Docs Home
ibm 1.77.1 published on Monday, Apr 14, 2025 by ibm-cloud
ibm.CisDomainSettings
Explore with Pulumi AI
Customize the IBM Cloud Internet Services domain settings. For more information, about Internet Services domain settings, see adding domains to your CIS instance.
Example Usage
1
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const testDomainSettings = new ibm.CisDomainSettings("testDomainSettings", {
cisId: data.ibm_cis.cis.id,
domainId: data.ibm_cis_domain.cis_domain.domain_id,
dnssec: "disabled",
waf: "off",
ssl: "flexible",
minTlsVersion: "1.2",
cnameFlattening: "flatten_all",
opportunisticEncryption: "off",
automaticHttpsRewrites: "on",
alwaysUseHttps: "off",
ipv6: "off",
browserCheck: "off",
hotlinkProtection: "off",
http2: "on",
imageLoadOptimization: "off",
imageSizeOptimization: "lossless",
ipGeolocation: "off",
originErrorPagePassThru: "off",
brotli: "off",
pseudoIpv4: "off",
prefetchPreload: "off",
responseBuffering: "off",
scriptLoadOptimization: "off",
serverSideExclude: "off",
tlsClientAuth: "off",
trueClientIpHeader: "off",
websockets: "off",
challengeTtl: 31536000,
maxUpload: 300,
ciphers: ["AES128-SHA256"],
originMaxHttpVersion: "1",
originPostQuantumEncryption: "off",
proxyReadTimeout: 5500,
minify: {
css: "off",
js: "off",
html: "off",
},
securityHeader: {
enabled: false,
includeSubdomains: false,
maxAge: 0,
nosniff: false,
preload: false,
},
mobileRedirect: {
status: "on",
mobileSubdomain: "m.domain.com",
stripUri: true,
},
});
const test = new ibm.CisDomainSettings("test", {
cisId: ibm_cis.instance.id,
domainId: ibm_cis_domain.example.id,
waf: "on",
ssl: "full",
minTlsVersion: "1.2",
originMaxHttpVersion: "2",
originPostQuantumEncryption: "supported",
proxyReadTimeout: 5500,
});
import pulumi
import pulumi_ibm as ibm
test_domain_settings = ibm.CisDomainSettings("testDomainSettings",
cis_id=data["ibm_cis"]["cis"]["id"],
domain_id=data["ibm_cis_domain"]["cis_domain"]["domain_id"],
dnssec="disabled",
waf="off",
ssl="flexible",
min_tls_version="1.2",
cname_flattening="flatten_all",
opportunistic_encryption="off",
automatic_https_rewrites="on",
always_use_https="off",
ipv6="off",
browser_check="off",
hotlink_protection="off",
http2="on",
image_load_optimization="off",
image_size_optimization="lossless",
ip_geolocation="off",
origin_error_page_pass_thru="off",
brotli="off",
pseudo_ipv4="off",
prefetch_preload="off",
response_buffering="off",
script_load_optimization="off",
server_side_exclude="off",
tls_client_auth="off",
true_client_ip_header="off",
websockets="off",
challenge_ttl=31536000,
max_upload=300,
ciphers=["AES128-SHA256"],
origin_max_http_version="1",
origin_post_quantum_encryption="off",
proxy_read_timeout=5500,
minify={
"css": "off",
"js": "off",
"html": "off",
},
security_header={
"enabled": False,
"include_subdomains": False,
"max_age": 0,
"nosniff": False,
"preload": False,
},
mobile_redirect={
"status": "on",
"mobile_subdomain": "m.domain.com",
"strip_uri": True,
})
test = ibm.CisDomainSettings("test",
cis_id=ibm_cis["instance"]["id"],
domain_id=ibm_cis_domain["example"]["id"],
waf="on",
ssl="full",
min_tls_version="1.2",
origin_max_http_version="2",
origin_post_quantum_encryption="supported",
proxy_read_timeout=5500)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ibm.NewCisDomainSettings(ctx, "testDomainSettings", &ibm.CisDomainSettingsArgs{
CisId: pulumi.Any(data.Ibm_cis.Cis.Id),
DomainId: pulumi.Any(data.Ibm_cis_domain.Cis_domain.Domain_id),
Dnssec: pulumi.String("disabled"),
Waf: pulumi.String("off"),
Ssl: pulumi.String("flexible"),
MinTlsVersion: pulumi.String("1.2"),
CnameFlattening: pulumi.String("flatten_all"),
OpportunisticEncryption: pulumi.String("off"),
AutomaticHttpsRewrites: pulumi.String("on"),
AlwaysUseHttps: pulumi.String("off"),
Ipv6: pulumi.String("off"),
BrowserCheck: pulumi.String("off"),
HotlinkProtection: pulumi.String("off"),
Http2: pulumi.String("on"),
ImageLoadOptimization: pulumi.String("off"),
ImageSizeOptimization: pulumi.String("lossless"),
IpGeolocation: pulumi.String("off"),
OriginErrorPagePassThru: pulumi.String("off"),
Brotli: pulumi.String("off"),
PseudoIpv4: pulumi.String("off"),
PrefetchPreload: pulumi.String("off"),
ResponseBuffering: pulumi.String("off"),
ScriptLoadOptimization: pulumi.String("off"),
ServerSideExclude: pulumi.String("off"),
TlsClientAuth: pulumi.String("off"),
TrueClientIpHeader: pulumi.String("off"),
Websockets: pulumi.String("off"),
ChallengeTtl: pulumi.Float64(31536000),
MaxUpload: pulumi.Float64(300),
Ciphers: pulumi.StringArray{
pulumi.String("AES128-SHA256"),
},
OriginMaxHttpVersion: pulumi.String("1"),
OriginPostQuantumEncryption: pulumi.String("off"),
ProxyReadTimeout: pulumi.Float64(5500),
Minify: &ibm.CisDomainSettingsMinifyArgs{
Css: pulumi.String("off"),
Js: pulumi.String("off"),
Html: pulumi.String("off"),
},
SecurityHeader: &ibm.CisDomainSettingsSecurityHeaderArgs{
Enabled: pulumi.Bool(false),
IncludeSubdomains: pulumi.Bool(false),
MaxAge: pulumi.Float64(0),
Nosniff: pulumi.Bool(false),
Preload: pulumi.Bool(false),
},
MobileRedirect: &ibm.CisDomainSettingsMobileRedirectArgs{
Status: pulumi.String("on"),
MobileSubdomain: pulumi.String("m.domain.com"),
StripUri: pulumi.Bool(true),
},
})
if err != nil {
return err
}
_, err = ibm.NewCisDomainSettings(ctx, "test", &ibm.CisDomainSettingsArgs{
CisId: pulumi.Any(ibm_cis.Instance.Id),
DomainId: pulumi.Any(ibm_cis_domain.Example.Id),
Waf: pulumi.String("on"),
Ssl: pulumi.String("full"),
MinTlsVersion: pulumi.String("1.2"),
OriginMaxHttpVersion: pulumi.String("2"),
OriginPostQuantumEncryption: pulumi.String("supported"),
ProxyReadTimeout: pulumi.Float64(5500),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var testDomainSettings = new Ibm.CisDomainSettings("testDomainSettings", new()
{
CisId = data.Ibm_cis.Cis.Id,
DomainId = data.Ibm_cis_domain.Cis_domain.Domain_id,
Dnssec = "disabled",
Waf = "off",
Ssl = "flexible",
MinTlsVersion = "1.2",
CnameFlattening = "flatten_all",
OpportunisticEncryption = "off",
AutomaticHttpsRewrites = "on",
AlwaysUseHttps = "off",
Ipv6 = "off",
BrowserCheck = "off",
HotlinkProtection = "off",
Http2 = "on",
ImageLoadOptimization = "off",
ImageSizeOptimization = "lossless",
IpGeolocation = "off",
OriginErrorPagePassThru = "off",
Brotli = "off",
PseudoIpv4 = "off",
PrefetchPreload = "off",
ResponseBuffering = "off",
ScriptLoadOptimization = "off",
ServerSideExclude = "off",
TlsClientAuth = "off",
TrueClientIpHeader = "off",
Websockets = "off",
ChallengeTtl = 31536000,
MaxUpload = 300,
Ciphers = new[]
{
"AES128-SHA256",
},
OriginMaxHttpVersion = "1",
OriginPostQuantumEncryption = "off",
ProxyReadTimeout = 5500,
Minify = new Ibm.Inputs.CisDomainSettingsMinifyArgs
{
Css = "off",
Js = "off",
Html = "off",
},
SecurityHeader = new Ibm.Inputs.CisDomainSettingsSecurityHeaderArgs
{
Enabled = false,
IncludeSubdomains = false,
MaxAge = 0,
Nosniff = false,
Preload = false,
},
MobileRedirect = new Ibm.Inputs.CisDomainSettingsMobileRedirectArgs
{
Status = "on",
MobileSubdomain = "m.domain.com",
StripUri = true,
},
});
var test = new Ibm.CisDomainSettings("test", new()
{
CisId = ibm_cis.Instance.Id,
DomainId = ibm_cis_domain.Example.Id,
Waf = "on",
Ssl = "full",
MinTlsVersion = "1.2",
OriginMaxHttpVersion = "2",
OriginPostQuantumEncryption = "supported",
ProxyReadTimeout = 5500,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.CisDomainSettings;
import com.pulumi.ibm.CisDomainSettingsArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMinifyArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsSecurityHeaderArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMobileRedirectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testDomainSettings = new CisDomainSettings("testDomainSettings", CisDomainSettingsArgs.builder()
.cisId(data.ibm_cis().cis().id())
.domainId(data.ibm_cis_domain().cis_domain().domain_id())
.dnssec("disabled")
.waf("off")
.ssl("flexible")
.minTlsVersion("1.2")
.cnameFlattening("flatten_all")
.opportunisticEncryption("off")
.automaticHttpsRewrites("on")
.alwaysUseHttps("off")
.ipv6("off")
.browserCheck("off")
.hotlinkProtection("off")
.http2("on")
.imageLoadOptimization("off")
.imageSizeOptimization("lossless")
.ipGeolocation("off")
.originErrorPagePassThru("off")
.brotli("off")
.pseudoIpv4("off")
.prefetchPreload("off")
.responseBuffering("off")
.scriptLoadOptimization("off")
.serverSideExclude("off")
.tlsClientAuth("off")
.trueClientIpHeader("off")
.websockets("off")
.challengeTtl(31536000)
.maxUpload(300)
.ciphers("AES128-SHA256")
.originMaxHttpVersion("1")
.originPostQuantumEncryption("off")
.proxyReadTimeout(5500)
.minify(CisDomainSettingsMinifyArgs.builder()
.css("off")
.js("off")
.html("off")
.build())
.securityHeader(CisDomainSettingsSecurityHeaderArgs.builder()
.enabled(false)
.includeSubdomains(false)
.maxAge(0)
.nosniff(false)
.preload(false)
.build())
.mobileRedirect(CisDomainSettingsMobileRedirectArgs.builder()
.status("on")
.mobileSubdomain("m.domain.com")
.stripUri(true)
.build())
.build());
var test = new CisDomainSettings("test", CisDomainSettingsArgs.builder()
.cisId(ibm_cis.instance().id())
.domainId(ibm_cis_domain.example().id())
.waf("on")
.ssl("full")
.minTlsVersion("1.2")
.originMaxHttpVersion("2")
.originPostQuantumEncryption("supported")
.proxyReadTimeout(5500)
.build());
}
}
resources:
testDomainSettings:
type: ibm:CisDomainSettings
properties:
cisId: ${data.ibm_cis.cis.id}
domainId: ${data.ibm_cis_domain.cis_domain.domain_id}
dnssec: disabled
waf: off
ssl: flexible
minTlsVersion: '1.2'
cnameFlattening: flatten_all
opportunisticEncryption: off
automaticHttpsRewrites: on
alwaysUseHttps: off
ipv6: off
browserCheck: off
hotlinkProtection: off
http2: on
imageLoadOptimization: off
imageSizeOptimization: lossless
ipGeolocation: off
originErrorPagePassThru: off
brotli: off
pseudoIpv4: off
prefetchPreload: off
responseBuffering: off
scriptLoadOptimization: off
serverSideExclude: off
tlsClientAuth: off
trueClientIpHeader: off
websockets: off
challengeTtl: 3.1536e+07
maxUpload: 300
ciphers:
- AES128-SHA256
originMaxHttpVersion: '1'
originPostQuantumEncryption: off
proxyReadTimeout: 5500
minify:
css: off
js: off
html: off
securityHeader:
enabled: false
includeSubdomains: false
maxAge: 0
nosniff: false
preload: false
mobileRedirect:
status: on
mobileSubdomain: m.domain.com
stripUri: true
test:
type: ibm:CisDomainSettings
properties:
cisId: ${ibm_cis.instance.id}
domainId: ${ibm_cis_domain.example.id}
waf: on
ssl: full
minTlsVersion: '1.2'
originMaxHttpVersion: '2'
originPostQuantumEncryption: supported
proxyReadTimeout: 5500
2 : For TLS V1.3
import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";
const testDomainSettings = new ibm.CisDomainSettings("testDomainSettings", {
cisId: data.ibm_cis.cis.id,
domainId: data.ibm_cis_domain.cis_domain.domain_id,
dnssec: "disabled",
waf: "off",
ssl: "flexible",
minTlsVersion: "1.2",
cnameFlattening: "flatten_all",
opportunisticEncryption: "off",
automaticHttpsRewrites: "on",
alwaysUseHttps: "off",
ipv6: "off",
browserCheck: "off",
hotlinkProtection: "off",
http2: "on",
imageLoadOptimization: "off",
imageSizeOptimization: "lossless",
ipGeolocation: "off",
originErrorPagePassThru: "off",
brotli: "off",
pseudoIpv4: "off",
prefetchPreload: "off",
responseBuffering: "off",
scriptLoadOptimization: "off",
serverSideExclude: "off",
tlsClientAuth: "off",
trueClientIpHeader: "off",
websockets: "off",
challengeTtl: 31536000,
maxUpload: 300,
ciphers: [],
originMaxHttpVersion: "1",
originPostQuantumEncryption: "off",
proxyReadTimeout: 5500,
minify: {
css: "off",
js: "off",
html: "off",
},
securityHeader: {
enabled: false,
includeSubdomains: false,
maxAge: 0,
nosniff: false,
preload: false,
},
mobileRedirect: {
status: "on",
mobileSubdomain: "m.domain.com",
stripUri: true,
},
});
const test = new ibm.CisDomainSettings("test", {
cisId: ibm_cis.instance.id,
domainId: ibm_cis_domain.example.id,
waf: "on",
ssl: "full",
minTlsVersion: "1.3",
originMaxHttpVersion: "2",
originPostQuantumEncryption: "supported",
proxyReadTimeout: 5500,
});
import pulumi
import pulumi_ibm as ibm
test_domain_settings = ibm.CisDomainSettings("testDomainSettings",
cis_id=data["ibm_cis"]["cis"]["id"],
domain_id=data["ibm_cis_domain"]["cis_domain"]["domain_id"],
dnssec="disabled",
waf="off",
ssl="flexible",
min_tls_version="1.2",
cname_flattening="flatten_all",
opportunistic_encryption="off",
automatic_https_rewrites="on",
always_use_https="off",
ipv6="off",
browser_check="off",
hotlink_protection="off",
http2="on",
image_load_optimization="off",
image_size_optimization="lossless",
ip_geolocation="off",
origin_error_page_pass_thru="off",
brotli="off",
pseudo_ipv4="off",
prefetch_preload="off",
response_buffering="off",
script_load_optimization="off",
server_side_exclude="off",
tls_client_auth="off",
true_client_ip_header="off",
websockets="off",
challenge_ttl=31536000,
max_upload=300,
ciphers=[],
origin_max_http_version="1",
origin_post_quantum_encryption="off",
proxy_read_timeout=5500,
minify={
"css": "off",
"js": "off",
"html": "off",
},
security_header={
"enabled": False,
"include_subdomains": False,
"max_age": 0,
"nosniff": False,
"preload": False,
},
mobile_redirect={
"status": "on",
"mobile_subdomain": "m.domain.com",
"strip_uri": True,
})
test = ibm.CisDomainSettings("test",
cis_id=ibm_cis["instance"]["id"],
domain_id=ibm_cis_domain["example"]["id"],
waf="on",
ssl="full",
min_tls_version="1.3",
origin_max_http_version="2",
origin_post_quantum_encryption="supported",
proxy_read_timeout=5500)
package main
import (
"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := ibm.NewCisDomainSettings(ctx, "testDomainSettings", &ibm.CisDomainSettingsArgs{
CisId: pulumi.Any(data.Ibm_cis.Cis.Id),
DomainId: pulumi.Any(data.Ibm_cis_domain.Cis_domain.Domain_id),
Dnssec: pulumi.String("disabled"),
Waf: pulumi.String("off"),
Ssl: pulumi.String("flexible"),
MinTlsVersion: pulumi.String("1.2"),
CnameFlattening: pulumi.String("flatten_all"),
OpportunisticEncryption: pulumi.String("off"),
AutomaticHttpsRewrites: pulumi.String("on"),
AlwaysUseHttps: pulumi.String("off"),
Ipv6: pulumi.String("off"),
BrowserCheck: pulumi.String("off"),
HotlinkProtection: pulumi.String("off"),
Http2: pulumi.String("on"),
ImageLoadOptimization: pulumi.String("off"),
ImageSizeOptimization: pulumi.String("lossless"),
IpGeolocation: pulumi.String("off"),
OriginErrorPagePassThru: pulumi.String("off"),
Brotli: pulumi.String("off"),
PseudoIpv4: pulumi.String("off"),
PrefetchPreload: pulumi.String("off"),
ResponseBuffering: pulumi.String("off"),
ScriptLoadOptimization: pulumi.String("off"),
ServerSideExclude: pulumi.String("off"),
TlsClientAuth: pulumi.String("off"),
TrueClientIpHeader: pulumi.String("off"),
Websockets: pulumi.String("off"),
ChallengeTtl: pulumi.Float64(31536000),
MaxUpload: pulumi.Float64(300),
Ciphers: pulumi.StringArray{},
OriginMaxHttpVersion: pulumi.String("1"),
OriginPostQuantumEncryption: pulumi.String("off"),
ProxyReadTimeout: pulumi.Float64(5500),
Minify: &ibm.CisDomainSettingsMinifyArgs{
Css: pulumi.String("off"),
Js: pulumi.String("off"),
Html: pulumi.String("off"),
},
SecurityHeader: &ibm.CisDomainSettingsSecurityHeaderArgs{
Enabled: pulumi.Bool(false),
IncludeSubdomains: pulumi.Bool(false),
MaxAge: pulumi.Float64(0),
Nosniff: pulumi.Bool(false),
Preload: pulumi.Bool(false),
},
MobileRedirect: &ibm.CisDomainSettingsMobileRedirectArgs{
Status: pulumi.String("on"),
MobileSubdomain: pulumi.String("m.domain.com"),
StripUri: pulumi.Bool(true),
},
})
if err != nil {
return err
}
_, err = ibm.NewCisDomainSettings(ctx, "test", &ibm.CisDomainSettingsArgs{
CisId: pulumi.Any(ibm_cis.Instance.Id),
DomainId: pulumi.Any(ibm_cis_domain.Example.Id),
Waf: pulumi.String("on"),
Ssl: pulumi.String("full"),
MinTlsVersion: pulumi.String("1.3"),
OriginMaxHttpVersion: pulumi.String("2"),
OriginPostQuantumEncryption: pulumi.String("supported"),
ProxyReadTimeout: pulumi.Float64(5500),
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;
return await Deployment.RunAsync(() =>
{
var testDomainSettings = new Ibm.CisDomainSettings("testDomainSettings", new()
{
CisId = data.Ibm_cis.Cis.Id,
DomainId = data.Ibm_cis_domain.Cis_domain.Domain_id,
Dnssec = "disabled",
Waf = "off",
Ssl = "flexible",
MinTlsVersion = "1.2",
CnameFlattening = "flatten_all",
OpportunisticEncryption = "off",
AutomaticHttpsRewrites = "on",
AlwaysUseHttps = "off",
Ipv6 = "off",
BrowserCheck = "off",
HotlinkProtection = "off",
Http2 = "on",
ImageLoadOptimization = "off",
ImageSizeOptimization = "lossless",
IpGeolocation = "off",
OriginErrorPagePassThru = "off",
Brotli = "off",
PseudoIpv4 = "off",
PrefetchPreload = "off",
ResponseBuffering = "off",
ScriptLoadOptimization = "off",
ServerSideExclude = "off",
TlsClientAuth = "off",
TrueClientIpHeader = "off",
Websockets = "off",
ChallengeTtl = 31536000,
MaxUpload = 300,
Ciphers = new[] {},
OriginMaxHttpVersion = "1",
OriginPostQuantumEncryption = "off",
ProxyReadTimeout = 5500,
Minify = new Ibm.Inputs.CisDomainSettingsMinifyArgs
{
Css = "off",
Js = "off",
Html = "off",
},
SecurityHeader = new Ibm.Inputs.CisDomainSettingsSecurityHeaderArgs
{
Enabled = false,
IncludeSubdomains = false,
MaxAge = 0,
Nosniff = false,
Preload = false,
},
MobileRedirect = new Ibm.Inputs.CisDomainSettingsMobileRedirectArgs
{
Status = "on",
MobileSubdomain = "m.domain.com",
StripUri = true,
},
});
var test = new Ibm.CisDomainSettings("test", new()
{
CisId = ibm_cis.Instance.Id,
DomainId = ibm_cis_domain.Example.Id,
Waf = "on",
Ssl = "full",
MinTlsVersion = "1.3",
OriginMaxHttpVersion = "2",
OriginPostQuantumEncryption = "supported",
ProxyReadTimeout = 5500,
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.CisDomainSettings;
import com.pulumi.ibm.CisDomainSettingsArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMinifyArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsSecurityHeaderArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMobileRedirectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var testDomainSettings = new CisDomainSettings("testDomainSettings", CisDomainSettingsArgs.builder()
.cisId(data.ibm_cis().cis().id())
.domainId(data.ibm_cis_domain().cis_domain().domain_id())
.dnssec("disabled")
.waf("off")
.ssl("flexible")
.minTlsVersion("1.2")
.cnameFlattening("flatten_all")
.opportunisticEncryption("off")
.automaticHttpsRewrites("on")
.alwaysUseHttps("off")
.ipv6("off")
.browserCheck("off")
.hotlinkProtection("off")
.http2("on")
.imageLoadOptimization("off")
.imageSizeOptimization("lossless")
.ipGeolocation("off")
.originErrorPagePassThru("off")
.brotli("off")
.pseudoIpv4("off")
.prefetchPreload("off")
.responseBuffering("off")
.scriptLoadOptimization("off")
.serverSideExclude("off")
.tlsClientAuth("off")
.trueClientIpHeader("off")
.websockets("off")
.challengeTtl(31536000)
.maxUpload(300)
.ciphers()
.originMaxHttpVersion("1")
.originPostQuantumEncryption("off")
.proxyReadTimeout(5500)
.minify(CisDomainSettingsMinifyArgs.builder()
.css("off")
.js("off")
.html("off")
.build())
.securityHeader(CisDomainSettingsSecurityHeaderArgs.builder()
.enabled(false)
.includeSubdomains(false)
.maxAge(0)
.nosniff(false)
.preload(false)
.build())
.mobileRedirect(CisDomainSettingsMobileRedirectArgs.builder()
.status("on")
.mobileSubdomain("m.domain.com")
.stripUri(true)
.build())
.build());
var test = new CisDomainSettings("test", CisDomainSettingsArgs.builder()
.cisId(ibm_cis.instance().id())
.domainId(ibm_cis_domain.example().id())
.waf("on")
.ssl("full")
.minTlsVersion("1.3")
.originMaxHttpVersion("2")
.originPostQuantumEncryption("supported")
.proxyReadTimeout(5500)
.build());
}
}
resources:
testDomainSettings:
type: ibm:CisDomainSettings
properties:
cisId: ${data.ibm_cis.cis.id}
domainId: ${data.ibm_cis_domain.cis_domain.domain_id}
dnssec: disabled
waf: off
ssl: flexible
minTlsVersion: '1.2'
cnameFlattening: flatten_all
opportunisticEncryption: off
automaticHttpsRewrites: on
alwaysUseHttps: off
ipv6: off
browserCheck: off
hotlinkProtection: off
http2: on
imageLoadOptimization: off
imageSizeOptimization: lossless
ipGeolocation: off
originErrorPagePassThru: off
brotli: off
pseudoIpv4: off
prefetchPreload: off
responseBuffering: off
scriptLoadOptimization: off
serverSideExclude: off
tlsClientAuth: off
trueClientIpHeader: off
websockets: off
challengeTtl: 3.1536e+07
maxUpload: 300
ciphers: []
originMaxHttpVersion: '1'
originPostQuantumEncryption: off
proxyReadTimeout: 5500
minify:
css: off
js: off
html: off
securityHeader:
enabled: false
includeSubdomains: false
maxAge: 0
nosniff: false
preload: false
mobileRedirect:
status: on
mobileSubdomain: m.domain.com
stripUri: true
test:
type: ibm:CisDomainSettings
properties:
cisId: ${ibm_cis.instance.id}
domainId: ${ibm_cis_domain.example.id}
waf: on
ssl: full
minTlsVersion: '1.3'
originMaxHttpVersion: '2'
originPostQuantumEncryption: supported
proxyReadTimeout: 5500
Create CisDomainSettings Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new CisDomainSettings(name: string, args: CisDomainSettingsArgs, opts?: CustomResourceOptions);@overload
def CisDomainSettings(resource_name: str,
args: CisDomainSettingsArgs,
opts: Optional[ResourceOptions] = None)
@overload
def CisDomainSettings(resource_name: str,
opts: Optional[ResourceOptions] = None,
cis_id: Optional[str] = None,
domain_id: Optional[str] = None,
min_tls_version: Optional[str] = None,
minify: Optional[CisDomainSettingsMinifyArgs] = None,
challenge_ttl: Optional[float] = None,
ciphers: Optional[Sequence[str]] = None,
cis_domain_settings_id: Optional[str] = None,
brotli: Optional[str] = None,
cname_flattening: Optional[str] = None,
dnssec: Optional[str] = None,
automatic_https_rewrites: Optional[str] = None,
hotlink_protection: Optional[str] = None,
http2: Optional[str] = None,
image_load_optimization: Optional[str] = None,
image_size_optimization: Optional[str] = None,
ip_geolocation: Optional[str] = None,
ipv6: Optional[str] = None,
max_upload: Optional[float] = None,
browser_check: Optional[str] = None,
always_use_https: Optional[str] = None,
mobile_redirect: Optional[CisDomainSettingsMobileRedirectArgs] = None,
opportunistic_encryption: Optional[str] = None,
origin_error_page_pass_thru: Optional[str] = None,
origin_max_http_version: Optional[str] = None,
origin_post_quantum_encryption: Optional[str] = None,
prefetch_preload: Optional[str] = None,
proxy_read_timeout: Optional[float] = None,
pseudo_ipv4: Optional[str] = None,
response_buffering: Optional[str] = None,
script_load_optimization: Optional[str] = None,
security_header: Optional[CisDomainSettingsSecurityHeaderArgs] = None,
server_side_exclude: Optional[str] = None,
ssl: Optional[str] = None,
tls_client_auth: Optional[str] = None,
true_client_ip_header: Optional[str] = None,
waf: Optional[str] = None,
websockets: Optional[str] = None)func NewCisDomainSettings(ctx *Context, name string, args CisDomainSettingsArgs, opts ...ResourceOption) (*CisDomainSettings, error)public CisDomainSettings(string name, CisDomainSettingsArgs args, CustomResourceOptions? opts = null)
public CisDomainSettings(String name, CisDomainSettingsArgs args)
public CisDomainSettings(String name, CisDomainSettingsArgs args, CustomResourceOptions options)
type: ibm:CisDomainSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args CisDomainSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args CisDomainSettingsArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args CisDomainSettingsArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args CisDomainSettingsArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args CisDomainSettingsArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var cisDomainSettingsResource = new Ibm.CisDomainSettings("cisDomainSettingsResource", new()
{
CisId = "string",
DomainId = "string",
MinTlsVersion = "string",
Minify = new Ibm.Inputs.CisDomainSettingsMinifyArgs
{
Css = "string",
Html = "string",
Js = "string",
},
ChallengeTtl = 0,
Ciphers = new[]
{
"string",
},
CisDomainSettingsId = "string",
Brotli = "string",
CnameFlattening = "string",
Dnssec = "string",
AutomaticHttpsRewrites = "string",
HotlinkProtection = "string",
Http2 = "string",
ImageLoadOptimization = "string",
ImageSizeOptimization = "string",
IpGeolocation = "string",
Ipv6 = "string",
MaxUpload = 0,
BrowserCheck = "string",
AlwaysUseHttps = "string",
MobileRedirect = new Ibm.Inputs.CisDomainSettingsMobileRedirectArgs
{
Status = "string",
MobileSubdomain = "string",
StripUri = false,
},
OpportunisticEncryption = "string",
OriginErrorPagePassThru = "string",
OriginMaxHttpVersion = "string",
OriginPostQuantumEncryption = "string",
PrefetchPreload = "string",
ProxyReadTimeout = 0,
PseudoIpv4 = "string",
ResponseBuffering = "string",
ScriptLoadOptimization = "string",
SecurityHeader = new Ibm.Inputs.CisDomainSettingsSecurityHeaderArgs
{
Enabled = false,
IncludeSubdomains = false,
MaxAge = 0,
Nosniff = false,
Preload = false,
},
ServerSideExclude = "string",
Ssl = "string",
TlsClientAuth = "string",
TrueClientIpHeader = "string",
Waf = "string",
Websockets = "string",
});
example, err := ibm.NewCisDomainSettings(ctx, "cisDomainSettingsResource", &ibm.CisDomainSettingsArgs{
CisId: pulumi.String("string"),
DomainId: pulumi.String("string"),
MinTlsVersion: pulumi.String("string"),
Minify: &.CisDomainSettingsMinifyArgs{
Css: pulumi.String("string"),
Html: pulumi.String("string"),
Js: pulumi.String("string"),
},
ChallengeTtl: pulumi.Float64(0),
Ciphers: pulumi.StringArray{
pulumi.String("string"),
},
CisDomainSettingsId: pulumi.String("string"),
Brotli: pulumi.String("string"),
CnameFlattening: pulumi.String("string"),
Dnssec: pulumi.String("string"),
AutomaticHttpsRewrites: pulumi.String("string"),
HotlinkProtection: pulumi.String("string"),
Http2: pulumi.String("string"),
ImageLoadOptimization: pulumi.String("string"),
ImageSizeOptimization: pulumi.String("string"),
IpGeolocation: pulumi.String("string"),
Ipv6: pulumi.String("string"),
MaxUpload: pulumi.Float64(0),
BrowserCheck: pulumi.String("string"),
AlwaysUseHttps: pulumi.String("string"),
MobileRedirect: &.CisDomainSettingsMobileRedirectArgs{
Status: pulumi.String("string"),
MobileSubdomain: pulumi.String("string"),
StripUri: pulumi.Bool(false),
},
OpportunisticEncryption: pulumi.String("string"),
OriginErrorPagePassThru: pulumi.String("string"),
OriginMaxHttpVersion: pulumi.String("string"),
OriginPostQuantumEncryption: pulumi.String("string"),
PrefetchPreload: pulumi.String("string"),
ProxyReadTimeout: pulumi.Float64(0),
PseudoIpv4: pulumi.String("string"),
ResponseBuffering: pulumi.String("string"),
ScriptLoadOptimization: pulumi.String("string"),
SecurityHeader: &.CisDomainSettingsSecurityHeaderArgs{
Enabled: pulumi.Bool(false),
IncludeSubdomains: pulumi.Bool(false),
MaxAge: pulumi.Float64(0),
Nosniff: pulumi.Bool(false),
Preload: pulumi.Bool(false),
},
ServerSideExclude: pulumi.String("string"),
Ssl: pulumi.String("string"),
TlsClientAuth: pulumi.String("string"),
TrueClientIpHeader: pulumi.String("string"),
Waf: pulumi.String("string"),
Websockets: pulumi.String("string"),
})
var cisDomainSettingsResource = new CisDomainSettings("cisDomainSettingsResource", CisDomainSettingsArgs.builder()
.cisId("string")
.domainId("string")
.minTlsVersion("string")
.minify(CisDomainSettingsMinifyArgs.builder()
.css("string")
.html("string")
.js("string")
.build())
.challengeTtl(0)
.ciphers("string")
.cisDomainSettingsId("string")
.brotli("string")
.cnameFlattening("string")
.dnssec("string")
.automaticHttpsRewrites("string")
.hotlinkProtection("string")
.http2("string")
.imageLoadOptimization("string")
.imageSizeOptimization("string")
.ipGeolocation("string")
.ipv6("string")
.maxUpload(0)
.browserCheck("string")
.alwaysUseHttps("string")
.mobileRedirect(CisDomainSettingsMobileRedirectArgs.builder()
.status("string")
.mobileSubdomain("string")
.stripUri(false)
.build())
.opportunisticEncryption("string")
.originErrorPagePassThru("string")
.originMaxHttpVersion("string")
.originPostQuantumEncryption("string")
.prefetchPreload("string")
.proxyReadTimeout(0)
.pseudoIpv4("string")
.responseBuffering("string")
.scriptLoadOptimization("string")
.securityHeader(CisDomainSettingsSecurityHeaderArgs.builder()
.enabled(false)
.includeSubdomains(false)
.maxAge(0)
.nosniff(false)
.preload(false)
.build())
.serverSideExclude("string")
.ssl("string")
.tlsClientAuth("string")
.trueClientIpHeader("string")
.waf("string")
.websockets("string")
.build());
cis_domain_settings_resource = ibm.CisDomainSettings("cisDomainSettingsResource",
cis_id="string",
domain_id="string",
min_tls_version="string",
minify={
"css": "string",
"html": "string",
"js": "string",
},
challenge_ttl=0,
ciphers=["string"],
cis_domain_settings_id="string",
brotli="string",
cname_flattening="string",
dnssec="string",
automatic_https_rewrites="string",
hotlink_protection="string",
http2="string",
image_load_optimization="string",
image_size_optimization="string",
ip_geolocation="string",
ipv6="string",
max_upload=0,
browser_check="string",
always_use_https="string",
mobile_redirect={
"status": "string",
"mobile_subdomain": "string",
"strip_uri": False,
},
opportunistic_encryption="string",
origin_error_page_pass_thru="string",
origin_max_http_version="string",
origin_post_quantum_encryption="string",
prefetch_preload="string",
proxy_read_timeout=0,
pseudo_ipv4="string",
response_buffering="string",
script_load_optimization="string",
security_header={
"enabled": False,
"include_subdomains": False,
"max_age": 0,
"nosniff": False,
"preload": False,
},
server_side_exclude="string",
ssl="string",
tls_client_auth="string",
true_client_ip_header="string",
waf="string",
websockets="string")
const cisDomainSettingsResource = new ibm.CisDomainSettings("cisDomainSettingsResource", {
cisId: "string",
domainId: "string",
minTlsVersion: "string",
minify: {
css: "string",
html: "string",
js: "string",
},
challengeTtl: 0,
ciphers: ["string"],
cisDomainSettingsId: "string",
brotli: "string",
cnameFlattening: "string",
dnssec: "string",
automaticHttpsRewrites: "string",
hotlinkProtection: "string",
http2: "string",
imageLoadOptimization: "string",
imageSizeOptimization: "string",
ipGeolocation: "string",
ipv6: "string",
maxUpload: 0,
browserCheck: "string",
alwaysUseHttps: "string",
mobileRedirect: {
status: "string",
mobileSubdomain: "string",
stripUri: false,
},
opportunisticEncryption: "string",
originErrorPagePassThru: "string",
originMaxHttpVersion: "string",
originPostQuantumEncryption: "string",
prefetchPreload: "string",
proxyReadTimeout: 0,
pseudoIpv4: "string",
responseBuffering: "string",
scriptLoadOptimization: "string",
securityHeader: {
enabled: false,
includeSubdomains: false,
maxAge: 0,
nosniff: false,
preload: false,
},
serverSideExclude: "string",
ssl: "string",
tlsClientAuth: "string",
trueClientIpHeader: "string",
waf: "string",
websockets: "string",
});
type: ibm:CisDomainSettings
properties:
alwaysUseHttps: string
automaticHttpsRewrites: string
brotli: string
browserCheck: string
challengeTtl: 0
ciphers:
- string
cisDomainSettingsId: string
cisId: string
cnameFlattening: string
dnssec: string
domainId: string
hotlinkProtection: string
http2: string
imageLoadOptimization: string
imageSizeOptimization: string
ipGeolocation: string
ipv6: string
maxUpload: 0
minTlsVersion: string
minify:
css: string
html: string
js: string
mobileRedirect:
mobileSubdomain: string
status: string
stripUri: false
opportunisticEncryption: string
originErrorPagePassThru: string
originMaxHttpVersion: string
originPostQuantumEncryption: string
prefetchPreload: string
proxyReadTimeout: 0
pseudoIpv4: string
responseBuffering: string
scriptLoadOptimization: string
securityHeader:
enabled: false
includeSubdomains: false
maxAge: 0
nosniff: false
preload: false
serverSideExclude: string
ssl: string
tlsClientAuth: string
trueClientIpHeader: string
waf: string
websockets: string
CisDomainSettings Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The CisDomainSettings resource accepts the following input properties:
- Cis
Id string - The ID of the IBM Cloud Internet Services instance.
- Domain
Id string - The ID of the domain that you want to customize.
- Always
Use stringHttps - Supported values are
offandon. - Automatic
Https stringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - Brotli string
- Supported values are
offandon. - Browser
Check string - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - Challenge
Ttl double - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - Ciphers List<string>
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - Cis
Domain stringSettings Id - Cname
Flattening string - Supported values are
flatten_at_root,flatten_all, andflatten_none. - Dnssec string
- Can set to
activeonly once. Allowed values areactive,disabled. - Hotlink
Protection string - Supported values are
offandon. - Http2 string
- Supported values are
offandon. - Image
Load stringOptimization - Supported values are
offandon. - Image
Size stringOptimization - Supported values are
lossless,off, andlossy. - Ip
Geolocation string - Supported values are
offandon. - Ipv6 string
- Supported values are
offandon. - Max
Upload double - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - Min
Tls stringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - Minify
Cis
Domain Settings Minify Minify the setting as stated.
Nested scheme for
minify:- Mobile
Redirect CisDomain Settings Mobile Redirect Mobile redirect setting.
Nested scheme for
mobile_redirect:- Opportunistic
Encryption string - Supported values are
offandon. - Origin
Error stringPage Pass Thru - Supported values are
offandon. - Origin
Max stringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - Origin
Post stringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - Prefetch
Preload string - Supported values are
offandon. - Proxy
Read doubleTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - Pseudo
Ipv4 string - Supported values are
overwrite_header,off, andadd_header. - Response
Buffering string - Supported values are
offandon. - Script
Load stringOptimization - Supported values are
offandon. - Security
Header CisDomain Settings Security Header - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- Server
Side stringExclude - Supported values are
offandon. - Ssl string
- Allowed values:
off,flexible,full,strict,origin_pull. - Tls
Client stringAuth - Supported values are
offandon. - True
Client stringIp Header - Supported values are
offandon. - Waf string
- Enable a web application firewall (WAF). Supported values are
offandon. - Websockets string
- Supported values are
offandon.
- Cis
Id string - The ID of the IBM Cloud Internet Services instance.
- Domain
Id string - The ID of the domain that you want to customize.
- Always
Use stringHttps - Supported values are
offandon. - Automatic
Https stringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - Brotli string
- Supported values are
offandon. - Browser
Check string - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - Challenge
Ttl float64 - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - Ciphers []string
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - Cis
Domain stringSettings Id - Cname
Flattening string - Supported values are
flatten_at_root,flatten_all, andflatten_none. - Dnssec string
- Can set to
activeonly once. Allowed values areactive,disabled. - Hotlink
Protection string - Supported values are
offandon. - Http2 string
- Supported values are
offandon. - Image
Load stringOptimization - Supported values are
offandon. - Image
Size stringOptimization - Supported values are
lossless,off, andlossy. - Ip
Geolocation string - Supported values are
offandon. - Ipv6 string
- Supported values are
offandon. - Max
Upload float64 - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - Min
Tls stringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - Minify
Cis
Domain Settings Minify Args Minify the setting as stated.
Nested scheme for
minify:- Mobile
Redirect CisDomain Settings Mobile Redirect Args Mobile redirect setting.
Nested scheme for
mobile_redirect:- Opportunistic
Encryption string - Supported values are
offandon. - Origin
Error stringPage Pass Thru - Supported values are
offandon. - Origin
Max stringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - Origin
Post stringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - Prefetch
Preload string - Supported values are
offandon. - Proxy
Read float64Timeout - Maximum time between two read operations from origin. Valid values are
1-6000. - Pseudo
Ipv4 string - Supported values are
overwrite_header,off, andadd_header. - Response
Buffering string - Supported values are
offandon. - Script
Load stringOptimization - Supported values are
offandon. - Security
Header CisDomain Settings Security Header Args - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- Server
Side stringExclude - Supported values are
offandon. - Ssl string
- Allowed values:
off,flexible,full,strict,origin_pull. - Tls
Client stringAuth - Supported values are
offandon. - True
Client stringIp Header - Supported values are
offandon. - Waf string
- Enable a web application firewall (WAF). Supported values are
offandon. - Websockets string
- Supported values are
offandon.
- cis
Id String - The ID of the IBM Cloud Internet Services instance.
- domain
Id String - The ID of the domain that you want to customize.
- always
Use StringHttps - Supported values are
offandon. - automatic
Https StringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli String
- Supported values are
offandon. - browser
Check String - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - challenge
Ttl Double - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers List<String>
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis
Domain StringSettings Id - cname
Flattening String - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec String
- Can set to
activeonly once. Allowed values areactive,disabled. - hotlink
Protection String - Supported values are
offandon. - http2 String
- Supported values are
offandon. - image
Load StringOptimization - Supported values are
offandon. - image
Size StringOptimization - Supported values are
lossless,off, andlossy. - ip
Geolocation String - Supported values are
offandon. - ipv6 String
- Supported values are
offandon. - max
Upload Double - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min
Tls StringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify
Cis
Domain Settings Minify Minify the setting as stated.
Nested scheme for
minify:- mobile
Redirect CisDomain Settings Mobile Redirect Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic
Encryption String - Supported values are
offandon. - origin
Error StringPage Pass Thru - Supported values are
offandon. - origin
Max StringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin
Post StringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch
Preload String - Supported values are
offandon. - proxy
Read DoubleTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo
Ipv4 String - Supported values are
overwrite_header,off, andadd_header. - response
Buffering String - Supported values are
offandon. - script
Load StringOptimization - Supported values are
offandon. - security
Header CisDomain Settings Security Header - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server
Side StringExclude - Supported values are
offandon. - ssl String
- Allowed values:
off,flexible,full,strict,origin_pull. - tls
Client StringAuth - Supported values are
offandon. - true
Client StringIp Header - Supported values are
offandon. - waf String
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets String
- Supported values are
offandon.
- cis
Id string - The ID of the IBM Cloud Internet Services instance.
- domain
Id string - The ID of the domain that you want to customize.
- always
Use stringHttps - Supported values are
offandon. - automatic
Https stringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli string
- Supported values are
offandon. - browser
Check string - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - challenge
Ttl number - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers string[]
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis
Domain stringSettings Id - cname
Flattening string - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec string
- Can set to
activeonly once. Allowed values areactive,disabled. - hotlink
Protection string - Supported values are
offandon. - http2 string
- Supported values are
offandon. - image
Load stringOptimization - Supported values are
offandon. - image
Size stringOptimization - Supported values are
lossless,off, andlossy. - ip
Geolocation string - Supported values are
offandon. - ipv6 string
- Supported values are
offandon. - max
Upload number - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min
Tls stringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify
Cis
Domain Settings Minify Minify the setting as stated.
Nested scheme for
minify:- mobile
Redirect CisDomain Settings Mobile Redirect Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic
Encryption string - Supported values are
offandon. - origin
Error stringPage Pass Thru - Supported values are
offandon. - origin
Max stringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin
Post stringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch
Preload string - Supported values are
offandon. - proxy
Read numberTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo
Ipv4 string - Supported values are
overwrite_header,off, andadd_header. - response
Buffering string - Supported values are
offandon. - script
Load stringOptimization - Supported values are
offandon. - security
Header CisDomain Settings Security Header - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server
Side stringExclude - Supported values are
offandon. - ssl string
- Allowed values:
off,flexible,full,strict,origin_pull. - tls
Client stringAuth - Supported values are
offandon. - true
Client stringIp Header - Supported values are
offandon. - waf string
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets string
- Supported values are
offandon.
- cis_
id str - The ID of the IBM Cloud Internet Services instance.
- domain_
id str - The ID of the domain that you want to customize.
- always_
use_ strhttps - Supported values are
offandon. - automatic_
https_ strrewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli str
- Supported values are
offandon. - browser_
check str - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - challenge_
ttl float - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers Sequence[str]
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis_
domain_ strsettings_ id - cname_
flattening str - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec str
- Can set to
activeonly once. Allowed values areactive,disabled. - hotlink_
protection str - Supported values are
offandon. - http2 str
- Supported values are
offandon. - image_
load_ stroptimization - Supported values are
offandon. - image_
size_ stroptimization - Supported values are
lossless,off, andlossy. - ip_
geolocation str - Supported values are
offandon. - ipv6 str
- Supported values are
offandon. - max_
upload float - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min_
tls_ strversion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify
Cis
Domain Settings Minify Args Minify the setting as stated.
Nested scheme for
minify:- mobile_
redirect CisDomain Settings Mobile Redirect Args Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic_
encryption str - Supported values are
offandon. - origin_
error_ strpage_ pass_ thru - Supported values are
offandon. - origin_
max_ strhttp_ version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin_
post_ strquantum_ encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch_
preload str - Supported values are
offandon. - proxy_
read_ floattimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo_
ipv4 str - Supported values are
overwrite_header,off, andadd_header. - response_
buffering str - Supported values are
offandon. - script_
load_ stroptimization - Supported values are
offandon. - security_
header CisDomain Settings Security Header Args - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server_
side_ strexclude - Supported values are
offandon. - ssl str
- Allowed values:
off,flexible,full,strict,origin_pull. - tls_
client_ strauth - Supported values are
offandon. - true_
client_ strip_ header - Supported values are
offandon. - waf str
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets str
- Supported values are
offandon.
- cis
Id String - The ID of the IBM Cloud Internet Services instance.
- domain
Id String - The ID of the domain that you want to customize.
- always
Use StringHttps - Supported values are
offandon. - automatic
Https StringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli String
- Supported values are
offandon. - browser
Check String - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - challenge
Ttl Number - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers List<String>
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis
Domain StringSettings Id - cname
Flattening String - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec String
- Can set to
activeonly once. Allowed values areactive,disabled. - hotlink
Protection String - Supported values are
offandon. - http2 String
- Supported values are
offandon. - image
Load StringOptimization - Supported values are
offandon. - image
Size StringOptimization - Supported values are
lossless,off, andlossy. - ip
Geolocation String - Supported values are
offandon. - ipv6 String
- Supported values are
offandon. - max
Upload Number - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min
Tls StringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify Property Map
Minify the setting as stated.
Nested scheme for
minify:- mobile
Redirect Property Map Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic
Encryption String - Supported values are
offandon. - origin
Error StringPage Pass Thru - Supported values are
offandon. - origin
Max StringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin
Post StringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch
Preload String - Supported values are
offandon. - proxy
Read NumberTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo
Ipv4 String - Supported values are
overwrite_header,off, andadd_header. - response
Buffering String - Supported values are
offandon. - script
Load StringOptimization - Supported values are
offandon. - security
Header Property Map - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server
Side StringExclude - Supported values are
offandon. - ssl String
- Allowed values:
off,flexible,full,strict,origin_pull. - tls
Client StringAuth - Supported values are
offandon. - true
Client StringIp Header - Supported values are
offandon. - waf String
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets String
- Supported values are
offandon.
Outputs
All input properties are implicitly available as output properties. Additionally, the CisDomainSettings resource produces the following output properties:
- Certificate
Status string - (String) The value is displayed as
none,initializing,authorizing, oractive. - Id string
- The provider-assigned unique ID for this managed resource.
- Certificate
Status string - (String) The value is displayed as
none,initializing,authorizing, oractive. - Id string
- The provider-assigned unique ID for this managed resource.
- certificate
Status String - (String) The value is displayed as
none,initializing,authorizing, oractive. - id String
- The provider-assigned unique ID for this managed resource.
- certificate
Status string - (String) The value is displayed as
none,initializing,authorizing, oractive. - id string
- The provider-assigned unique ID for this managed resource.
- certificate_
status str - (String) The value is displayed as
none,initializing,authorizing, oractive. - id str
- The provider-assigned unique ID for this managed resource.
- certificate
Status String - (String) The value is displayed as
none,initializing,authorizing, oractive. - id String
- The provider-assigned unique ID for this managed resource.
Look up Existing CisDomainSettings Resource
Get an existing CisDomainSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: CisDomainSettingsState, opts?: CustomResourceOptions): CisDomainSettings@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
always_use_https: Optional[str] = None,
automatic_https_rewrites: Optional[str] = None,
brotli: Optional[str] = None,
browser_check: Optional[str] = None,
certificate_status: Optional[str] = None,
challenge_ttl: Optional[float] = None,
ciphers: Optional[Sequence[str]] = None,
cis_domain_settings_id: Optional[str] = None,
cis_id: Optional[str] = None,
cname_flattening: Optional[str] = None,
dnssec: Optional[str] = None,
domain_id: Optional[str] = None,
hotlink_protection: Optional[str] = None,
http2: Optional[str] = None,
image_load_optimization: Optional[str] = None,
image_size_optimization: Optional[str] = None,
ip_geolocation: Optional[str] = None,
ipv6: Optional[str] = None,
max_upload: Optional[float] = None,
min_tls_version: Optional[str] = None,
minify: Optional[CisDomainSettingsMinifyArgs] = None,
mobile_redirect: Optional[CisDomainSettingsMobileRedirectArgs] = None,
opportunistic_encryption: Optional[str] = None,
origin_error_page_pass_thru: Optional[str] = None,
origin_max_http_version: Optional[str] = None,
origin_post_quantum_encryption: Optional[str] = None,
prefetch_preload: Optional[str] = None,
proxy_read_timeout: Optional[float] = None,
pseudo_ipv4: Optional[str] = None,
response_buffering: Optional[str] = None,
script_load_optimization: Optional[str] = None,
security_header: Optional[CisDomainSettingsSecurityHeaderArgs] = None,
server_side_exclude: Optional[str] = None,
ssl: Optional[str] = None,
tls_client_auth: Optional[str] = None,
true_client_ip_header: Optional[str] = None,
waf: Optional[str] = None,
websockets: Optional[str] = None) -> CisDomainSettingsfunc GetCisDomainSettings(ctx *Context, name string, id IDInput, state *CisDomainSettingsState, opts ...ResourceOption) (*CisDomainSettings, error)public static CisDomainSettings Get(string name, Input<string> id, CisDomainSettingsState? state, CustomResourceOptions? opts = null)public static CisDomainSettings get(String name, Output<String> id, CisDomainSettingsState state, CustomResourceOptions options)resources: _: type: ibm:CisDomainSettings get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Always
Use stringHttps - Supported values are
offandon. - Automatic
Https stringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - Brotli string
- Supported values are
offandon. - Browser
Check string - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - Certificate
Status string - (String) The value is displayed as
none,initializing,authorizing, oractive. - Challenge
Ttl double - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - Ciphers List<string>
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - Cis
Domain stringSettings Id - Cis
Id string - The ID of the IBM Cloud Internet Services instance.
- Cname
Flattening string - Supported values are
flatten_at_root,flatten_all, andflatten_none. - Dnssec string
- Can set to
activeonly once. Allowed values areactive,disabled. - Domain
Id string - The ID of the domain that you want to customize.
- Hotlink
Protection string - Supported values are
offandon. - Http2 string
- Supported values are
offandon. - Image
Load stringOptimization - Supported values are
offandon. - Image
Size stringOptimization - Supported values are
lossless,off, andlossy. - Ip
Geolocation string - Supported values are
offandon. - Ipv6 string
- Supported values are
offandon. - Max
Upload double - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - Min
Tls stringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - Minify
Cis
Domain Settings Minify Minify the setting as stated.
Nested scheme for
minify:- Mobile
Redirect CisDomain Settings Mobile Redirect Mobile redirect setting.
Nested scheme for
mobile_redirect:- Opportunistic
Encryption string - Supported values are
offandon. - Origin
Error stringPage Pass Thru - Supported values are
offandon. - Origin
Max stringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - Origin
Post stringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - Prefetch
Preload string - Supported values are
offandon. - Proxy
Read doubleTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - Pseudo
Ipv4 string - Supported values are
overwrite_header,off, andadd_header. - Response
Buffering string - Supported values are
offandon. - Script
Load stringOptimization - Supported values are
offandon. - Security
Header CisDomain Settings Security Header - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- Server
Side stringExclude - Supported values are
offandon. - Ssl string
- Allowed values:
off,flexible,full,strict,origin_pull. - Tls
Client stringAuth - Supported values are
offandon. - True
Client stringIp Header - Supported values are
offandon. - Waf string
- Enable a web application firewall (WAF). Supported values are
offandon. - Websockets string
- Supported values are
offandon.
- Always
Use stringHttps - Supported values are
offandon. - Automatic
Https stringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - Brotli string
- Supported values are
offandon. - Browser
Check string - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - Certificate
Status string - (String) The value is displayed as
none,initializing,authorizing, oractive. - Challenge
Ttl float64 - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - Ciphers []string
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - Cis
Domain stringSettings Id - Cis
Id string - The ID of the IBM Cloud Internet Services instance.
- Cname
Flattening string - Supported values are
flatten_at_root,flatten_all, andflatten_none. - Dnssec string
- Can set to
activeonly once. Allowed values areactive,disabled. - Domain
Id string - The ID of the domain that you want to customize.
- Hotlink
Protection string - Supported values are
offandon. - Http2 string
- Supported values are
offandon. - Image
Load stringOptimization - Supported values are
offandon. - Image
Size stringOptimization - Supported values are
lossless,off, andlossy. - Ip
Geolocation string - Supported values are
offandon. - Ipv6 string
- Supported values are
offandon. - Max
Upload float64 - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - Min
Tls stringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - Minify
Cis
Domain Settings Minify Args Minify the setting as stated.
Nested scheme for
minify:- Mobile
Redirect CisDomain Settings Mobile Redirect Args Mobile redirect setting.
Nested scheme for
mobile_redirect:- Opportunistic
Encryption string - Supported values are
offandon. - Origin
Error stringPage Pass Thru - Supported values are
offandon. - Origin
Max stringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - Origin
Post stringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - Prefetch
Preload string - Supported values are
offandon. - Proxy
Read float64Timeout - Maximum time between two read operations from origin. Valid values are
1-6000. - Pseudo
Ipv4 string - Supported values are
overwrite_header,off, andadd_header. - Response
Buffering string - Supported values are
offandon. - Script
Load stringOptimization - Supported values are
offandon. - Security
Header CisDomain Settings Security Header Args - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- Server
Side stringExclude - Supported values are
offandon. - Ssl string
- Allowed values:
off,flexible,full,strict,origin_pull. - Tls
Client stringAuth - Supported values are
offandon. - True
Client stringIp Header - Supported values are
offandon. - Waf string
- Enable a web application firewall (WAF). Supported values are
offandon. - Websockets string
- Supported values are
offandon.
- always
Use StringHttps - Supported values are
offandon. - automatic
Https StringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli String
- Supported values are
offandon. - browser
Check String - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - certificate
Status String - (String) The value is displayed as
none,initializing,authorizing, oractive. - challenge
Ttl Double - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers List<String>
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis
Domain StringSettings Id - cis
Id String - The ID of the IBM Cloud Internet Services instance.
- cname
Flattening String - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec String
- Can set to
activeonly once. Allowed values areactive,disabled. - domain
Id String - The ID of the domain that you want to customize.
- hotlink
Protection String - Supported values are
offandon. - http2 String
- Supported values are
offandon. - image
Load StringOptimization - Supported values are
offandon. - image
Size StringOptimization - Supported values are
lossless,off, andlossy. - ip
Geolocation String - Supported values are
offandon. - ipv6 String
- Supported values are
offandon. - max
Upload Double - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min
Tls StringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify
Cis
Domain Settings Minify Minify the setting as stated.
Nested scheme for
minify:- mobile
Redirect CisDomain Settings Mobile Redirect Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic
Encryption String - Supported values are
offandon. - origin
Error StringPage Pass Thru - Supported values are
offandon. - origin
Max StringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin
Post StringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch
Preload String - Supported values are
offandon. - proxy
Read DoubleTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo
Ipv4 String - Supported values are
overwrite_header,off, andadd_header. - response
Buffering String - Supported values are
offandon. - script
Load StringOptimization - Supported values are
offandon. - security
Header CisDomain Settings Security Header - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server
Side StringExclude - Supported values are
offandon. - ssl String
- Allowed values:
off,flexible,full,strict,origin_pull. - tls
Client StringAuth - Supported values are
offandon. - true
Client StringIp Header - Supported values are
offandon. - waf String
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets String
- Supported values are
offandon.
- always
Use stringHttps - Supported values are
offandon. - automatic
Https stringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli string
- Supported values are
offandon. - browser
Check string - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - certificate
Status string - (String) The value is displayed as
none,initializing,authorizing, oractive. - challenge
Ttl number - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers string[]
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis
Domain stringSettings Id - cis
Id string - The ID of the IBM Cloud Internet Services instance.
- cname
Flattening string - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec string
- Can set to
activeonly once. Allowed values areactive,disabled. - domain
Id string - The ID of the domain that you want to customize.
- hotlink
Protection string - Supported values are
offandon. - http2 string
- Supported values are
offandon. - image
Load stringOptimization - Supported values are
offandon. - image
Size stringOptimization - Supported values are
lossless,off, andlossy. - ip
Geolocation string - Supported values are
offandon. - ipv6 string
- Supported values are
offandon. - max
Upload number - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min
Tls stringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify
Cis
Domain Settings Minify Minify the setting as stated.
Nested scheme for
minify:- mobile
Redirect CisDomain Settings Mobile Redirect Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic
Encryption string - Supported values are
offandon. - origin
Error stringPage Pass Thru - Supported values are
offandon. - origin
Max stringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin
Post stringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch
Preload string - Supported values are
offandon. - proxy
Read numberTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo
Ipv4 string - Supported values are
overwrite_header,off, andadd_header. - response
Buffering string - Supported values are
offandon. - script
Load stringOptimization - Supported values are
offandon. - security
Header CisDomain Settings Security Header - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server
Side stringExclude - Supported values are
offandon. - ssl string
- Allowed values:
off,flexible,full,strict,origin_pull. - tls
Client stringAuth - Supported values are
offandon. - true
Client stringIp Header - Supported values are
offandon. - waf string
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets string
- Supported values are
offandon.
- always_
use_ strhttps - Supported values are
offandon. - automatic_
https_ strrewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli str
- Supported values are
offandon. - browser_
check str - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - certificate_
status str - (String) The value is displayed as
none,initializing,authorizing, oractive. - challenge_
ttl float - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers Sequence[str]
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis_
domain_ strsettings_ id - cis_
id str - The ID of the IBM Cloud Internet Services instance.
- cname_
flattening str - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec str
- Can set to
activeonly once. Allowed values areactive,disabled. - domain_
id str - The ID of the domain that you want to customize.
- hotlink_
protection str - Supported values are
offandon. - http2 str
- Supported values are
offandon. - image_
load_ stroptimization - Supported values are
offandon. - image_
size_ stroptimization - Supported values are
lossless,off, andlossy. - ip_
geolocation str - Supported values are
offandon. - ipv6 str
- Supported values are
offandon. - max_
upload float - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min_
tls_ strversion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify
Cis
Domain Settings Minify Args Minify the setting as stated.
Nested scheme for
minify:- mobile_
redirect CisDomain Settings Mobile Redirect Args Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic_
encryption str - Supported values are
offandon. - origin_
error_ strpage_ pass_ thru - Supported values are
offandon. - origin_
max_ strhttp_ version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin_
post_ strquantum_ encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch_
preload str - Supported values are
offandon. - proxy_
read_ floattimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo_
ipv4 str - Supported values are
overwrite_header,off, andadd_header. - response_
buffering str - Supported values are
offandon. - script_
load_ stroptimization - Supported values are
offandon. - security_
header CisDomain Settings Security Header Args - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server_
side_ strexclude - Supported values are
offandon. - ssl str
- Allowed values:
off,flexible,full,strict,origin_pull. - tls_
client_ strauth - Supported values are
offandon. - true_
client_ strip_ header - Supported values are
offandon. - waf str
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets str
- Supported values are
offandon.
- always
Use StringHttps - Supported values are
offandon. - automatic
Https StringRewrites - Enable HTTPS rewrites. Allowed values are
offandon. - brotli String
- Supported values are
offandon. - browser
Check String - Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are
offandon. - certificate
Status String - (String) The value is displayed as
none,initializing,authorizing, oractive. - challenge
Ttl Number - Challenge TTL values are
300,900,1800,2700,3600,7200,10800,14400,28800,57600,86400,604800,2592000, and31536000. - ciphers List<String>
- Cipher setting values are
ECDHE-ECDSA-AES128-GCM-SHA256,ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256,ECDHE-RSA-CHACHA20-POLY1305,ECDHE-ECDSA-AES128-SHA256,ECDHE-ECDSA-AES128-SHA,ECDHE-RSA-AES128-SHA256,ECDHE-RSA-AES128-SHA,AES128-GCM-SHA256,AES128-SHA256,AES128-SHA,ECDHE-ECDSA-AES256-GCM-SHA384,ECDHE-ECDSA-AES256-SHA384,ECDHE-RSA-AES256-GCM-SHA384,ECDHE-RSA-AES256-SHA384,ECDHE-RSA-AES256-SHA,AES256-GCM-SHA384,AES256-SHA256,AES256-SHA,DES-CBC3-SHA. To use default cipher value, pass empty list[]. - cis
Domain StringSettings Id - cis
Id String - The ID of the IBM Cloud Internet Services instance.
- cname
Flattening String - Supported values are
flatten_at_root,flatten_all, andflatten_none. - dnssec String
- Can set to
activeonly once. Allowed values areactive,disabled. - domain
Id String - The ID of the domain that you want to customize.
- hotlink
Protection String - Supported values are
offandon. - http2 String
- Supported values are
offandon. - image
Load StringOptimization - Supported values are
offandon. - image
Size StringOptimization - Supported values are
lossless,off, andlossy. - ip
Geolocation String - Supported values are
offandon. - ipv6 String
- Supported values are
offandon. - max
Upload Number - Maximum upload values are
100,125,150,175,200,225,250,275,300,325,350,375,400,425,450,475, and500. - min
Tls StringVersion - The minimum TLS version that you want to allow. Allowed values are
1.1,1.2, or1.3.Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list. - minify Property Map
Minify the setting as stated.
Nested scheme for
minify:- mobile
Redirect Property Map Mobile redirect setting.
Nested scheme for
mobile_redirect:- opportunistic
Encryption String - Supported values are
offandon. - origin
Error StringPage Pass Thru - Supported values are
offandon. - origin
Max StringHttp Version - Sets the highest HTTP version to use with origin. Supported values are
1and2. - origin
Post StringQuantum Encryption - Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are
off,preferredandsupported. - prefetch
Preload String - Supported values are
offandon. - proxy
Read NumberTimeout - Maximum time between two read operations from origin. Valid values are
1-6000. - pseudo
Ipv4 String - Supported values are
overwrite_header,off, andadd_header. - response
Buffering String - Supported values are
offandon. - script
Load StringOptimization - Supported values are
offandon. - security
Header Property Map - Security headers as stated.
security_header.enabled- (Bool) Required-Supported values are true and false.security_header.include_subdomains- (Bool) Required-Supported values are true and false.security_header.max_age- (Required, Integer) Maximum age of the security header.security_header.nosniff- (Bool) Required-No sniff.security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
- server
Side StringExclude - Supported values are
offandon. - ssl String
- Allowed values:
off,flexible,full,strict,origin_pull. - tls
Client StringAuth - Supported values are
offandon. - true
Client StringIp Header - Supported values are
offandon. - waf String
- Enable a web application firewall (WAF). Supported values are
offandon. - websockets String
- Supported values are
offandon.
Supporting Types
CisDomainSettingsMinify, CisDomainSettingsMinifyArgs
CisDomainSettingsMobileRedirect, CisDomainSettingsMobileRedirectArgs
- Status string
- Required-Mobile redirect setting status values are true and false.
- Mobile
Subdomain string - Mobile redirect subdomain. For example
m.domain.com. - Strip
Uri bool - Strip URI for mobile redirect.
- Status string
- Required-Mobile redirect setting status values are true and false.
- Mobile
Subdomain string - Mobile redirect subdomain. For example
m.domain.com. - Strip
Uri bool - Strip URI for mobile redirect.
- status String
- Required-Mobile redirect setting status values are true and false.
- mobile
Subdomain String - Mobile redirect subdomain. For example
m.domain.com. - strip
Uri Boolean - Strip URI for mobile redirect.
- status string
- Required-Mobile redirect setting status values are true and false.
- mobile
Subdomain string - Mobile redirect subdomain. For example
m.domain.com. - strip
Uri boolean - Strip URI for mobile redirect.
- status str
- Required-Mobile redirect setting status values are true and false.
- mobile_
subdomain str - Mobile redirect subdomain. For example
m.domain.com. - strip_
uri bool - Strip URI for mobile redirect.
- status String
- Required-Mobile redirect setting status values are true and false.
- mobile
Subdomain String - Mobile redirect subdomain. For example
m.domain.com. - strip
Uri Boolean - Strip URI for mobile redirect.
CisDomainSettingsSecurityHeader, CisDomainSettingsSecurityHeaderArgs
- Enabled bool
- security header enabled/disabled
- Include
Subdomains bool - security header subdomain included or not
- Max
Age double - security header max age
- Nosniff bool
- security header no sniff
- Preload bool
- security header preload
- Enabled bool
- security header enabled/disabled
- Include
Subdomains bool - security header subdomain included or not
- Max
Age float64 - security header max age
- Nosniff bool
- security header no sniff
- Preload bool
- security header preload
- enabled Boolean
- security header enabled/disabled
- include
Subdomains Boolean - security header subdomain included or not
- max
Age Double - security header max age
- nosniff Boolean
- security header no sniff
- preload Boolean
- security header preload
- enabled boolean
- security header enabled/disabled
- include
Subdomains boolean - security header subdomain included or not
- max
Age number - security header max age
- nosniff boolean
- security header no sniff
- preload boolean
- security header preload
- enabled bool
- security header enabled/disabled
- include_
subdomains bool - security header subdomain included or not
- max_
age float - security header max age
- nosniff bool
- security header no sniff
- preload bool
- security header preload
- enabled Boolean
- security header enabled/disabled
- include
Subdomains Boolean - security header subdomain included or not
- max
Age Number - security header max age
- nosniff Boolean
- security header no sniff
- preload Boolean
- security header preload
Package Details
- Repository
- ibm ibm-cloud/terraform-provider-ibm
- License
- Notes
- This Pulumi package is based on the
ibmTerraform Provider.