Yandex Cloud
  • Services
  • Solutions
  • Why Yandex Cloud
  • Blog
  • Pricing
  • Documentation
  • Contact us
Get started
Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
Yandex Application Load Balancer
  • Getting started
  • Step-by-step instructions
    • All instructions
    • Target groups
      • Create a target group
      • Edit a target group
      • Delete a target group
    • Backend groups
      • Create a backend group
      • Edit a backend group
      • Delete a backend group
    • HTTP routers
      • Create HTTP router for HTTP traffic
      • Create HTTP router for gRPC traffic
      • Edit an HTTP router
      • Delete an HTTP router
    • L7 load balancers
      • Create an L7 load balancer
      • Edit an L7 load balancer
      • View L7 load balancer statistics
      • View the L7 load balancer logs
      • Get the ID of the log group of the L7 load balancer
      • Stopping and restarting an L7 load balancer
      • Delete an L7 load balancer
    • Tools for Managed Service for Kubernetes
      • Install an Ingress controller
      • Install a Gateway API
      • Create or update resources based on configuration
  • Practical guidelines
    • All practical guidelines
    • Setting up a virtual hosting
    • Creating a load balancer with DDoS protection
    • Integrating an L7 load balancer with the CDN and Object Storage
    • Blue-green and canary deployment of service versions
    • Terminating TLS connections
    • Writing load balancer logs to PostgreSQL
    • Deploying and load testing a gRPC service with scaling
  • Concepts
    • Overview
    • Load balancers
    • HTTP routers
    • Backend groups
    • Target groups
    • Quotas and limits
  • Tools for Managed Service for Kubernetes
    • Ingress controller
      • Overview
      • How it works
    • Gateway API
    • Required settings
      • Security groups
      • Service accounts
  • Access management
  • Pricing policy
  • API reference
    • Authentication in the API
    • gRPC
      • Overview
      • BackendGroupService
      • HttpRouterService
      • LoadBalancerService
      • TargetGroupService
      • VirtualHostService
      • OperationService
    • REST
      • Overview
      • BackendGroup
        • Overview
        • addBackend
        • create
        • delete
        • get
        • list
        • listOperations
        • removeBackend
        • update
        • updateBackend
      • HttpRouter
        • Overview
        • create
        • delete
        • get
        • list
        • listOperations
        • update
      • LoadBalancer
        • Overview
        • addListener
        • addSniMatch
        • create
        • delete
        • get
        • getTargetStates
        • list
        • listOperations
        • removeListener
        • removeSniMatch
        • start
        • stop
        • update
        • updateListener
        • updateSniMatch
      • TargetGroup
        • Overview
        • addTargets
        • create
        • delete
        • get
        • list
        • listOperations
        • removeTargets
        • update
      • VirtualHost
        • Overview
        • create
        • delete
        • get
        • list
        • removeRoute
        • update
        • updateRoute
  • Managed Service for Kubernetes tool references
    • Overview
    • Ingress controller
      • Ingress
      • HttpBackendGroup
    • Gateway API
      • Gateway
      • HTTPRoute
    • Service
  • Log reference
  1. API reference
  2. REST
  3. VirtualHost
  4. Overview

Application Load Balancer API, REST: VirtualHost methods

Written by
Yandex Cloud
  • JSON Representation
  • Methods

A set of methods for managing virtual hosts of HTTP routers.

JSON Representation

{
  "name": "string",
  "authority": [
    "string"
  ],
  "routes": [
    {
      "name": "string",
      "routeOptions": {
        "modifyRequestHeaders": [
          {
            "name": "string",

            // `routes[].routeOptions.modifyRequestHeaders[]` includes only one of the fields `append`, `replace`, `remove`, `rename`
            "append": "string",
            "replace": "string",
            "remove": true,
            "rename": "string",
            // end of the list of possible fields`routes[].routeOptions.modifyRequestHeaders[]`

          }
        ],
        "modifyResponseHeaders": [
          {
            "name": "string",

            // `routes[].routeOptions.modifyResponseHeaders[]` includes only one of the fields `append`, `replace`, `remove`, `rename`
            "append": "string",
            "replace": "string",
            "remove": true,
            "rename": "string",
            // end of the list of possible fields`routes[].routeOptions.modifyResponseHeaders[]`

          }
        ],
        "rbac": {
          "action": "string",
          "principals": [
            {
              "andPrincipals": [
                {

                  // `routes[].routeOptions.rbac.principals[].andPrincipals[]` includes only one of the fields `header`, `remoteIp`, `any`
                  "header": {
                    "name": "string",
                    "value": {

                      // `routes[].routeOptions.rbac.principals[].andPrincipals[].header.value` includes only one of the fields `exactMatch`, `prefixMatch`, `regexMatch`
                      "exactMatch": "string",
                      "prefixMatch": "string",
                      "regexMatch": "string",
                      // end of the list of possible fields`routes[].routeOptions.rbac.principals[].andPrincipals[].header.value`

                    }
                  },
                  "remoteIp": "string",
                  "any": true,
                  // end of the list of possible fields`routes[].routeOptions.rbac.principals[].andPrincipals[]`

                }
              ]
            }
          ]
        }
      },

      // `routes[]` includes only one of the fields `http`, `grpc`
      "http": {
        "match": {
          "httpMethod": [
            "string"
          ],
          "path": {

            // `routes[].http.match.path` includes only one of the fields `exactMatch`, `prefixMatch`, `regexMatch`
            "exactMatch": "string",
            "prefixMatch": "string",
            "regexMatch": "string",
            // end of the list of possible fields`routes[].http.match.path`

          }
        },

        // `routes[].http` includes only one of the fields `route`, `redirect`, `directResponse`
        "route": {
          "backendGroupId": "string",
          "timeout": "string",
          "idleTimeout": "string",
          "prefixRewrite": "string",
          "upgradeTypes": [
            "string"
          ],

          // `routes[].http.route` includes only one of the fields `hostRewrite`, `autoHostRewrite`
          "hostRewrite": "string",
          "autoHostRewrite": true,
          // end of the list of possible fields`routes[].http.route`

        },
        "redirect": {
          "replaceScheme": "string",
          "replaceHost": "string",
          "replacePort": "string",
          "removeQuery": true,
          "responseCode": "string",

          // `routes[].http.redirect` includes only one of the fields `replacePath`, `replacePrefix`
          "replacePath": "string",
          "replacePrefix": "string",
          // end of the list of possible fields`routes[].http.redirect`

        },
        "directResponse": {
          "status": "string",
          "body": {
            "text": "string"
          }
        },
        // end of the list of possible fields`routes[].http`

      },
      "grpc": {
        "match": {
          "fqmn": {

            // `routes[].grpc.match.fqmn` includes only one of the fields `exactMatch`, `prefixMatch`, `regexMatch`
            "exactMatch": "string",
            "prefixMatch": "string",
            "regexMatch": "string",
            // end of the list of possible fields`routes[].grpc.match.fqmn`

          }
        },

        // `routes[].grpc` includes only one of the fields `route`, `statusResponse`
        "route": {
          "backendGroupId": "string",
          "maxTimeout": "string",
          "idleTimeout": "string",

          // `routes[].grpc.route` includes only one of the fields `hostRewrite`, `autoHostRewrite`
          "hostRewrite": "string",
          "autoHostRewrite": true,
          // end of the list of possible fields`routes[].grpc.route`

        },
        "statusResponse": {
          "status": "string"
        },
        // end of the list of possible fields`routes[].grpc`

      },
      // end of the list of possible fields`routes[]`

    }
  ],
  "modifyRequestHeaders": [
    {
      "name": "string",

      // `modifyRequestHeaders[]` includes only one of the fields `append`, `replace`, `remove`, `rename`
      "append": "string",
      "replace": "string",
      "remove": true,
      "rename": "string",
      // end of the list of possible fields`modifyRequestHeaders[]`

    }
  ],
  "modifyResponseHeaders": [
    {
      "name": "string",

      // `modifyResponseHeaders[]` includes only one of the fields `append`, `replace`, `remove`, `rename`
      "append": "string",
      "replace": "string",
      "remove": true,
      "rename": "string",
      // end of the list of possible fields`modifyResponseHeaders[]`

    }
  ],
  "routeOptions": {
    "modifyRequestHeaders": [
      {
        "name": "string",

        // `routeOptions.modifyRequestHeaders[]` includes only one of the fields `append`, `replace`, `remove`, `rename`
        "append": "string",
        "replace": "string",
        "remove": true,
        "rename": "string",
        // end of the list of possible fields`routeOptions.modifyRequestHeaders[]`

      }
    ],
    "modifyResponseHeaders": [
      {
        "name": "string",

        // `routeOptions.modifyResponseHeaders[]` includes only one of the fields `append`, `replace`, `remove`, `rename`
        "append": "string",
        "replace": "string",
        "remove": true,
        "rename": "string",
        // end of the list of possible fields`routeOptions.modifyResponseHeaders[]`

      }
    ],
    "rbac": {
      "action": "string",
      "principals": [
        {
          "andPrincipals": [
            {

              // `routeOptions.rbac.principals[].andPrincipals[]` includes only one of the fields `header`, `remoteIp`, `any`
              "header": {
                "name": "string",
                "value": {

                  // `routeOptions.rbac.principals[].andPrincipals[].header.value` includes only one of the fields `exactMatch`, `prefixMatch`, `regexMatch`
                  "exactMatch": "string",
                  "prefixMatch": "string",
                  "regexMatch": "string",
                  // end of the list of possible fields`routeOptions.rbac.principals[].andPrincipals[].header.value`

                }
              },
              "remoteIp": "string",
              "any": true,
              // end of the list of possible fields`routeOptions.rbac.principals[].andPrincipals[]`

            }
          ]
        }
      ]
    }
  }
}
Field Description
name string

Required. Name of the virtual host. The name is unique within the HTTP router.

authority[] string

List of domains that are attributed to the virtual host.

The host is selected to process the request received by the load balancer if the domain specified in the HTTP/1.1 Host header or the HTTP/2 :authority pseudo-header matches a domain specified in the host.

A wildcard asterisk character (*) matches 0 or more characters.

If not specified, all domains are attributed to the host, which is the same as specifying a * value. An HTTP router must not contain more than one virtual host to which all domains are attributed.

routes[] object

Routes of the virtual host.

A route contains a set of conditions (predicates) that are used by the load balancer to select the route for the request and an action on the request. For details about the concept, see documentation.

The order of routes matters: the first route whose predicate matches the request is selected. The most specific routes should be at the top of the list, so that they are not overridden. For example, if the first HTTP route is configured, via match, to match paths prefixed with just /, other routes are never matched.

routes[].
name
string

Required. Name of the route.

routes[].
routeOptions
object
routes[].
routeOptions.
modifyRequestHeaders[]
object

Apply the following modifications to the request headers.

routes[].
routeOptions.
modifyRequestHeaders[].
name
string

Name of the header.

routes[].
routeOptions.
modifyRequestHeaders[].
append
string
routes[].routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Appends the specified string to the header value.

Variables defined for Envoy proxy are supported.

routes[].
routeOptions.
modifyRequestHeaders[].
replace
string
routes[].routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the value of the header with the specified string.

Variables defined for Envoy proxy are supported.

routes[].
routeOptions.
modifyRequestHeaders[].
remove
boolean (boolean)
routes[].routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Removes the header.

routes[].
routeOptions.
modifyRequestHeaders[].
rename
string
routes[].routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the name of the header with the specified string. This operation is only supported for ALB Virtual Hosts.

routes[].
routeOptions.
modifyResponseHeaders[]
object

Apply the following modifications to the response headers.

routes[].
routeOptions.
modifyResponseHeaders[].
name
string

Name of the header.

routes[].
routeOptions.
modifyResponseHeaders[].
append
string
routes[].routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Appends the specified string to the header value.

Variables defined for Envoy proxy are supported.

routes[].
routeOptions.
modifyResponseHeaders[].
replace
string
routes[].routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the value of the header with the specified string.

Variables defined for Envoy proxy are supported.

routes[].
routeOptions.
modifyResponseHeaders[].
remove
boolean (boolean)
routes[].routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Removes the header.

routes[].
routeOptions.
modifyResponseHeaders[].
rename
string
routes[].routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the name of the header with the specified string. This operation is only supported for ALB Virtual Hosts.

routes[].
routeOptions.
rbac
object

Role Based Access Control (RBAC) provides router, virtual host, and route access control for the ALB service. Requests are allowed or denied based on the action and whether a matching principal is found. For instance, if the action is ALLOW and a matching principal is found the request should be allowed.

routes[].
routeOptions.
rbac.
action
string

Required. The action to take if a principal matches. Every action either allows or denies a request.

  • ALLOW: Allows the request if and only if there is a principal that matches the request.
  • DENY: Allows the request if and only if there are no principal that match the request.
routes[].
routeOptions.
rbac.
principals[]
object

Required. Required. A match occurs when at least one matches the request.

The minimum number of elements is 1.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[]
object

Required. Required. A match occurs when all principals match the request.

The minimum number of elements is 1.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
header
object
A header (or pseudo-header such as :path or :method) of the incoming HTTP request.
routes[].routeOptions.rbac.principals[].andPrincipals[] includes only one of the fields header, remoteIp, any
routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
header.
name
string

Required. Specifies the name of the header in the request.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value
object

Specifies how the header match will be performed to route the request. In the absence of value a request that has specified header name will match, regardless of the header's value.

A string matcher resource.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value.
exactMatch
string
routes[].routeOptions.rbac.principals[].andPrincipals[].header.value includes only one of the fields exactMatch, prefixMatch, regexMatch

Exact match string.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value.
prefixMatch
string
routes[].routeOptions.rbac.principals[].andPrincipals[].header.value includes only one of the fields exactMatch, prefixMatch, regexMatch

Prefix match string.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value.
regexMatch
string
routes[].routeOptions.rbac.principals[].andPrincipals[].header.value includes only one of the fields exactMatch, prefixMatch, regexMatch

Regular expression match string.

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
remoteIp
string
routes[].routeOptions.rbac.principals[].andPrincipals[] includes only one of the fields header, remoteIp, any

A CIDR block or IP that describes the request remote/origin address, e.g. 192.0.0.0/24 or192.0.0.4 .

routes[].
routeOptions.
rbac.
principals[].
andPrincipals[].
any
boolean (boolean)
routes[].routeOptions.rbac.principals[].andPrincipals[] includes only one of the fields header, remoteIp, any

When any is set, it matches any request.

routes[].
http
object
HTTP route configuration.
routes[] includes only one of the fields http, grpc
routes[].
http.
match
object
Condition (predicate) used to select the route.
routes[].
http.
match.
httpMethod[]
string

HTTP method specified in the request.

routes[].
http.
match.
path
object

Match settings for the path specified in the request.

If not specified, the route matches all paths.

A string matcher resource.

routes[].
http.
match.
path.
exactMatch
string
routes[].http.match.path includes only one of the fields exactMatch, prefixMatch, regexMatch

Exact match string.

routes[].
http.
match.
path.
prefixMatch
string
routes[].http.match.path includes only one of the fields exactMatch, prefixMatch, regexMatch

Prefix match string.

routes[].
http.
match.
path.
regexMatch
string
routes[].http.match.path includes only one of the fields exactMatch, prefixMatch, regexMatch

Regular expression match string.

routes[].
http.
route
object
Forwards the request to a backend group for processing as configured.
routes[].http includes only one of the fields route, redirect, directResponse
routes[].
http.
route.
backendGroupId
string

Required. Backend group to forward requests to.

Stream (TCP) backend groups are not supported.

routes[].
http.
route.
timeout
string

Overall timeout for an HTTP connection between a load balancer node an a backend from the backend group: the maximum time the connection is kept alive for, regardless of whether data is transferred over it.

If a connection times out, the load balancer responds to the client with a 504 Gateway Timeout status code.

Default value: 60.

routes[].
http.
route.
idleTimeout
string

Idle timeout for an HTTP connection between a load balancer node an a backend from the backend group: the maximum time the connection is allowed to be idle, i.e. without any data transferred over it.

Specifying meaningful values for both timeout and idle_timeout is useful for implementing server-push mechanisms such as long polling, server-sent events (EventSource interface) etc.

If a connection times out, the load balancer responds to the client with a 504 Gateway Timeout status code.

If not specified, no idle timeout is used, and an alive connection may be idle for any duration (see timeout).

routes[].
http.
route.
prefixRewrite
string

Replacement for the path prefix matched by StringMatch.

For instance, if prefixMatch value is /foo and replace_prefix value is /bar, a request with /foobaz path is forwarded with /barbaz path. For exactMatch, the whole path is replaced.

If not specified, the path is not changed.

routes[].
http.
route.
upgradeTypes[]
string

Supported values for HTTP Upgrade header. E.g. websocket.

routes[].
http.
route.
hostRewrite
string
routes[].http.route includes only one of the fields hostRewrite, autoHostRewrite

Host replacement.

routes[].
http.
route.
autoHostRewrite
boolean (boolean)
routes[].http.route includes only one of the fields hostRewrite, autoHostRewrite

Automatically replaces the host with that of the target.

routes[].
http.
redirect
object
Redirects the request as configured.
routes[].http includes only one of the fields route, redirect, directResponse
routes[].
http.
redirect.
replaceScheme
string

URI scheme replacement.

If http or https scheme is to be replaced and 80 or 443 port is specified in the original URI, the port is also removed.

If not specified, the original scheme and port are used.

routes[].
http.
redirect.
replaceHost
string

URI host replacement.

If not specified, the original host is used.

routes[].
http.
redirect.
replacePort
string (int64)

URI host replacement.

If not specified, the original host is used.

routes[].
http.
redirect.
removeQuery
boolean (boolean)

Removes URI query.

routes[].
http.
redirect.
responseCode
string
HTTP status code to use in redirect responses.
  • MOVED_PERMANENTLY: 301 Moved Permanently status code.
  • FOUND: 302 Found status code.
  • SEE_OTHER: 303 See Other status code.
  • TEMPORARY_REDIRECT: 307 Temporary Redirect status code.
  • PERMANENT_REDIRECT: 308 Permanent Redirect status code.
routes[].
http.
redirect.
replacePath
string
routes[].http.redirect includes only one of the fields replacePath, replacePrefix

Replacement for the whole path.

routes[].
http.
redirect.
replacePrefix
string
routes[].http.redirect includes only one of the fields replacePath, replacePrefix

Replacement for the path prefix matched by StringMatch.

For instance, if prefixMatch value is /foo and replace_prefix value is /bar, a request with https://example.com/foobaz URI is redirected to https://example.com/barbaz. For exactMatch, the whole path is replaced.

routes[].
http.
directResponse
object
Instructs the load balancer to respond directly as configured.
routes[].http includes only one of the fields route, redirect, directResponse
routes[].
http.
directResponse.
status
string (int64)

HTTP status code to use in responses.

Acceptable values are 100 to 599, inclusive.

routes[].
http.
directResponse.
body
object

Response body.

A health check payload resource.

routes[].
http.
directResponse.
body.
text
string

Payload text.

The string length in characters must be greater than 0.

routes[].
grpc
object
gRPC route configuration.
routes[] includes only one of the fields http, grpc
routes[].
grpc.
match
object
Condition (predicate) used to select the route.
routes[].
grpc.
match.
fqmn
object

Match settings for gRPC service method called in the request.

A match string must be a fully qualified method name, e.g. foo.bar.v1.BazService/Get, or a prefix of such.

If not specified, the route matches all methods.

A string matcher resource.

routes[].
grpc.
match.
fqmn.
exactMatch
string
routes[].grpc.match.fqmn includes only one of the fields exactMatch, prefixMatch, regexMatch

Exact match string.

routes[].
grpc.
match.
fqmn.
prefixMatch
string
routes[].grpc.match.fqmn includes only one of the fields exactMatch, prefixMatch, regexMatch

Prefix match string.

routes[].
grpc.
match.
fqmn.
regexMatch
string
routes[].grpc.match.fqmn includes only one of the fields exactMatch, prefixMatch, regexMatch

Regular expression match string.

routes[].
grpc.
route
object
Forwards the request to a backend group for processing as configured.
routes[].grpc includes only one of the fields route, statusResponse
routes[].
grpc.
route.
backendGroupId
string

Required. Backend group to forward requests to.

routes[].
grpc.
route.
maxTimeout
string

Overall timeout for an underlying HTTP connection between a load balancer node an a backend from the backend group: the maximum time the connection is kept alive for, regardless of whether data is transferred over it.

If a client specifies a lower timeout in HTTP grpc-timeout header, the max_timeout value is ignored.

If a connection times out, the load balancer responds to the client with an UNAVAILABLE status code.

Default value: 60.

routes[].
grpc.
route.
idleTimeout
string

Idle timeout for an underlying HTTP connection between a load balancer node an a backend from the backend group: the maximum time the connection is allowed to be idle, i.e. without any data transferred over it.

Specifying meaningful values for both maxTimeout and idle_timeout is useful for implementing server-push mechanisms such as long polling, server-sent events etc.

If a connection times out, the load balancer responds to the client with an UNAVAILABLE status code.

If not specified, no idle timeout is used, and an alive connection may be idle for any duration (see maxTimeout).

routes[].
grpc.
route.
hostRewrite
string
routes[].grpc.route includes only one of the fields hostRewrite, autoHostRewrite

Host replacement.

routes[].
grpc.
route.
autoHostRewrite
boolean (boolean)
routes[].grpc.route includes only one of the fields hostRewrite, autoHostRewrite

Automatically replaces the host with that of the target.

routes[].
grpc.
statusResponse
object
Instructs the load balancer to respond directly with a specified status.
routes[].grpc includes only one of the fields route, statusResponse
routes[].
grpc.
statusResponse.
status
string

gRPC status code to use in responses.

gRPC status code supported for use in responses.

  • OK: OK (0) status code.
  • INVALID_ARGUMENT: INVALID_ARGUMENT (3) status code.
  • NOT_FOUND: NOT_FOUND (5) status code.
  • PERMISSION_DENIED: PERMISSION_DENIED (7) status code.
  • UNAUTHENTICATED: UNAUTHENTICATED (16) status code.
  • UNIMPLEMENTED: UNIMPLEMENTED (12) status code.
  • INTERNAL: INTERNAL (13) status code.
  • UNAVAILABLE: UNAVAILABLE (14) status code.
modifyRequestHeaders[] object

Deprecated, use route_options.modify_request_headers.

modifyRequestHeaders[].
name
string

Name of the header.

modifyRequestHeaders[].
append
string
modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Appends the specified string to the header value.

Variables defined for Envoy proxy are supported.

modifyRequestHeaders[].
replace
string
modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the value of the header with the specified string.

Variables defined for Envoy proxy are supported.

modifyRequestHeaders[].
remove
boolean (boolean)
modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Removes the header.

modifyRequestHeaders[].
rename
string
modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the name of the header with the specified string. This operation is only supported for ALB Virtual Hosts.

modifyResponseHeaders[] object

Deprecated, use route_options.modify_response_headers.

modifyResponseHeaders[].
name
string

Name of the header.

modifyResponseHeaders[].
append
string
modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Appends the specified string to the header value.

Variables defined for Envoy proxy are supported.

modifyResponseHeaders[].
replace
string
modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the value of the header with the specified string.

Variables defined for Envoy proxy are supported.

modifyResponseHeaders[].
remove
boolean (boolean)
modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Removes the header.

modifyResponseHeaders[].
rename
string
modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the name of the header with the specified string. This operation is only supported for ALB Virtual Hosts.

routeOptions object
routeOptions.
modifyRequestHeaders[]
object

Apply the following modifications to the request headers.

routeOptions.
modifyRequestHeaders[].
name
string

Name of the header.

routeOptions.
modifyRequestHeaders[].
append
string
routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Appends the specified string to the header value.

Variables defined for Envoy proxy are supported.

routeOptions.
modifyRequestHeaders[].
replace
string
routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the value of the header with the specified string.

Variables defined for Envoy proxy are supported.

routeOptions.
modifyRequestHeaders[].
remove
boolean (boolean)
routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Removes the header.

routeOptions.
modifyRequestHeaders[].
rename
string
routeOptions.modifyRequestHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the name of the header with the specified string. This operation is only supported for ALB Virtual Hosts.

routeOptions.
modifyResponseHeaders[]
object

Apply the following modifications to the response headers.

routeOptions.
modifyResponseHeaders[].
name
string

Name of the header.

routeOptions.
modifyResponseHeaders[].
append
string
routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Appends the specified string to the header value.

Variables defined for Envoy proxy are supported.

routeOptions.
modifyResponseHeaders[].
replace
string
routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the value of the header with the specified string.

Variables defined for Envoy proxy are supported.

routeOptions.
modifyResponseHeaders[].
remove
boolean (boolean)
routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Removes the header.

routeOptions.
modifyResponseHeaders[].
rename
string
routeOptions.modifyResponseHeaders[] includes only one of the fields append, replace, remove, rename

Replaces the name of the header with the specified string. This operation is only supported for ALB Virtual Hosts.

routeOptions.
rbac
object

Role Based Access Control (RBAC) provides router, virtual host, and route access control for the ALB service. Requests are allowed or denied based on the action and whether a matching principal is found. For instance, if the action is ALLOW and a matching principal is found the request should be allowed.

routeOptions.
rbac.
action
string

Required. The action to take if a principal matches. Every action either allows or denies a request.

  • ALLOW: Allows the request if and only if there is a principal that matches the request.
  • DENY: Allows the request if and only if there are no principal that match the request.
routeOptions.
rbac.
principals[]
object

Required. Required. A match occurs when at least one matches the request.

The minimum number of elements is 1.

routeOptions.
rbac.
principals[].
andPrincipals[]
object

Required. Required. A match occurs when all principals match the request.

The minimum number of elements is 1.

routeOptions.
rbac.
principals[].
andPrincipals[].
header
object
A header (or pseudo-header such as :path or :method) of the incoming HTTP request.
routeOptions.rbac.principals[].andPrincipals[] includes only one of the fields header, remoteIp, any
routeOptions.
rbac.
principals[].
andPrincipals[].
header.
name
string

Required. Specifies the name of the header in the request.

routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value
object

Specifies how the header match will be performed to route the request. In the absence of value a request that has specified header name will match, regardless of the header's value.

A string matcher resource.

routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value.
exactMatch
string
routeOptions.rbac.principals[].andPrincipals[].header.value includes only one of the fields exactMatch, prefixMatch, regexMatch

Exact match string.

routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value.
prefixMatch
string
routeOptions.rbac.principals[].andPrincipals[].header.value includes only one of the fields exactMatch, prefixMatch, regexMatch

Prefix match string.

routeOptions.
rbac.
principals[].
andPrincipals[].
header.
value.
regexMatch
string
routeOptions.rbac.principals[].andPrincipals[].header.value includes only one of the fields exactMatch, prefixMatch, regexMatch

Regular expression match string.

routeOptions.
rbac.
principals[].
andPrincipals[].
remoteIp
string
routeOptions.rbac.principals[].andPrincipals[] includes only one of the fields header, remoteIp, any

A CIDR block or IP that describes the request remote/origin address, e.g. 192.0.0.0/24 or192.0.0.4 .

routeOptions.
rbac.
principals[].
andPrincipals[].
any
boolean (boolean)
routeOptions.rbac.principals[].andPrincipals[] includes only one of the fields header, remoteIp, any

When any is set, it matches any request.

Methods

Method Description
create Creates a virtual host in the specified HTTP router.
delete Deletes the specified virtual host.
get Returns the specified virtual host.
list Lists virtual hosts of the specified HTTP router.
removeRoute Deletes the specified route from the specified virtual host.
update Updates the specified virtual host of the specified HTTP router.
updateRoute Updates the specified route of the specified virtual host.

Was the article helpful?

Language / Region
Yandex project
© 2023 Yandex.Cloud LLC
In this article:
  • JSON Representation
  • Methods