Docs Home
AWS v6.73.0 published on Wednesday, Mar 19, 2025 by Pulumi
aws.cloudfront.Distribution
Explore with Pulumi AI
Creates an Amazon CloudFront web distribution.
For information about CloudFront distributions, see the Amazon CloudFront Developer Guide. For specific information about creating CloudFront web distributions, see the POST Distribution page in the Amazon CloudFront API Reference.
NOTE: CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the
retain_on_deleteflag.
Example Usage
S3 Origin
The example below creates a CloudFront distribution with an S3 origin.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const b = new aws.s3.BucketV2("b", {
bucket: "mybucket",
tags: {
Name: "My bucket",
},
});
const bAcl = new aws.s3.BucketAclV2("b_acl", {
bucket: b.id,
acl: "private",
});
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
origins: [{
domainName: b.bucketRegionalDomainName,
originAccessControlId: _default.id,
originId: s3OriginId,
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
loggingConfig: {
includeCookies: false,
bucket: "mylogs.s3.amazonaws.com",
prefix: "myprefix",
},
aliases: [
"mysite.example.com",
"yoursite.example.com",
],
defaultCacheBehavior: {
allowedMethods: [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
viewerProtocolPolicy: "allow-all",
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
},
orderedCacheBehaviors: [
{
pathPattern: "/content/immutable/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
headers: ["Origin"],
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 86400,
maxTtl: 31536000,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
{
pathPattern: "/content/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
],
priceClass: "PriceClass_200",
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
tags: {
Environment: "production",
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
import pulumi
import pulumi_aws as aws
b = aws.s3.BucketV2("b",
bucket="mybucket",
tags={
"Name": "My bucket",
})
b_acl = aws.s3.BucketAclV2("b_acl",
bucket=b.id,
acl="private")
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[{
"domain_name": b.bucket_regional_domain_name,
"origin_access_control_id": default["id"],
"origin_id": s3_origin_id,
}],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
logging_config={
"include_cookies": False,
"bucket": "mylogs.s3.amazonaws.com",
"prefix": "myprefix",
},
aliases=[
"mysite.example.com",
"yoursite.example.com",
],
default_cache_behavior={
"allowed_methods": [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
"cached_methods": [
"GET",
"HEAD",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"cookies": {
"forward": "none",
},
},
"viewer_protocol_policy": "allow-all",
"min_ttl": 0,
"default_ttl": 3600,
"max_ttl": 86400,
},
ordered_cache_behaviors=[
{
"path_pattern": "/content/immutable/*",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"cached_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"headers": ["Origin"],
"cookies": {
"forward": "none",
},
},
"min_ttl": 0,
"default_ttl": 86400,
"max_ttl": 31536000,
"compress": True,
"viewer_protocol_policy": "redirect-to-https",
},
{
"path_pattern": "/content/*",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"cached_methods": [
"GET",
"HEAD",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"cookies": {
"forward": "none",
},
},
"min_ttl": 0,
"default_ttl": 3600,
"max_ttl": 86400,
"compress": True,
"viewer_protocol_policy": "redirect-to-https",
},
],
price_class="PriceClass_200",
restrictions={
"geo_restriction": {
"restriction_type": "whitelist",
"locations": [
"US",
"CA",
"GB",
"DE",
],
},
},
tags={
"Environment": "production",
},
viewer_certificate={
"cloudfront_default_certificate": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
b, err := s3.NewBucketV2(ctx, "b", &s3.BucketV2Args{
Bucket: pulumi.String("mybucket"),
Tags: pulumi.StringMap{
"Name": pulumi.String("My bucket"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "b_acl", &s3.BucketAclV2Args{
Bucket: b.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
s3OriginId := "myS3Origin"
_, err = cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: b.BucketRegionalDomainName,
OriginAccessControlId: pulumi.Any(_default.Id),
OriginId: pulumi.String(s3OriginId),
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
IncludeCookies: pulumi.Bool(false),
Bucket: pulumi.String("mylogs.s3.amazonaws.com"),
Prefix: pulumi.String("myprefix"),
},
Aliases: pulumi.StringArray{
pulumi.String("mysite.example.com"),
pulumi.String("yoursite.example.com"),
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("DELETE"),
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
pulumi.String("PATCH"),
pulumi.String("POST"),
pulumi.String("PUT"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
ViewerProtocolPolicy: pulumi.String("allow-all"),
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/immutable/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("Origin"),
},
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(86400),
MaxTtl: pulumi.Int(31536000),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
},
PriceClass: pulumi.String("PriceClass_200"),
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
Tags: pulumi.StringMap{
"Environment": pulumi.String("production"),
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var b = new Aws.S3.BucketV2("b", new()
{
Bucket = "mybucket",
Tags =
{
{ "Name", "My bucket" },
},
});
var bAcl = new Aws.S3.BucketAclV2("b_acl", new()
{
Bucket = b.Id,
Acl = "private",
});
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = b.BucketRegionalDomainName,
OriginAccessControlId = @default.Id,
OriginId = s3OriginId,
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
IncludeCookies = false,
Bucket = "mylogs.s3.amazonaws.com",
Prefix = "myprefix",
},
Aliases = new[]
{
"mysite.example.com",
"yoursite.example.com",
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
ViewerProtocolPolicy = "allow-all",
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/immutable/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Headers = new[]
{
"Origin",
},
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 86400,
MaxTtl = 31536000,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
},
PriceClass = "PriceClass_200",
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
Tags =
{
{ "Environment", "production" },
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionLoggingConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var b = new BucketV2("b", BucketV2Args.builder()
.bucket("mybucket")
.tags(Map.of("Name", "My bucket"))
.build());
var bAcl = new BucketAclV2("bAcl", BucketAclV2Args.builder()
.bucket(b.id())
.acl("private")
.build());
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(b.bucketRegionalDomainName())
.originAccessControlId(default_.id())
.originId(s3OriginId)
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.loggingConfig(DistributionLoggingConfigArgs.builder()
.includeCookies(false)
.bucket("mylogs.s3.amazonaws.com")
.prefix("myprefix")
.build())
.aliases(
"mysite.example.com",
"yoursite.example.com")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods(
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.viewerProtocolPolicy("allow-all")
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.build())
.orderedCacheBehaviors(
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/immutable/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.headers("Origin")
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(86400)
.maxTtl(31536000)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build(),
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build())
.priceClass("PriceClass_200")
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.tags(Map.of("Environment", "production"))
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
resources:
b:
type: aws:s3:BucketV2
properties:
bucket: mybucket
tags:
Name: My bucket
bAcl:
type: aws:s3:BucketAclV2
name: b_acl
properties:
bucket: ${b.id}
acl: private
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
origins:
- domainName: ${b.bucketRegionalDomainName}
originAccessControlId: ${default.id}
originId: ${s3OriginId}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
loggingConfig:
includeCookies: false
bucket: mylogs.s3.amazonaws.com
prefix: myprefix
aliases:
- mysite.example.com
- yoursite.example.com
defaultCacheBehavior:
allowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
viewerProtocolPolicy: allow-all
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
orderedCacheBehaviors:
- pathPattern: /content/immutable/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
headers:
- Origin
cookies:
forward: none
minTtl: 0
defaultTtl: 86400
maxTtl: 3.1536e+07
compress: true
viewerProtocolPolicy: redirect-to-https
- pathPattern: /content/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
compress: true
viewerProtocolPolicy: redirect-to-https
priceClass: PriceClass_200
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
tags:
Environment: production
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
With Failover Routing
The example below creates a CloudFront distribution with an origin group for failover routing.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
originGroups: [{
originId: "groupS3",
failoverCriteria: {
statusCodes: [
403,
404,
500,
502,
],
},
members: [
{
originId: "primaryS3",
},
{
originId: "failoverS3",
},
],
}],
origins: [
{
domainName: primary.bucketRegionalDomainName,
originId: "primaryS3",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
},
{
domainName: failover.bucketRegionalDomainName,
originId: "failoverS3",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
},
],
defaultCacheBehavior: {
targetOriginId: "groupS3",
},
});
import pulumi
import pulumi_aws as aws
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origin_groups=[{
"origin_id": "groupS3",
"failover_criteria": {
"status_codes": [
403,
404,
500,
502,
],
},
"members": [
{
"origin_id": "primaryS3",
},
{
"origin_id": "failoverS3",
},
],
}],
origins=[
{
"domain_name": primary["bucketRegionalDomainName"],
"origin_id": "primaryS3",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
},
{
"domain_name": failover["bucketRegionalDomainName"],
"origin_id": "failoverS3",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
},
],
default_cache_behavior={
"target_origin_id": "groupS3",
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
OriginId: pulumi.String("groupS3"),
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(403),
pulumi.Int(404),
pulumi.Int(500),
pulumi.Int(502),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("primaryS3"),
},
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("failoverS3"),
},
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(primary.BucketRegionalDomainName),
OriginId: pulumi.String("primaryS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(failover.BucketRegionalDomainName),
OriginId: pulumi.String("failoverS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
TargetOriginId: pulumi.String("groupS3"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
OriginId = "groupS3",
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
403,
404,
500,
502,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "primaryS3",
},
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "failoverS3",
},
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = primary.BucketRegionalDomainName,
OriginId = "primaryS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = failover.BucketRegionalDomainName,
OriginId = "failoverS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
TargetOriginId = "groupS3",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupFailoverCriteriaArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.originGroups(DistributionOriginGroupArgs.builder()
.originId("groupS3")
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(
403,
404,
500,
502)
.build())
.members(
DistributionOriginGroupMemberArgs.builder()
.originId("primaryS3")
.build(),
DistributionOriginGroupMemberArgs.builder()
.originId("failoverS3")
.build())
.build())
.origins(
DistributionOriginArgs.builder()
.domainName(primary.bucketRegionalDomainName())
.originId("primaryS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build(),
DistributionOriginArgs.builder()
.domainName(failover.bucketRegionalDomainName())
.originId("failoverS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.targetOriginId("groupS3")
.build())
.build());
}
}
resources:
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
originGroups:
- originId: groupS3
failoverCriteria:
statusCodes:
- 403
- 404
- 500
- 502
members:
- originId: primaryS3
- originId: failoverS3
origins:
- domainName: ${primary.bucketRegionalDomainName}
originId: primaryS3
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
- domainName: ${failover.bucketRegionalDomainName}
originId: failoverS3
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
defaultCacheBehavior:
targetOriginId: groupS3
With Managed Caching Policy
The example below creates a CloudFront distribution with an AWS managed caching policy.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
origins: [{
domainName: primary.bucketRegionalDomainName,
originId: "myS3Origin",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
defaultCacheBehavior: {
cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
},
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
import pulumi
import pulumi_aws as aws
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[{
"domain_name": primary["bucketRegionalDomainName"],
"origin_id": "myS3Origin",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
}],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
default_cache_behavior={
"cache_policy_id": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"target_origin_id": s3_origin_id,
},
restrictions={
"geo_restriction": {
"restriction_type": "whitelist",
"locations": [
"US",
"CA",
"GB",
"DE",
],
},
},
viewer_certificate={
"cloudfront_default_certificate": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
s3OriginId := "myS3Origin"
_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(primary.BucketRegionalDomainName),
OriginId: pulumi.String("myS3Origin"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
CachePolicyId: pulumi.String("4135ea2d-6df8-44a3-9df3-4b5a84be39ad"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
},
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = primary.BucketRegionalDomainName,
OriginId = "myS3Origin",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
CachePolicyId = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
},
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(primary.bucketRegionalDomainName())
.originId("myS3Origin")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.cachePolicyId("4135ea2d-6df8-44a3-9df3-4b5a84be39ad")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
resources:
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
origins:
- domainName: ${primary.bucketRegionalDomainName}
originId: myS3Origin
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
defaultCacheBehavior:
cachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
allowedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
Create Distribution Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Distribution(name: string, args: DistributionArgs, opts?: CustomResourceOptions);@overload
def Distribution(resource_name: str,
args: DistributionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Distribution(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
http_version: Optional[str] = None,
is_ipv6_enabled: Optional[bool] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
aliases: Optional[Sequence[str]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
default_root_object: Optional[str] = None,
price_class: Optional[str] = None,
continuous_deployment_policy_id: Optional[str] = None,
retain_on_delete: Optional[bool] = None,
staging: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
comment: Optional[str] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None)func NewDistribution(ctx *Context, name string, args DistributionArgs, opts ...ResourceOption) (*Distribution, error)public Distribution(string name, DistributionArgs args, CustomResourceOptions? opts = null)
public Distribution(String name, DistributionArgs args)
public Distribution(String name, DistributionArgs args, CustomResourceOptions options)
type: aws:cloudfront:Distribution
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var distributionResource = new Aws.CloudFront.Distribution("distributionResource", new()
{
Enabled = false,
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
AcmCertificateArn = "string",
CloudfrontDefaultCertificate = false,
IamCertificateId = "string",
MinimumProtocolVersion = "string",
SslSupportMethod = "string",
},
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "string",
Locations = new[]
{
"string",
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = "string",
OriginId = "string",
ConnectionAttempts = 0,
ConnectionTimeout = 0,
CustomHeaders = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginCustomHeaderArgs
{
Name = "string",
Value = "string",
},
},
CustomOriginConfig = new Aws.CloudFront.Inputs.DistributionOriginCustomOriginConfigArgs
{
HttpPort = 0,
HttpsPort = 0,
OriginProtocolPolicy = "string",
OriginSslProtocols = new[]
{
"string",
},
OriginKeepaliveTimeout = 0,
OriginReadTimeout = 0,
},
OriginAccessControlId = "string",
OriginPath = "string",
OriginShield = new Aws.CloudFront.Inputs.DistributionOriginOriginShieldArgs
{
Enabled = false,
OriginShieldRegion = "string",
},
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = "string",
},
VpcOriginConfig = new Aws.CloudFront.Inputs.DistributionOriginVpcOriginConfigArgs
{
VpcOriginId = "string",
OriginKeepaliveTimeout = 0,
OriginReadTimeout = 0,
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"string",
},
ViewerProtocolPolicy = "string",
CachedMethods = new[]
{
"string",
},
TargetOriginId = "string",
MaxTtl = 0,
MinTtl = 0,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "string",
WhitelistedNames = new[]
{
"string",
},
},
QueryString = false,
Headers = new[]
{
"string",
},
QueryStringCacheKeys = new[]
{
"string",
},
},
FunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorFunctionAssociationArgs
{
EventType = "string",
FunctionArn = "string",
},
},
GrpcConfig = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorGrpcConfigArgs
{
Enabled = false,
},
LambdaFunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
{
EventType = "string",
LambdaArn = "string",
IncludeBody = false,
},
},
DefaultTtl = 0,
FieldLevelEncryptionId = "string",
OriginRequestPolicyId = "string",
RealtimeLogConfigArn = "string",
ResponseHeadersPolicyId = "string",
SmoothStreaming = false,
Compress = false,
TrustedKeyGroups = new[]
{
"string",
},
TrustedSigners = new[]
{
"string",
},
CachePolicyId = "string",
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
AllowedMethods = new[]
{
"string",
},
ViewerProtocolPolicy = "string",
CachedMethods = new[]
{
"string",
},
TargetOriginId = "string",
PathPattern = "string",
MaxTtl = 0,
OriginRequestPolicyId = "string",
FunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorFunctionAssociationArgs
{
EventType = "string",
FunctionArn = "string",
},
},
GrpcConfig = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorGrpcConfigArgs
{
Enabled = false,
},
LambdaFunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
{
EventType = "string",
LambdaArn = "string",
IncludeBody = false,
},
},
FieldLevelEncryptionId = "string",
MinTtl = 0,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "string",
WhitelistedNames = new[]
{
"string",
},
},
QueryString = false,
Headers = new[]
{
"string",
},
QueryStringCacheKeys = new[]
{
"string",
},
},
DefaultTtl = 0,
RealtimeLogConfigArn = "string",
ResponseHeadersPolicyId = "string",
SmoothStreaming = false,
Compress = false,
TrustedKeyGroups = new[]
{
"string",
},
TrustedSigners = new[]
{
"string",
},
CachePolicyId = "string",
},
},
CustomErrorResponses = new[]
{
new Aws.CloudFront.Inputs.DistributionCustomErrorResponseArgs
{
ErrorCode = 0,
ErrorCachingMinTtl = 0,
ResponseCode = 0,
ResponsePagePath = "string",
},
},
HttpVersion = "string",
IsIpv6Enabled = false,
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
Bucket = "string",
IncludeCookies = false,
Prefix = "string",
},
Aliases = new[]
{
"string",
},
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
0,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "string",
},
},
OriginId = "string",
},
},
DefaultRootObject = "string",
PriceClass = "string",
ContinuousDeploymentPolicyId = "string",
RetainOnDelete = false,
Staging = false,
Tags =
{
{ "string", "string" },
},
Comment = "string",
WaitForDeployment = false,
WebAclId = "string",
});
example, err := cloudfront.NewDistribution(ctx, "distributionResource", &cloudfront.DistributionArgs{
Enabled: pulumi.Bool(false),
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
AcmCertificateArn: pulumi.String("string"),
CloudfrontDefaultCertificate: pulumi.Bool(false),
IamCertificateId: pulumi.String("string"),
MinimumProtocolVersion: pulumi.String("string"),
SslSupportMethod: pulumi.String("string"),
},
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("string"),
Locations: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.String("string"),
OriginId: pulumi.String("string"),
ConnectionAttempts: pulumi.Int(0),
ConnectionTimeout: pulumi.Int(0),
CustomHeaders: cloudfront.DistributionOriginCustomHeaderArray{
&cloudfront.DistributionOriginCustomHeaderArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
CustomOriginConfig: &cloudfront.DistributionOriginCustomOriginConfigArgs{
HttpPort: pulumi.Int(0),
HttpsPort: pulumi.Int(0),
OriginProtocolPolicy: pulumi.String("string"),
OriginSslProtocols: pulumi.StringArray{
pulumi.String("string"),
},
OriginKeepaliveTimeout: pulumi.Int(0),
OriginReadTimeout: pulumi.Int(0),
},
OriginAccessControlId: pulumi.String("string"),
OriginPath: pulumi.String("string"),
OriginShield: &cloudfront.DistributionOriginOriginShieldArgs{
Enabled: pulumi.Bool(false),
OriginShieldRegion: pulumi.String("string"),
},
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.String("string"),
},
VpcOriginConfig: &cloudfront.DistributionOriginVpcOriginConfigArgs{
VpcOriginId: pulumi.String("string"),
OriginKeepaliveTimeout: pulumi.Int(0),
OriginReadTimeout: pulumi.Int(0),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
ViewerProtocolPolicy: pulumi.String("string"),
CachedMethods: pulumi.StringArray{
pulumi.String("string"),
},
TargetOriginId: pulumi.String("string"),
MaxTtl: pulumi.Int(0),
MinTtl: pulumi.Int(0),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("string"),
WhitelistedNames: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("string"),
},
QueryStringCacheKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
FunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArray{
&cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArgs{
EventType: pulumi.String("string"),
FunctionArn: pulumi.String("string"),
},
},
GrpcConfig: &cloudfront.DistributionDefaultCacheBehaviorGrpcConfigArgs{
Enabled: pulumi.Bool(false),
},
LambdaFunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArray{
&cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs{
EventType: pulumi.String("string"),
LambdaArn: pulumi.String("string"),
IncludeBody: pulumi.Bool(false),
},
},
DefaultTtl: pulumi.Int(0),
FieldLevelEncryptionId: pulumi.String("string"),
OriginRequestPolicyId: pulumi.String("string"),
RealtimeLogConfigArn: pulumi.String("string"),
ResponseHeadersPolicyId: pulumi.String("string"),
SmoothStreaming: pulumi.Bool(false),
Compress: pulumi.Bool(false),
TrustedKeyGroups: pulumi.StringArray{
pulumi.String("string"),
},
TrustedSigners: pulumi.StringArray{
pulumi.String("string"),
},
CachePolicyId: pulumi.String("string"),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
ViewerProtocolPolicy: pulumi.String("string"),
CachedMethods: pulumi.StringArray{
pulumi.String("string"),
},
TargetOriginId: pulumi.String("string"),
PathPattern: pulumi.String("string"),
MaxTtl: pulumi.Int(0),
OriginRequestPolicyId: pulumi.String("string"),
FunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArray{
&cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArgs{
EventType: pulumi.String("string"),
FunctionArn: pulumi.String("string"),
},
},
GrpcConfig: &cloudfront.DistributionOrderedCacheBehaviorGrpcConfigArgs{
Enabled: pulumi.Bool(false),
},
LambdaFunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArray{
&cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs{
EventType: pulumi.String("string"),
LambdaArn: pulumi.String("string"),
IncludeBody: pulumi.Bool(false),
},
},
FieldLevelEncryptionId: pulumi.String("string"),
MinTtl: pulumi.Int(0),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("string"),
WhitelistedNames: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("string"),
},
QueryStringCacheKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
DefaultTtl: pulumi.Int(0),
RealtimeLogConfigArn: pulumi.String("string"),
ResponseHeadersPolicyId: pulumi.String("string"),
SmoothStreaming: pulumi.Bool(false),
Compress: pulumi.Bool(false),
TrustedKeyGroups: pulumi.StringArray{
pulumi.String("string"),
},
TrustedSigners: pulumi.StringArray{
pulumi.String("string"),
},
CachePolicyId: pulumi.String("string"),
},
},
CustomErrorResponses: cloudfront.DistributionCustomErrorResponseArray{
&cloudfront.DistributionCustomErrorResponseArgs{
ErrorCode: pulumi.Int(0),
ErrorCachingMinTtl: pulumi.Int(0),
ResponseCode: pulumi.Int(0),
ResponsePagePath: pulumi.String("string"),
},
},
HttpVersion: pulumi.String("string"),
IsIpv6Enabled: pulumi.Bool(false),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
Bucket: pulumi.String("string"),
IncludeCookies: pulumi.Bool(false),
Prefix: pulumi.String("string"),
},
Aliases: pulumi.StringArray{
pulumi.String("string"),
},
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(0),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("string"),
},
},
OriginId: pulumi.String("string"),
},
},
DefaultRootObject: pulumi.String("string"),
PriceClass: pulumi.String("string"),
ContinuousDeploymentPolicyId: pulumi.String("string"),
RetainOnDelete: pulumi.Bool(false),
Staging: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Comment: pulumi.String("string"),
WaitForDeployment: pulumi.Bool(false),
WebAclId: pulumi.String("string"),
})
var distributionResource = new Distribution("distributionResource", DistributionArgs.builder()
.enabled(false)
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.acmCertificateArn("string")
.cloudfrontDefaultCertificate(false)
.iamCertificateId("string")
.minimumProtocolVersion("string")
.sslSupportMethod("string")
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("string")
.locations("string")
.build())
.build())
.origins(DistributionOriginArgs.builder()
.domainName("string")
.originId("string")
.connectionAttempts(0)
.connectionTimeout(0)
.customHeaders(DistributionOriginCustomHeaderArgs.builder()
.name("string")
.value("string")
.build())
.customOriginConfig(DistributionOriginCustomOriginConfigArgs.builder()
.httpPort(0)
.httpsPort(0)
.originProtocolPolicy("string")
.originSslProtocols("string")
.originKeepaliveTimeout(0)
.originReadTimeout(0)
.build())
.originAccessControlId("string")
.originPath("string")
.originShield(DistributionOriginOriginShieldArgs.builder()
.enabled(false)
.originShieldRegion("string")
.build())
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity("string")
.build())
.vpcOriginConfig(DistributionOriginVpcOriginConfigArgs.builder()
.vpcOriginId("string")
.originKeepaliveTimeout(0)
.originReadTimeout(0)
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods("string")
.viewerProtocolPolicy("string")
.cachedMethods("string")
.targetOriginId("string")
.maxTtl(0)
.minTtl(0)
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("string")
.whitelistedNames("string")
.build())
.queryString(false)
.headers("string")
.queryStringCacheKeys("string")
.build())
.functionAssociations(DistributionDefaultCacheBehaviorFunctionAssociationArgs.builder()
.eventType("string")
.functionArn("string")
.build())
.grpcConfig(DistributionDefaultCacheBehaviorGrpcConfigArgs.builder()
.enabled(false)
.build())
.lambdaFunctionAssociations(DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs.builder()
.eventType("string")
.lambdaArn("string")
.includeBody(false)
.build())
.defaultTtl(0)
.fieldLevelEncryptionId("string")
.originRequestPolicyId("string")
.realtimeLogConfigArn("string")
.responseHeadersPolicyId("string")
.smoothStreaming(false)
.compress(false)
.trustedKeyGroups("string")
.trustedSigners("string")
.cachePolicyId("string")
.build())
.orderedCacheBehaviors(DistributionOrderedCacheBehaviorArgs.builder()
.allowedMethods("string")
.viewerProtocolPolicy("string")
.cachedMethods("string")
.targetOriginId("string")
.pathPattern("string")
.maxTtl(0)
.originRequestPolicyId("string")
.functionAssociations(DistributionOrderedCacheBehaviorFunctionAssociationArgs.builder()
.eventType("string")
.functionArn("string")
.build())
.grpcConfig(DistributionOrderedCacheBehaviorGrpcConfigArgs.builder()
.enabled(false)
.build())
.lambdaFunctionAssociations(DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs.builder()
.eventType("string")
.lambdaArn("string")
.includeBody(false)
.build())
.fieldLevelEncryptionId("string")
.minTtl(0)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("string")
.whitelistedNames("string")
.build())
.queryString(false)
.headers("string")
.queryStringCacheKeys("string")
.build())
.defaultTtl(0)
.realtimeLogConfigArn("string")
.responseHeadersPolicyId("string")
.smoothStreaming(false)
.compress(false)
.trustedKeyGroups("string")
.trustedSigners("string")
.cachePolicyId("string")
.build())
.customErrorResponses(DistributionCustomErrorResponseArgs.builder()
.errorCode(0)
.errorCachingMinTtl(0)
.responseCode(0)
.responsePagePath("string")
.build())
.httpVersion("string")
.isIpv6Enabled(false)
.loggingConfig(DistributionLoggingConfigArgs.builder()
.bucket("string")
.includeCookies(false)
.prefix("string")
.build())
.aliases("string")
.originGroups(DistributionOriginGroupArgs.builder()
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(0)
.build())
.members(DistributionOriginGroupMemberArgs.builder()
.originId("string")
.build())
.originId("string")
.build())
.defaultRootObject("string")
.priceClass("string")
.continuousDeploymentPolicyId("string")
.retainOnDelete(false)
.staging(false)
.tags(Map.of("string", "string"))
.comment("string")
.waitForDeployment(false)
.webAclId("string")
.build());
distribution_resource = aws.cloudfront.Distribution("distributionResource",
enabled=False,
viewer_certificate={
"acm_certificate_arn": "string",
"cloudfront_default_certificate": False,
"iam_certificate_id": "string",
"minimum_protocol_version": "string",
"ssl_support_method": "string",
},
restrictions={
"geo_restriction": {
"restriction_type": "string",
"locations": ["string"],
},
},
origins=[{
"domain_name": "string",
"origin_id": "string",
"connection_attempts": 0,
"connection_timeout": 0,
"custom_headers": [{
"name": "string",
"value": "string",
}],
"custom_origin_config": {
"http_port": 0,
"https_port": 0,
"origin_protocol_policy": "string",
"origin_ssl_protocols": ["string"],
"origin_keepalive_timeout": 0,
"origin_read_timeout": 0,
},
"origin_access_control_id": "string",
"origin_path": "string",
"origin_shield": {
"enabled": False,
"origin_shield_region": "string",
},
"s3_origin_config": {
"origin_access_identity": "string",
},
"vpc_origin_config": {
"vpc_origin_id": "string",
"origin_keepalive_timeout": 0,
"origin_read_timeout": 0,
},
}],
default_cache_behavior={
"allowed_methods": ["string"],
"viewer_protocol_policy": "string",
"cached_methods": ["string"],
"target_origin_id": "string",
"max_ttl": 0,
"min_ttl": 0,
"forwarded_values": {
"cookies": {
"forward": "string",
"whitelisted_names": ["string"],
},
"query_string": False,
"headers": ["string"],
"query_string_cache_keys": ["string"],
},
"function_associations": [{
"event_type": "string",
"function_arn": "string",
}],
"grpc_config": {
"enabled": False,
},
"lambda_function_associations": [{
"event_type": "string",
"lambda_arn": "string",
"include_body": False,
}],
"default_ttl": 0,
"field_level_encryption_id": "string",
"origin_request_policy_id": "string",
"realtime_log_config_arn": "string",
"response_headers_policy_id": "string",
"smooth_streaming": False,
"compress": False,
"trusted_key_groups": ["string"],
"trusted_signers": ["string"],
"cache_policy_id": "string",
},
ordered_cache_behaviors=[{
"allowed_methods": ["string"],
"viewer_protocol_policy": "string",
"cached_methods": ["string"],
"target_origin_id": "string",
"path_pattern": "string",
"max_ttl": 0,
"origin_request_policy_id": "string",
"function_associations": [{
"event_type": "string",
"function_arn": "string",
}],
"grpc_config": {
"enabled": False,
},
"lambda_function_associations": [{
"event_type": "string",
"lambda_arn": "string",
"include_body": False,
}],
"field_level_encryption_id": "string",
"min_ttl": 0,
"forwarded_values": {
"cookies": {
"forward": "string",
"whitelisted_names": ["string"],
},
"query_string": False,
"headers": ["string"],
"query_string_cache_keys": ["string"],
},
"default_ttl": 0,
"realtime_log_config_arn": "string",
"response_headers_policy_id": "string",
"smooth_streaming": False,
"compress": False,
"trusted_key_groups": ["string"],
"trusted_signers": ["string"],
"cache_policy_id": "string",
}],
custom_error_responses=[{
"error_code": 0,
"error_caching_min_ttl": 0,
"response_code": 0,
"response_page_path": "string",
}],
http_version="string",
is_ipv6_enabled=False,
logging_config={
"bucket": "string",
"include_cookies": False,
"prefix": "string",
},
aliases=["string"],
origin_groups=[{
"failover_criteria": {
"status_codes": [0],
},
"members": [{
"origin_id": "string",
}],
"origin_id": "string",
}],
default_root_object="string",
price_class="string",
continuous_deployment_policy_id="string",
retain_on_delete=False,
staging=False,
tags={
"string": "string",
},
comment="string",
wait_for_deployment=False,
web_acl_id="string")
const distributionResource = new aws.cloudfront.Distribution("distributionResource", {
enabled: false,
viewerCertificate: {
acmCertificateArn: "string",
cloudfrontDefaultCertificate: false,
iamCertificateId: "string",
minimumProtocolVersion: "string",
sslSupportMethod: "string",
},
restrictions: {
geoRestriction: {
restrictionType: "string",
locations: ["string"],
},
},
origins: [{
domainName: "string",
originId: "string",
connectionAttempts: 0,
connectionTimeout: 0,
customHeaders: [{
name: "string",
value: "string",
}],
customOriginConfig: {
httpPort: 0,
httpsPort: 0,
originProtocolPolicy: "string",
originSslProtocols: ["string"],
originKeepaliveTimeout: 0,
originReadTimeout: 0,
},
originAccessControlId: "string",
originPath: "string",
originShield: {
enabled: false,
originShieldRegion: "string",
},
s3OriginConfig: {
originAccessIdentity: "string",
},
vpcOriginConfig: {
vpcOriginId: "string",
originKeepaliveTimeout: 0,
originReadTimeout: 0,
},
}],
defaultCacheBehavior: {
allowedMethods: ["string"],
viewerProtocolPolicy: "string",
cachedMethods: ["string"],
targetOriginId: "string",
maxTtl: 0,
minTtl: 0,
forwardedValues: {
cookies: {
forward: "string",
whitelistedNames: ["string"],
},
queryString: false,
headers: ["string"],
queryStringCacheKeys: ["string"],
},
functionAssociations: [{
eventType: "string",
functionArn: "string",
}],
grpcConfig: {
enabled: false,
},
lambdaFunctionAssociations: [{
eventType: "string",
lambdaArn: "string",
includeBody: false,
}],
defaultTtl: 0,
fieldLevelEncryptionId: "string",
originRequestPolicyId: "string",
realtimeLogConfigArn: "string",
responseHeadersPolicyId: "string",
smoothStreaming: false,
compress: false,
trustedKeyGroups: ["string"],
trustedSigners: ["string"],
cachePolicyId: "string",
},
orderedCacheBehaviors: [{
allowedMethods: ["string"],
viewerProtocolPolicy: "string",
cachedMethods: ["string"],
targetOriginId: "string",
pathPattern: "string",
maxTtl: 0,
originRequestPolicyId: "string",
functionAssociations: [{
eventType: "string",
functionArn: "string",
}],
grpcConfig: {
enabled: false,
},
lambdaFunctionAssociations: [{
eventType: "string",
lambdaArn: "string",
includeBody: false,
}],
fieldLevelEncryptionId: "string",
minTtl: 0,
forwardedValues: {
cookies: {
forward: "string",
whitelistedNames: ["string"],
},
queryString: false,
headers: ["string"],
queryStringCacheKeys: ["string"],
},
defaultTtl: 0,
realtimeLogConfigArn: "string",
responseHeadersPolicyId: "string",
smoothStreaming: false,
compress: false,
trustedKeyGroups: ["string"],
trustedSigners: ["string"],
cachePolicyId: "string",
}],
customErrorResponses: [{
errorCode: 0,
errorCachingMinTtl: 0,
responseCode: 0,
responsePagePath: "string",
}],
httpVersion: "string",
isIpv6Enabled: false,
loggingConfig: {
bucket: "string",
includeCookies: false,
prefix: "string",
},
aliases: ["string"],
originGroups: [{
failoverCriteria: {
statusCodes: [0],
},
members: [{
originId: "string",
}],
originId: "string",
}],
defaultRootObject: "string",
priceClass: "string",
continuousDeploymentPolicyId: "string",
retainOnDelete: false,
staging: false,
tags: {
string: "string",
},
comment: "string",
waitForDeployment: false,
webAclId: "string",
});
type: aws:cloudfront:Distribution
properties:
aliases:
- string
comment: string
continuousDeploymentPolicyId: string
customErrorResponses:
- errorCachingMinTtl: 0
errorCode: 0
responseCode: 0
responsePagePath: string
defaultCacheBehavior:
allowedMethods:
- string
cachePolicyId: string
cachedMethods:
- string
compress: false
defaultTtl: 0
fieldLevelEncryptionId: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
- string
headers:
- string
queryString: false
queryStringCacheKeys:
- string
functionAssociations:
- eventType: string
functionArn: string
grpcConfig:
enabled: false
lambdaFunctionAssociations:
- eventType: string
includeBody: false
lambdaArn: string
maxTtl: 0
minTtl: 0
originRequestPolicyId: string
realtimeLogConfigArn: string
responseHeadersPolicyId: string
smoothStreaming: false
targetOriginId: string
trustedKeyGroups:
- string
trustedSigners:
- string
viewerProtocolPolicy: string
defaultRootObject: string
enabled: false
httpVersion: string
isIpv6Enabled: false
loggingConfig:
bucket: string
includeCookies: false
prefix: string
orderedCacheBehaviors:
- allowedMethods:
- string
cachePolicyId: string
cachedMethods:
- string
compress: false
defaultTtl: 0
fieldLevelEncryptionId: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
- string
headers:
- string
queryString: false
queryStringCacheKeys:
- string
functionAssociations:
- eventType: string
functionArn: string
grpcConfig:
enabled: false
lambdaFunctionAssociations:
- eventType: string
includeBody: false
lambdaArn: string
maxTtl: 0
minTtl: 0
originRequestPolicyId: string
pathPattern: string
realtimeLogConfigArn: string
responseHeadersPolicyId: string
smoothStreaming: false
targetOriginId: string
trustedKeyGroups:
- string
trustedSigners:
- string
viewerProtocolPolicy: string
originGroups:
- failoverCriteria:
statusCodes:
- 0
members:
- originId: string
originId: string
origins:
- connectionAttempts: 0
connectionTimeout: 0
customHeaders:
- name: string
value: string
customOriginConfig:
httpPort: 0
httpsPort: 0
originKeepaliveTimeout: 0
originProtocolPolicy: string
originReadTimeout: 0
originSslProtocols:
- string
domainName: string
originAccessControlId: string
originId: string
originPath: string
originShield:
enabled: false
originShieldRegion: string
s3OriginConfig:
originAccessIdentity: string
vpcOriginConfig:
originKeepaliveTimeout: 0
originReadTimeout: 0
vpcOriginId: string
priceClass: string
restrictions:
geoRestriction:
locations:
- string
restrictionType: string
retainOnDelete: false
staging: false
tags:
string: string
viewerCertificate:
acmCertificateArn: string
cloudfrontDefaultCertificate: false
iamCertificateId: string
minimumProtocolVersion: string
sslSupportMethod: string
waitForDeployment: false
webAclId: string
Distribution Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Distribution resource accepts the following input properties:
- Default
Cache DistributionBehavior Default Cache Behavior - Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origins
List<Distribution
Origin> - Restrictions
Distribution
Restrictions - Viewer
Certificate DistributionViewer Certificate - Aliases List<string>
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error List<DistributionResponses Custom Error Response> - Default
Root stringObject - Http
Version string - Is
Ipv6Enabled bool - Logging
Config DistributionLogging Config - Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Origin
Groups List<DistributionOrigin Group> - Price
Class string - Retain
On boolDelete - Staging bool
- Dictionary<string, string>
- Wait
For boolDeployment - Web
Acl stringId
- Default
Cache DistributionBehavior Default Cache Behavior Args - Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origins
[]Distribution
Origin Args - Restrictions
Distribution
Restrictions Args - Viewer
Certificate DistributionViewer Certificate Args - Aliases []string
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error []DistributionResponses Custom Error Response Args - Default
Root stringObject - Http
Version string - Is
Ipv6Enabled bool - Logging
Config DistributionLogging Config Args - Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args - Origin
Groups []DistributionOrigin Group Args - Price
Class string - Retain
On boolDelete - Staging bool
- map[string]string
- Wait
For boolDeployment - Web
Acl stringId
- default
Cache DistributionBehavior Default Cache Behavior - enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins
List<Distribution
Origin> - restrictions
Distribution
Restrictions - viewer
Certificate DistributionViewer Certificate - aliases List<String>
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<DistributionResponses Custom Error Response> - default
Root StringObject - http
Version String - is
Ipv6Enabled Boolean - logging
Config DistributionLogging Config - ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - origin
Groups List<DistributionOrigin Group> - price
Class String - retain
On BooleanDelete - staging Boolean
- Map<String,String>
- wait
For BooleanDeployment - web
Acl StringId
- default
Cache DistributionBehavior Default Cache Behavior - enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins
Distribution
Origin[] - restrictions
Distribution
Restrictions - viewer
Certificate DistributionViewer Certificate - aliases string[]
- comment string
- continuous
Deployment stringPolicy Id - custom
Error DistributionResponses Custom Error Response[] - default
Root stringObject - http
Version string - is
Ipv6Enabled boolean - logging
Config DistributionLogging Config - ordered
Cache DistributionBehaviors Ordered Cache Behavior[] - origin
Groups DistributionOrigin Group[] - price
Class string - retain
On booleanDelete - staging boolean
- {[key: string]: string}
- wait
For booleanDeployment - web
Acl stringId
- default_
cache_ Distributionbehavior Default Cache Behavior Args - enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins
Sequence[Distribution
Origin Args] - restrictions
Distribution
Restrictions Args - viewer_
certificate DistributionViewer Certificate Args - aliases Sequence[str]
- comment str
- continuous_
deployment_ strpolicy_ id - custom_
error_ Sequence[Distributionresponses Custom Error Response Args] - default_
root_ strobject - http_
version str - is_
ipv6_ boolenabled - logging_
config DistributionLogging Config Args - ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] - origin_
groups Sequence[DistributionOrigin Group Args] - price_
class str - retain_
on_ booldelete - staging bool
- Mapping[str, str]
- wait_
for_ booldeployment - web_
acl_ strid
- default
Cache Property MapBehavior - enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins List<Property Map>
- restrictions Property Map
- viewer
Certificate Property Map - aliases List<String>
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<Property Map>Responses - default
Root StringObject - http
Version String - is
Ipv6Enabled Boolean - logging
Config Property Map - ordered
Cache List<Property Map>Behaviors - origin
Groups List<Property Map> - price
Class String - retain
On BooleanDelete - staging Boolean
- Map<String>
- wait
For BooleanDeployment - web
Acl StringId
Outputs
All input properties are implicitly available as output properties. Additionally, the Distribution resource produces the following output properties:
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Id string
- The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Id string
- The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key []DistributionGroups Trusted Key Group - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []DistributionTrusted Signer - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id String
- The provider-assigned unique ID for this managed resource.
- in
Progress IntegerValidation Batches - Number of invalidation batches currently in progress.
- last
Modified StringTime - Date and time the distribution was last modified.
- status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id string
- The provider-assigned unique ID for this managed resource.
- in
Progress numberValidation Batches - Number of invalidation batches currently in progress.
- last
Modified stringTime - Date and time the distribution was last modified.
- status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key DistributionGroups Trusted Key Group[] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers DistributionTrusted Signer[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn str
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller_
reference str - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag str
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted_
zone_ strid - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id str
- The provider-assigned unique ID for this managed resource.
- in_
progress_ intvalidation_ batches - Number of invalidation batches currently in progress.
- last_
modified_ strtime - Date and time the distribution was last modified.
- status str
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted_
key_ Sequence[Distributiongroups Trusted Key Group] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[DistributionTrusted Signer] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id String
- The provider-assigned unique ID for this managed resource.
- in
Progress NumberValidation Batches - Number of invalidation batches currently in progress.
- last
Modified StringTime - Date and time the distribution was last modified.
- status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<Property Map>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<Property Map> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
Look up Existing Distribution Resource
Get an existing Distribution resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DistributionState, opts?: CustomResourceOptions): Distribution@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aliases: Optional[Sequence[str]] = None,
arn: Optional[str] = None,
caller_reference: Optional[str] = None,
comment: Optional[str] = None,
continuous_deployment_policy_id: Optional[str] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
default_root_object: Optional[str] = None,
domain_name: Optional[str] = None,
enabled: Optional[bool] = None,
etag: Optional[str] = None,
hosted_zone_id: Optional[str] = None,
http_version: Optional[str] = None,
in_progress_validation_batches: Optional[int] = None,
is_ipv6_enabled: Optional[bool] = None,
last_modified_time: Optional[str] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
price_class: Optional[str] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
retain_on_delete: Optional[bool] = None,
staging: Optional[bool] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
trusted_key_groups: Optional[Sequence[DistributionTrustedKeyGroupArgs]] = None,
trusted_signers: Optional[Sequence[DistributionTrustedSignerArgs]] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None) -> Distributionfunc GetDistribution(ctx *Context, name string, id IDInput, state *DistributionState, opts ...ResourceOption) (*Distribution, error)public static Distribution Get(string name, Input<string> id, DistributionState? state, CustomResourceOptions? opts = null)public static Distribution get(String name, Output<String> id, DistributionState state, CustomResourceOptions options)resources: _: type: aws:cloudfront:Distribution get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aliases List<string>
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error List<DistributionResponses Custom Error Response> - Default
Cache DistributionBehavior Default Cache Behavior - Default
Root stringObject - Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Http
Version string - In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool - Last
Modified stringTime - Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config - Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Origin
Groups List<DistributionOrigin Group> - Origins
List<Distribution
Origin> - Price
Class string - Restrictions
Distribution
Restrictions - Retain
On boolDelete - Staging bool
- Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Dictionary<string, string>
- Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Viewer
Certificate DistributionViewer Certificate - Wait
For boolDeployment - Web
Acl stringId
- Aliases []string
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error []DistributionResponses Custom Error Response Args - Default
Cache DistributionBehavior Default Cache Behavior Args - Default
Root stringObject - Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Http
Version string - In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool - Last
Modified stringTime - Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config Args - Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args - Origin
Groups []DistributionOrigin Group Args - Origins
[]Distribution
Origin Args - Price
Class string - Restrictions
Distribution
Restrictions Args - Retain
On boolDelete - Staging bool
- Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - map[string]string
- map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key []DistributionGroups Trusted Key Group Args - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []DistributionTrusted Signer Args - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Viewer
Certificate DistributionViewer Certificate Args - Wait
For boolDeployment - Web
Acl stringId
- aliases List<String>
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<DistributionResponses Custom Error Response> - default
Cache DistributionBehavior Default Cache Behavior - default
Root StringObject - domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http
Version String - in
Progress IntegerValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean - last
Modified StringTime - Date and time the distribution was last modified.
- logging
Config DistributionLogging Config - ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - origin
Groups List<DistributionOrigin Group> - origins
List<Distribution
Origin> - price
Class String - restrictions
Distribution
Restrictions - retain
On BooleanDelete - staging Boolean
- status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String,String>
- Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate DistributionViewer Certificate - wait
For BooleanDeployment - web
Acl StringId
- aliases string[]
- arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment string
- continuous
Deployment stringPolicy Id - custom
Error DistributionResponses Custom Error Response[] - default
Cache DistributionBehavior Default Cache Behavior - default
Root stringObject - domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http
Version string - in
Progress numberValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled boolean - last
Modified stringTime - Date and time the distribution was last modified.
- logging
Config DistributionLogging Config - ordered
Cache DistributionBehaviors Ordered Cache Behavior[] - origin
Groups DistributionOrigin Group[] - origins
Distribution
Origin[] - price
Class string - restrictions
Distribution
Restrictions - retain
On booleanDelete - staging boolean
- status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - {[key: string]: string}
- {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key DistributionGroups Trusted Key Group[] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers DistributionTrusted Signer[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate DistributionViewer Certificate - wait
For booleanDeployment - web
Acl stringId
- aliases Sequence[str]
- arn str
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller_
reference str - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment str
- continuous_
deployment_ strpolicy_ id - custom_
error_ Sequence[Distributionresponses Custom Error Response Args] - default_
cache_ Distributionbehavior Default Cache Behavior Args - default_
root_ strobject - domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag str
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted_
zone_ strid - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http_
version str - in_
progress_ intvalidation_ batches - Number of invalidation batches currently in progress.
- is_
ipv6_ boolenabled - last_
modified_ strtime - Date and time the distribution was last modified.
- logging_
config DistributionLogging Config Args - ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] - origin_
groups Sequence[DistributionOrigin Group Args] - origins
Sequence[Distribution
Origin Args] - price_
class str - restrictions
Distribution
Restrictions Args - retain_
on_ booldelete - staging bool
- status str
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Mapping[str, str]
- Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted_
key_ Sequence[Distributiongroups Trusted Key Group Args] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[DistributionTrusted Signer Args] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer_
certificate DistributionViewer Certificate Args - wait_
for_ booldeployment - web_
acl_ strid
- aliases List<String>
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<Property Map>Responses - default
Cache Property MapBehavior - default
Root StringObject - domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http
Version String - in
Progress NumberValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean - last
Modified StringTime - Date and time the distribution was last modified.
- logging
Config Property Map - ordered
Cache List<Property Map>Behaviors - origin
Groups List<Property Map> - origins List<Property Map>
- price
Class String - restrictions Property Map
- retain
On BooleanDelete - staging Boolean
- status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String>
- Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<Property Map>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<Property Map> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate Property Map - wait
For BooleanDeployment - web
Acl StringId
Supporting Types
DistributionCustomErrorResponse, DistributionCustomErrorResponseArgs
- Error
Code int - 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath - Path of the custom error page (for example,
/custom_404.html).
- Error
Code int - 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath - Path of the custom error page (for example,
/custom_404.html).
- error
Code Integer - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching IntegerMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Integer - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath - Path of the custom error page (for example,
/custom_404.html).
- error
Code number - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching numberMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code number - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page stringPath - Path of the custom error page (for example,
/custom_404.html).
- error_
code int - 4xx or 5xx HTTP status code that you want to customize.
- error_
caching_ intmin_ ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response_
code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response_
page_ strpath - Path of the custom error page (for example,
/custom_404.html).
- error
Code Number - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching NumberMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Number - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath - Path of the custom error page (for example,
/custom_404.html).
DistributionDefaultCacheBehavior, DistributionDefaultCacheBehaviorArgs
- Allowed
Methods List<string> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionDefault Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<string> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Allowed
Methods []string - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionDefault Cache Behavior Function Association - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function []DistributionAssociations Default Cache Behavior Lambda Function Association - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []string - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Integer - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionDefault Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Integer - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods string[] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level stringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionDefault Cache Behavior Function Association[] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function DistributionAssociations Default Cache Behavior Lambda Function Association[] - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers string[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed_
methods Sequence[str] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target_
origin_ strid - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache_
policy_ strid - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default_
ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field_
level_ strencryption_ id - Field level encryption configuration ID.
- forwarded_
values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionDefault Cache Behavior Function Association] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc_
config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda_
function_ Sequence[Distributionassociations Default Cache Behavior Lambda Function Association] - A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min_
ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin_
request_ strpolicy_ id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id - Identifier for a response headers policy.
- smooth_
streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[str] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values Property Map - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config Property Map - A config block that sets the grpc config.
- lambda
Function List<Property Map>Associations - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
DistributionDefaultCacheBehaviorForwardedValues, DistributionDefaultCacheBehaviorForwardedValuesArgs
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String List<string>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String []stringCache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String string[]Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query_
string_ Sequence[str]cache_ keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
- Property Map
- The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
DistributionDefaultCacheBehaviorForwardedValuesCookies, DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names List<string> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names []string - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names string[] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted_
names Sequence[str] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionDefaultCacheBehaviorFunctionAssociation, DistributionDefaultCacheBehaviorFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn string - ARN of the CloudFront function.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function_
arn str - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
DistributionDefaultCacheBehaviorGrpcConfig, DistributionDefaultCacheBehaviorGrpcConfigArgs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
DistributionDefaultCacheBehaviorLambdaFunctionAssociation, DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn string - ARN of the Lambda function.
- include
Body boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda_
arn str - ARN of the Lambda function.
- include_
body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
DistributionLoggingConfig, DistributionLoggingConfigArgs
- Bucket string
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - bool
- Whether to include cookies in access logs (default:
false). - Prefix string
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- Bucket string
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - bool
- Whether to include cookies in access logs (default:
false). - Prefix string
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket String
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - Boolean
- Whether to include cookies in access logs (default:
false). - prefix String
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket string
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - boolean
- Whether to include cookies in access logs (default:
false). - prefix string
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket str
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - bool
- Whether to include cookies in access logs (default:
false). - prefix str
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket String
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - Boolean
- Whether to include cookies in access logs (default:
false). - prefix String
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
DistributionOrderedCacheBehavior, DistributionOrderedCacheBehaviorArgs
- Allowed
Methods List<string> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionOrdered Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<string> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Allowed
Methods []string - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionOrdered Cache Behavior Function Association - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function []DistributionAssociations Ordered Cache Behavior Lambda Function Association - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []string - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Integer - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionOrdered Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Integer - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods string[] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern string - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level stringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionOrdered Cache Behavior Function Association[] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function DistributionAssociations Ordered Cache Behavior Lambda Function Association[] - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers string[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed_
methods Sequence[str] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path_
pattern str - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target_
origin_ strid - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache_
policy_ strid - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default_
ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field_
level_ strencryption_ id - Field level encryption configuration ID.
- forwarded_
values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionOrdered Cache Behavior Function Association] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc_
config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda_
function_ Sequence[Distributionassociations Ordered Cache Behavior Lambda Function Association] - A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min_
ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin_
request_ strpolicy_ id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id - Identifier for a response headers policy.
- smooth_
streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[str] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values Property Map - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config Property Map - A config block that sets the grpc config.
- lambda
Function List<Property Map>Associations - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
DistributionOrderedCacheBehaviorForwardedValues, DistributionOrderedCacheBehaviorForwardedValuesArgs
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String List<string>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String []stringCache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String string[]Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query_
string_ Sequence[str]cache_ keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
- Property Map
- The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
DistributionOrderedCacheBehaviorForwardedValuesCookies, DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names List<string> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names []string - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names string[] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted_
names Sequence[str] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionOrderedCacheBehaviorFunctionAssociation, DistributionOrderedCacheBehaviorFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn string - ARN of the CloudFront function.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function_
arn str - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
DistributionOrderedCacheBehaviorGrpcConfig, DistributionOrderedCacheBehaviorGrpcConfigArgs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs
DistributionOrderedCacheBehaviorLambdaFunctionAssociation, DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn string - ARN of the Lambda function.
- include
Body boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda_
arn str - ARN of the Lambda function.
- include_
body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
DistributionOrigin, DistributionOriginArgs
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Origin
Id string - Connection
Attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers List<DistributionOrigin Custom Header> - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - Custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - Origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - Vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Origin
Id string - Connection
Attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers []DistributionOrigin Custom Header - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - Custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - Origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - Vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin
Id String - connection
Attempts Integer - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Integer - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<DistributionOrigin Custom Header> - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin
Access StringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin
Id string - connection
Attempts number - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout number - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers DistributionOrigin Custom Header[] - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin_
id str - connection_
attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection_
timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom_
headers Sequence[DistributionOrigin Custom Header] - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom_
origin_ Distributionconfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin_
access_ strcontrol_ id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin_
path str - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin_
shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3_
origin_ Distributionconfig Origin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc_
origin_ Distributionconfig Origin Vpc Origin Config - The VPC origin configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin
Id String - connection
Attempts Number - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Number - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<Property Map> - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin Property MapConfig - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin
Access StringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield Property Map - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config Property Map - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc
Origin Property MapConfig - The VPC origin configuration.
DistributionOriginCustomHeader, DistributionOriginCustomHeaderArgs
DistributionOriginCustomOriginConfig, DistributionOriginCustomOriginConfigArgs
- Http
Port int - HTTP port the custom origin listens on.
- Https
Port int - HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - Origin
Ssl List<string>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - Origin
Keepalive intTimeout - Origin
Read intTimeout
- Http
Port int - HTTP port the custom origin listens on.
- Https
Port int - HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - Origin
Ssl []stringProtocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - Origin
Keepalive intTimeout - Origin
Read intTimeout
- http
Port Integer - HTTP port the custom origin listens on.
- https
Port Integer - HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin
Ssl List<String>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive IntegerTimeout - origin
Read IntegerTimeout
- http
Port number - HTTP port the custom origin listens on.
- https
Port number - HTTPS port the custom origin listens on.
- origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin
Ssl string[]Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive numberTimeout - origin
Read numberTimeout
- http_
port int - HTTP port the custom origin listens on.
- https_
port int - HTTPS port the custom origin listens on.
- origin_
protocol_ strpolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin_
ssl_ Sequence[str]protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin_
keepalive_ inttimeout - origin_
read_ inttimeout
- http
Port Number - HTTP port the custom origin listens on.
- https
Port Number - HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin
Ssl List<String>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive NumberTimeout - origin
Read NumberTimeout
DistributionOriginGroup, DistributionOriginGroupArgs
- Failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- Members
List<Distribution
Origin Group Member> - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string
- Failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- Members
[]Distribution
Origin Group Member - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string
- failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
List<Distribution
Origin Group Member> - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String
- failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
Distribution
Origin Group Member[] - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id string
- failover_
criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
Sequence[Distribution
Origin Group Member] - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin_
id str
- failover
Criteria Property Map - The failover criteria for when to failover to the secondary origin.
- members List<Property Map>
- Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String
DistributionOriginGroupFailoverCriteria, DistributionOriginGroupFailoverCriteriaArgs
- Status
Codes List<int> - List of HTTP status codes for the origin group.
- Status
Codes []int - List of HTTP status codes for the origin group.
- status
Codes List<Integer> - List of HTTP status codes for the origin group.
- status
Codes number[] - List of HTTP status codes for the origin group.
- status_
codes Sequence[int] - List of HTTP status codes for the origin group.
- status
Codes List<Number> - List of HTTP status codes for the origin group.
DistributionOriginGroupMember, DistributionOriginGroupMemberArgs
- Origin
Id string
- Origin
Id string
- origin
Id String
- origin
Id string
- origin_
id str
- origin
Id String
DistributionOriginOriginShield, DistributionOriginOriginShieldArgs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin
Shield StringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin_
shield_ strregion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin
Shield StringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
DistributionOriginS3OriginConfig, DistributionOriginS3OriginConfigArgs
- Origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- Origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity - The CloudFront origin access identity to associate with the origin.
- origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- origin_
access_ stridentity - The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity - The CloudFront origin access identity to associate with the origin.
DistributionOriginVpcOriginConfig, DistributionOriginVpcOriginConfigArgs
- Vpc
Origin stringId - The VPC origin ID.
- Origin
Keepalive intTimeout - Origin
Read intTimeout
- Vpc
Origin stringId - The VPC origin ID.
- Origin
Keepalive intTimeout - Origin
Read intTimeout
- vpc
Origin StringId - The VPC origin ID.
- origin
Keepalive IntegerTimeout - origin
Read IntegerTimeout
- vpc
Origin stringId - The VPC origin ID.
- origin
Keepalive numberTimeout - origin
Read numberTimeout
- vpc_
origin_ strid - The VPC origin ID.
- origin_
keepalive_ inttimeout - origin_
read_ inttimeout
- vpc
Origin StringId - The VPC origin ID.
- origin
Keepalive NumberTimeout - origin
Read NumberTimeout
DistributionRestrictions, DistributionRestrictionsArgs
DistributionRestrictionsGeoRestriction, DistributionRestrictionsGeoRestrictionArgs
- Restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - Locations List<string>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- Restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - Locations []string
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type String - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations List<String>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations string[]
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction_
type str - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations Sequence[str]
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type String - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations List<String>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
DistributionTrustedKeyGroup, DistributionTrustedKeyGroupArgs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
List<Distribution
Trusted Key Group Item> - List of nested attributes for each trusted signer
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
[]Distribution
Trusted Key Group Item - List of nested attributes for each trusted signer
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
List<Distribution
Trusted Key Group Item> - List of nested attributes for each trusted signer
- enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Distribution
Trusted Key Group Item[] - List of nested attributes for each trusted signer
- enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Sequence[Distribution
Trusted Key Group Item] - List of nested attributes for each trusted signer
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items List<Property Map>
- List of nested attributes for each trusted signer
DistributionTrustedKeyGroupItem, DistributionTrustedKeyGroupItemArgs
- Key
Group stringId - ID of the key group that contains the public keys.
- Key
Pair List<string>Ids - Set of active CloudFront key pairs associated with the signer account
- Key
Group stringId - ID of the key group that contains the public keys.
- Key
Pair []stringIds - Set of active CloudFront key pairs associated with the signer account
- key
Group StringId - ID of the key group that contains the public keys.
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
- key
Group stringId - ID of the key group that contains the public keys.
- key
Pair string[]Ids - Set of active CloudFront key pairs associated with the signer account
- key_
group_ strid - ID of the key group that contains the public keys.
- key_
pair_ Sequence[str]ids - Set of active CloudFront key pairs associated with the signer account
- key
Group StringId - ID of the key group that contains the public keys.
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
DistributionTrustedSigner, DistributionTrustedSignerArgs
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
List<Distribution
Trusted Signer Item> - List of nested attributes for each trusted signer
- Enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
[]Distribution
Trusted Signer Item - List of nested attributes for each trusted signer
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
List<Distribution
Trusted Signer Item> - List of nested attributes for each trusted signer
- enabled boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Distribution
Trusted Signer Item[] - List of nested attributes for each trusted signer
- enabled bool
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Sequence[Distribution
Trusted Signer Item] - List of nested attributes for each trusted signer
- enabled Boolean
trueif any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items List<Property Map>
- List of nested attributes for each trusted signer
DistributionTrustedSignerItem, DistributionTrustedSignerItemArgs
- Aws
Account stringNumber - AWS account ID or
self - Key
Pair List<string>Ids - Set of active CloudFront key pairs associated with the signer account
- Aws
Account stringNumber - AWS account ID or
self - Key
Pair []stringIds - Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber - AWS account ID or
self - key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
- aws
Account stringNumber - AWS account ID or
self - key
Pair string[]Ids - Set of active CloudFront key pairs associated with the signer account
- aws_
account_ strnumber - AWS account ID or
self - key_
pair_ Sequence[str]ids - Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber - AWS account ID or
self - key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
DistributionViewerCertificate, DistributionViewerCertificateArgs
- Acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - Cloudfront
Default boolCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- Iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - Minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - Ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- Acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - Cloudfront
Default boolCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- Iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - Minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - Ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront
Default BooleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate StringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum
Protocol StringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl
Support StringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront
Default booleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm_
certificate_ strarn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront_
default_ boolcertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam_
certificate_ strid - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum_
protocol_ strversion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl_
support_ strmethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront
Default BooleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate StringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum
Protocol StringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl
Support StringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
Import
Using pulumi import, import CloudFront Distributions using the id. For example:
$ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.