Google Network services Edge CAche Origin

This page shows how to write Terraform for Network services Edge CAche Origin and write them securely.

google_network_services_edge_cache_origin (Terraform)

The Edge CAche Origin in Network services can be configured in Terraform with the resource name google_network_services_edge_cache_origin. The following sections describe how to use the resource and its parameters.

Example Usage from GitHub

An example could not be found in GitHub.


The following arguments are supported:

  • origin_address - (Required) A fully qualified domain name (FQDN) or IP address reachable over the public Internet, or the address of a Google Cloud Storage bucket. This address will be used as the origin for cache requests - e.g. FQDN: IPv4: IPv6:[2607:f8b0:4012:809::200e] Cloud Storage: gs://bucketname When providing an FQDN (hostname), it must be publicly resolvable (e.g. via Google public DNS) and IP addresses must be publicly routable. If a Cloud Storage bucket is provided, it must be in the canonical "gs://bucketname" format. Other forms, such as "", will be rejected.

  • name - (Required) Name of the resource; provided by the client when the resource is created. The name must be 1-64 characters long, and match the regular expression [a-zA-Z][a-za-z0-9_-]* which means the first character must be a letter, and all following characters must be a dash, underscore, letter or digit.

  • description - (Optional) A human-readable description of the resource.

  • labels - (Optional) Set of label tags associated with the EdgeCache resource.

  • protocol - (Optional) The protocol to use to connect to the configured origin. Defaults to HTTP2, and it is strongly recommended that users use HTTP2 for both security & performance. When using HTTP2 or HTTPS as the protocol, a valid, publicly-signed, unexpired TLS (SSL) certificate must be presented by the origin server. Possible values are HTTP2, HTTPS, and HTTP.

  • port - (Optional) The port to connect to the origin on. Defaults to port 443 for HTTP2 and HTTPS protocols, and port 80 for HTTP.

  • max_attempts - (Optional) The maximum number of attempts to cache fill from this origin. Another attempt is made when a cache fill fails with one of the retryConditions. Once maxAttempts to this origin have failed the failoverOrigin will be used, if one is specified. That failoverOrigin may specify its own maxAttempts, retryConditions and failoverOrigin to control its own cache fill failures. The total number of allowed attempts to cache fill across this and failover origins is limited to four. The total time allowed for cache fill attempts across this and failover origins can be controlled with maxAttemptsTimeout. The last valid response from an origin will be returned to the client. If no origin returns a valid response, an HTTP 503 will be returned to the client. Defaults to 1. Must be a value greater than 0 and less than 4.

  • failover_origin - (Optional) The Origin resource to try when the current origin cannot be reached. After maxAttempts is reached, the configured failoverOrigin will be used to fulfil the request. The value of timeout.maxAttemptsTimeout dictates the timeout across all origins. A reference to a Topic resource.

  • retry_conditions - (Optional) Specifies one or more retry conditions for the configured origin. If the failure mode during a connection attempt to the origin matches the configured retryCondition(s), the origin request will be retried up to maxAttempts times. The failoverOrigin, if configured, will then be used to satisfy the request. The default retryCondition is "CONNECT_FAILURE". retryConditions apply to this origin, and not subsequent failoverOrigin(s), which may specify their own retryConditions and maxAttempts. Valid values are:

    • CONNECT_FAILURE: Retry on failures connecting to origins, for example due to connection timeouts.
    • HTTP_5XX: Retry if the origin responds with any 5xx response code, or if the origin does not respond at all, example: disconnects, reset, read timeout, connection failure, and refused streams.
    • GATEWAY_ERROR: Similar to 5xx, but only applies to response codes 502, 503 or 504.
    • RETRIABLE_4XX: Retry for retriable 4xx response codes, which include HTTP 409 (Conflict) and HTTP 429 (Too Many Requests)
    • NOT_FOUND: Retry if the origin returns a HTTP 404 (Not Found). This can be useful when generating video content, and the segment is not available yet. Each value may be one of CONNECT_FAILURE, HTTP_5XX, GATEWAY_ERROR, RETRIABLE_4XX, and NOT_FOUND.
  • timeout - (Optional) The connection and HTTP timeout configuration for this origin. Structure is documented below.

  • project - (Optional) The ID of the project in which the resource belongs. If it is not provided, the provider project is used.

The timeout block supports:

  • connect_timeout - (Optional) The maximum duration to wait for the origin connection to be established, including DNS lookup, TLS handshake and TCP/QUIC connection establishment. Defaults to 5 seconds. The timeout must be a value between 1s and 15s.

  • max_attempts_timeout - (Optional) The maximum time across all connection attempts to the origin, including failover origins, before returning an error to the client. A HTTP 503 will be returned if the timeout is reached before a response is returned. Defaults to 5 seconds. The timeout must be a value between 1s and 15s.

  • response_timeout - (Optional) The maximum duration to wait for data to arrive when reading from the HTTP connection/stream. Defaults to 5 seconds. The timeout must be a value between 1s and 30s.

In addition to the arguments listed above, the following computed attributes are exported:

  • id - an identifier for the resource with format projects/[[project]]/locations/global/edgeCacheOrigins/[[name]]

Explanation in Terraform Registry

EdgeCacheOrigin represents a HTTP-reachable backend for an EdgeCacheService.

Frequently asked questions

What is Google Network services Edge CAche Origin?

Google Network services Edge CAche Origin is a resource for Network services of Google Cloud Platform. Settings can be wrote in Terraform.


Scan your IaC problem in 3 minutes for free

You can keep your IaC security for free. No credit card required.