# Getting Started

EaaS (Edge as a Service) lets you control Akamai edge delivery and security
through a single JSON configuration per tenant. This guide covers the config
structure and key concepts to get you started.

## What's in a Tenant Config

A tenant config has three main areas. Each is optional -- only configure what you need.

- **[Delivery](/tenant-schemas/delivery-config)** -- Caching, routing, headers, redirects, timeouts, and response generation.
- **[Match Conditions](/tenant-schemas/match-conditions)** -- Target rules by path, header, IP, geography, and more with AND/OR/NOT logic.
- **[Security](/tenant-schemas/security-config)** -- WAF rules, IP blocking, bot detection, and rate limiting with path/IP exceptions.

## Quick Start

The smallest useful config routes traffic to your origin:

```json
{
  "tenant_id": "my-app",
  "delivery_config": {
    "version": "1.0",
    "onClientRequest": {
      "features": {
        "route": {
          "rules": [{
            "args": { "originId": "default_eaas" },
            "pm_variables": {
              "RT_ORIGIN_DNS": "origin.example.com",
              "RT_ORIGIN_HOST_HEADER": "origin.example.com"
            }
          }]
        }
      }
    }
  }
}
```

From here, add [caching rules](/tenant-schemas/delivery-config#caching),
[security policies](/tenant-schemas/security-config),
[headers](/tenant-schemas/delivery-config#set-headers), and other features as needed.

## Key Concepts

- **Rules** -- Most features use a `rules[]` array with match conditions and args. First match wins. [Delivery Configuration](/tenant-schemas/delivery-config)
- **Lists** -- Named value sets referenced with `{{list.name}}` to reuse IPs, paths, etc. across rules. [Lists Reference](/tenant-schemas/lists)
- **Tenant ID** -- Identifies the tenant in logs. A string or array of up to 5 strings, max 20 chars each.

## Available Features

Click a feature name to see its full documentation and examples.

| Feature | Event Handlers | Description |
|---------|---------------|-------------|
| [`caching`](/tenant-schemas/delivery-config#caching) | `onClientRequest` | Control how content is cached with flexible TTL rules and behaviors |
| [`downstreamCaching`](/tenant-schemas/delivery-config#downstreamcaching) | `onClientRequest` | Control how edge servers instruct client browsers and intermediate proxies to cache content |
| [`compression`](/tenant-schemas/delivery-config#compression) | `onClientRequest`, `onClientResponse` | Enable gzip compression for specified content types to reduce bandwidth |
| [`setVariable`](/tenant-schemas/delivery-config#setvariable) | `onClientRequest`, `onOriginResponse`, `onClientResponse` | Set custom variables that can be used for logging and conditional processing |
| [`removeVary`](/tenant-schemas/delivery-config#removevary) | `onClientRequest` | Remove or control the Vary response header to improve cache efficiency |
| [`tieredDistribution`](/tenant-schemas/delivery-config#tiereddistribution) | `onClientRequest` | Configure tiered distribution settings for optimized content delivery |
| [`route`](/tenant-schemas/delivery-config#route) | `onClientRequest` | Route requests to different origins based on path patterns |
| [`redirect`](/tenant-schemas/delivery-config#redirect) | `onClientRequest` | Configure HTTP redirects with custom status codes and destination URLs |
| [`allowPost`](/tenant-schemas/delivery-config#allowpost) | `onClientRequest` | Enable or disable POST requests with rule-based conditions |
| [`allowPut`](/tenant-schemas/delivery-config#allowput) | `onClientRequest` | Enable or disable PUT requests |
| [`allowDelete`](/tenant-schemas/delivery-config#allowdelete) | `onClientRequest` | Enable or disable DELETE requests with rule-based conditions |
| [`allowPatch`](/tenant-schemas/delivery-config#allowpatch) | `onClientRequest` | Enable or disable PATCH requests |
| [`respondWith`](/tenant-schemas/delivery-config#respondwith) | `onClientRequest`, `onClientResponse` | Return custom responses without contacting the origin |
| [`setHeaders`](/tenant-schemas/delivery-config#setheaders) | `onClientRequest`, `onClientResponse`, `onOriginResponse` | Add, modify, or remove HTTP headers in requests and responses |
| [`http2`](/tenant-schemas/delivery-config#http2) | `onClientRequest` | No longer supported in tenant file |
| [`http3`](/tenant-schemas/delivery-config#http3) | `onClientRequest` | No longer supported in tenant file |
| [`webSockets`](/tenant-schemas/delivery-config#websockets) | `onClientRequest` | Enable WebSocket support with conditional rules |
| [`chunkedTransferEncoding`](/tenant-schemas/delivery-config#chunkedtransferencoding) | `onClientRequest` | Enable or disable chunked transfer encoding |
| [`hsts`](/tenant-schemas/delivery-config#hsts) | `onClientRequest` | Configure HTTP Strict Transport Security headers to enforce secure connections |
| [`originIpAcl`](/tenant-schemas/delivery-config#originipacl) | `onClientRequest` | Configure origin IP access control lists |
| [`breadcrumbs`](/tenant-schemas/delivery-config#breadcrumbs) | `onClientRequest` | Enable breadcrumb tracking for debugging and monitoring |
| [`cacheTag`](/tenant-schemas/delivery-config#cachetag) | `onOriginResponse` | Tag cached content for easier invalidation |
| [`tenantTag`](/tenant-schemas/delivery-config#tenanttag) | `onClientRequest` | Legacy tenant identification |
| [`readTimeout`](/tenant-schemas/delivery-config#readtimeout) | `onClientRequest` | Configure timeout for reading from origin with rule-based support |
| [`firstByteTimeout`](/tenant-schemas/delivery-config#firstbytetimeout) | `onClientRequest` | Configure timeout for first byte from origin with rule-based support |
| [`connectTimeout`](/tenant-schemas/delivery-config#connecttimeout) | `onClientRequest` | Configure timeout for establishing connection to origin (integer seconds, or rules object for conditional timeouts) |

## Next Steps

- [Delivery Configuration](/tenant-schemas/delivery-config) -- Caching, routing, headers, and more
- [Match Conditions](/tenant-schemas/match-conditions) -- Path, IP, geography, header targeting
- [Security Configuration](/tenant-schemas/security-config) -- WAF rules, IP blocking, bot detection
- [Configuration Examples](/examples) -- Real-world patterns you can copy

