- Resource: EdgeCacheOrigin
- Protocol
- RetryConditions
- Timeout
- AWSV4Signature
- OriginOverrideAction
- OriginUrlRewrite
- OriginHeaderAction
- AddHeader
- OriginRedirect
- RedirectConditions
- FlexShieldingOptions
- FlexShieldingRegion
- Methods
Resource: EdgeCacheOrigin
Represents an HTTP-reachable backend for an EdgeCacheService
resource.
| JSON representation |
|---|
{ "name" : string , "createTime" : string , "updateTime" : string , "description" : string , "labels" : { string : string , ... } , "originAddress" : string , "protocol" : enum ( |
name
string
Required. The name of the resource as provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z]([a-zA-Z0-9_-])*
, which means that the first character must be a letter, and all following characters must be a dash, an underscore, a letter, or a digit.
createTime
string (
Timestamp
format)
Output only. The creation timestamp in RFC3339 text format.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z"
and "2014-10-02T15:01:23.045123456Z"
.
updateTime
string (
Timestamp
format)
Output only. The update timestamp in RFC3339 text format.
A timestamp in RFC3339 UTC "Zulu" format, with nanosecond resolution and up to nine fractional digits. Examples: "2014-10-02T15:01:23Z"
and "2014-10-02T15:01:23.045123456Z"
.
description
string
Optional. A human-readable description of the resource.
labels
map (key: string, value: string)
Optional. A set of label tags associated with the EdgeCacheOrigin
resource.
An object containing a list of "key": value
pairs. Example: { "name": "wrench", "mass": "1.3kg", "count": "3" }
.
originAddress
string
Required. A fully qualified domain name (FQDN), an IPv4 or IPv6 address reachable over the public internet, or the address of a Google Cloud Storage bucket.
This address is used as the origin for cache requests. The following are example origins:
- FQDN:
media-backend.example.com - IPv4:
35.218.1.1 - IPv6:
2607:f8b0:4012:809::200e - Google Cloud Storage:
gs://bucketnameorbucketname.storage.googleapis.com
The following limitations apply to fully-qualified domain names:
- They must be resolvable through public DNS.
- They must not contain a protocol (such as
https://). - They must not contain any slashes.
When providing an IP address, it must be publicly routable. IPv6 addresses must not be enclosed in square brackets.
protocol
enum (
Protocol
)
Optional. The protocol to use to connect to the configured origin. Defaults to HTTP2, which is strongly recommended for both security and performance.
When using HTTP2 or HTTPS as the protocol, a valid, publicly-signed, unexpired TLS (SSL) certificate must be presented by the origin server.
port
integer
Optional. The port to connect to the origin on. Defaults to port 443for HTTP2 and HTTPS protocols and port 80for HTTP.
maxAttempts
integer
Optional. The maximum number of attempts to cache fill from this origin. Another attempt is made when a cache fill fails with one of the retryConditions
or following a redirect response matching one of the [originRedirect.redirect_conditions][].
Once the maximum attempts to this origin have failed, the failover origin][], if specified, is used. The failover origin can have its own maxAttempts
, retryConditions
, redirectConditions
, and failoverOrigin
values to control its cache fill failures.
The total number of allowed attempts to cache fill across this and failover origins is limited to four. The total time allowed for cache fill attempts across this and failover origins can be controlled with maxAttemptsTimeout
.
The last valid, non-retried response from all origins is returned to the client. If no origin returns a valid response, an HTTP 502
error is returned to the client.
Defaults to 1. Must be a value greater than 0 and less than 5.
failoverOrigin
string
Optional. The EdgeCacheOrigin
resource to try when the current origin cannot be reached. After maxAttempts
is reached, the configured failoverOrigin
is used to fulfil the request.
The following are both valid paths to an EdgeCacheOrigin
resource:
-
projects/my-project/locations/global/edgeCacheOrigins/my-origin -
my-origin
The value of [maxAttemptsTimeout][] dictates the timeout across all origins.
retryConditions[]
enum (
RetryConditions
)
Optional. Specifies one or more retry conditions for the configured origin.
If the failure mode during a connection attempt to the origin matches the configured retryConditions
values, the origin request retries up to maxAttempts
times. The [failover origin][], if configured, is then used to satisfy the request.
The default retryConditions
value is CONNECT_FAILURE
.
retryConditions
values apply to this origin, and not to subsequent failover origins, which can specify their own retryConditions
and maxAttempts
values.
For a list of valid values, see RetryConditions
.
timeout
object (
Timeout
)
Optional. The connection and HTTP timeout configuration for this origin.
awsV4Authentication
object (
AWSV4Signature
)
Optional. Enable AWS Signature Version 4 origin authentication.
originOverrideAction
object (
OriginOverrideAction
)
Optional. The override actions, including URL rewrites and header additions, for requests that use this origin.
originRedirect
object (
OriginRedirect
)
Optional. Follow redirects from this origin.
flexShielding
object (
FlexShieldingOptions
)
Optional. The flexible shielding options to be used for all routes to this origin.
If not set, defaults to a global caching layer in front of the origin.
Protocol
The HTTP protocol to use for connecting to the origin.
| Enums | |
|---|---|
PROTOCOL_UNSPECIFIED
|
Unspecified value. Defaults to HTTP2. |
HTTP2
|
The HTTP/2 protocol. HTTP/2 refers to "h2", which requires TLS (HTTPS). Requires a valid (public and unexpired) TLS certificate present on the origin. |
HTTPS
|
HTTP/1.1 with TLS (SSL). Requires a valid (public and unexpired) TLS certificate present on the origin. |
HTTP
|
HTTP without TLS (SSL). This is not recommended, because communication outside of Google's network is unencrypted to the public endpoint (origin). |
RetryConditions
One or more retry conditions for the configured origin.
| Enums | |
|---|---|
RETRY_CONDITIONS_UNSPECIFIED
|
Unspecified |
CONNECT_FAILURE
|
Retry on failures connecting to origins include routing, DNS and TLS handshake errors, and TCP/UDP timeouts. |
HTTP_5XX
|
Retry if the origin responds with any HTTP 5xx
response code. |
GATEWAY_ERROR
|
Similar to 5xx
, but only applies to HTTP response codes 502
, 503
, or 504
. |
RETRIABLE_4XX
|
Retry for retriable 4xx
response codes, which include HTTP 409 (Conflict)
and HTTP 429 (Too Many Requests)
. |
NOT_FOUND
|
Retry if the origin returns an HTTP 404 (Not Found)
error. This can be useful when generating video content when the segment is not yet available. |
FORBIDDEN
|
Retry if the origin returns an HTTP 403 (Forbidden)
error. This can be useful for origins that return 403
(instead of 404
) for missing content for security reasons. |
Timeout
The timeout configuration for this origin.
| JSON representation |
|---|
{ "connectTimeout" : string , "maxAttemptsTimeout" : string , "responseTimeout" : string , "readTimeout" : string } |
| Fields | |
|---|---|
connectTimeout
|
Optional. The maximum duration to wait for a single origin connection to be established, including DNS lookup, TLS handshake, and TCP/QUIC connection establishment. Defaults to 5 seconds. The timeout must be a value between 1s and 15s. The A duration in seconds with up to nine fractional digits, ending with ' |
maxAttemptsTimeout
|
Optional. The maximum time across all connection attempts to all origins, including failover origins, before returning an error to the client. An Defaults to 15 seconds. The timeout must be a value between 1s and 30s. If a [failover origin][] is specified, the A duration in seconds with up to nine fractional digits, ending with ' |
responseTimeout
|
Optional. The maximum duration to wait for the last byte of a response to arrive when reading from the HTTP connection/stream. Defaults to 30 seconds. The timeout must be a value between 1s and 120s. The Origins that take longer to write additional bytes to the response than the configured If the response headers have already been written to the connection, the response is truncated and logged. A duration in seconds with up to nine fractional digits, ending with ' |
readTimeout
|
Optional. The maximum duration to wait between reads of a single HTTP connection or stream. Defaults to 15 seconds. The timeout must be a value between 1s and 30s. The If the response headers have already been written to the connection, the response is truncated and logged. A duration in seconds with up to nine fractional digits, ending with ' |
AWSV4Signature
The configuration needed to generate an AWS V4 Signature
| JSON representation |
|---|
{ "accessKeyId" : string , "secretAccessKeyVersion" : string , "originRegion" : string } |
| Fields | |
|---|---|
accessKeyId
|
Required. The access key ID that your origin uses to identify the key. |
secretAccessKeyVersion
|
Required. The Secret Manager secret version of the secret access key used by your origin. This is the resource name of the secret version in the format |
originRegion
|
Required. The name of the AWS region that your origin is in. |
OriginOverrideAction
Defines how requests and responses can be manipulated on cache fill to this origin.
| JSON representation |
|---|
{ "urlRewrite" : { object ( |
| Fields | |
|---|---|
urlRewrite
|
Optional. The URL rewrite configuration for requests that are handled by this origin. |
headerAction
|
Optional. The header actions, including adding and removing headers, for requests handled by this origin. |
OriginUrlRewrite
The URL rewrite configuration for a given request handled by this origin.
| JSON representation |
|---|
{ "hostRewrite" : string } |
| Fields | |
|---|---|
hostRewrite
|
Optional. Before forwarding the request to the selected origin, the request's The host value must be between 1 and 255 characters. |
OriginHeaderAction
Defines the addition and removal of HTTP headers for requests/responses.
| JSON representation |
|---|
{
"requestHeadersToAdd"
:
[
{
object (
|
| Fields | |
|---|---|
requestHeadersToAdd[]
|
Optional. A header to add. You can add a maximum of 25 request headers. |
AddHeader
Describes a header to add.
| JSON representation |
|---|
{ "headerName" : string , "headerValue" : string , "replace" : boolean } |
| Fields | |
|---|---|
headerName
|
Required. The name of the header to add. |
headerValue
|
Required. The value of the header to add. |
replace
|
Optional. Specifies whether to replace all existing headers with the same name. By default, added header values are appended to the response or request headers with the same field names. The added values are separated by commas. To overwrite existing values, set |
OriginRedirect
The options for following redirects from the origin.
| JSON representation |
|---|
{
"redirectConditions"
:
[
enum (
|
| Fields | |
|---|---|
redirectConditions[]
|
Optional. The set of HTTP redirect response codes that the CDN follows. |
RedirectConditions
The HTTP status codes that cause the CDN to follow redirects.
| Enums | |
|---|---|
REDIRECT_CONDITIONS_UNSPECIFIED
|
It is an error to specify REDIRECT_CONDITIONS_UNSPECIFIED
. |
MOVED_PERMANENTLY
|
Follow redirect on an HTTP 301
error. |
FOUND
|
Follow redirect on an HTTP 302
error. |
SEE_OTHER
|
Follow redirect on an HTTP 303
error. |
TEMPORARY_REDIRECT
|
Follow redirect on an HTTP 307
error. |
PERMANENT_REDIRECT
|
Follow redirect on an HTTP 308
error. |
FlexShieldingOptions
Defines the caching layer to use in front of the origin.
| JSON representation |
|---|
{
"flexShieldingRegions"
:
[
enum (
|
| Fields | |
|---|---|
flexShieldingRegions[]
|
Optional. Content is fetched from the origin and cached in or near the specified region. Specify exactly one flexible shielding region. |
FlexShieldingRegion
Available regions for flexible shielding caching layer.
| Enums | |
|---|---|
FLEX_SHIELDING_REGION_UNSPECIFIED
|
This value indicates an error due to a region not being specified. |
AFRICA_SOUTH1
|
Content is fetched from an origin or cache near africa-south1
. |
ME_CENTRAL1
|
Content is fetched from an origin or cache near me-central1
. |
Methods |
|
|---|---|
|
Creates a new EdgeCacheOrigin in a given project and location. |
|
Deletes a single EdgeCacheOrigin. |
|
Gets details of a single EdgeCacheOrigin. |
|
Gets the access control policy for a resource. |
|
Lists EdgeCacheOrigins in a given project and location. |
|
Updates the parameters of a single EdgeCacheOrigin. |
|
Sets the access control policy on the specified resource. |
|
Returns permissions that a caller has on the specified resource. |
