user experience."
],
"comments": "Enable Script Management to minimize performance and availability impacts from third-party JavaScripts.",
"name": "Script management",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Control how to respond when your origin or third parties are slow or even down to minimize the negative impact on user experience.",
"name": "Increase availability",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 53
- 54
property-snippets/Minimize_payload.json 查看文件

@@ -1,58 +1,57 @@
{
"name": "Minimize payload",
"children": [
"children": [
{
"behaviors": [
{
"name": "Compressible objects",
"children": [],
"behaviors": [
{
"name": "gzipResponse",
"options": {
"behavior": "ALWAYS"
}
}
],
"criteria": [
{
"name": "contentType",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"application/*javascript*",
"application/*json*",
"application/*xml*",
"application/text*",
"application/vnd-ms-fontobject",
"application/vnd.microsoft.icon",
"application/x-font-opentype",
"application/x-font-truetype",
"application/x-font-ttf",
"application/xmlfont/eot",
"font/eot",
"font/opentype",
"font/otf",
"image/svg+xml",
"image/vnd.microsoft.icon",
"image/x-icon",
"text/*",
"application/octet-stream*",
"application/x-font-eot*",
"font/ttf",
"application/font-ttf",
"application/font-sfnt",
"application/x-tgif"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Serve gzip compressed content for text-based formats."
"name": "gzipResponse",
"options": {
"behavior": "ALWAYS"
}
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that reduce the size of the delivered content and decrease the number of bytes sent by your properties. This allows you to cut down the network overhead of your website or API."
],
"comments": "Serve gzip compressed content for text-based formats.",
"criteria": [
{
"name": "contentType",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"application/*javascript*",
"application/*json*",
"application/*xml*",
"application/text*",
"application/vnd-ms-fontobject",
"application/vnd.microsoft.icon",
"application/x-font-opentype",
"application/x-font-truetype",
"application/x-font-ttf",
"application/xmlfont/eot",
"font/eot",
"font/opentype",
"font/otf",
"image/svg+xml",
"image/vnd.microsoft.icon",
"image/x-icon",
"text/*",
"application/octet-stream*",
"application/x-font-eot*",
"font/ttf",
"application/font-ttf",
"application/font-sfnt",
"application/x-tgif"
]
}
}
],
"name": "Compressible objects",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Control the settings that reduce the size of the delivered content and decrease the number of bytes sent by your properties. This allows you to cut down the network overhead of your website or API.",
"name": "Minimize payload",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 383
- 383
property-snippets/Offload_origin.json 查看文件

@@ -1,405 +1,405 @@
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "tieredDistribution",
"options": {
"enabled": true
}
},
{
"name": "validateEntityTag",
"options": {
"enabled": false
}
},
{
"name": "removeVary",
"options": {
"enabled": false
}
},
{
"name": "cacheError",
"options": {
"enabled": true,
"preserveStale": true,
"ttl": "10s"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "INCLUDE_ALL_ALPHABETIZE_ORDER"
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "tieredDistribution",
"options": {
"enabled": true
}
},
{
"name": "validateEntityTag",
"options": {
"enabled": false
}
},
{
"name": "removeVary",
"options": {
"enabled": false
}
},
{
"name": "cacheError",
"options": {
"enabled": true,
"preserveStale": true,
"ttl": "10s"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "INCLUDE_ALL_ALPHABETIZE_ORDER"
}
},
{
"name": "prefreshCache",
"options": {
"enabled": true,
"prefreshval": 90
}
},
{
"name": "downstreamCache",
"options": {
"allowBehavior": "LESSER",
"behavior": "ALLOW",
"sendHeaders": "CACHE_CONTROL",
"sendPrivate": false
}
}
],
"children": [
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
},
{
"name": "prefreshCache",
"options": {
"enabled": true,
"prefreshval": 90
],
"comments": "Override the default caching behavior for CSS and JavaScript",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js"
]
}
}
},
{
"name": "downstreamCache",
"options": {
"allowBehavior": "LESSER",
"behavior": "ALLOW",
"sendHeaders": "CACHE_CONTROL",
"sendPrivate": false
],
"name": "CSS and JavaScript",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
}
],
"children": [
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
],
"comments": "Override the default caching behavior for fonts.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
],
"comments": "Override the default caching behavior for CSS and JavaScript",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js"
]
}
}
],
"name": "Fonts",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
],
"name": "CSS and JavaScript",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"comments": "Override the default caching behavior for images.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"jpg",
"jpeg",
"png",
"gif",
"webp",
"jp2",
"ico",
"svg",
"svgz"
]
}
],
"comments": "Override the default caching behavior for fonts.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"name": "Images",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
],
"name": "Fonts",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"comments": "Override the default caching behavior for files. Files containing Personal Identified Information (PII) should require Edge authentication or not be cached at all.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"pdf",
"doc",
"docx",
"odt"
]
}
],
"comments": "Override the default caching behavior for images.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"jpg",
"jpeg",
"png",
"gif",
"webp",
"jp2",
"ico",
"svg",
"svgz"
]
}
}
],
"name": "Files",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
],
"name": "Images",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"comments": "Override the default caching behavior for other static objects.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"aif",
"aiff",
"au",
"avi",
"bin",
"bmp",
"cab",
"carb",
"cct",
"cdf",
"class",
"dcr",
"dtd",
"exe",
"flv",
"gcf",
"gff",
"grv",
"hdml",
"hqx",
"ini",
"mov",
"mp3",
"nc",
"pct",
"ppc",
"pws",
"swa",
"swf",
"txt",
"vbs",
"w32",
"wav",
"midi",
"wbmp",
"wml",
"wmlc",
"wmls",
"wmlsc",
"xsd",
"zip",
"pict",
"tif",
"tiff",
"mid",
"jxr",
"jar"
]
}
],
"comments": "Override the default caching behavior for files. Files containing Personal Identified Information (PII) should require Edge authentication or not be cached at all.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"pdf",
"doc",
"docx",
"odt"
]
}
}
],
"name": "Other static objects",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
],
"name": "Files",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "IGNORE",
"exactMatch": true,
"parameters": [
"gclid",
"fbclid",
"utm_source",
"utm_campaign",
"utm_medium",
"utm_content"
]
}
],
"comments": "Override the default caching behavior for other static objects.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"aif",
"aiff",
"au",
"avi",
"bin",
"bmp",
"cab",
"carb",
"cct",
"cdf",
"class",
"dcr",
"dtd",
"exe",
"flv",
"gcf",
"gff",
"grv",
"hdml",
"hqx",
"ini",
"mov",
"mp3",
"nc",
"pct",
"ppc",
"pws",
"swa",
"swf",
"txt",
"vbs",
"w32",
"wav",
"midi",
"wbmp",
"wml",
"wmlc",
"wmls",
"wmlsc",
"xsd",
"zip",
"pict",
"tif",
"tiff",
"mid",
"jxr",
"jar"
]
}
}
],
"comments": "Override the default caching behavior for HTML pages cached on edge servers.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"html",
"htm",
"php",
"jsp",
"aspx",
"EMPTY_STRING"
]
}
],
"name": "Other static objects",
"options": {},
"criteriaMustSatisfy": "any"
},
{
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "IGNORE",
"exactMatch": true,
"parameters": [
"gclid",
"fbclid",
"utm_source",
"utm_campaign",
"utm_medium",
"utm_content"
]
}
}
],
"name": "HTML pages",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cacheRedirect",
"options": {
"enabled": "false"
}
],
"comments": "Override the default caching behavior for HTML pages cached on edge servers.",
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"html",
"htm",
"php",
"jsp",
"aspx",
"EMPTY_STRING"
]
}
},
{
"name": "chaseRedirects",
"options": {
"enabled": false
}
],
"name": "HTML pages",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cacheRedirect",
"options": {
"enabled": "false"
}
},
{
"name": "chaseRedirects",
"options": {
"enabled": false
}
}
],
"comments": "Configure caching for HTTP redirects. The redirect is cached for the same TTL as a 200 HTTP response when this feature is enabled.",
"name": "Redirects",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cachePost",
"options": {
"enabled": false
}
],
"comments": "Configure caching for HTTP redirects. The redirect is cached for the same TTL as a 200 HTTP response when this feature is enabled.",
"name": "Redirects",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cachePost",
"options": {
"enabled": false
}
}
],
"comments": "Define when HTTP POST requests should be cached. You should enable it under a criteria match.",
"name": "POST responses",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "graphqlCaching",
"options": {
"enabled": false
}
],
"comments": "Define when HTTP POST requests should be cached. You should enable it under a criteria match.",
"name": "POST responses",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "graphqlCaching",
"options": {
"enabled": false
}
}
],
"comments": "Define when your GraphQL queries should be cached.",
"criteria": [
{
"name": "path",
"options": {
"matchCaseSensitive": false,
"matchOperator": "MATCHES_ONE_OF",
"normalize": false,
"values": [
"/graphql"
]
}
],
"comments": "Define when your GraphQL queries should be cached.",
"criteria": [
{
"name": "path",
"options": {
"matchCaseSensitive": false,
"matchOperator": "MATCHES_ONE_OF",
"normalize": false,
"values": [
"/graphql"
]
}
}
],
"name": "GraphQL",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "downstreamCache",
"options": {
"behavior": "BUST"
}
],
"name": "GraphQL",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "downstreamCache",
"options": {
"behavior": "BUST"
}
}
],
"comments": "Configure the default client caching behavior for uncacheable content at the edge.",
"criteria": [
{
"name": "cacheability",
"options": {
"matchOperator": "IS_NOT",
"value": "CACHEABLE"
}
],
"comments": "Configure the default client caching behavior for uncacheable content at the edge.",
"criteria": [
{
"name": "cacheability",
"options": {
"matchOperator": "IS_NOT",
"value": "CACHEABLE"
}
},
{
"name": "hostname",
"options": {
"matchOperator": "IS_ONE_OF",
"values": [
"${env.UserID}tflab-test.akaudevops.com"
]
}
},
{
"name": "hostname",
"options": {
"matchOperator": "IS_ONE_OF",
"values": [
"devops0caatflab-test.akaudevops.com"
]
}
],
"name": "Uncacheable objects",
"options": {},
"criteriaMustSatisfy": "any"
}
],
"comments": "Control the settings related to caching content at the edge and in the browser. As a result, fewer requests go to your origin, fewer bytes leave your data centers, and your assets are closer to your users.",
"name": "Offload origin",
"options": {},
"criteriaMustSatisfy": "all"
}
}
],
"name": "Uncacheable objects",
"options": {},
"criteriaMustSatisfy": "any"
}
],
"comments": "Control the settings related to caching content at the edge and in the browser. As a result, fewer requests go to your origin, fewer bytes leave your data centers, and your assets are closer to your users.",
"name": "Offload origin",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 152
- 160
property-snippets/Strengthen_security.json 查看文件

@@ -1,170 +1,162 @@
{
"name": "Strengthen security",
"children": [
"children": [
{
"behaviors": [
{
"name": "Allowed methods",
"children": [
{
"name": "POST",
"children": [],
"behaviors": [
{
"name": "allowPost",
"options": {
"allowWithoutContentLength": false,
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the POST HTTP request method."
},
{
"name": "OPTIONS",
"children": [],
"behaviors": [
{
"name": "allowOptions",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the OPTIONS HTTP request method."
},
{
"name": "PUT",
"children": [],
"behaviors": [
{
"name": "allowPut",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PUT HTTP request method."
},
{
"name": "DELETE",
"children": [],
"behaviors": [
{
"name": "allowDelete",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the DELETE HTTP request method."
},
{
"name": "PATCH",
"children": [],
"behaviors": [
{
"name": "allowPatch",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PATCH HTTP request method."
}
],
"behaviors": [
{
"name": "allHttpInCacheHierarchy",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow the use of HTTP methods. Consider enabling additional methods under a path match for increased origin security."
"name": "allHttpInCacheHierarchy",
"options": {
"enabled": true
}
}
],
"children": [
{
"behaviors": [
{
"name": "allowPost",
"options": {
"allowWithoutContentLength": false,
"enabled": true
}
}
],
"comments": "Allow use of the POST HTTP request method.",
"name": "POST",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "allowOptions",
"options": {
"enabled": true
}
}
],
"comments": "Allow use of the OPTIONS HTTP request method.",
"name": "OPTIONS",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"name": "Obfuscate debug info",
"children": [],
"behaviors": [
{
"name": "cacheTagVisible",
"options": {
"behavior": "PRAGMA_HEADER"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains the Pragma debug header."
"behaviors": [
{
"name": "allowPut",
"options": {
"enabled": false
}
}
],
"comments": "Allow use of the PUT HTTP request method.",
"name": "PUT",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"name": "Obfuscate backend info",
"children": [],
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "X-Powered-By",
"standardDeleteHeaderName": "OTHER"
}
},
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "Server",
"standardDeleteHeaderName": "OTHER"
}
}
],
"criteria": [
{
"name": "requestHeader",
"options": {
"headerName": "X-Akamai-Debug",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_NOT_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"true"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains an additional secret header. Regularly change the criteria to use a specific unique value for the secret header."
"behaviors": [
{
"name": "allowDelete",
"options": {
"enabled": false
}
}
],
"comments": "Allow use of the DELETE HTTP request method.",
"name": "DELETE",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "allowPatch",
"options": {
"enabled": false
}
}
],
"comments": "Allow use of the PATCH HTTP request method.",
"name": "PATCH",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Allow the use of HTTP methods. Consider enabling additional methods under a path match for increased origin security.",
"name": "Allowed methods",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "cacheTagVisible",
"options": {
"behavior": "PRAGMA_HEADER"
}
}
],
"comments": "Do not expose back-end information unless the request contains the Pragma debug header.",
"name": "Obfuscate debug info",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "X-Powered-By",
"standardDeleteHeaderName": "OTHER"
}
},
{
"name": "HSTS",
"children": [],
"behaviors": [
{
"name": "httpStrictTransportSecurity",
"options": {
"enable": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Require all browsers to connect to your site using HTTPS."
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "Server",
"standardDeleteHeaderName": "OTHER"
}
}
],
"comments": "Do not expose back-end information unless the request contains an additional secret header. Regularly change the criteria to use a specific unique value for the secret header.",
"criteria": [
{
"name": "requestHeader",
"options": {
"headerName": "X-Akamai-Debug",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_NOT_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"true"
]
}
}
],
"name": "Obfuscate backend info",
"options": {},
"criteriaMustSatisfy": "all"
},
{
"behaviors": [
{
"name": "httpStrictTransportSecurity",
"options": {
"enable": false
}
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that minimize the information your website shares with clients and malicious entities to reduce your exposure to threats."
],
"comments": "Require all browsers to connect to your site using HTTPS.",
"name": "HSTS",
"options": {},
"criteriaMustSatisfy": "all"
}
],
"comments": "Control the settings that minimize the information your website shares with clients and malicious entities to reduce your exposure to threats.",
"name": "Strengthen security",
"options": {},
"criteriaMustSatisfy": "all"
}

+ 4
- 0
property-snippets/bundle.json 查看文件

@@ -0,0 +1,4 @@
{
"edgeworker-version": "0.1",
"description" : "redirect based on country"
}

二进制
property-snippets/bundle.tgz 查看文件


+ 16
- 0
property-snippets/edgework.tf 查看文件

@@ -0,0 +1,16 @@
resource "akamai_edgeworker" "geo_languagecookie" {
name = "${var.user_id}-GeoLanguageCookie"
group_id = var.group_id
resource_tier_id = 100
local_bundle = "./bundle.tgz"
}

resource "akamai_edgeworkers_activation" "ew_activation" {
edgeworker_id = akamai_edgeworker.geo_languagecookie.id
network = "STAGING"
version = akamai_edgeworker.geo_languagecookie.version
}

output "edgeworker_id" {
value = akamai_edgeworker.geo_languagecookie.id
}

+ 4
- 0
property-snippets/import.sh 查看文件

@@ -0,0 +1,4 @@
terraform init
terraform import akamai_edge_hostname.akaudevops-com-edgekey-net ehn_5422499,ctr_W-KXID8R,grp_240886
terraform import akamai_property.devops0caa-tflab prp_1113533,ctr_W-KXID8R,grp_240886,LATEST
terraform import akamai_property_activation.devops0caa-tflab-staging prp_1113533:STAGING

+ 54
- 0
property-snippets/main.js 查看文件

@@ -0,0 +1,54 @@
import { logger } from 'log';
import { Cookies, SetCookie } from 'cookies';

function getLanguageCookieValue(country) {
let languageCookieValue = '';
if (country === 'US') {
languageCookieValue = 'en_US';
} else if (country === 'KR') {
languageCookieValue = 'ko_KR';
} else if (country === 'ES') {
languageCookieValue = 'es_ES';
} else if (country === 'FR') {
languageCookieValue = 'fr_FR';
} else if (country === 'DE') {
languageCookieValue = 'de_DE';
}
return languageCookieValue;
}

export function onClientRequest(request) {
let cookies = new Cookies(request.getHeader('Cookie'));
let languageCookie = cookies.get('language');
logger.log('language cookie value: %s', languageCookie);
if (languageCookie) {
logger.log('language cookie exists. Do nothing.');
} else {
let country = request.userLocation.country;
if (country) {
let languageCookieValue = getLanguageCookieValue(country);
if (languageCookieValue) {
let headers = { 'Location': ['/'], 'X-Redirect': [languageCookieValue] };
request.respondWith(302, headers, {});
} else {
logger.log('cannot find languageCookieValue. Do nothing.');
}
} else {
logger.log('cannot find country code. Do nothing.');
}
}
}

export function onClientResponse(request, response) {
logger.log('Adding a header in ClientResponse');
let languageCookieValue = response.getHeader('X-Redirect');
if (languageCookieValue) {
let cookie = new SetCookie();
cookie.name = 'language';
cookie.value = languageCookieValue;
response.setHeader('Set-Cookie', cookie.toHeader());
response.setHeader('X-GeoRedirect', 'True');
} else {
response.setHeader('X-GeoRedirect', 'False')
}
}

+ 43
- 36
property-snippets/main.json 查看文件

@@ -1,40 +1,47 @@
{
"rules": {
"name": "default",
"behaviors": [
{
"name": "origin",
"options": {
"cacheKeyHostname": "REQUEST_HOST_HEADER",
"compress": true,
"enableTrueClientIp": true,
"forwardHostHeader": "REQUEST_HOST_HEADER",
"hostname": "${env.origin_hostname}",
"httpPort": 80,
"httpsPort": 443,
"originCertificate": "",
"originSni": true,
"originType": "CUSTOMER",
"ports": "",
"trueClientIpClientSetting": false,
"trueClientIpHeader": "True-Client-IP",
"verificationMode": "PLATFORM_SETTINGS",
"minTlsVersion": "DYNAMIC"
}
"accountId": "act_B-W-KXICNA",
"contractId": "ctr_W-KXID8R",
"groupId": "grp_240886",
"propertyId": "prp_1113533",
"propertyVersion": 1,
"etag": "ae481dddc4b9d8ed311ccd6e6f77c6c9ffbc1567",
"ruleFormat": "latest",
"rules": {
"name": "default",
"behaviors": [
{
"name": "origin",
"options": {
"cacheKeyHostname": "REQUEST_HOST_HEADER",
"compress": true,
"enableTrueClientIp": true,
"forwardHostHeader": "REQUEST_HOST_HEADER",
"hostname": "juiceshopdevops.akaorigin.com",
"httpPort": 80,
"httpsPort": 443,
"minTlsVersion": "DYNAMIC",
"originCertificate": "",
"originSni": true,
"originType": "CUSTOMER",
"ports": "",
"trueClientIpClientSetting": false,
"trueClientIpHeader": "True-Client-IP",
"verificationMode": "PLATFORM_SETTINGS"
}
],
"children": [
"#include:Add_testheader.json",
"#include:Augment_insights.json",
"#include:Accelerate_delivery.json",
"#include:Offload_origin.json",
"#include:Strengthen_security.json",
"#include:Increase_availability.json",
"#include:Minimize_payload.json"
],
"comments": "The Default Rule template contains all the necessary and recommended behaviors. Rules are evaluated from top to bottom and the last matching rule wins.",
"options": {
"is_secure": "${env.secure}"
}
],
"children": [
"#include:Add_testheader.json",
"#include:Augment_insights.json",
"#include:Accelerate_delivery.json",
"#include:Offload_origin.json",
"#include:Strengthen_security.json",
"#include:Increase_availability.json",
"#include:Minimize_payload.json"
],
"comments": "The Default Rule template contains all the necessary and recommended behaviors. Rules are evaluated from top to bottom and the last matching rule wins.",
"options": {
"is_secure": true
}
}
}
}

+ 69
- 0
property-snippets/property.tf 查看文件

@@ -0,0 +1,69 @@
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
version = ">= 6.5.0"
}
}
required_version = ">= 1.0"
}

provider "akamai" {
edgerc = var.edgerc_path
config_section = var.config_section
}

data "akamai_property_rules_template" "rules" {
template_file = abspath("${path.module}/property-snippets/main.json")
variables {
name = "edgeworker_id"
value = akamai_edgeworker.geo_languagecookie.id
type = "string"
}
}

# resource "akamai_edge_hostname" "akaudevops-com-edgekey-net" {
# contract_id = var.contract_id
# group_id = var.group_id
# ip_behavior = "IPV6_COMPLIANCE"
# edge_hostname = "akaudevops.com.edgekey.net"
# certificate = 189619
# }

resource "akamai_property" "devops0caa-tflab" {
name = "devops0caa-tflab"
contract_id = var.contract_id
group_id = var.group_id
product_id = "prd_SPM"
hostnames {
cname_from = "devops0caatflab-test.akaudevops.com"
cname_to = "akaudevops.com.edgekey.net"
cert_provisioning_type = "CPS_MANAGED"
}
hostnames {
cname_from = "devops0caatflab.akaudevops.com"
cname_to = "akaudevops.com.edgekey.net"
cert_provisioning_type = "CPS_MANAGED"
}
rule_format = "latest"
rules = data.akamai_property_rules_template.rules.json
}

# NOTE: Be careful when removing this resource as you can disable traffic
resource "akamai_property_activation" "devops0caa-tflab-staging" {
property_id = akamai_property.devops0caa-tflab.id
contact = ["devops0caa@akaudevops.com"]
version = akamai_property.devops0caa-tflab.latest_version
network = "STAGING"
note = "Terraform property creation lab"
auto_acknowledge_rule_warnings = true
}

# NOTE: Be careful when removing this resource as you can disable traffic
#resource "akamai_property_activation" "devops0caa-tflab-production" {
# property_id = akamai_property.devops0caa-tflab.id
# contact = []
# version = var.activate_latest_on_production ? akamai_property.devops0caa-tflab.latest_version : akamai_property.devops0caa-tflab.production_version
# network = "PRODUCTION"
# auto_acknowledge_rule_warnings = false
#}

+ 232
- 0
property-snippets/terraform.tfstate
文件差异内容过多而无法显示
查看文件


+ 223
- 0
property-snippets/terraform.tfstate.backup
文件差异内容过多而无法显示
查看文件


+ 35
- 0
property-snippets/variables.tf 查看文件

@@ -0,0 +1,35 @@
variable "edgerc_path" {
type = string
default = "~/.edgerc"
}

variable "config_section" {
type = string
default = "default"
}

variable "contract_id" {
type = string
default = "ctr_W-KXID8R"
}

variable "group_id" {
type = string
default = "grp_240886"
}

variable "activate_latest_on_staging" {
type = bool
default = true
}

variable "user_id" {
type = string
default = "devops0caa"

}

#variable "activate_latest_on_production" {
# type = bool
# default = true
#}

+ 69
- 0
property.tf 查看文件

@@ -0,0 +1,69 @@
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
version = ">= 6.5.0"
}
}
required_version = ">= 1.0"
}

provider "akamai" {
edgerc = var.edgerc_path
config_section = var.config_section
}

data "akamai_property_rules_template" "rules" {
template_file = abspath("${path.module}/property-snippets/main.json")
variables {
name = "edgeworker_id"
value = akamai_edgeworker.geo_languagecookie.id
type = "string"
}
}

# resource "akamai_edge_hostname" "akaudevops-com-edgekey-net" {
# contract_id = var.contract_id
# group_id = var.group_id
# ip_behavior = "IPV6_COMPLIANCE"
# edge_hostname = "akaudevops.com.edgekey.net"
# certificate = 189619
# }

resource "akamai_property" "devops0caa-tflab" {
name = "devops0caa-tflab"
contract_id = var.contract_id
group_id = var.group_id
product_id = "prd_SPM"
hostnames {
cname_from = "devops0caatflab-test.akaudevops.com"
cname_to = "akaudevops.com.edgekey.net"
cert_provisioning_type = "CPS_MANAGED"
}
hostnames {
cname_from = "devops0caatflab.akaudevops.com"
cname_to = "akaudevops.com.edgekey.net"
cert_provisioning_type = "CPS_MANAGED"
}
rule_format = "latest"
rules = data.akamai_property_rules_template.rules.json
}

# NOTE: Be careful when removing this resource as you can disable traffic
resource "akamai_property_activation" "devops0caa-tflab-staging" {
property_id = akamai_property.devops0caa-tflab.id
contact = ["devops0caa@akaudevops.com"]
version = akamai_property.devops0caa-tflab.latest_version
network = "STAGING"
note = "Terraform property creation lab"
auto_acknowledge_rule_warnings = true
}

# NOTE: Be careful when removing this resource as you can disable traffic
#resource "akamai_property_activation" "devops0caa-tflab-production" {
# property_id = akamai_property.devops0caa-tflab.id
# contact = []
# version = var.activate_latest_on_production ? akamai_property.devops0caa-tflab.latest_version : akamai_property.devops0caa-tflab.production_version
# network = "PRODUCTION"
# auto_acknowledge_rule_warnings = false
#}

+ 232
- 0
terraform.tfstate
文件差异内容过多而无法显示
查看文件


+ 223
- 0
terraform.tfstate.backup
文件差异内容过多而无法显示
查看文件


+ 23
- 37
variables.tf 查看文件

@@ -1,49 +1,35 @@
variable "edgerc" {
variable "edgerc_path" {
type = string
default = "~/.edgerc"
}
variable "section" {
type = string

variable "config_section" {
type = string
default = "default"
}
variable "UserID" {
type = string
}

variable "contract_id" {
type = string
default = "W-KXID8R"
type = string
default = "ctr_W-KXID8R"
}

variable "group_id" {
type = string
default = "240886"
}
variable "origin_hostname" {
type = string
default = "juiceshopdevops.akaorigin.com"
}
variable "cp_code_id" {
type = number
default = 1523912
type = string
default = "grp_240886"
}
variable "secure" {
type = bool

variable "activate_latest_on_staging" {
type = bool
default = true
}
variable "network" {
default = "STAGING"
}
variable "hostname" {
type = string
default = "akaudevops.com"
}
variable "edge_hostname" {
type = string
default = "akaudevops.com.edgekey.net"
}
variable "labname" {

variable "user_id" {
type = string
default = "tflab"
}
variable "email" {
type = string
}
default = "devops0caa"

}

#variable "activate_latest_on_production" {
# type = bool
# default = true
#}

正在加载...
取消
保存