| android_deep_link |
Enable assets for Android deep link |
bool |
true |
no |
| apex_redirect |
Enable Fastly Apex redirection |
bool |
true |
no |
| apple_associated_domain |
Enable associated domain for Apple apps |
bool |
true |
no |
| as_blocklist |
Whether to enable the AS blocklist ACLs. Must be managed externally, unless as_blocklist_items is given. |
bool |
true |
no |
| as_blocklist_items |
List of Autonomous Systems (AS) to block. This will make the Dictionary object 'managed' by terraform. |
list(number) |
[] |
no |
| as_blocklist_name |
Name of the AS blocklist |
string |
"AS Blocklist" |
no |
| as_request_blocklist_items |
List of Autonomous Systems (AS) to block from making /api or /explore requests. This will make the Dictionary object 'managed' by terraform. |
list(number) |
[] |
no |
| as_request_blocklist_name |
Name of the AS request blocklist |
string |
"AS Requests Blocklist" |
no |
| backend_address |
Address to use for connecting to the backend. Can be a hostname or an IP address. |
string |
n/a |
yes |
| backend_between_bytes_timeout |
How long to wait between bytes in milliseconds. |
number |
10000 |
no |
| backend_ca_cert |
CA cert to use when connecting to the backend. |
string |
n/a |
yes |
| backend_first_byte_timeout |
How long to wait for the first bytes in milliseconds. |
number |
15000 |
no |
| backend_name |
Optional name for the backend. |
string |
"" |
no |
| backend_port |
The port number on which the Backend responds. |
number |
443 |
no |
| backend_ssl_check |
Be strict about checking SSL certs when connecting to the backend. |
bool |
true |
no |
| datadog |
Whether to send logging info to Datadog |
bool |
false |
no |
| datadog_region |
The region that log data will be sent to. |
string |
"EU" |
no |
| datadog_service |
Datadog service name to use for logs |
string |
"fastly" |
no |
| datadog_token |
API key from Datadog. |
string |
"" |
no |
| default_ttl |
The default Time-to-live (TTL) for requests |
number |
0 |
no |
| domains |
Additional domains to assign to this service |
list(string) |
[] |
no |
| dynamic_compression |
Whether to dynamically compress responses before sending them |
bool |
true |
no |
| edge_security |
Whether to enable the Edge Security blocklist. |
bool |
true |
no |
| fastly_globeviz_url |
URL to send traffic data for fastly for their Global Visualization page |
string |
"" |
no |
| force_tls_hsts |
Force TLS and HTTP Strict Transport Security (HSTS) to ensure that every request is secure. |
bool |
true |
no |
| globeviz_service |
Enables sending traffic information to Fastly's Globeviz page using the given service. |
string |
"" |
no |
| gzip_default_policy |
Whether to enable Fastly's default gzip policy |
bool |
false |
no |
| healthcheck_expected_response |
Response to expect from a healthy endpoint. |
number |
200 |
no |
| healthcheck_host |
Host to ping for healthcheck. Defaults to hostname. |
string |
"" |
no |
| healthcheck_method |
HTTP method to use when doing a healthcheck. |
string |
"HEAD" |
no |
| healthcheck_name |
Optional name for the healthcheck. |
string |
"" |
no |
| healthcheck_path |
URL to use when doing a healthcheck. |
string |
"/health" |
no |
| hostname |
Hostname the service points to. |
string |
n/a |
yes |
| hsts_duration |
Number of seconds for the client to remember only to use HTTPS. |
number |
31557600 |
no |
| ip_blocklist |
Whether to enable the IP Blocklist ACL. Must be managed externally, unless ip_blocklist_items is given. |
bool |
true |
no |
| ip_blocklist_items |
List of IP CIDRs to block. This will make the ACL object 'managed' by terraform. |
list(string) |
[] |
no |
| ip_blocklist_name |
Name for the ACL responsible for holding all the blocked IP ranges. |
string |
"IP Block list" |
no |
| ja3_blocklist |
Whether to enable the JA3 Blocklist Dictionary. Must be managed externally, unless ja3_blocklist_items is given. |
bool |
true |
no |
| ja3_blocklist_items |
List of JA3 hashes to block. This will make the Dictionary object 'managed' by terraform. |
list(string) |
[] |
no |
| ja3_blocklist_name |
Name for the Dictionray responsible for holding all the blocked JA3 hashes. |
string |
"JA3 Blocklist" |
no |
| mastodon_error_page |
Whether to enable the official mastodon error page. |
bool |
true |
no |
| max_conn |
Maximum number of connections for the Backend. |
number |
500 |
no |
| media_backend |
Additional backend to use for service media files |
object({
address = string
name = optional(string, "")
condition = optional(string, "")
condition_name = optional(string, "Media backend condition")
ssl_check = optional(bool, true)
ssl_hostname = optional(string, "")
bucket_prefix = optional(string, "")
}) |
{
"address": ""
} |
no |
| min_tls_version |
Minimum allowed TLS version on SSL connections to the backend. |
string |
"1.2" |
no |
| name |
Name of the fastly service (defaults to hostname). |
string |
"" |
no |
| product_enablement |
Which additional Fastly products to enable for this service. |
object({
brotli_compression = optional(bool, false)
domain_inspector = optional(bool, false)
image_optimizer = optional(bool, false)
origin_inspector = optional(bool, false)
websockets = optional(bool, false)
}) |
{
"brotli_compression": false,
"domain_inspector": false,
"image_optimizer": false,
"origin_inspector": false,
"websockets": false
} |
no |
| shield_region |
Which Fastly shield region to use. Should correspond with the shield code. |
string |
n/a |
yes |
| signal_science_host |
Hostname to use to integrate with Signal Sciences |
string |
"" |
no |
| signal_science_shared_key |
Shared key to use when integrating with Signal Sciences |
string |
"" |
no |
| ssl_hostname |
Hostname to use for SSL verification (if different from 'hostname'). |
string |
"" |
no |
| static_cache_control |
Add cache-control headers for static files |
bool |
true |
no |
| tarpit |
Whether to enable tarpit (anti-abuse rate limiting). |
bool |
true |
no |
| use_ssl |
Whether or not to use SSL to reach the Backend. |
bool |
true |
no |
| vcl_snippets |
Additional custom VCL snippets to add to the service. |
list(object({
content = string
name = string
type = string
priority = optional(number, 100)
})) |
[] |
no |
Tim Campbell
6f87dffd0e
Bugfix for media backend