test-org-12323423
/
devops
關註 1
收藏 0
複製 0
程式碼 問題管理 0 合併請求 0 版本發佈 0 Wiki Activity
瀏覽代碼

Separate property scripts for labs

main
kusum 1 年之前
父節點
eb5be1702b
當前提交
185b1afec8
共有 39 個文件被更改,包括 2390 次插入0 次删除
分割檢視 顯示文件統計
  1. 二進制
      AUPropertyAutomation/.DS_Store
  2. 二進制
      AUPropertyAutomation/clilabtf/.DS_Store
  3. 0
    0
      AUPropertyAutomation/clilabtf/akamai.tf
  4. 53
    0
      AUPropertyAutomation/clilabtf/ion.tf
  5. 0
    0
      AUPropertyAutomation/clilabtf/property-snippets/accelerate_delivery.json
  6. 0
    0
      AUPropertyAutomation/clilabtf/property-snippets/augment_insights.json
  7. 0
    0
      AUPropertyAutomation/clilabtf/property-snippets/increase_availability.json
  8. 38
    0
      AUPropertyAutomation/clilabtf/property-snippets/main.json
  9. 0
    0
      AUPropertyAutomation/clilabtf/property-snippets/minimize_payload.json
  10. 0
    0
      AUPropertyAutomation/clilabtf/property-snippets/offload_origin.json
  11. 0
    0
      AUPropertyAutomation/clilabtf/property-snippets/strengthen_security.json
  12. 58
    0
      AUPropertyAutomation/clilabtf/vars.tf
  13. 0
    0
      AUPropertyAutomation/clilabtf/vars.tfvars.dst
  14. 二進制
      AUPropertyAutomation/pwshlabtf/.DS_Store
  15. 12
    0
      AUPropertyAutomation/pwshlabtf/akamai.tf
  16. 53
    0
      AUPropertyAutomation/pwshlabtf/ion.tf
  17. 196
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/accelerate_delivery.json
  18. 93
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/augment_insights.json
  19. 99
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/increase_availability.json
  20. 38
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/main.json
  21. 58
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/minimize_payload.json
  22. 398
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/offload_origin.json
  23. 170
    0
      AUPropertyAutomation/pwshlabtf/property-snippets/strengthen_security.json
  24. 58
    0
      AUPropertyAutomation/pwshlabtf/vars.tf
  25. 12
    0
      AUPropertyAutomation/pwshlabtf/vars.tfvars.dst
  26. 8
    0
      AUPropertyAutomation/scripts/create_clilabproperty.sh
  27. 8
    0
      AUPropertyAutomation/scripts/create_pwshlabproperty.sh
  28. 0
    0
      andres-master/scripts/create_property.sh
  29. 12
    0
      andres-master/terraform/akamai.tf
  30. 0
    0
      andres-master/terraform/ion.tf
  31. 196
    0
      andres-master/terraform/property-snippets/accelerate_delivery.json
  32. 93
    0
      andres-master/terraform/property-snippets/augment_insights.json
  33. 99
    0
      andres-master/terraform/property-snippets/increase_availability.json
  34. 0
    0
      andres-master/terraform/property-snippets/main.json
  35. 58
    0
      andres-master/terraform/property-snippets/minimize_payload.json
  36. 398
    0
      andres-master/terraform/property-snippets/offload_origin.json
  37. 170
    0
      andres-master/terraform/property-snippets/strengthen_security.json
  38. 0
    0
      andres-master/terraform/vars.tf
  39. 12
    0
      andres-master/terraform/vars.tfvars.dst

二進制
AUPropertyAutomation/.DS_Store 查看文件


二進制
AUPropertyAutomation/clilabtf/.DS_Store 查看文件


terraform/akamai.tf → AUPropertyAutomation/clilabtf/akamai.tf 查看文件


+ 53
- 0
AUPropertyAutomation/clilabtf/ion.tf 查看文件

@@ -0,0 +1,53 @@
data "akamai_property_rules_template" "template-update" {
template_file = abspath("${path.root}/property-snippets/main.json")
variables {
name = "secure"
value = "${var.secure}"
type = "bool"
}
variables {
name = "origin"
value = "${var.origin}"
type = "string"
}
variables {
name = "cpcodeId"
value = "${var.cpcodeId}"
type = "number"
}
variables {
name = "cpcodeName"
value = "${var.cpcodeName}"
type = "string"
}
}

resource "akamai_property" "ion_premier" {
name = "${var.UserID}-${var.program}"
product_id = "prd_SPM"
contract_id = "ctr_${var.contract_id}"
group_id = "grp_${var.group_id}"
hostnames {
cname_from = "${var.UserID}${var.program}.${var.hostname}"
cname_to = var.edge_hostname
cert_provisioning_type = "CPS_MANAGED"
}
rule_format = "latest"
rules = data.akamai_property_rules_template.template-update.json
}

output "property_id" {
value = "${akamai_property.ion_premier.id}"
}
output "property_version" {
value = "${akamai_property.ion_premier.latest_version}"
}

resource "akamai_property_activation" "activation_staging" {
property_id = "${akamai_property.ion_premier.id}"
version = "${akamai_property.ion_premier.latest_version}"
network = "${var.network}"
contact = ["${var.email}"]
note = "Automatic deployment for CLI Lab"
auto_acknowledge_rule_warnings = true
}

terraform/property-snippets/accelerate_delivery.json → AUPropertyAutomation/clilabtf/property-snippets/accelerate_delivery.json 查看文件


terraform/property-snippets/augment_insights.json → AUPropertyAutomation/clilabtf/property-snippets/augment_insights.json 查看文件


terraform/property-snippets/increase_availability.json → AUPropertyAutomation/clilabtf/property-snippets/increase_availability.json 查看文件


+ 38
- 0
AUPropertyAutomation/clilabtf/property-snippets/main.json 查看文件

@@ -0,0 +1,38 @@
{
"rules": {
"name": "default",
"children": [
"#include:augment_insights.json",
"#include:accelerate_delivery.json",
"#include:increase_availability.json",
"#include:minimize_payload.json",
"#include:offload_origin.json",
"#include:strengthen_security.json"
],
"behaviors": [
{
"name": "origin",
"options": {
"cacheKeyHostname": "REQUEST_HOST_HEADER",
"compress": true,
"enableTrueClientIp": true,
"forwardHostHeader": "REQUEST_HOST_HEADER",
"httpPort": 80,
"httpsPort": 443,
"originCertificate": "",
"originSni": true,
"originType": "CUSTOMER",
"ports": "",
"trueClientIpClientSetting": false,
"trueClientIpHeader": "True-Client-IP",
"verificationMode": "PLATFORM_SETTINGS",
"hostname": "${env.origin}"
}
}
],
"options": {
"is_secure": "${env.secure}"
},
"comments": "The behaviors in the Default Rule apply to all requests for the property hostnames unless another rule overrides the Default Rule settings."
}
}

terraform/property-snippets/minimize_payload.json → AUPropertyAutomation/clilabtf/property-snippets/minimize_payload.json 查看文件


terraform/property-snippets/offload_origin.json → AUPropertyAutomation/clilabtf/property-snippets/offload_origin.json 查看文件


terraform/property-snippets/strengthen_security.json → AUPropertyAutomation/clilabtf/property-snippets/strengthen_security.json 查看文件


+ 58
- 0
AUPropertyAutomation/clilabtf/vars.tf 查看文件

@@ -0,0 +1,58 @@
variable "edgerc" {
type = string
default = "~/.edgerc"
}
variable "section" {
type = string
default = "default"
}
variable "UserID" {
type = string
}
variable "contract_id" {
type = string
default = "W-KXID8R"
}
variable "group_id" {
type = string
default = "240742"
}

variable "origin" {
type = string
default = "juiceshopdevops.akaorigin.com"
}
variable "cpcodeId" {
type = number
default = 1519758
}

variable "cpcodeName" {
type = string
default = "CLILabs"
}

variable "secure" {
type = bool
default = true
}
variable "network" {
default = "STAGING"
}

variable "hostname" {
type = string
default = "akaudevops.com"
}

variable "edge_hostname" {
type = string
default = "akaudevops.com.edgekey.net"
}
variable "program" {
type = string
default = "clilab"
}
variable "email" {
type = string
}

terraform/vars.tfvars.dst → AUPropertyAutomation/clilabtf/vars.tfvars.dst 查看文件


二進制
AUPropertyAutomation/pwshlabtf/.DS_Store 查看文件


+ 12
- 0
AUPropertyAutomation/pwshlabtf/akamai.tf 查看文件

@@ -0,0 +1,12 @@
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
version = "5.2.0"
}
}
}
provider "akamai" {
edgerc = var.edgerc
config_section = var.section
}

+ 53
- 0
AUPropertyAutomation/pwshlabtf/ion.tf 查看文件

@@ -0,0 +1,53 @@
data "akamai_property_rules_template" "template-update" {
template_file = abspath("${path.root}/property-snippets/main.json")
variables {
name = "secure"
value = "${var.secure}"
type = "bool"
}
variables {
name = "origin"
value = "${var.origin}"
type = "string"
}
variables {
name = "cpcodeId"
value = "${var.cpcodeId}"
type = "number"
}
variables {
name = "cpcodeName"
value = "${var.cpcodeName}"
type = "string"
}
}

resource "akamai_property" "ion_premier" {
name = "${var.UserID}-${var.program}"
product_id = "prd_SPM"
contract_id = "ctr_${var.contract_id}"
group_id = "grp_${var.group_id}"
hostnames {
cname_from = "${var.UserID}${var.program}.${var.hostname}"
cname_to = var.edge_hostname
cert_provisioning_type = "CPS_MANAGED"
}
rule_format = "latest"
rules = data.akamai_property_rules_template.template-update.json
}

output "property_id" {
value = "${akamai_property.ion_premier.id}"
}
output "property_version" {
value = "${akamai_property.ion_premier.latest_version}"
}

resource "akamai_property_activation" "activation_staging" {
property_id = "${akamai_property.ion_premier.id}"
version = "${akamai_property.ion_premier.latest_version}"
network = "${var.network}"
contact = ["${var.email}"]
note = "Automatic deployment for PowerShell Lab"
auto_acknowledge_rule_warnings = true
}

+ 196
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/accelerate_delivery.json 查看文件

@@ -0,0 +1,196 @@
{
"name": "Accelerate delivery",
"children": [
{
"name": "Origin connectivity",
"children": [],
"behaviors": [
{
"name": "dnsAsyncRefresh",
"options": {
"enabled": true,
"timeout": "1h"
}
},
{
"name": "timeout",
"options": {
"value": "5s"
}
},
{
"name": "readTimeout",
"options": {
"value": "120s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Optimize the connection between edge and origin."
},
{
"name": "Protocol optimizations",
"children": [],
"behaviors": [
{
"name": "enhancedAkamaiProtocol",
"options": {
"display": ""
}
},
{
"name": "http2",
"options": {
"enabled": ""
}
},
{
"name": "allowTransferEncoding",
"options": {
"enabled": true
}
},
{
"name": "sureRoute",
"options": {
"enableCustomKey": false,
"enabled": true,
"forceSslForward": false,
"raceStatTtl": "30m",
"srDownloadLinkTitle": "",
"testObjectUrl": "/akamai/sure-route-test-object.html",
"toHostStatus": "INCOMING_HH",
"type": "PERFORMANCE"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Serve your website using modern and fast protocols."
},
{
"name": "Prefetching",
"children": [
{
"name": "Prefetching objects",
"children": [
{
"name": "Bots",
"children": [],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "userAgent",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"*bot*",
"*crawl*",
"*spider*"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Disable prefetching for specific clients identifying themselves as bots and crawlers. This avoids requesting unnecessary resources from the origin."
}
],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Define for which HTML pages prefetching should be enabled."
},
{
"name": "Prefetchable objects",
"children": [],
"behaviors": [
{
"name": "prefetchable",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js",
"jpg",
"jpeg",
"jp2",
"png",
"gif",
"svg",
"svgz",
"webp",
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Define which resources should be prefetched."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Instruct edge servers to retrieve embedded resources before the browser requests them."
},
{
"name": "Adaptive acceleration",
"children": [],
"behaviors": [
{
"name": "adaptiveAcceleration",
"options": {
"abLogic": "DISABLED",
"enableBrotliCompression": false,
"enablePreconnect": true,
"enablePush": true,
"enableRo": false,
"preloadEnable": true,
"source": "mPulse",
"titleHttp2ServerPush": "",
"titlePreconnect": "",
"titlePreload": "",
"titleRo": ""
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Automatically and continuously apply performance optimizations to your website using machine learning."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to improving the performance of delivering objects to your users."
}

+ 93
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/augment_insights.json 查看文件

@@ -0,0 +1,93 @@
{
"name": "Augment insights",
"children": [
{
"name": "Traffic reporting",
"children": [],
"behaviors": [
{
"name": "cpCode",
"options": {
"value": {
"id": "${env.cpcodeId}",
"name": "${env.cpcodeName}"
}
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Identify your main traffic segments so you can granularly zoom in your traffic statistics like hits, bandwidth, offload, response codes, and errors."
},
{
"name": "mPulse RUM",
"children": [],
"behaviors": [
{
"name": "mPulse",
"options": {
"apiKey": "",
"bufferSize": "",
"configOverride": "",
"enabled": true,
"loaderVersion": "V12",
"requirePci": false,
"titleOptional": ""
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Collect and analyze real-user data to monitor the performance of your website."
},
{
"name": "Geolocation",
"children": [],
"behaviors": [
{
"name": "edgeScape",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "requestType",
"options": {
"matchOperator": "IS",
"value": "CLIENT_REQ"
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Receive data about a user's geolocation and connection speed in a request header. If you change cached content based on the values of the X-Akamai-Edgescape request header, contact your account representative."
},
{
"name": "Log delivery",
"children": [],
"behaviors": [
{
"name": "report",
"options": {
"logAcceptLanguage": false,
"logCookies": "OFF",
"logCustomLogField": false,
"logEdgeIP": false,
"logHost": false,
"logReferer": false,
"logUserAgent": false,
"logXForwardedFor": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Specify the level of detail you want to be logged in your Log Delivery Service reports. Log User-Agent Header to obtain detailed information in the Traffic by Browser and OS report."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to monitoring and reporting. This gives you additional visibility into your traffic and audiences."
}

+ 99
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/increase_availability.json 查看文件

@@ -0,0 +1,99 @@
{
"name": "Increase availability",
"children": [
{
"name": "Simulate failover",
"children": [],
"behaviors": [
{
"name": "breakConnection",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "contentDeliveryNetwork",
"options": {
"matchOperator": "IS",
"network": "STAGING"
}
},
{
"name": "requestHeader",
"options": {
"headerName": "breakconnection",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"Your-Secret-Here"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Simulate an origin connection problem and test the site failover configuration on the CDN staging network."
},
{
"name": "Site failover",
"children": [],
"behaviors": [
{
"name": "failAction",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "originTimeout",
"options": {
"matchOperator": "ORIGIN_TIMED_OUT"
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Specify how edge servers respond when the origin is not available."
},
{
"name": "Origin health",
"children": [],
"behaviors": [
{
"name": "healthDetection",
"options": {
"maximumReconnects": 3,
"retryCount": 3,
"retryInterval": "10s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Monitor the health of your origin by tracking unsuccessful IP connection attempts."
},
{
"name": "Script management",
"children": [],
"behaviors": [
{
"name": "scriptManagement",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Enable Script Management to minimize performance and availability impacts from third-party JavaScripts."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control how to respond when your origin or third parties are slow or even down to minimize the negative impact on user experience."
}

+ 38
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/main.json 查看文件

@@ -0,0 +1,38 @@
{
"rules": {
"name": "default",
"children": [
"#include:augment_insights.json",
"#include:accelerate_delivery.json",
"#include:increase_availability.json",
"#include:minimize_payload.json",
"#include:offload_origin.json",
"#include:strengthen_security.json"
],
"behaviors": [
{
"name": "origin",
"options": {
"cacheKeyHostname": "REQUEST_HOST_HEADER",
"compress": true,
"enableTrueClientIp": true,
"forwardHostHeader": "REQUEST_HOST_HEADER",
"httpPort": 80,
"httpsPort": 443,
"originCertificate": "",
"originSni": true,
"originType": "CUSTOMER",
"ports": "",
"trueClientIpClientSetting": false,
"trueClientIpHeader": "True-Client-IP",
"verificationMode": "PLATFORM_SETTINGS",
"hostname": "${env.origin}"
}
}
],
"options": {
"is_secure": "${env.secure}"
},
"comments": "The behaviors in the Default Rule apply to all requests for the property hostnames unless another rule overrides the Default Rule settings."
}
}

+ 58
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/minimize_payload.json 查看文件

@@ -0,0 +1,58 @@
{
"name": "Minimize payload",
"children": [
{
"name": "Compressible objects",
"children": [],
"behaviors": [
{
"name": "gzipResponse",
"options": {
"behavior": "ALWAYS"
}
}
],
"criteria": [
{
"name": "contentType",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"application/*javascript*",
"application/*json*",
"application/*xml*",
"application/text*",
"application/vnd-ms-fontobject",
"application/vnd.microsoft.icon",
"application/x-font-opentype",
"application/x-font-truetype",
"application/x-font-ttf",
"application/xmlfont/eot",
"font/eot",
"font/opentype",
"font/otf",
"image/svg+xml",
"image/vnd.microsoft.icon",
"image/x-icon",
"text/*",
"application/octet-stream*",
"application/x-font-eot*",
"font/ttf",
"application/font-ttf",
"application/font-sfnt",
"application/x-tgif"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Serve gzip compressed content for text-based formats."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that reduce the size of the delivered content and decrease the number of bytes sent by your properties. This allows you to cut down the network overhead of your website or API."
}

+ 398
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/offload_origin.json 查看文件

@@ -0,0 +1,398 @@
{
"name": "Offload origin",
"children": [
{
"name": "CSS and JavaScript",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for CSS and JavaScript"
},
{
"name": "Fonts",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for fonts."
},
{
"name": "Images",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"jpg",
"jpeg",
"png",
"gif",
"webp",
"jp2",
"ico",
"svg",
"svgz"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for images."
},
{
"name": "Files",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"pdf",
"doc",
"docx",
"odt"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for files. Files containing Personal Identified Information (PII) should require Edge authentication or not be cached at all."
},
{
"name": "Other static objects",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"aif",
"aiff",
"au",
"avi",
"bin",
"bmp",
"cab",
"carb",
"cct",
"cdf",
"class",
"dcr",
"dtd",
"exe",
"flv",
"gcf",
"gff",
"grv",
"hdml",
"hqx",
"ini",
"mov",
"mp3",
"nc",
"pct",
"ppc",
"pws",
"swa",
"swf",
"txt",
"vbs",
"w32",
"wav",
"midi",
"wbmp",
"wml",
"wmlc",
"wmls",
"wmlsc",
"xsd",
"zip",
"pict",
"tif",
"tiff",
"mid",
"jxr",
"jar"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for other static objects."
},
{
"name": "HTML pages",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "IGNORE",
"exactMatch": true,
"parameters": [
"gclid",
"fbclid",
"utm_source",
"utm_campaign",
"utm_medium",
"utm_content"
]
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"html",
"htm",
"php",
"jsp",
"aspx",
"EMPTY_STRING"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Override the default caching behavior for HTML pages cached on edge servers."
},
{
"name": "Redirects",
"children": [],
"behaviors": [
{
"name": "cacheRedirect",
"options": {
"enabled": "false"
}
},
{
"name": "chaseRedirects",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Configure caching for HTTP redirects. The redirect is cached for the same TTL as a 200 HTTP response when this feature is enabled."
},
{
"name": "POST responses",
"children": [],
"behaviors": [
{
"name": "cachePost",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Define when HTTP POST requests should be cached. You should enable it under a criteria match."
},
{
"name": "GraphQL",
"children": [],
"behaviors": [
{
"name": "graphqlCaching",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "path",
"options": {
"matchCaseSensitive": false,
"matchOperator": "MATCHES_ONE_OF",
"normalize": false,
"values": [
"/graphql"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Define when your GraphQL queries should be cached."
},
{
"name": "Uncacheable objects",
"children": [],
"behaviors": [
{
"name": "downstreamCache",
"options": {
"behavior": "BUST"
}
}
],
"criteria": [
{
"name": "cacheability",
"options": {
"matchOperator": "IS_NOT",
"value": "CACHEABLE"
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Configure the default client caching behavior for uncacheable content at the edge."
}
],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "tieredDistribution",
"options": {
"enabled": true
}
},
{
"name": "validateEntityTag",
"options": {
"enabled": false
}
},
{
"name": "removeVary",
"options": {
"enabled": false
}
},
{
"name": "cacheError",
"options": {
"enabled": true,
"preserveStale": true,
"ttl": "10s"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "INCLUDE_ALL_ALPHABETIZE_ORDER"
}
},
{
"name": "prefreshCache",
"options": {
"enabled": true,
"prefreshval": 90
}
},
{
"name": "downstreamCache",
"options": {
"allowBehavior": "LESSER",
"behavior": "ALLOW",
"sendHeaders": "CACHE_CONTROL",
"sendPrivate": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to caching content at the edge and in the browser. As a result, fewer requests go to your origin, fewer bytes leave your data centers, and your assets are closer to your users."
}

+ 170
- 0
AUPropertyAutomation/pwshlabtf/property-snippets/strengthen_security.json 查看文件

@@ -0,0 +1,170 @@
{
"name": "Strengthen security",
"children": [
{
"name": "Allowed methods",
"children": [
{
"name": "POST",
"children": [],
"behaviors": [
{
"name": "allowPost",
"options": {
"allowWithoutContentLength": false,
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the POST HTTP request method."
},
{
"name": "OPTIONS",
"children": [],
"behaviors": [
{
"name": "allowOptions",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the OPTIONS HTTP request method."
},
{
"name": "PUT",
"children": [],
"behaviors": [
{
"name": "allowPut",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PUT HTTP request method."
},
{
"name": "DELETE",
"children": [],
"behaviors": [
{
"name": "allowDelete",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the DELETE HTTP request method."
},
{
"name": "PATCH",
"children": [],
"behaviors": [
{
"name": "allowPatch",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PATCH HTTP request method."
}
],
"behaviors": [
{
"name": "allHttpInCacheHierarchy",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow the use of HTTP methods. Consider enabling additional methods under a path match for increased origin security."
},
{
"name": "Obfuscate debug info",
"children": [],
"behaviors": [
{
"name": "cacheTagVisible",
"options": {
"behavior": "PRAGMA_HEADER"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains the Pragma debug header."
},
{
"name": "Obfuscate backend info",
"children": [],
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "X-Powered-By",
"standardDeleteHeaderName": "OTHER"
}
},
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "Server",
"standardDeleteHeaderName": "OTHER"
}
}
],
"criteria": [
{
"name": "requestHeader",
"options": {
"headerName": "X-Akamai-Debug",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_NOT_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"true"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains an additional secret header. Regularly change the criteria to use a specific unique value for the secret header."
},
{
"name": "HSTS",
"children": [],
"behaviors": [
{
"name": "httpStrictTransportSecurity",
"options": {
"enable": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Require all browsers to connect to your site using HTTPS."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that minimize the information your website shares with clients and malicious entities to reduce your exposure to threats."
}

+ 58
- 0
AUPropertyAutomation/pwshlabtf/vars.tf 查看文件

@@ -0,0 +1,58 @@
variable "edgerc" {
type = string
default = "~/.edgerc"
}
variable "section" {
type = string
default = "default"
}
variable "UserID" {
type = string
}
variable "contract_id" {
type = string
default = "W-KXID8R"
}
variable "group_id" {
type = string
default = "240743"
}

variable "origin" {
type = string
default = "juiceshopdevops.akaorigin.com"
}
variable "cpcodeId" {
type = number
default = 1522211
}

variable "cpcodeName" {
type = string
default = "PowerShellLabs"
}

variable "secure" {
type = bool
default = true
}
variable "network" {
default = "STAGING"
}

variable "hostname" {
type = string
default = "akaudevops.com"
}

variable "edge_hostname" {
type = string
default = "akaudevops.com.edgekey.net"
}
variable "program" {
type = string
default = "pwshlab"
}
variable "email" {
type = string
}

+ 12
- 0
AUPropertyAutomation/pwshlabtf/vars.tfvars.dst 查看文件

@@ -0,0 +1,12 @@
edgerc = "~/.edgerc"
section = ""
contract_id = ""
group_id = ""
origin = ""
cpcode =00000
secure = true
network= "STAGING"
hostname= ""
edge_hostname = ""
program="devops"
prefix=""

+ 8
- 0
AUPropertyAutomation/scripts/create_clilabproperty.sh 查看文件

@@ -0,0 +1,8 @@
#!/bin/bash

echo $PWD &&
cd clilabtf &&
terraform init &&
terraform plan -out=.plan &&
terraform apply .plan &&
cd $OLDPWD

+ 8
- 0
AUPropertyAutomation/scripts/create_pwshlabproperty.sh 查看文件

@@ -0,0 +1,8 @@
#!/bin/bash

echo $PWD &&
cd pwshlabtf &&
terraform init &&
terraform plan -out=.plan &&
terraform apply .plan &&
cd $OLDPWD

scripts/create_property.sh → andres-master/scripts/create_property.sh 查看文件


+ 12
- 0
andres-master/terraform/akamai.tf 查看文件

@@ -0,0 +1,12 @@
terraform {
required_providers {
akamai = {
source = "akamai/akamai"
version = "5.2.0"
}
}
}
provider "akamai" {
edgerc = var.edgerc
config_section = var.section
}

terraform/ion.tf → andres-master/terraform/ion.tf 查看文件


+ 196
- 0
andres-master/terraform/property-snippets/accelerate_delivery.json 查看文件

@@ -0,0 +1,196 @@
{
"name": "Accelerate delivery",
"children": [
{
"name": "Origin connectivity",
"children": [],
"behaviors": [
{
"name": "dnsAsyncRefresh",
"options": {
"enabled": true,
"timeout": "1h"
}
},
{
"name": "timeout",
"options": {
"value": "5s"
}
},
{
"name": "readTimeout",
"options": {
"value": "120s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Optimize the connection between edge and origin."
},
{
"name": "Protocol optimizations",
"children": [],
"behaviors": [
{
"name": "enhancedAkamaiProtocol",
"options": {
"display": ""
}
},
{
"name": "http2",
"options": {
"enabled": ""
}
},
{
"name": "allowTransferEncoding",
"options": {
"enabled": true
}
},
{
"name": "sureRoute",
"options": {
"enableCustomKey": false,
"enabled": true,
"forceSslForward": false,
"raceStatTtl": "30m",
"srDownloadLinkTitle": "",
"testObjectUrl": "/akamai/sure-route-test-object.html",
"toHostStatus": "INCOMING_HH",
"type": "PERFORMANCE"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Serve your website using modern and fast protocols."
},
{
"name": "Prefetching",
"children": [
{
"name": "Prefetching objects",
"children": [
{
"name": "Bots",
"children": [],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "userAgent",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"*bot*",
"*crawl*",
"*spider*"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Disable prefetching for specific clients identifying themselves as bots and crawlers. This avoids requesting unnecessary resources from the origin."
}
],
"behaviors": [
{
"name": "prefetch",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Define for which HTML pages prefetching should be enabled."
},
{
"name": "Prefetchable objects",
"children": [],
"behaviors": [
{
"name": "prefetchable",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js",
"jpg",
"jpeg",
"jp2",
"png",
"gif",
"svg",
"svgz",
"webp",
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Define which resources should be prefetched."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Instruct edge servers to retrieve embedded resources before the browser requests them."
},
{
"name": "Adaptive acceleration",
"children": [],
"behaviors": [
{
"name": "adaptiveAcceleration",
"options": {
"abLogic": "DISABLED",
"enableBrotliCompression": false,
"enablePreconnect": true,
"enablePush": true,
"enableRo": false,
"preloadEnable": true,
"source": "mPulse",
"titleHttp2ServerPush": "",
"titlePreconnect": "",
"titlePreload": "",
"titleRo": ""
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Automatically and continuously apply performance optimizations to your website using machine learning."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to improving the performance of delivering objects to your users."
}

+ 93
- 0
andres-master/terraform/property-snippets/augment_insights.json 查看文件

@@ -0,0 +1,93 @@
{
"name": "Augment insights",
"children": [
{
"name": "Traffic reporting",
"children": [],
"behaviors": [
{
"name": "cpCode",
"options": {
"value": {
"id": "${env.cpcodeId}",
"name": "${env.cpcodeName}"
}
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Identify your main traffic segments so you can granularly zoom in your traffic statistics like hits, bandwidth, offload, response codes, and errors."
},
{
"name": "mPulse RUM",
"children": [],
"behaviors": [
{
"name": "mPulse",
"options": {
"apiKey": "",
"bufferSize": "",
"configOverride": "",
"enabled": true,
"loaderVersion": "V12",
"requirePci": false,
"titleOptional": ""
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Collect and analyze real-user data to monitor the performance of your website."
},
{
"name": "Geolocation",
"children": [],
"behaviors": [
{
"name": "edgeScape",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "requestType",
"options": {
"matchOperator": "IS",
"value": "CLIENT_REQ"
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Receive data about a user's geolocation and connection speed in a request header. If you change cached content based on the values of the X-Akamai-Edgescape request header, contact your account representative."
},
{
"name": "Log delivery",
"children": [],
"behaviors": [
{
"name": "report",
"options": {
"logAcceptLanguage": false,
"logCookies": "OFF",
"logCustomLogField": false,
"logEdgeIP": false,
"logHost": false,
"logReferer": false,
"logUserAgent": false,
"logXForwardedFor": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Specify the level of detail you want to be logged in your Log Delivery Service reports. Log User-Agent Header to obtain detailed information in the Traffic by Browser and OS report."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to monitoring and reporting. This gives you additional visibility into your traffic and audiences."
}

+ 99
- 0
andres-master/terraform/property-snippets/increase_availability.json 查看文件

@@ -0,0 +1,99 @@
{
"name": "Increase availability",
"children": [
{
"name": "Simulate failover",
"children": [],
"behaviors": [
{
"name": "breakConnection",
"options": {
"enabled": true
}
}
],
"criteria": [
{
"name": "contentDeliveryNetwork",
"options": {
"matchOperator": "IS",
"network": "STAGING"
}
},
{
"name": "requestHeader",
"options": {
"headerName": "breakconnection",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"Your-Secret-Here"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Simulate an origin connection problem and test the site failover configuration on the CDN staging network."
},
{
"name": "Site failover",
"children": [],
"behaviors": [
{
"name": "failAction",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "originTimeout",
"options": {
"matchOperator": "ORIGIN_TIMED_OUT"
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Specify how edge servers respond when the origin is not available."
},
{
"name": "Origin health",
"children": [],
"behaviors": [
{
"name": "healthDetection",
"options": {
"maximumReconnects": 3,
"retryCount": 3,
"retryInterval": "10s"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Monitor the health of your origin by tracking unsuccessful IP connection attempts."
},
{
"name": "Script management",
"children": [],
"behaviors": [
{
"name": "scriptManagement",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Enable Script Management to minimize performance and availability impacts from third-party JavaScripts."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control how to respond when your origin or third parties are slow or even down to minimize the negative impact on user experience."
}

terraform/property-snippets/main.json → andres-master/terraform/property-snippets/main.json 查看文件


+ 58
- 0
andres-master/terraform/property-snippets/minimize_payload.json 查看文件

@@ -0,0 +1,58 @@
{
"name": "Minimize payload",
"children": [
{
"name": "Compressible objects",
"children": [],
"behaviors": [
{
"name": "gzipResponse",
"options": {
"behavior": "ALWAYS"
}
}
],
"criteria": [
{
"name": "contentType",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"matchWildcard": true,
"values": [
"application/*javascript*",
"application/*json*",
"application/*xml*",
"application/text*",
"application/vnd-ms-fontobject",
"application/vnd.microsoft.icon",
"application/x-font-opentype",
"application/x-font-truetype",
"application/x-font-ttf",
"application/xmlfont/eot",
"font/eot",
"font/opentype",
"font/otf",
"image/svg+xml",
"image/vnd.microsoft.icon",
"image/x-icon",
"text/*",
"application/octet-stream*",
"application/x-font-eot*",
"font/ttf",
"application/font-ttf",
"application/font-sfnt",
"application/x-tgif"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Serve gzip compressed content for text-based formats."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that reduce the size of the delivered content and decrease the number of bytes sent by your properties. This allows you to cut down the network overhead of your website or API."
}

+ 398
- 0
andres-master/terraform/property-snippets/offload_origin.json 查看文件

@@ -0,0 +1,398 @@
{
"name": "Offload origin",
"children": [
{
"name": "CSS and JavaScript",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"css",
"js"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for CSS and JavaScript"
},
{
"name": "Fonts",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"eot",
"woff",
"woff2",
"otf",
"ttf"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for fonts."
},
{
"name": "Images",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "30d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"jpg",
"jpeg",
"png",
"gif",
"webp",
"jp2",
"ico",
"svg",
"svgz"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for images."
},
{
"name": "Files",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"pdf",
"doc",
"docx",
"odt"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for files. Files containing Personal Identified Information (PII) should require Edge authentication or not be cached at all."
},
{
"name": "Other static objects",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "MAX_AGE",
"mustRevalidate": false,
"ttl": "7d"
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"aif",
"aiff",
"au",
"avi",
"bin",
"bmp",
"cab",
"carb",
"cct",
"cdf",
"class",
"dcr",
"dtd",
"exe",
"flv",
"gcf",
"gff",
"grv",
"hdml",
"hqx",
"ini",
"mov",
"mp3",
"nc",
"pct",
"ppc",
"pws",
"swa",
"swf",
"txt",
"vbs",
"w32",
"wav",
"midi",
"wbmp",
"wml",
"wmlc",
"wmls",
"wmlsc",
"xsd",
"zip",
"pict",
"tif",
"tiff",
"mid",
"jxr",
"jar"
]
}
}
],
"criteriaMustSatisfy": "any",
"comments": "Override the default caching behavior for other static objects."
},
{
"name": "HTML pages",
"children": [],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "IGNORE",
"exactMatch": true,
"parameters": [
"gclid",
"fbclid",
"utm_source",
"utm_campaign",
"utm_medium",
"utm_content"
]
}
}
],
"criteria": [
{
"name": "fileExtension",
"options": {
"matchCaseSensitive": false,
"matchOperator": "IS_ONE_OF",
"values": [
"html",
"htm",
"php",
"jsp",
"aspx",
"EMPTY_STRING"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Override the default caching behavior for HTML pages cached on edge servers."
},
{
"name": "Redirects",
"children": [],
"behaviors": [
{
"name": "cacheRedirect",
"options": {
"enabled": "false"
}
},
{
"name": "chaseRedirects",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Configure caching for HTTP redirects. The redirect is cached for the same TTL as a 200 HTTP response when this feature is enabled."
},
{
"name": "POST responses",
"children": [],
"behaviors": [
{
"name": "cachePost",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Define when HTTP POST requests should be cached. You should enable it under a criteria match."
},
{
"name": "GraphQL",
"children": [],
"behaviors": [
{
"name": "graphqlCaching",
"options": {
"enabled": false
}
}
],
"criteria": [
{
"name": "path",
"options": {
"matchCaseSensitive": false,
"matchOperator": "MATCHES_ONE_OF",
"normalize": false,
"values": [
"/graphql"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Define when your GraphQL queries should be cached."
},
{
"name": "Uncacheable objects",
"children": [],
"behaviors": [
{
"name": "downstreamCache",
"options": {
"behavior": "BUST"
}
}
],
"criteria": [
{
"name": "cacheability",
"options": {
"matchOperator": "IS_NOT",
"value": "CACHEABLE"
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Configure the default client caching behavior for uncacheable content at the edge."
}
],
"behaviors": [
{
"name": "caching",
"options": {
"behavior": "NO_STORE"
}
},
{
"name": "tieredDistribution",
"options": {
"enabled": true
}
},
{
"name": "validateEntityTag",
"options": {
"enabled": false
}
},
{
"name": "removeVary",
"options": {
"enabled": false
}
},
{
"name": "cacheError",
"options": {
"enabled": true,
"preserveStale": true,
"ttl": "10s"
}
},
{
"name": "cacheKeyQueryParams",
"options": {
"behavior": "INCLUDE_ALL_ALPHABETIZE_ORDER"
}
},
{
"name": "prefreshCache",
"options": {
"enabled": true,
"prefreshval": 90
}
},
{
"name": "downstreamCache",
"options": {
"allowBehavior": "LESSER",
"behavior": "ALLOW",
"sendHeaders": "CACHE_CONTROL",
"sendPrivate": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings related to caching content at the edge and in the browser. As a result, fewer requests go to your origin, fewer bytes leave your data centers, and your assets are closer to your users."
}

+ 170
- 0
andres-master/terraform/property-snippets/strengthen_security.json 查看文件

@@ -0,0 +1,170 @@
{
"name": "Strengthen security",
"children": [
{
"name": "Allowed methods",
"children": [
{
"name": "POST",
"children": [],
"behaviors": [
{
"name": "allowPost",
"options": {
"allowWithoutContentLength": false,
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the POST HTTP request method."
},
{
"name": "OPTIONS",
"children": [],
"behaviors": [
{
"name": "allowOptions",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the OPTIONS HTTP request method."
},
{
"name": "PUT",
"children": [],
"behaviors": [
{
"name": "allowPut",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PUT HTTP request method."
},
{
"name": "DELETE",
"children": [],
"behaviors": [
{
"name": "allowDelete",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the DELETE HTTP request method."
},
{
"name": "PATCH",
"children": [],
"behaviors": [
{
"name": "allowPatch",
"options": {
"enabled": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow use of the PATCH HTTP request method."
}
],
"behaviors": [
{
"name": "allHttpInCacheHierarchy",
"options": {
"enabled": true
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Allow the use of HTTP methods. Consider enabling additional methods under a path match for increased origin security."
},
{
"name": "Obfuscate debug info",
"children": [],
"behaviors": [
{
"name": "cacheTagVisible",
"options": {
"behavior": "PRAGMA_HEADER"
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains the Pragma debug header."
},
{
"name": "Obfuscate backend info",
"children": [],
"behaviors": [
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "X-Powered-By",
"standardDeleteHeaderName": "OTHER"
}
},
{
"name": "modifyOutgoingResponseHeader",
"options": {
"action": "DELETE",
"customHeaderName": "Server",
"standardDeleteHeaderName": "OTHER"
}
}
],
"criteria": [
{
"name": "requestHeader",
"options": {
"headerName": "X-Akamai-Debug",
"matchCaseSensitiveValue": true,
"matchOperator": "IS_NOT_ONE_OF",
"matchWildcardName": false,
"matchWildcardValue": false,
"values": [
"true"
]
}
}
],
"criteriaMustSatisfy": "all",
"comments": "Do not expose back-end information unless the request contains an additional secret header. Regularly change the criteria to use a specific unique value for the secret header."
},
{
"name": "HSTS",
"children": [],
"behaviors": [
{
"name": "httpStrictTransportSecurity",
"options": {
"enable": false
}
}
],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Require all browsers to connect to your site using HTTPS."
}
],
"behaviors": [],
"criteria": [],
"criteriaMustSatisfy": "all",
"comments": "Control the settings that minimize the information your website shares with clients and malicious entities to reduce your exposure to threats."
}

terraform/vars.tf → andres-master/terraform/vars.tf 查看文件


+ 12
- 0
andres-master/terraform/vars.tfvars.dst 查看文件

@@ -0,0 +1,12 @@
edgerc = "~/.edgerc"
section = ""
contract_id = ""
group_id = ""
origin = ""
cpcode =00000
secure = true
network= "STAGING"
hostname= ""
edge_hostname = ""
program="devops"
prefix=""

Write Preview
Loading…
取消
儲存