origin
Version: v2025-01-13 | Includes use: Yes |
---|
Behavior name: Origin Server
Specify the hostname and settings used to contact the origin once service begins. You can use your own origin, NetStorage, an Edge Load Balancing origin, or a SaaS dynamic origin.
Default behavior
These samples reflect the behavior's default settings. You can use these as is in your configurations or make adjustments based on the behavior's available options.
data "akamai_property_rules_builder" "origin" {
rules_v2025_02_18 {
name = "Origin Server"
comments = "Specifies the hostname and settings used to contact the origin once service begins."
behavior {
origin {
min_tls_version = "DYNAMIC"
enable_true_client_ip = true
compress = true
true_client_ip_header = "True-Client-IP"
verification_mode = "PLATFORM_SETTINGS"
origin_sni = true
true_client_ip_client_setting = false
hostname = ""
http_port = 80
cache_key_hostname = "ORIGIN_HOSTNAME"
forward_host_header = "REQUEST_HOST_HEADER"
https_port = 443
ip_version = "IPV4"
origin_type = "CUSTOMER"
}
}
}
}
"behaviors": [
{
"name": "origin",
"options": {
"minTlsVersion": "DYNAMIC",
"enableTrueClientIp": true,
"compress": true,
"trueClientIpHeader": "True-Client-IP",
"verificationMode": "PLATFORM_SETTINGS",
"originSni": true,
"trueClientIpClientSetting": false,
"hostname": "",
"httpPort": 80,
"cacheKeyHostname": "ORIGIN_HOSTNAME",
"forwardHostHeader": "REQUEST_HOST_HEADER",
"httpsPort": 443,
"ipVersion": "IPV4",
"originType": "CUSTOMER"
}
}
]
Options
Option | Description |
---|---|
origin_type |
Choose where your content is retrieved from. Value is one of:
|
net_storage |
Specifies the details of the NetStorage server. Contains:
|
origin_id |
Identifies the Edge Load Balancing origin. This needs to correspond to an
edge_load_balancing_origin behavior's id attribute within the same property.
|
hostname |
Specifies the hostname or IPv4 address of your origin server, from which edge servers can retrieve your content.
|
second_hostname_enabled |
Available only for certain products. This specifies whether you want to use an additional origin server address.
|
second_hostname |
Specifies the origin server's hostname, IPv4 address, or IPv6 address. Edge servers retrieve your content from this origin server.
|
mslorigin |
This specifies the media's origin server.
|
saas_type |
Specifies the part of the request that identifies this SaaS dynamic origin. Value is one of:
|
saas_cname_enabled |
Enabling this allows you to use a CNAME chain to determine the hostname for this SaaS dynamic origin.
|
saas_cname_level |
Specifies the desired number of hostnames to use in the CNAME chain, starting backwards from the edge server.
|
saas_cookie |
Specifies the name of the cookie that identifies this SaaS dynamic origin.
|
saas_query_string |
Specifies the name of the query parameter that identifies this SaaS dynamic origin.
|
saas_regex |
Specifies the Perl-compatible regular expression match that identifies this SaaS dynamic origin.
|
saas_replace |
Specifies replacement text for what
saas_regex matches.
|
saas_suffix |
Specifies the static part of the SaaS dynamic origin.
|
forward_host_header |
Specifies which
Host header to pass to the origin. Value is one of:
|
custom_forward_host_header |
Specifies the name of the custom host header the edge server should pass to the origin.
|
cache_key_hostname |
Specifies the hostname to use when forming a cache key. Value is one of:
|
ip_version |
Specifies which IP version to use when getting content from the origin. Value is one of:
Note: When using IPv6-Only or Dual Stack and the Origin IP Access Control List feature, add the
|
use_unique_cache_key |
With a shared
hostname such as provided by Amazon AWS, sets a unique cache key for your content.
|
compress |
Enables gzip compression for non-NetStorage origins.
|
enable_true_client_ip |
Sends a custom header the identifying the IP address of the immediate client connecting to the edge server and provides more information than the standard
X-Forward-For header, which proxies may modify.
|
true_client_ip_header |
This specifies the name of the field that identifies the end client's IP address, for example
True-Client-IP .
|
true_client_ip_client_setting |
If a client sets the
True-Client-IP header, the edge server allows it and passes the value to the origin. Otherwise the edge server removes it and sets the value itself.
|
verification_mode |
For non-NetStorage origins, maximize security by controlling which certificates edge servers should trust. Value is one of:
|
origin_sni |
For non-NetStorage origins, enabling this adds a Server Name Indication (SNI) header in the SSL request sent to the origin, with the origin hostname as the value. See the verification settings in the Origin Server behavior or contact your Akamai representative for more information. If you want to use TLS version 1.3 in your existing properties, enable this option. New properties have this enabled by default.
|
custom_valid_cn_values
|
Specifies values to look for in the origin certificate's
Subject Alternate Name or Common Name fields. Specify {{Origin Hostname}} and {{Forward Host Header}} within the text in the order you want them to be evaluated.Note: These template items are not the same as in-line variables that use the same curly-brace syntax. |
origin_certs_to_honor |
Specifies which certificate to trust. Value is one of:
|
custom_certificate_authorities |
Specifies an array of certification objects. See the verification settings in the Origin Server behavior or contact your Akamai representative for details on this object's requirements.
|
custom_certificates |
Specifies an array of certification objects. See the verification settings in the Origin Server behavior or contact your Akamai representative for details on this object's requirements.
|
http_port |
Specifies the port on your origin server to which edge servers should connect for HTTP requests, customarily
80 .
|
https_port |
Specifies the port on your origin server to which edge servers should connect for secure HTTPS requests, customarily
443 . This option only applies if the property is marked as secure. See Secure property requirements for guidance.
|
min_tls_version |
Specifies the minimum TLS version to use for connections to your origin server. Value is one of:
|
max_tls_version |
Specifies the maximum TLS version to use for connections to your origin server. Value is one of:
Note: Use
|
Updated about 1 hour ago