Docs Home Pulumi IaC Pulumi ESC Pulumi Insights Pulumi Cloud Packages Tutorials
  1. Packages
  2. Ibm Provider
  3. API Docs
  4. CisDomainSettings
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm-cloud/terraform-provider-ibm

ibm.CisDomainSettings

Explore with Pulumi AI

ibm logo
ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
ibm-cloud/terraform-provider-ibm

    Customize the IBM Cloud Internet Services domain settings. For more information, about Internet Services domain settings, see adding domains to your CIS instance.

    Example Usage

    1

    import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const testDomainSettings = new ibm.CisDomainSettings("testDomainSettings", {
    cisId: data.ibm_cis.cis.id,
    domainId: data.ibm_cis_domain.cis_domain.domain_id,
    dnssec: "disabled",
    waf: "off",
    ssl: "flexible",
    minTlsVersion: "1.2",
    cnameFlattening: "flatten_all",
    opportunisticEncryption: "off",
    automaticHttpsRewrites: "on",
    alwaysUseHttps: "off",
    ipv6: "off",
    browserCheck: "off",
    hotlinkProtection: "off",
    http2: "on",
    imageLoadOptimization: "off",
    imageSizeOptimization: "lossless",
    ipGeolocation: "off",
    originErrorPagePassThru: "off",
    brotli: "off",
    pseudoIpv4: "off",
    prefetchPreload: "off",
    responseBuffering: "off",
    scriptLoadOptimization: "off",
    serverSideExclude: "off",
    tlsClientAuth: "off",
    trueClientIpHeader: "off",
    websockets: "off",
    opportunisticOnion: "off",
    logRetention: false,
    challengeTtl: 31536000,
    maxUpload: 300,
    ciphers: ["AES128-SHA256"],
    originMaxHttpVersion: "1",
    originPostQuantumEncryption: "off",
    proxyReadTimeout: 5500,
    minify: {
        css: "off",
        js: "off",
        html: "off",
    },
    securityHeader: {
        enabled: false,
        includeSubdomains: false,
        maxAge: 0,
        nosniff: false,
        preload: false,
    },
    mobileRedirect: {
        status: "on",
        mobileSubdomain: "m.domain.com",
        stripUri: true,
    },
});
const test = new ibm.CisDomainSettings("test", {
    cisId: ibm_cis.instance.id,
    domainId: ibm_cis_domain.example.id,
    waf: "on",
    ssl: "full",
    minTlsVersion: "1.2",
    originMaxHttpVersion: "2",
    originPostQuantumEncryption: "supported",
    proxyReadTimeout: 5500,
});

    import pulumi
import pulumi_ibm as ibm

test_domain_settings = ibm.CisDomainSettings("testDomainSettings",
    cis_id=data["ibm_cis"]["cis"]["id"],
    domain_id=data["ibm_cis_domain"]["cis_domain"]["domain_id"],
    dnssec="disabled",
    waf="off",
    ssl="flexible",
    min_tls_version="1.2",
    cname_flattening="flatten_all",
    opportunistic_encryption="off",
    automatic_https_rewrites="on",
    always_use_https="off",
    ipv6="off",
    browser_check="off",
    hotlink_protection="off",
    http2="on",
    image_load_optimization="off",
    image_size_optimization="lossless",
    ip_geolocation="off",
    origin_error_page_pass_thru="off",
    brotli="off",
    pseudo_ipv4="off",
    prefetch_preload="off",
    response_buffering="off",
    script_load_optimization="off",
    server_side_exclude="off",
    tls_client_auth="off",
    true_client_ip_header="off",
    websockets="off",
    opportunistic_onion="off",
    log_retention=False,
    challenge_ttl=31536000,
    max_upload=300,
    ciphers=["AES128-SHA256"],
    origin_max_http_version="1",
    origin_post_quantum_encryption="off",
    proxy_read_timeout=5500,
    minify={
        "css": "off",
        "js": "off",
        "html": "off",
    },
    security_header={
        "enabled": False,
        "include_subdomains": False,
        "max_age": 0,
        "nosniff": False,
        "preload": False,
    },
    mobile_redirect={
        "status": "on",
        "mobile_subdomain": "m.domain.com",
        "strip_uri": True,
    })
test = ibm.CisDomainSettings("test",
    cis_id=ibm_cis["instance"]["id"],
    domain_id=ibm_cis_domain["example"]["id"],
    waf="on",
    ssl="full",
    min_tls_version="1.2",
    origin_max_http_version="2",
    origin_post_quantum_encryption="supported",
    proxy_read_timeout=5500)

    package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewCisDomainSettings(ctx, "testDomainSettings", &ibm.CisDomainSettingsArgs{
			CisId:                   pulumi.Any(data.Ibm_cis.Cis.Id),
			DomainId:                pulumi.Any(data.Ibm_cis_domain.Cis_domain.Domain_id),
			Dnssec:                  pulumi.String("disabled"),
			Waf:                     pulumi.String("off"),
			Ssl:                     pulumi.String("flexible"),
			MinTlsVersion:           pulumi.String("1.2"),
			CnameFlattening:         pulumi.String("flatten_all"),
			OpportunisticEncryption: pulumi.String("off"),
			AutomaticHttpsRewrites:  pulumi.String("on"),
			AlwaysUseHttps:          pulumi.String("off"),
			Ipv6:                    pulumi.String("off"),
			BrowserCheck:            pulumi.String("off"),
			HotlinkProtection:       pulumi.String("off"),
			Http2:                   pulumi.String("on"),
			ImageLoadOptimization:   pulumi.String("off"),
			ImageSizeOptimization:   pulumi.String("lossless"),
			IpGeolocation:           pulumi.String("off"),
			OriginErrorPagePassThru: pulumi.String("off"),
			Brotli:                  pulumi.String("off"),
			PseudoIpv4:              pulumi.String("off"),
			PrefetchPreload:         pulumi.String("off"),
			ResponseBuffering:       pulumi.String("off"),
			ScriptLoadOptimization:  pulumi.String("off"),
			ServerSideExclude:       pulumi.String("off"),
			TlsClientAuth:           pulumi.String("off"),
			TrueClientIpHeader:      pulumi.String("off"),
			Websockets:              pulumi.String("off"),
			OpportunisticOnion:      pulumi.String("off"),
			LogRetention:            pulumi.Bool(false),
			ChallengeTtl:            pulumi.Float64(31536000),
			MaxUpload:               pulumi.Float64(300),
			Ciphers: pulumi.StringArray{
				pulumi.String("AES128-SHA256"),
			},
			OriginMaxHttpVersion:        pulumi.String("1"),
			OriginPostQuantumEncryption: pulumi.String("off"),
			ProxyReadTimeout:            pulumi.Float64(5500),
			Minify: &ibm.CisDomainSettingsMinifyArgs{
				Css:  pulumi.String("off"),
				Js:   pulumi.String("off"),
				Html: pulumi.String("off"),
			},
			SecurityHeader: &ibm.CisDomainSettingsSecurityHeaderArgs{
				Enabled:           pulumi.Bool(false),
				IncludeSubdomains: pulumi.Bool(false),
				MaxAge:            pulumi.Float64(0),
				Nosniff:           pulumi.Bool(false),
				Preload:           pulumi.Bool(false),
			},
			MobileRedirect: &ibm.CisDomainSettingsMobileRedirectArgs{
				Status:          pulumi.String("on"),
				MobileSubdomain: pulumi.String("m.domain.com"),
				StripUri:        pulumi.Bool(true),
			},
		})
		if err != nil {
			return err
		}
		_, err = ibm.NewCisDomainSettings(ctx, "test", &ibm.CisDomainSettingsArgs{
			CisId:                       pulumi.Any(ibm_cis.Instance.Id),
			DomainId:                    pulumi.Any(ibm_cis_domain.Example.Id),
			Waf:                         pulumi.String("on"),
			Ssl:                         pulumi.String("full"),
			MinTlsVersion:               pulumi.String("1.2"),
			OriginMaxHttpVersion:        pulumi.String("2"),
			OriginPostQuantumEncryption: pulumi.String("supported"),
			ProxyReadTimeout:            pulumi.Float64(5500),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var testDomainSettings = new Ibm.CisDomainSettings("testDomainSettings", new()
    {
        CisId = data.Ibm_cis.Cis.Id,
        DomainId = data.Ibm_cis_domain.Cis_domain.Domain_id,
        Dnssec = "disabled",
        Waf = "off",
        Ssl = "flexible",
        MinTlsVersion = "1.2",
        CnameFlattening = "flatten_all",
        OpportunisticEncryption = "off",
        AutomaticHttpsRewrites = "on",
        AlwaysUseHttps = "off",
        Ipv6 = "off",
        BrowserCheck = "off",
        HotlinkProtection = "off",
        Http2 = "on",
        ImageLoadOptimization = "off",
        ImageSizeOptimization = "lossless",
        IpGeolocation = "off",
        OriginErrorPagePassThru = "off",
        Brotli = "off",
        PseudoIpv4 = "off",
        PrefetchPreload = "off",
        ResponseBuffering = "off",
        ScriptLoadOptimization = "off",
        ServerSideExclude = "off",
        TlsClientAuth = "off",
        TrueClientIpHeader = "off",
        Websockets = "off",
        OpportunisticOnion = "off",
        LogRetention = false,
        ChallengeTtl = 31536000,
        MaxUpload = 300,
        Ciphers = new[]
        {
            "AES128-SHA256",
        },
        OriginMaxHttpVersion = "1",
        OriginPostQuantumEncryption = "off",
        ProxyReadTimeout = 5500,
        Minify = new Ibm.Inputs.CisDomainSettingsMinifyArgs
        {
            Css = "off",
            Js = "off",
            Html = "off",
        },
        SecurityHeader = new Ibm.Inputs.CisDomainSettingsSecurityHeaderArgs
        {
            Enabled = false,
            IncludeSubdomains = false,
            MaxAge = 0,
            Nosniff = false,
            Preload = false,
        },
        MobileRedirect = new Ibm.Inputs.CisDomainSettingsMobileRedirectArgs
        {
            Status = "on",
            MobileSubdomain = "m.domain.com",
            StripUri = true,
        },
    });

    var test = new Ibm.CisDomainSettings("test", new()
    {
        CisId = ibm_cis.Instance.Id,
        DomainId = ibm_cis_domain.Example.Id,
        Waf = "on",
        Ssl = "full",
        MinTlsVersion = "1.2",
        OriginMaxHttpVersion = "2",
        OriginPostQuantumEncryption = "supported",
        ProxyReadTimeout = 5500,
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.CisDomainSettings;
import com.pulumi.ibm.CisDomainSettingsArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMinifyArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsSecurityHeaderArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMobileRedirectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testDomainSettings = new CisDomainSettings("testDomainSettings", CisDomainSettingsArgs.builder()
            .cisId(data.ibm_cis().cis().id())
            .domainId(data.ibm_cis_domain().cis_domain().domain_id())
            .dnssec("disabled")
            .waf("off")
            .ssl("flexible")
            .minTlsVersion("1.2")
            .cnameFlattening("flatten_all")
            .opportunisticEncryption("off")
            .automaticHttpsRewrites("on")
            .alwaysUseHttps("off")
            .ipv6("off")
            .browserCheck("off")
            .hotlinkProtection("off")
            .http2("on")
            .imageLoadOptimization("off")
            .imageSizeOptimization("lossless")
            .ipGeolocation("off")
            .originErrorPagePassThru("off")
            .brotli("off")
            .pseudoIpv4("off")
            .prefetchPreload("off")
            .responseBuffering("off")
            .scriptLoadOptimization("off")
            .serverSideExclude("off")
            .tlsClientAuth("off")
            .trueClientIpHeader("off")
            .websockets("off")
            .opportunisticOnion("off")
            .logRetention(false)
            .challengeTtl(31536000)
            .maxUpload(300)
            .ciphers("AES128-SHA256")
            .originMaxHttpVersion("1")
            .originPostQuantumEncryption("off")
            .proxyReadTimeout(5500)
            .minify(CisDomainSettingsMinifyArgs.builder()
                .css("off")
                .js("off")
                .html("off")
                .build())
            .securityHeader(CisDomainSettingsSecurityHeaderArgs.builder()
                .enabled(false)
                .includeSubdomains(false)
                .maxAge(0)
                .nosniff(false)
                .preload(false)
                .build())
            .mobileRedirect(CisDomainSettingsMobileRedirectArgs.builder()
                .status("on")
                .mobileSubdomain("m.domain.com")
                .stripUri(true)
                .build())
            .build());

        var test = new CisDomainSettings("test", CisDomainSettingsArgs.builder()
            .cisId(ibm_cis.instance().id())
            .domainId(ibm_cis_domain.example().id())
            .waf("on")
            .ssl("full")
            .minTlsVersion("1.2")
            .originMaxHttpVersion("2")
            .originPostQuantumEncryption("supported")
            .proxyReadTimeout(5500)
            .build());

    }
}

    resources:
  testDomainSettings:
    type: ibm:CisDomainSettings
    properties:
      cisId: ${data.ibm_cis.cis.id}
      domainId: ${data.ibm_cis_domain.cis_domain.domain_id}
      dnssec: disabled
      waf: off
      ssl: flexible
      minTlsVersion: '1.2'
      cnameFlattening: flatten_all
      opportunisticEncryption: off
      automaticHttpsRewrites: on
      alwaysUseHttps: off
      ipv6: off
      browserCheck: off
      hotlinkProtection: off
      http2: on
      imageLoadOptimization: off
      imageSizeOptimization: lossless
      ipGeolocation: off
      originErrorPagePassThru: off
      brotli: off
      pseudoIpv4: off
      prefetchPreload: off
      responseBuffering: off
      scriptLoadOptimization: off
      serverSideExclude: off
      tlsClientAuth: off
      trueClientIpHeader: off
      websockets: off
      opportunisticOnion: off
      logRetention: false
      challengeTtl: 3.1536e+07
      maxUpload: 300
      ciphers:
        - AES128-SHA256
      originMaxHttpVersion: '1'
      originPostQuantumEncryption: off
      proxyReadTimeout: 5500
      minify:
        css: off
        js: off
        html: off
      securityHeader:
        enabled: false
        includeSubdomains: false
        maxAge: 0
        nosniff: false
        preload: false
      mobileRedirect:
        status: on
        mobileSubdomain: m.domain.com
        stripUri: true
  test:
    type: ibm:CisDomainSettings
    properties:
      cisId: ${ibm_cis.instance.id}
      domainId: ${ibm_cis_domain.example.id}
      waf: on
      ssl: full
      minTlsVersion: '1.2'
      originMaxHttpVersion: '2'
      originPostQuantumEncryption: supported
      proxyReadTimeout: 5500

    2 : For TLS V1.3

    import * as pulumi from "@pulumi/pulumi";
import * as ibm from "@pulumi/ibm";

const testDomainSettings = new ibm.CisDomainSettings("testDomainSettings", {
    cisId: data.ibm_cis.cis.id,
    domainId: data.ibm_cis_domain.cis_domain.domain_id,
    dnssec: "disabled",
    waf: "off",
    ssl: "flexible",
    minTlsVersion: "1.2",
    cnameFlattening: "flatten_all",
    opportunisticEncryption: "off",
    automaticHttpsRewrites: "on",
    alwaysUseHttps: "off",
    ipv6: "off",
    browserCheck: "off",
    hotlinkProtection: "off",
    http2: "on",
    imageLoadOptimization: "off",
    imageSizeOptimization: "lossless",
    ipGeolocation: "off",
    originErrorPagePassThru: "off",
    brotli: "off",
    pseudoIpv4: "off",
    prefetchPreload: "off",
    responseBuffering: "off",
    scriptLoadOptimization: "off",
    serverSideExclude: "off",
    tlsClientAuth: "off",
    trueClientIpHeader: "off",
    websockets: "off",
    opportunisticOnion: "off",
    logRetention: false,
    challengeTtl: 31536000,
    maxUpload: 300,
    ciphers: [],
    originMaxHttpVersion: "1",
    originPostQuantumEncryption: "off",
    proxyReadTimeout: 5500,
    minify: {
        css: "off",
        js: "off",
        html: "off",
    },
    securityHeader: {
        enabled: false,
        includeSubdomains: false,
        maxAge: 0,
        nosniff: false,
        preload: false,
    },
    mobileRedirect: {
        status: "on",
        mobileSubdomain: "m.domain.com",
        stripUri: true,
    },
});
const test = new ibm.CisDomainSettings("test", {
    cisId: ibm_cis.instance.id,
    domainId: ibm_cis_domain.example.id,
    waf: "on",
    ssl: "full",
    minTlsVersion: "1.3",
    originMaxHttpVersion: "2",
    originPostQuantumEncryption: "supported",
    proxyReadTimeout: 5500,
});

    import pulumi
import pulumi_ibm as ibm

test_domain_settings = ibm.CisDomainSettings("testDomainSettings",
    cis_id=data["ibm_cis"]["cis"]["id"],
    domain_id=data["ibm_cis_domain"]["cis_domain"]["domain_id"],
    dnssec="disabled",
    waf="off",
    ssl="flexible",
    min_tls_version="1.2",
    cname_flattening="flatten_all",
    opportunistic_encryption="off",
    automatic_https_rewrites="on",
    always_use_https="off",
    ipv6="off",
    browser_check="off",
    hotlink_protection="off",
    http2="on",
    image_load_optimization="off",
    image_size_optimization="lossless",
    ip_geolocation="off",
    origin_error_page_pass_thru="off",
    brotli="off",
    pseudo_ipv4="off",
    prefetch_preload="off",
    response_buffering="off",
    script_load_optimization="off",
    server_side_exclude="off",
    tls_client_auth="off",
    true_client_ip_header="off",
    websockets="off",
    opportunistic_onion="off",
    log_retention=False,
    challenge_ttl=31536000,
    max_upload=300,
    ciphers=[],
    origin_max_http_version="1",
    origin_post_quantum_encryption="off",
    proxy_read_timeout=5500,
    minify={
        "css": "off",
        "js": "off",
        "html": "off",
    },
    security_header={
        "enabled": False,
        "include_subdomains": False,
        "max_age": 0,
        "nosniff": False,
        "preload": False,
    },
    mobile_redirect={
        "status": "on",
        "mobile_subdomain": "m.domain.com",
        "strip_uri": True,
    })
test = ibm.CisDomainSettings("test",
    cis_id=ibm_cis["instance"]["id"],
    domain_id=ibm_cis_domain["example"]["id"],
    waf="on",
    ssl="full",
    min_tls_version="1.3",
    origin_max_http_version="2",
    origin_post_quantum_encryption="supported",
    proxy_read_timeout=5500)

    package main

import (
	"github.com/pulumi/pulumi-terraform-provider/sdks/go/ibm/ibm"
	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)

func main() {
	pulumi.Run(func(ctx *pulumi.Context) error {
		_, err := ibm.NewCisDomainSettings(ctx, "testDomainSettings", &ibm.CisDomainSettingsArgs{
			CisId:                       pulumi.Any(data.Ibm_cis.Cis.Id),
			DomainId:                    pulumi.Any(data.Ibm_cis_domain.Cis_domain.Domain_id),
			Dnssec:                      pulumi.String("disabled"),
			Waf:                         pulumi.String("off"),
			Ssl:                         pulumi.String("flexible"),
			MinTlsVersion:               pulumi.String("1.2"),
			CnameFlattening:             pulumi.String("flatten_all"),
			OpportunisticEncryption:     pulumi.String("off"),
			AutomaticHttpsRewrites:      pulumi.String("on"),
			AlwaysUseHttps:              pulumi.String("off"),
			Ipv6:                        pulumi.String("off"),
			BrowserCheck:                pulumi.String("off"),
			HotlinkProtection:           pulumi.String("off"),
			Http2:                       pulumi.String("on"),
			ImageLoadOptimization:       pulumi.String("off"),
			ImageSizeOptimization:       pulumi.String("lossless"),
			IpGeolocation:               pulumi.String("off"),
			OriginErrorPagePassThru:     pulumi.String("off"),
			Brotli:                      pulumi.String("off"),
			PseudoIpv4:                  pulumi.String("off"),
			PrefetchPreload:             pulumi.String("off"),
			ResponseBuffering:           pulumi.String("off"),
			ScriptLoadOptimization:      pulumi.String("off"),
			ServerSideExclude:           pulumi.String("off"),
			TlsClientAuth:               pulumi.String("off"),
			TrueClientIpHeader:          pulumi.String("off"),
			Websockets:                  pulumi.String("off"),
			OpportunisticOnion:          pulumi.String("off"),
			LogRetention:                pulumi.Bool(false),
			ChallengeTtl:                pulumi.Float64(31536000),
			MaxUpload:                   pulumi.Float64(300),
			Ciphers:                     pulumi.StringArray{},
			OriginMaxHttpVersion:        pulumi.String("1"),
			OriginPostQuantumEncryption: pulumi.String("off"),
			ProxyReadTimeout:            pulumi.Float64(5500),
			Minify: &ibm.CisDomainSettingsMinifyArgs{
				Css:  pulumi.String("off"),
				Js:   pulumi.String("off"),
				Html: pulumi.String("off"),
			},
			SecurityHeader: &ibm.CisDomainSettingsSecurityHeaderArgs{
				Enabled:           pulumi.Bool(false),
				IncludeSubdomains: pulumi.Bool(false),
				MaxAge:            pulumi.Float64(0),
				Nosniff:           pulumi.Bool(false),
				Preload:           pulumi.Bool(false),
			},
			MobileRedirect: &ibm.CisDomainSettingsMobileRedirectArgs{
				Status:          pulumi.String("on"),
				MobileSubdomain: pulumi.String("m.domain.com"),
				StripUri:        pulumi.Bool(true),
			},
		})
		if err != nil {
			return err
		}
		_, err = ibm.NewCisDomainSettings(ctx, "test", &ibm.CisDomainSettingsArgs{
			CisId:                       pulumi.Any(ibm_cis.Instance.Id),
			DomainId:                    pulumi.Any(ibm_cis_domain.Example.Id),
			Waf:                         pulumi.String("on"),
			Ssl:                         pulumi.String("full"),
			MinTlsVersion:               pulumi.String("1.3"),
			OriginMaxHttpVersion:        pulumi.String("2"),
			OriginPostQuantumEncryption: pulumi.String("supported"),
			ProxyReadTimeout:            pulumi.Float64(5500),
		})
		if err != nil {
			return err
		}
		return nil
	})
}

    using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Ibm = Pulumi.Ibm;

return await Deployment.RunAsync(() => 
{
    var testDomainSettings = new Ibm.CisDomainSettings("testDomainSettings", new()
    {
        CisId = data.Ibm_cis.Cis.Id,
        DomainId = data.Ibm_cis_domain.Cis_domain.Domain_id,
        Dnssec = "disabled",
        Waf = "off",
        Ssl = "flexible",
        MinTlsVersion = "1.2",
        CnameFlattening = "flatten_all",
        OpportunisticEncryption = "off",
        AutomaticHttpsRewrites = "on",
        AlwaysUseHttps = "off",
        Ipv6 = "off",
        BrowserCheck = "off",
        HotlinkProtection = "off",
        Http2 = "on",
        ImageLoadOptimization = "off",
        ImageSizeOptimization = "lossless",
        IpGeolocation = "off",
        OriginErrorPagePassThru = "off",
        Brotli = "off",
        PseudoIpv4 = "off",
        PrefetchPreload = "off",
        ResponseBuffering = "off",
        ScriptLoadOptimization = "off",
        ServerSideExclude = "off",
        TlsClientAuth = "off",
        TrueClientIpHeader = "off",
        Websockets = "off",
        OpportunisticOnion = "off",
        LogRetention = false,
        ChallengeTtl = 31536000,
        MaxUpload = 300,
        Ciphers = new[] {},
        OriginMaxHttpVersion = "1",
        OriginPostQuantumEncryption = "off",
        ProxyReadTimeout = 5500,
        Minify = new Ibm.Inputs.CisDomainSettingsMinifyArgs
        {
            Css = "off",
            Js = "off",
            Html = "off",
        },
        SecurityHeader = new Ibm.Inputs.CisDomainSettingsSecurityHeaderArgs
        {
            Enabled = false,
            IncludeSubdomains = false,
            MaxAge = 0,
            Nosniff = false,
            Preload = false,
        },
        MobileRedirect = new Ibm.Inputs.CisDomainSettingsMobileRedirectArgs
        {
            Status = "on",
            MobileSubdomain = "m.domain.com",
            StripUri = true,
        },
    });

    var test = new Ibm.CisDomainSettings("test", new()
    {
        CisId = ibm_cis.Instance.Id,
        DomainId = ibm_cis_domain.Example.Id,
        Waf = "on",
        Ssl = "full",
        MinTlsVersion = "1.3",
        OriginMaxHttpVersion = "2",
        OriginPostQuantumEncryption = "supported",
        ProxyReadTimeout = 5500,
    });

});

    package generated_program;

import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.ibm.CisDomainSettings;
import com.pulumi.ibm.CisDomainSettingsArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMinifyArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsSecurityHeaderArgs;
import com.pulumi.ibm.inputs.CisDomainSettingsMobileRedirectArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;

public class App {
    public static void main(String[] args) {
        Pulumi.run(App::stack);
    }

    public static void stack(Context ctx) {
        var testDomainSettings = new CisDomainSettings("testDomainSettings", CisDomainSettingsArgs.builder()
            .cisId(data.ibm_cis().cis().id())
            .domainId(data.ibm_cis_domain().cis_domain().domain_id())
            .dnssec("disabled")
            .waf("off")
            .ssl("flexible")
            .minTlsVersion("1.2")
            .cnameFlattening("flatten_all")
            .opportunisticEncryption("off")
            .automaticHttpsRewrites("on")
            .alwaysUseHttps("off")
            .ipv6("off")
            .browserCheck("off")
            .hotlinkProtection("off")
            .http2("on")
            .imageLoadOptimization("off")
            .imageSizeOptimization("lossless")
            .ipGeolocation("off")
            .originErrorPagePassThru("off")
            .brotli("off")
            .pseudoIpv4("off")
            .prefetchPreload("off")
            .responseBuffering("off")
            .scriptLoadOptimization("off")
            .serverSideExclude("off")
            .tlsClientAuth("off")
            .trueClientIpHeader("off")
            .websockets("off")
            .opportunisticOnion("off")
            .logRetention(false)
            .challengeTtl(31536000)
            .maxUpload(300)
            .ciphers()
            .originMaxHttpVersion("1")
            .originPostQuantumEncryption("off")
            .proxyReadTimeout(5500)
            .minify(CisDomainSettingsMinifyArgs.builder()
                .css("off")
                .js("off")
                .html("off")
                .build())
            .securityHeader(CisDomainSettingsSecurityHeaderArgs.builder()
                .enabled(false)
                .includeSubdomains(false)
                .maxAge(0)
                .nosniff(false)
                .preload(false)
                .build())
            .mobileRedirect(CisDomainSettingsMobileRedirectArgs.builder()
                .status("on")
                .mobileSubdomain("m.domain.com")
                .stripUri(true)
                .build())
            .build());

        var test = new CisDomainSettings("test", CisDomainSettingsArgs.builder()
            .cisId(ibm_cis.instance().id())
            .domainId(ibm_cis_domain.example().id())
            .waf("on")
            .ssl("full")
            .minTlsVersion("1.3")
            .originMaxHttpVersion("2")
            .originPostQuantumEncryption("supported")
            .proxyReadTimeout(5500)
            .build());

    }
}

    resources:
  testDomainSettings:
    type: ibm:CisDomainSettings
    properties:
      cisId: ${data.ibm_cis.cis.id}
      domainId: ${data.ibm_cis_domain.cis_domain.domain_id}
      dnssec: disabled
      waf: off
      ssl: flexible
      minTlsVersion: '1.2'
      cnameFlattening: flatten_all
      opportunisticEncryption: off
      automaticHttpsRewrites: on
      alwaysUseHttps: off
      ipv6: off
      browserCheck: off
      hotlinkProtection: off
      http2: on
      imageLoadOptimization: off
      imageSizeOptimization: lossless
      ipGeolocation: off
      originErrorPagePassThru: off
      brotli: off
      pseudoIpv4: off
      prefetchPreload: off
      responseBuffering: off
      scriptLoadOptimization: off
      serverSideExclude: off
      tlsClientAuth: off
      trueClientIpHeader: off
      websockets: off
      opportunisticOnion: off
      logRetention: false
      challengeTtl: 3.1536e+07
      maxUpload: 300
      ciphers: []
      originMaxHttpVersion: '1'
      originPostQuantumEncryption: off
      proxyReadTimeout: 5500
      minify:
        css: off
        js: off
        html: off
      securityHeader:
        enabled: false
        includeSubdomains: false
        maxAge: 0
        nosniff: false
        preload: false
      mobileRedirect:
        status: on
        mobileSubdomain: m.domain.com
        stripUri: true
  test:
    type: ibm:CisDomainSettings
    properties:
      cisId: ${ibm_cis.instance.id}
      domainId: ${ibm_cis_domain.example.id}
      waf: on
      ssl: full
      minTlsVersion: '1.3'
      originMaxHttpVersion: '2'
      originPostQuantumEncryption: supported
      proxyReadTimeout: 5500

    Create CisDomainSettings Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new CisDomainSettings(name: string, args: CisDomainSettingsArgs, opts?: CustomResourceOptions);
    @overload
def CisDomainSettings(resource_name: str,
                      args: CisDomainSettingsArgs,
                      opts: Optional[ResourceOptions] = None)

@overload
def CisDomainSettings(resource_name: str,
                      opts: Optional[ResourceOptions] = None,
                      cis_id: Optional[str] = None,
                      domain_id: Optional[str] = None,
                      max_upload: Optional[float] = None,
                      mobile_redirect: Optional[CisDomainSettingsMobileRedirectArgs] = None,
                      challenge_ttl: Optional[float] = None,
                      ciphers: Optional[Sequence[str]] = None,
                      cis_domain_settings_id: Optional[str] = None,
                      opportunistic_encryption: Optional[str] = None,
                      cname_flattening: Optional[str] = None,
                      dnssec: Optional[str] = None,
                      automatic_https_rewrites: Optional[str] = None,
                      hotlink_protection: Optional[str] = None,
                      http2: Optional[str] = None,
                      image_load_optimization: Optional[str] = None,
                      image_size_optimization: Optional[str] = None,
                      ip_geolocation: Optional[str] = None,
                      ipv6: Optional[str] = None,
                      log_retention: Optional[bool] = None,
                      always_use_https: Optional[str] = None,
                      min_tls_version: Optional[str] = None,
                      browser_check: Optional[str] = None,
                      minify: Optional[CisDomainSettingsMinifyArgs] = None,
                      brotli: Optional[str] = None,
                      opportunistic_onion: Optional[str] = None,
                      origin_error_page_pass_thru: Optional[str] = None,
                      origin_max_http_version: Optional[str] = None,
                      origin_post_quantum_encryption: Optional[str] = None,
                      prefetch_preload: Optional[str] = None,
                      proxy_read_timeout: Optional[float] = None,
                      pseudo_ipv4: Optional[str] = None,
                      response_buffering: Optional[str] = None,
                      script_load_optimization: Optional[str] = None,
                      security_header: Optional[CisDomainSettingsSecurityHeaderArgs] = None,
                      server_side_exclude: Optional[str] = None,
                      ssl: Optional[str] = None,
                      tls_client_auth: Optional[str] = None,
                      true_client_ip_header: Optional[str] = None,
                      waf: Optional[str] = None,
                      websockets: Optional[str] = None)
    func NewCisDomainSettings(ctx *Context, name string, args CisDomainSettingsArgs, opts ...ResourceOption) (*CisDomainSettings, error)
    public CisDomainSettings(string name, CisDomainSettingsArgs args, CustomResourceOptions? opts = null)
    public CisDomainSettings(String name, CisDomainSettingsArgs args)
public CisDomainSettings(String name, CisDomainSettingsArgs args, CustomResourceOptions options)

    type: ibm:CisDomainSettings
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.

    Parameters

    name string
    The unique name of the resource.
    args CisDomainSettingsArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args CisDomainSettingsArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args CisDomainSettingsArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args CisDomainSettingsArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args CisDomainSettingsArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var cisDomainSettingsResource = new Ibm.CisDomainSettings("cisDomainSettingsResource", new()
{
    CisId = "string",
    DomainId = "string",
    MaxUpload = 0,
    MobileRedirect = new Ibm.Inputs.CisDomainSettingsMobileRedirectArgs
    {
        Status = "string",
        MobileSubdomain = "string",
        StripUri = false,
    },
    ChallengeTtl = 0,
    Ciphers = new[]
    {
        "string",
    },
    CisDomainSettingsId = "string",
    OpportunisticEncryption = "string",
    CnameFlattening = "string",
    Dnssec = "string",
    AutomaticHttpsRewrites = "string",
    HotlinkProtection = "string",
    Http2 = "string",
    ImageLoadOptimization = "string",
    ImageSizeOptimization = "string",
    IpGeolocation = "string",
    Ipv6 = "string",
    LogRetention = false,
    AlwaysUseHttps = "string",
    MinTlsVersion = "string",
    BrowserCheck = "string",
    Minify = new Ibm.Inputs.CisDomainSettingsMinifyArgs
    {
        Css = "string",
        Html = "string",
        Js = "string",
    },
    Brotli = "string",
    OpportunisticOnion = "string",
    OriginErrorPagePassThru = "string",
    OriginMaxHttpVersion = "string",
    OriginPostQuantumEncryption = "string",
    PrefetchPreload = "string",
    ProxyReadTimeout = 0,
    PseudoIpv4 = "string",
    ResponseBuffering = "string",
    ScriptLoadOptimization = "string",
    SecurityHeader = new Ibm.Inputs.CisDomainSettingsSecurityHeaderArgs
    {
        Enabled = false,
        IncludeSubdomains = false,
        MaxAge = 0,
        Nosniff = false,
        Preload = false,
    },
    ServerSideExclude = "string",
    Ssl = "string",
    TlsClientAuth = "string",
    TrueClientIpHeader = "string",
    Waf = "string",
    Websockets = "string",
});

    example, err := ibm.NewCisDomainSettings(ctx, "cisDomainSettingsResource", &ibm.CisDomainSettingsArgs{
	CisId:     pulumi.String("string"),
	DomainId:  pulumi.String("string"),
	MaxUpload: pulumi.Float64(0),
	MobileRedirect: &ibm.CisDomainSettingsMobileRedirectArgs{
		Status:          pulumi.String("string"),
		MobileSubdomain: pulumi.String("string"),
		StripUri:        pulumi.Bool(false),
	},
	ChallengeTtl: pulumi.Float64(0),
	Ciphers: pulumi.StringArray{
		pulumi.String("string"),
	},
	CisDomainSettingsId:     pulumi.String("string"),
	OpportunisticEncryption: pulumi.String("string"),
	CnameFlattening:         pulumi.String("string"),
	Dnssec:                  pulumi.String("string"),
	AutomaticHttpsRewrites:  pulumi.String("string"),
	HotlinkProtection:       pulumi.String("string"),
	Http2:                   pulumi.String("string"),
	ImageLoadOptimization:   pulumi.String("string"),
	ImageSizeOptimization:   pulumi.String("string"),
	IpGeolocation:           pulumi.String("string"),
	Ipv6:                    pulumi.String("string"),
	LogRetention:            pulumi.Bool(false),
	AlwaysUseHttps:          pulumi.String("string"),
	MinTlsVersion:           pulumi.String("string"),
	BrowserCheck:            pulumi.String("string"),
	Minify: &ibm.CisDomainSettingsMinifyArgs{
		Css:  pulumi.String("string"),
		Html: pulumi.String("string"),
		Js:   pulumi.String("string"),
	},
	Brotli:                      pulumi.String("string"),
	OpportunisticOnion:          pulumi.String("string"),
	OriginErrorPagePassThru:     pulumi.String("string"),
	OriginMaxHttpVersion:        pulumi.String("string"),
	OriginPostQuantumEncryption: pulumi.String("string"),
	PrefetchPreload:             pulumi.String("string"),
	ProxyReadTimeout:            pulumi.Float64(0),
	PseudoIpv4:                  pulumi.String("string"),
	ResponseBuffering:           pulumi.String("string"),
	ScriptLoadOptimization:      pulumi.String("string"),
	SecurityHeader: &ibm.CisDomainSettingsSecurityHeaderArgs{
		Enabled:           pulumi.Bool(false),
		IncludeSubdomains: pulumi.Bool(false),
		MaxAge:            pulumi.Float64(0),
		Nosniff:           pulumi.Bool(false),
		Preload:           pulumi.Bool(false),
	},
	ServerSideExclude:  pulumi.String("string"),
	Ssl:                pulumi.String("string"),
	TlsClientAuth:      pulumi.String("string"),
	TrueClientIpHeader: pulumi.String("string"),
	Waf:                pulumi.String("string"),
	Websockets:         pulumi.String("string"),
})

    var cisDomainSettingsResource = new CisDomainSettings("cisDomainSettingsResource", CisDomainSettingsArgs.builder()
    .cisId("string")
    .domainId("string")
    .maxUpload(0)
    .mobileRedirect(CisDomainSettingsMobileRedirectArgs.builder()
        .status("string")
        .mobileSubdomain("string")
        .stripUri(false)
        .build())
    .challengeTtl(0)
    .ciphers("string")
    .cisDomainSettingsId("string")
    .opportunisticEncryption("string")
    .cnameFlattening("string")
    .dnssec("string")
    .automaticHttpsRewrites("string")
    .hotlinkProtection("string")
    .http2("string")
    .imageLoadOptimization("string")
    .imageSizeOptimization("string")
    .ipGeolocation("string")
    .ipv6("string")
    .logRetention(false)
    .alwaysUseHttps("string")
    .minTlsVersion("string")
    .browserCheck("string")
    .minify(CisDomainSettingsMinifyArgs.builder()
        .css("string")
        .html("string")
        .js("string")
        .build())
    .brotli("string")
    .opportunisticOnion("string")
    .originErrorPagePassThru("string")
    .originMaxHttpVersion("string")
    .originPostQuantumEncryption("string")
    .prefetchPreload("string")
    .proxyReadTimeout(0)
    .pseudoIpv4("string")
    .responseBuffering("string")
    .scriptLoadOptimization("string")
    .securityHeader(CisDomainSettingsSecurityHeaderArgs.builder()
        .enabled(false)
        .includeSubdomains(false)
        .maxAge(0)
        .nosniff(false)
        .preload(false)
        .build())
    .serverSideExclude("string")
    .ssl("string")
    .tlsClientAuth("string")
    .trueClientIpHeader("string")
    .waf("string")
    .websockets("string")
    .build());

    cis_domain_settings_resource = ibm.CisDomainSettings("cisDomainSettingsResource",
    cis_id="string",
    domain_id="string",
    max_upload=0,
    mobile_redirect={
        "status": "string",
        "mobile_subdomain": "string",
        "strip_uri": False,
    },
    challenge_ttl=0,
    ciphers=["string"],
    cis_domain_settings_id="string",
    opportunistic_encryption="string",
    cname_flattening="string",
    dnssec="string",
    automatic_https_rewrites="string",
    hotlink_protection="string",
    http2="string",
    image_load_optimization="string",
    image_size_optimization="string",
    ip_geolocation="string",
    ipv6="string",
    log_retention=False,
    always_use_https="string",
    min_tls_version="string",
    browser_check="string",
    minify={
        "css": "string",
        "html": "string",
        "js": "string",
    },
    brotli="string",
    opportunistic_onion="string",
    origin_error_page_pass_thru="string",
    origin_max_http_version="string",
    origin_post_quantum_encryption="string",
    prefetch_preload="string",
    proxy_read_timeout=0,
    pseudo_ipv4="string",
    response_buffering="string",
    script_load_optimization="string",
    security_header={
        "enabled": False,
        "include_subdomains": False,
        "max_age": 0,
        "nosniff": False,
        "preload": False,
    },
    server_side_exclude="string",
    ssl="string",
    tls_client_auth="string",
    true_client_ip_header="string",
    waf="string",
    websockets="string")

    const cisDomainSettingsResource = new ibm.CisDomainSettings("cisDomainSettingsResource", {
    cisId: "string",
    domainId: "string",
    maxUpload: 0,
    mobileRedirect: {
        status: "string",
        mobileSubdomain: "string",
        stripUri: false,
    },
    challengeTtl: 0,
    ciphers: ["string"],
    cisDomainSettingsId: "string",
    opportunisticEncryption: "string",
    cnameFlattening: "string",
    dnssec: "string",
    automaticHttpsRewrites: "string",
    hotlinkProtection: "string",
    http2: "string",
    imageLoadOptimization: "string",
    imageSizeOptimization: "string",
    ipGeolocation: "string",
    ipv6: "string",
    logRetention: false,
    alwaysUseHttps: "string",
    minTlsVersion: "string",
    browserCheck: "string",
    minify: {
        css: "string",
        html: "string",
        js: "string",
    },
    brotli: "string",
    opportunisticOnion: "string",
    originErrorPagePassThru: "string",
    originMaxHttpVersion: "string",
    originPostQuantumEncryption: "string",
    prefetchPreload: "string",
    proxyReadTimeout: 0,
    pseudoIpv4: "string",
    responseBuffering: "string",
    scriptLoadOptimization: "string",
    securityHeader: {
        enabled: false,
        includeSubdomains: false,
        maxAge: 0,
        nosniff: false,
        preload: false,
    },
    serverSideExclude: "string",
    ssl: "string",
    tlsClientAuth: "string",
    trueClientIpHeader: "string",
    waf: "string",
    websockets: "string",
});

    type: ibm:CisDomainSettings
properties:
    alwaysUseHttps: string
    automaticHttpsRewrites: string
    brotli: string
    browserCheck: string
    challengeTtl: 0
    ciphers:
        - string
    cisDomainSettingsId: string
    cisId: string
    cnameFlattening: string
    dnssec: string
    domainId: string
    hotlinkProtection: string
    http2: string
    imageLoadOptimization: string
    imageSizeOptimization: string
    ipGeolocation: string
    ipv6: string
    logRetention: false
    maxUpload: 0
    minTlsVersion: string
    minify:
        css: string
        html: string
        js: string
    mobileRedirect:
        mobileSubdomain: string
        status: string
        stripUri: false
    opportunisticEncryption: string
    opportunisticOnion: string
    originErrorPagePassThru: string
    originMaxHttpVersion: string
    originPostQuantumEncryption: string
    prefetchPreload: string
    proxyReadTimeout: 0
    pseudoIpv4: string
    responseBuffering: string
    scriptLoadOptimization: string
    securityHeader:
        enabled: false
        includeSubdomains: false
        maxAge: 0
        nosniff: false
        preload: false
    serverSideExclude: string
    ssl: string
    tlsClientAuth: string
    trueClientIpHeader: string
    waf: string
    websockets: string

    CisDomainSettings Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The CisDomainSettings resource accepts the following input properties:

    CisId string
    The ID of the IBM Cloud Internet Services instance.
    DomainId string
    The ID of the domain that you want to customize.
    AlwaysUseHttps string
    Supported values are off and on.
    AutomaticHttpsRewrites string
    Enable HTTPS rewrites. Allowed values are off and on.
    Brotli string
    Supported values are off and on.
    BrowserCheck string
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    ChallengeTtl double
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    Ciphers List<string>
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    CisDomainSettingsId string
    CnameFlattening string
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    Dnssec string
    Can set to active only once. Allowed values are active, disabled.
    HotlinkProtection string
    Supported values are off and on.
    Http2 string
    Supported values are off and on.
    ImageLoadOptimization string
    Supported values are off and on.
    ImageSizeOptimization string
    Supported values are lossless, off, and lossy.
    IpGeolocation string
    Supported values are off and on.
    Ipv6 string
    Supported values are off and on.
    LogRetention bool
    Supported values are false and true.
    MaxUpload double
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    MinTlsVersion string
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    Minify CisDomainSettingsMinify

    Minify the setting as stated.

    Nested scheme for minify:

    MobileRedirect CisDomainSettingsMobileRedirect

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    OpportunisticEncryption string
    Supported values are off and on.
    OpportunisticOnion string
    Supported values are off and on.
    OriginErrorPagePassThru string
    Supported values are off and on.
    OriginMaxHttpVersion string
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    OriginPostQuantumEncryption string
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    PrefetchPreload string
    Supported values are off and on.
    ProxyReadTimeout double
    Maximum time between two read operations from origin. Valid values are 1-6000.
    PseudoIpv4 string
    Supported values are overwrite_header, off, and add_header.
    ResponseBuffering string
    Supported values are off and on.
    ScriptLoadOptimization string
    Supported values are off and on.
    SecurityHeader CisDomainSettingsSecurityHeader
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    ServerSideExclude string
    Supported values are off and on.
    Ssl string
    Allowed values: off, flexible, full, strict, origin_pull.
    TlsClientAuth string
    Supported values are off and on.
    TrueClientIpHeader string
    Supported values are off and on.
    Waf string
    Enable a web application firewall (WAF). Supported values are off and on.
    Websockets string
    Supported values are off and on.
    CisId string
    The ID of the IBM Cloud Internet Services instance.
    DomainId string
    The ID of the domain that you want to customize.
    AlwaysUseHttps string
    Supported values are off and on.
    AutomaticHttpsRewrites string
    Enable HTTPS rewrites. Allowed values are off and on.
    Brotli string
    Supported values are off and on.
    BrowserCheck string
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    ChallengeTtl float64
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    Ciphers []string
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    CisDomainSettingsId string
    CnameFlattening string
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    Dnssec string
    Can set to active only once. Allowed values are active, disabled.
    HotlinkProtection string
    Supported values are off and on.
    Http2 string
    Supported values are off and on.
    ImageLoadOptimization string
    Supported values are off and on.
    ImageSizeOptimization string
    Supported values are lossless, off, and lossy.
    IpGeolocation string
    Supported values are off and on.
    Ipv6 string
    Supported values are off and on.
    LogRetention bool
    Supported values are false and true.
    MaxUpload float64
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    MinTlsVersion string
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    Minify CisDomainSettingsMinifyArgs

    Minify the setting as stated.

    Nested scheme for minify:

    MobileRedirect CisDomainSettingsMobileRedirectArgs

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    OpportunisticEncryption string
    Supported values are off and on.
    OpportunisticOnion string
    Supported values are off and on.
    OriginErrorPagePassThru string
    Supported values are off and on.
    OriginMaxHttpVersion string
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    OriginPostQuantumEncryption string
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    PrefetchPreload string
    Supported values are off and on.
    ProxyReadTimeout float64
    Maximum time between two read operations from origin. Valid values are 1-6000.
    PseudoIpv4 string
    Supported values are overwrite_header, off, and add_header.
    ResponseBuffering string
    Supported values are off and on.
    ScriptLoadOptimization string
    Supported values are off and on.
    SecurityHeader CisDomainSettingsSecurityHeaderArgs
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    ServerSideExclude string
    Supported values are off and on.
    Ssl string
    Allowed values: off, flexible, full, strict, origin_pull.
    TlsClientAuth string
    Supported values are off and on.
    TrueClientIpHeader string
    Supported values are off and on.
    Waf string
    Enable a web application firewall (WAF). Supported values are off and on.
    Websockets string
    Supported values are off and on.
    cisId String
    The ID of the IBM Cloud Internet Services instance.
    domainId String
    The ID of the domain that you want to customize.
    alwaysUseHttps String
    Supported values are off and on.
    automaticHttpsRewrites String
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli String
    Supported values are off and on.
    browserCheck String
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    challengeTtl Double
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers List<String>
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cisDomainSettingsId String
    cnameFlattening String
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec String
    Can set to active only once. Allowed values are active, disabled.
    hotlinkProtection String
    Supported values are off and on.
    http2 String
    Supported values are off and on.
    imageLoadOptimization String
    Supported values are off and on.
    imageSizeOptimization String
    Supported values are lossless, off, and lossy.
    ipGeolocation String
    Supported values are off and on.
    ipv6 String
    Supported values are off and on.
    logRetention Boolean
    Supported values are false and true.
    maxUpload Double
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    minTlsVersion String
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify CisDomainSettingsMinify

    Minify the setting as stated.

    Nested scheme for minify:

    mobileRedirect CisDomainSettingsMobileRedirect

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunisticEncryption String
    Supported values are off and on.
    opportunisticOnion String
    Supported values are off and on.
    originErrorPagePassThru String
    Supported values are off and on.
    originMaxHttpVersion String
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    originPostQuantumEncryption String
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetchPreload String
    Supported values are off and on.
    proxyReadTimeout Double
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudoIpv4 String
    Supported values are overwrite_header, off, and add_header.
    responseBuffering String
    Supported values are off and on.
    scriptLoadOptimization String
    Supported values are off and on.
    securityHeader CisDomainSettingsSecurityHeader
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    serverSideExclude String
    Supported values are off and on.
    ssl String
    Allowed values: off, flexible, full, strict, origin_pull.
    tlsClientAuth String
    Supported values are off and on.
    trueClientIpHeader String
    Supported values are off and on.
    waf String
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets String
    Supported values are off and on.
    cisId string
    The ID of the IBM Cloud Internet Services instance.
    domainId string
    The ID of the domain that you want to customize.
    alwaysUseHttps string
    Supported values are off and on.
    automaticHttpsRewrites string
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli string
    Supported values are off and on.
    browserCheck string
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    challengeTtl number
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers string[]
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cisDomainSettingsId string
    cnameFlattening string
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec string
    Can set to active only once. Allowed values are active, disabled.
    hotlinkProtection string
    Supported values are off and on.
    http2 string
    Supported values are off and on.
    imageLoadOptimization string
    Supported values are off and on.
    imageSizeOptimization string
    Supported values are lossless, off, and lossy.
    ipGeolocation string
    Supported values are off and on.
    ipv6 string
    Supported values are off and on.
    logRetention boolean
    Supported values are false and true.
    maxUpload number
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    minTlsVersion string
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify CisDomainSettingsMinify

    Minify the setting as stated.

    Nested scheme for minify:

    mobileRedirect CisDomainSettingsMobileRedirect

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunisticEncryption string
    Supported values are off and on.
    opportunisticOnion string
    Supported values are off and on.
    originErrorPagePassThru string
    Supported values are off and on.
    originMaxHttpVersion string
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    originPostQuantumEncryption string
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetchPreload string
    Supported values are off and on.
    proxyReadTimeout number
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudoIpv4 string
    Supported values are overwrite_header, off, and add_header.
    responseBuffering string
    Supported values are off and on.
    scriptLoadOptimization string
    Supported values are off and on.
    securityHeader CisDomainSettingsSecurityHeader
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    serverSideExclude string
    Supported values are off and on.
    ssl string
    Allowed values: off, flexible, full, strict, origin_pull.
    tlsClientAuth string
    Supported values are off and on.
    trueClientIpHeader string
    Supported values are off and on.
    waf string
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets string
    Supported values are off and on.
    cis_id str
    The ID of the IBM Cloud Internet Services instance.
    domain_id str
    The ID of the domain that you want to customize.
    always_use_https str
    Supported values are off and on.
    automatic_https_rewrites str
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli str
    Supported values are off and on.
    browser_check str
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    challenge_ttl float
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers Sequence[str]
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cis_domain_settings_id str
    cname_flattening str
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec str
    Can set to active only once. Allowed values are active, disabled.
    hotlink_protection str
    Supported values are off and on.
    http2 str
    Supported values are off and on.
    image_load_optimization str
    Supported values are off and on.
    image_size_optimization str
    Supported values are lossless, off, and lossy.
    ip_geolocation str
    Supported values are off and on.
    ipv6 str
    Supported values are off and on.
    log_retention bool
    Supported values are false and true.
    max_upload float
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    min_tls_version str
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify CisDomainSettingsMinifyArgs

    Minify the setting as stated.

    Nested scheme for minify:

    mobile_redirect CisDomainSettingsMobileRedirectArgs

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunistic_encryption str
    Supported values are off and on.
    opportunistic_onion str
    Supported values are off and on.
    origin_error_page_pass_thru str
    Supported values are off and on.
    origin_max_http_version str
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    origin_post_quantum_encryption str
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetch_preload str
    Supported values are off and on.
    proxy_read_timeout float
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudo_ipv4 str
    Supported values are overwrite_header, off, and add_header.
    response_buffering str
    Supported values are off and on.
    script_load_optimization str
    Supported values are off and on.
    security_header CisDomainSettingsSecurityHeaderArgs
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    server_side_exclude str
    Supported values are off and on.
    ssl str
    Allowed values: off, flexible, full, strict, origin_pull.
    tls_client_auth str
    Supported values are off and on.
    true_client_ip_header str
    Supported values are off and on.
    waf str
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets str
    Supported values are off and on.
    cisId String
    The ID of the IBM Cloud Internet Services instance.
    domainId String
    The ID of the domain that you want to customize.
    alwaysUseHttps String
    Supported values are off and on.
    automaticHttpsRewrites String
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli String
    Supported values are off and on.
    browserCheck String
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    challengeTtl Number
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers List<String>
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cisDomainSettingsId String
    cnameFlattening String
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec String
    Can set to active only once. Allowed values are active, disabled.
    hotlinkProtection String
    Supported values are off and on.
    http2 String
    Supported values are off and on.
    imageLoadOptimization String
    Supported values are off and on.
    imageSizeOptimization String
    Supported values are lossless, off, and lossy.
    ipGeolocation String
    Supported values are off and on.
    ipv6 String
    Supported values are off and on.
    logRetention Boolean
    Supported values are false and true.
    maxUpload Number
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    minTlsVersion String
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify Property Map

    Minify the setting as stated.

    Nested scheme for minify:

    mobileRedirect Property Map

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunisticEncryption String
    Supported values are off and on.
    opportunisticOnion String
    Supported values are off and on.
    originErrorPagePassThru String
    Supported values are off and on.
    originMaxHttpVersion String
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    originPostQuantumEncryption String
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetchPreload String
    Supported values are off and on.
    proxyReadTimeout Number
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudoIpv4 String
    Supported values are overwrite_header, off, and add_header.
    responseBuffering String
    Supported values are off and on.
    scriptLoadOptimization String
    Supported values are off and on.
    securityHeader Property Map
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    serverSideExclude String
    Supported values are off and on.
    ssl String
    Allowed values: off, flexible, full, strict, origin_pull.
    tlsClientAuth String
    Supported values are off and on.
    trueClientIpHeader String
    Supported values are off and on.
    waf String
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets String
    Supported values are off and on.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the CisDomainSettings resource produces the following output properties:

    CertificateStatus string
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    Id string
    The provider-assigned unique ID for this managed resource.
    CertificateStatus string
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    Id string
    The provider-assigned unique ID for this managed resource.
    certificateStatus String
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    id String
    The provider-assigned unique ID for this managed resource.
    certificateStatus string
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    id string
    The provider-assigned unique ID for this managed resource.
    certificate_status str
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    id str
    The provider-assigned unique ID for this managed resource.
    certificateStatus String
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing CisDomainSettings Resource

    Get an existing CisDomainSettings resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: CisDomainSettingsState, opts?: CustomResourceOptions): CisDomainSettings
    @staticmethod
def get(resource_name: str,
        id: str,
        opts: Optional[ResourceOptions] = None,
        always_use_https: Optional[str] = None,
        automatic_https_rewrites: Optional[str] = None,
        brotli: Optional[str] = None,
        browser_check: Optional[str] = None,
        certificate_status: Optional[str] = None,
        challenge_ttl: Optional[float] = None,
        ciphers: Optional[Sequence[str]] = None,
        cis_domain_settings_id: Optional[str] = None,
        cis_id: Optional[str] = None,
        cname_flattening: Optional[str] = None,
        dnssec: Optional[str] = None,
        domain_id: Optional[str] = None,
        hotlink_protection: Optional[str] = None,
        http2: Optional[str] = None,
        image_load_optimization: Optional[str] = None,
        image_size_optimization: Optional[str] = None,
        ip_geolocation: Optional[str] = None,
        ipv6: Optional[str] = None,
        log_retention: Optional[bool] = None,
        max_upload: Optional[float] = None,
        min_tls_version: Optional[str] = None,
        minify: Optional[CisDomainSettingsMinifyArgs] = None,
        mobile_redirect: Optional[CisDomainSettingsMobileRedirectArgs] = None,
        opportunistic_encryption: Optional[str] = None,
        opportunistic_onion: Optional[str] = None,
        origin_error_page_pass_thru: Optional[str] = None,
        origin_max_http_version: Optional[str] = None,
        origin_post_quantum_encryption: Optional[str] = None,
        prefetch_preload: Optional[str] = None,
        proxy_read_timeout: Optional[float] = None,
        pseudo_ipv4: Optional[str] = None,
        response_buffering: Optional[str] = None,
        script_load_optimization: Optional[str] = None,
        security_header: Optional[CisDomainSettingsSecurityHeaderArgs] = None,
        server_side_exclude: Optional[str] = None,
        ssl: Optional[str] = None,
        tls_client_auth: Optional[str] = None,
        true_client_ip_header: Optional[str] = None,
        waf: Optional[str] = None,
        websockets: Optional[str] = None) -> CisDomainSettings
    func GetCisDomainSettings(ctx *Context, name string, id IDInput, state *CisDomainSettingsState, opts ...ResourceOption) (*CisDomainSettings, error)
    public static CisDomainSettings Get(string name, Input<string> id, CisDomainSettingsState? state, CustomResourceOptions? opts = null)
    public static CisDomainSettings get(String name, Output<String> id, CisDomainSettingsState state, CustomResourceOptions options)
    resources:  _:    type: ibm:CisDomainSettings    get:      id: ${id}
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    AlwaysUseHttps string
    Supported values are off and on.
    AutomaticHttpsRewrites string
    Enable HTTPS rewrites. Allowed values are off and on.
    Brotli string
    Supported values are off and on.
    BrowserCheck string
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    CertificateStatus string
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    ChallengeTtl double
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    Ciphers List<string>
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    CisDomainSettingsId string
    CisId string
    The ID of the IBM Cloud Internet Services instance.
    CnameFlattening string
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    Dnssec string
    Can set to active only once. Allowed values are active, disabled.
    DomainId string
    The ID of the domain that you want to customize.
    HotlinkProtection string
    Supported values are off and on.
    Http2 string
    Supported values are off and on.
    ImageLoadOptimization string
    Supported values are off and on.
    ImageSizeOptimization string
    Supported values are lossless, off, and lossy.
    IpGeolocation string
    Supported values are off and on.
    Ipv6 string
    Supported values are off and on.
    LogRetention bool
    Supported values are false and true.
    MaxUpload double
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    MinTlsVersion string
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    Minify CisDomainSettingsMinify

    Minify the setting as stated.

    Nested scheme for minify:

    MobileRedirect CisDomainSettingsMobileRedirect

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    OpportunisticEncryption string
    Supported values are off and on.
    OpportunisticOnion string
    Supported values are off and on.
    OriginErrorPagePassThru string
    Supported values are off and on.
    OriginMaxHttpVersion string
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    OriginPostQuantumEncryption string
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    PrefetchPreload string
    Supported values are off and on.
    ProxyReadTimeout double
    Maximum time between two read operations from origin. Valid values are 1-6000.
    PseudoIpv4 string
    Supported values are overwrite_header, off, and add_header.
    ResponseBuffering string
    Supported values are off and on.
    ScriptLoadOptimization string
    Supported values are off and on.
    SecurityHeader CisDomainSettingsSecurityHeader
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    ServerSideExclude string
    Supported values are off and on.
    Ssl string
    Allowed values: off, flexible, full, strict, origin_pull.
    TlsClientAuth string
    Supported values are off and on.
    TrueClientIpHeader string
    Supported values are off and on.
    Waf string
    Enable a web application firewall (WAF). Supported values are off and on.
    Websockets string
    Supported values are off and on.
    AlwaysUseHttps string
    Supported values are off and on.
    AutomaticHttpsRewrites string
    Enable HTTPS rewrites. Allowed values are off and on.
    Brotli string
    Supported values are off and on.
    BrowserCheck string
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    CertificateStatus string
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    ChallengeTtl float64
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    Ciphers []string
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    CisDomainSettingsId string
    CisId string
    The ID of the IBM Cloud Internet Services instance.
    CnameFlattening string
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    Dnssec string
    Can set to active only once. Allowed values are active, disabled.
    DomainId string
    The ID of the domain that you want to customize.
    HotlinkProtection string
    Supported values are off and on.
    Http2 string
    Supported values are off and on.
    ImageLoadOptimization string
    Supported values are off and on.
    ImageSizeOptimization string
    Supported values are lossless, off, and lossy.
    IpGeolocation string
    Supported values are off and on.
    Ipv6 string
    Supported values are off and on.
    LogRetention bool
    Supported values are false and true.
    MaxUpload float64
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    MinTlsVersion string
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    Minify CisDomainSettingsMinifyArgs

    Minify the setting as stated.

    Nested scheme for minify:

    MobileRedirect CisDomainSettingsMobileRedirectArgs

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    OpportunisticEncryption string
    Supported values are off and on.
    OpportunisticOnion string
    Supported values are off and on.
    OriginErrorPagePassThru string
    Supported values are off and on.
    OriginMaxHttpVersion string
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    OriginPostQuantumEncryption string
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    PrefetchPreload string
    Supported values are off and on.
    ProxyReadTimeout float64
    Maximum time between two read operations from origin. Valid values are 1-6000.
    PseudoIpv4 string
    Supported values are overwrite_header, off, and add_header.
    ResponseBuffering string
    Supported values are off and on.
    ScriptLoadOptimization string
    Supported values are off and on.
    SecurityHeader CisDomainSettingsSecurityHeaderArgs
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    ServerSideExclude string
    Supported values are off and on.
    Ssl string
    Allowed values: off, flexible, full, strict, origin_pull.
    TlsClientAuth string
    Supported values are off and on.
    TrueClientIpHeader string
    Supported values are off and on.
    Waf string
    Enable a web application firewall (WAF). Supported values are off and on.
    Websockets string
    Supported values are off and on.
    alwaysUseHttps String
    Supported values are off and on.
    automaticHttpsRewrites String
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli String
    Supported values are off and on.
    browserCheck String
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    certificateStatus String
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    challengeTtl Double
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers List<String>
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cisDomainSettingsId String
    cisId String
    The ID of the IBM Cloud Internet Services instance.
    cnameFlattening String
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec String
    Can set to active only once. Allowed values are active, disabled.
    domainId String
    The ID of the domain that you want to customize.
    hotlinkProtection String
    Supported values are off and on.
    http2 String
    Supported values are off and on.
    imageLoadOptimization String
    Supported values are off and on.
    imageSizeOptimization String
    Supported values are lossless, off, and lossy.
    ipGeolocation String
    Supported values are off and on.
    ipv6 String
    Supported values are off and on.
    logRetention Boolean
    Supported values are false and true.
    maxUpload Double
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    minTlsVersion String
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify CisDomainSettingsMinify

    Minify the setting as stated.

    Nested scheme for minify:

    mobileRedirect CisDomainSettingsMobileRedirect

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunisticEncryption String
    Supported values are off and on.
    opportunisticOnion String
    Supported values are off and on.
    originErrorPagePassThru String
    Supported values are off and on.
    originMaxHttpVersion String
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    originPostQuantumEncryption String
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetchPreload String
    Supported values are off and on.
    proxyReadTimeout Double
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudoIpv4 String
    Supported values are overwrite_header, off, and add_header.
    responseBuffering String
    Supported values are off and on.
    scriptLoadOptimization String
    Supported values are off and on.
    securityHeader CisDomainSettingsSecurityHeader
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    serverSideExclude String
    Supported values are off and on.
    ssl String
    Allowed values: off, flexible, full, strict, origin_pull.
    tlsClientAuth String
    Supported values are off and on.
    trueClientIpHeader String
    Supported values are off and on.
    waf String
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets String
    Supported values are off and on.
    alwaysUseHttps string
    Supported values are off and on.
    automaticHttpsRewrites string
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli string
    Supported values are off and on.
    browserCheck string
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    certificateStatus string
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    challengeTtl number
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers string[]
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cisDomainSettingsId string
    cisId string
    The ID of the IBM Cloud Internet Services instance.
    cnameFlattening string
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec string
    Can set to active only once. Allowed values are active, disabled.
    domainId string
    The ID of the domain that you want to customize.
    hotlinkProtection string
    Supported values are off and on.
    http2 string
    Supported values are off and on.
    imageLoadOptimization string
    Supported values are off and on.
    imageSizeOptimization string
    Supported values are lossless, off, and lossy.
    ipGeolocation string
    Supported values are off and on.
    ipv6 string
    Supported values are off and on.
    logRetention boolean
    Supported values are false and true.
    maxUpload number
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    minTlsVersion string
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify CisDomainSettingsMinify

    Minify the setting as stated.

    Nested scheme for minify:

    mobileRedirect CisDomainSettingsMobileRedirect

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunisticEncryption string
    Supported values are off and on.
    opportunisticOnion string
    Supported values are off and on.
    originErrorPagePassThru string
    Supported values are off and on.
    originMaxHttpVersion string
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    originPostQuantumEncryption string
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetchPreload string
    Supported values are off and on.
    proxyReadTimeout number
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudoIpv4 string
    Supported values are overwrite_header, off, and add_header.
    responseBuffering string
    Supported values are off and on.
    scriptLoadOptimization string
    Supported values are off and on.
    securityHeader CisDomainSettingsSecurityHeader
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    serverSideExclude string
    Supported values are off and on.
    ssl string
    Allowed values: off, flexible, full, strict, origin_pull.
    tlsClientAuth string
    Supported values are off and on.
    trueClientIpHeader string
    Supported values are off and on.
    waf string
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets string
    Supported values are off and on.
    always_use_https str
    Supported values are off and on.
    automatic_https_rewrites str
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli str
    Supported values are off and on.
    browser_check str
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    certificate_status str
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    challenge_ttl float
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers Sequence[str]
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cis_domain_settings_id str
    cis_id str
    The ID of the IBM Cloud Internet Services instance.
    cname_flattening str
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec str
    Can set to active only once. Allowed values are active, disabled.
    domain_id str
    The ID of the domain that you want to customize.
    hotlink_protection str
    Supported values are off and on.
    http2 str
    Supported values are off and on.
    image_load_optimization str
    Supported values are off and on.
    image_size_optimization str
    Supported values are lossless, off, and lossy.
    ip_geolocation str
    Supported values are off and on.
    ipv6 str
    Supported values are off and on.
    log_retention bool
    Supported values are false and true.
    max_upload float
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    min_tls_version str
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify CisDomainSettingsMinifyArgs

    Minify the setting as stated.

    Nested scheme for minify:

    mobile_redirect CisDomainSettingsMobileRedirectArgs

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunistic_encryption str
    Supported values are off and on.
    opportunistic_onion str
    Supported values are off and on.
    origin_error_page_pass_thru str
    Supported values are off and on.
    origin_max_http_version str
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    origin_post_quantum_encryption str
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetch_preload str
    Supported values are off and on.
    proxy_read_timeout float
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudo_ipv4 str
    Supported values are overwrite_header, off, and add_header.
    response_buffering str
    Supported values are off and on.
    script_load_optimization str
    Supported values are off and on.
    security_header CisDomainSettingsSecurityHeaderArgs
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    server_side_exclude str
    Supported values are off and on.
    ssl str
    Allowed values: off, flexible, full, strict, origin_pull.
    tls_client_auth str
    Supported values are off and on.
    true_client_ip_header str
    Supported values are off and on.
    waf str
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets str
    Supported values are off and on.
    alwaysUseHttps String
    Supported values are off and on.
    automaticHttpsRewrites String
    Enable HTTPS rewrites. Allowed values are off and on.
    brotli String
    Supported values are off and on.
    browserCheck String
    Enable a client browser check to look for common HTTP headers that are used by malicious users. If HTTP headers are found, access to your website is blocked. Supported values are off and on.
    certificateStatus String
    (String) The value is displayed as none, initializing, authorizing, or active.

    Deprecated: Deprecated

    challengeTtl Number
    Challenge TTL values are 300, 900, 1800, 2700, 3600, 7200, 10800, 14400, 28800, 57600, 86400, 604800, 2592000, and 31536000.
    ciphers List<String>
    Cipher setting values are ECDHE-ECDSA-AES128-GCM-SHA256, ECDHE-ECDSA-CHACHA20-POLY1305,ECDHE-RSA-AES128-GCM-SHA256, ECDHE-RSA-CHACHA20-POLY1305, ECDHE-ECDSA-AES128-SHA256, ECDHE-ECDSA-AES128-SHA, ECDHE-RSA-AES128-SHA256, ECDHE-RSA-AES128-SHA, AES128-GCM-SHA256, AES128-SHA256, AES128-SHA, ECDHE-ECDSA-AES256-GCM-SHA384, ECDHE-ECDSA-AES256-SHA384, ECDHE-RSA-AES256-GCM-SHA384, ECDHE-RSA-AES256-SHA384, ECDHE-RSA-AES256-SHA, AES256-GCM-SHA384, AES256-SHA256, AES256-SHA, DES-CBC3-SHA. To use default cipher value, pass empty list [].
    cisDomainSettingsId String
    cisId String
    The ID of the IBM Cloud Internet Services instance.
    cnameFlattening String
    Supported values are flatten_at_root, flatten_all, and flatten_none.
    dnssec String
    Can set to active only once. Allowed values are active, disabled.
    domainId String
    The ID of the domain that you want to customize.
    hotlinkProtection String
    Supported values are off and on.
    http2 String
    Supported values are off and on.
    imageLoadOptimization String
    Supported values are off and on.
    imageSizeOptimization String
    Supported values are lossless, off, and lossy.
    ipGeolocation String
    Supported values are off and on.
    ipv6 String
    Supported values are off and on.
    logRetention Boolean
    Supported values are false and true.
    maxUpload Number
    Maximum upload values are 100, 125, 150, 175, 200, 225, 250, 275, 300, 325, 350, 375, 400, 425, 450, 475, and 500.
    minTlsVersion String
    The minimum TLS version that you want to allow. Allowed values are 1.1, 1.2, or 1.3. Note: When we set min_tls_version as 1.3 we can't customize which ciphers to use. The cipher needs to be set to empty list.
    minify Property Map

    Minify the setting as stated.

    Nested scheme for minify:

    mobileRedirect Property Map

    Mobile redirect setting.

    Nested scheme for mobile_redirect:

    opportunisticEncryption String
    Supported values are off and on.
    opportunisticOnion String
    Supported values are off and on.
    originErrorPagePassThru String
    Supported values are off and on.
    originMaxHttpVersion String
    Sets the highest HTTP version to use with origin. Supported values are 1 and 2.
    originPostQuantumEncryption String
    Wheather to use post-quantum key agreement algorithms when connecting to the origin. Supported values are off, preferred and supported.
    prefetchPreload String
    Supported values are off and on.
    proxyReadTimeout Number
    Maximum time between two read operations from origin. Valid values are 1-6000.
    pseudoIpv4 String
    Supported values are overwrite_header, off, and add_header.
    responseBuffering String
    Supported values are off and on.
    scriptLoadOptimization String
    Supported values are off and on.
    securityHeader Property Map
    Security headers as stated.

    • security_header.enabled- (Bool) Required-Supported values are true and false.
    • security_header.include_subdomains- (Bool) Required-Supported values are true and false.
    • security_header.max_age- (Required, Integer) Maximum age of the security header.
    • security_header.nosniff- (Bool) Required-No sniff.
    • security_header.preload- (Required, Bool) Whether or not to permit browsers to preload security_header config.
    serverSideExclude String
    Supported values are off and on.
    ssl String
    Allowed values: off, flexible, full, strict, origin_pull.
    tlsClientAuth String
    Supported values are off and on.
    trueClientIpHeader String
    Supported values are off and on.
    waf String
    Enable a web application firewall (WAF). Supported values are off and on.
    websockets String
    Supported values are off and on.

    Supporting Types

    CisDomainSettingsMinify, CisDomainSettingsMinifyArgs

    Css string
    CSS supported values are on and off.
    Html string
    HTML supported values are on and off.
    Js string
    JS supported values are on and off.
    Css string
    CSS supported values are on and off.
    Html string
    HTML supported values are on and off.
    Js string
    JS supported values are on and off.
    css String
    CSS supported values are on and off.
    html String
    HTML supported values are on and off.
    js String
    JS supported values are on and off.
    css string
    CSS supported values are on and off.
    html string
    HTML supported values are on and off.
    js string
    JS supported values are on and off.
    css str
    CSS supported values are on and off.
    html str
    HTML supported values are on and off.
    js str
    JS supported values are on and off.
    css String
    CSS supported values are on and off.
    html String
    HTML supported values are on and off.
    js String
    JS supported values are on and off.

    CisDomainSettingsMobileRedirect, CisDomainSettingsMobileRedirectArgs

    Status string
    Required-Mobile redirect setting status values are true and false.
    MobileSubdomain string
    Mobile redirect subdomain. For example m.domain.com.
    StripUri bool
    Strip URI for mobile redirect.
    Status string
    Required-Mobile redirect setting status values are true and false.
    MobileSubdomain string
    Mobile redirect subdomain. For example m.domain.com.
    StripUri bool
    Strip URI for mobile redirect.
    status String
    Required-Mobile redirect setting status values are true and false.
    mobileSubdomain String
    Mobile redirect subdomain. For example m.domain.com.
    stripUri Boolean
    Strip URI for mobile redirect.
    status string
    Required-Mobile redirect setting status values are true and false.
    mobileSubdomain string
    Mobile redirect subdomain. For example m.domain.com.
    stripUri boolean
    Strip URI for mobile redirect.
    status str
    Required-Mobile redirect setting status values are true and false.
    mobile_subdomain str
    Mobile redirect subdomain. For example m.domain.com.
    strip_uri bool
    Strip URI for mobile redirect.
    status String
    Required-Mobile redirect setting status values are true and false.
    mobileSubdomain String
    Mobile redirect subdomain. For example m.domain.com.
    stripUri Boolean
    Strip URI for mobile redirect.

    CisDomainSettingsSecurityHeader, CisDomainSettingsSecurityHeaderArgs

    Enabled bool
    security header enabled/disabled
    IncludeSubdomains bool
    security header subdomain included or not
    MaxAge double
    security header max age
    Nosniff bool
    security header no sniff
    Preload bool
    security header preload
    Enabled bool
    security header enabled/disabled
    IncludeSubdomains bool
    security header subdomain included or not
    MaxAge float64
    security header max age
    Nosniff bool
    security header no sniff
    Preload bool
    security header preload
    enabled Boolean
    security header enabled/disabled
    includeSubdomains Boolean
    security header subdomain included or not
    maxAge Double
    security header max age
    nosniff Boolean
    security header no sniff
    preload Boolean
    security header preload
    enabled boolean
    security header enabled/disabled
    includeSubdomains boolean
    security header subdomain included or not
    maxAge number
    security header max age
    nosniff boolean
    security header no sniff
    preload boolean
    security header preload
    enabled bool
    security header enabled/disabled
    include_subdomains bool
    security header subdomain included or not
    max_age float
    security header max age
    nosniff bool
    security header no sniff
    preload bool
    security header preload
    enabled Boolean
    security header enabled/disabled
    includeSubdomains Boolean
    security header subdomain included or not
    maxAge Number
    security header max age
    nosniff Boolean
    security header no sniff
    preload Boolean
    security header preload

    Package Details

    Repository
    ibm ibm-cloud/terraform-provider-ibm
    License
    Notes
    This Pulumi package is based on the ibm Terraform Provider.
    ibm logo
    ibm 1.78.0 published on Wednesday, Apr 30, 2025 by ibm-cloud
    ibm-cloud/terraform-provider-ibm