Docs Home
AWS v6.82.2 published on Thursday, Jun 12, 2025 by Pulumi
aws.cloudfront.Distribution
Explore with Pulumi AI
Creates an Amazon CloudFront web distribution.
For information about CloudFront distributions, see the Amazon CloudFront Developer Guide. For specific information about creating CloudFront web distributions, see the POST Distribution page in the Amazon CloudFront API Reference.
NOTE: CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the
retain_on_deleteflag.
Example Usage
S3 Origin
The example below creates a CloudFront distribution with an S3 origin.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const b = new aws.s3.BucketV2("b", {
bucket: "mybucket",
tags: {
Name: "My bucket",
},
});
const bAcl = new aws.s3.BucketAclV2("b_acl", {
bucket: b.id,
acl: "private",
});
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
origins: [{
domainName: b.bucketRegionalDomainName,
originAccessControlId: _default.id,
originId: s3OriginId,
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
loggingConfig: {
includeCookies: false,
bucket: "mylogs.s3.amazonaws.com",
prefix: "myprefix",
},
aliases: [
"mysite.example.com",
"yoursite.example.com",
],
defaultCacheBehavior: {
allowedMethods: [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
viewerProtocolPolicy: "allow-all",
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
},
orderedCacheBehaviors: [
{
pathPattern: "/content/immutable/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
headers: ["Origin"],
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 86400,
maxTtl: 31536000,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
{
pathPattern: "/content/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
],
priceClass: "PriceClass_200",
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
tags: {
Environment: "production",
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
import pulumi
import pulumi_aws as aws
b = aws.s3.BucketV2("b",
bucket="mybucket",
tags={
"Name": "My bucket",
})
b_acl = aws.s3.BucketAclV2("b_acl",
bucket=b.id,
acl="private")
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[{
"domain_name": b.bucket_regional_domain_name,
"origin_access_control_id": default["id"],
"origin_id": s3_origin_id,
}],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
logging_config={
"include_cookies": False,
"bucket": "mylogs.s3.amazonaws.com",
"prefix": "myprefix",
},
aliases=[
"mysite.example.com",
"yoursite.example.com",
],
default_cache_behavior={
"allowed_methods": [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
"cached_methods": [
"GET",
"HEAD",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"cookies": {
"forward": "none",
},
},
"viewer_protocol_policy": "allow-all",
"min_ttl": 0,
"default_ttl": 3600,
"max_ttl": 86400,
},
ordered_cache_behaviors=[
{
"path_pattern": "/content/immutable/*",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"cached_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"headers": ["Origin"],
"cookies": {
"forward": "none",
},
},
"min_ttl": 0,
"default_ttl": 86400,
"max_ttl": 31536000,
"compress": True,
"viewer_protocol_policy": "redirect-to-https",
},
{
"path_pattern": "/content/*",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"cached_methods": [
"GET",
"HEAD",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"cookies": {
"forward": "none",
},
},
"min_ttl": 0,
"default_ttl": 3600,
"max_ttl": 86400,
"compress": True,
"viewer_protocol_policy": "redirect-to-https",
},
],
price_class="PriceClass_200",
restrictions={
"geo_restriction": {
"restriction_type": "whitelist",
"locations": [
"US",
"CA",
"GB",
"DE",
],
},
},
tags={
"Environment": "production",
},
viewer_certificate={
"cloudfront_default_certificate": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
b, err := s3.NewBucketV2(ctx, "b", &s3.BucketV2Args{
Bucket: pulumi.String("mybucket"),
Tags: pulumi.StringMap{
"Name": pulumi.String("My bucket"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "b_acl", &s3.BucketAclV2Args{
Bucket: b.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
s3OriginId := "myS3Origin"
_, err = cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: b.BucketRegionalDomainName,
OriginAccessControlId: pulumi.Any(_default.Id),
OriginId: pulumi.String(s3OriginId),
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
IncludeCookies: pulumi.Bool(false),
Bucket: pulumi.String("mylogs.s3.amazonaws.com"),
Prefix: pulumi.String("myprefix"),
},
Aliases: pulumi.StringArray{
pulumi.String("mysite.example.com"),
pulumi.String("yoursite.example.com"),
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("DELETE"),
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
pulumi.String("PATCH"),
pulumi.String("POST"),
pulumi.String("PUT"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
ViewerProtocolPolicy: pulumi.String("allow-all"),
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/immutable/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("Origin"),
},
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(86400),
MaxTtl: pulumi.Int(31536000),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
},
PriceClass: pulumi.String("PriceClass_200"),
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
Tags: pulumi.StringMap{
"Environment": pulumi.String("production"),
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var b = new Aws.S3.BucketV2("b", new()
{
Bucket = "mybucket",
Tags =
{
{ "Name", "My bucket" },
},
});
var bAcl = new Aws.S3.BucketAclV2("b_acl", new()
{
Bucket = b.Id,
Acl = "private",
});
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = b.BucketRegionalDomainName,
OriginAccessControlId = @default.Id,
OriginId = s3OriginId,
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
IncludeCookies = false,
Bucket = "mylogs.s3.amazonaws.com",
Prefix = "myprefix",
},
Aliases = new[]
{
"mysite.example.com",
"yoursite.example.com",
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
ViewerProtocolPolicy = "allow-all",
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/immutable/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Headers = new[]
{
"Origin",
},
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 86400,
MaxTtl = 31536000,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
},
PriceClass = "PriceClass_200",
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
Tags =
{
{ "Environment", "production" },
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionLoggingConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var b = new BucketV2("b", BucketV2Args.builder()
.bucket("mybucket")
.tags(Map.of("Name", "My bucket"))
.build());
var bAcl = new BucketAclV2("bAcl", BucketAclV2Args.builder()
.bucket(b.id())
.acl("private")
.build());
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(b.bucketRegionalDomainName())
.originAccessControlId(default_.id())
.originId(s3OriginId)
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.loggingConfig(DistributionLoggingConfigArgs.builder()
.includeCookies(false)
.bucket("mylogs.s3.amazonaws.com")
.prefix("myprefix")
.build())
.aliases(
"mysite.example.com",
"yoursite.example.com")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods(
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.viewerProtocolPolicy("allow-all")
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.build())
.orderedCacheBehaviors(
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/immutable/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.headers("Origin")
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(86400)
.maxTtl(31536000)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build(),
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build())
.priceClass("PriceClass_200")
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.tags(Map.of("Environment", "production"))
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
resources:
b:
type: aws:s3:BucketV2
properties:
bucket: mybucket
tags:
Name: My bucket
bAcl:
type: aws:s3:BucketAclV2
name: b_acl
properties:
bucket: ${b.id}
acl: private
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
origins:
- domainName: ${b.bucketRegionalDomainName}
originAccessControlId: ${default.id}
originId: ${s3OriginId}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
loggingConfig:
includeCookies: false
bucket: mylogs.s3.amazonaws.com
prefix: myprefix
aliases:
- mysite.example.com
- yoursite.example.com
defaultCacheBehavior:
allowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
viewerProtocolPolicy: allow-all
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
orderedCacheBehaviors:
- pathPattern: /content/immutable/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
headers:
- Origin
cookies:
forward: none
minTtl: 0
defaultTtl: 86400
maxTtl: 3.1536e+07
compress: true
viewerProtocolPolicy: redirect-to-https
- pathPattern: /content/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
compress: true
viewerProtocolPolicy: redirect-to-https
priceClass: PriceClass_200
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
tags:
Environment: production
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
With Failover Routing
The example below creates a CloudFront distribution with an origin group for failover routing.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
originGroups: [{
originId: "groupS3",
failoverCriteria: {
statusCodes: [
403,
404,
500,
502,
],
},
members: [
{
originId: "primaryS3",
},
{
originId: "failoverS3",
},
],
}],
origins: [
{
domainName: primary.bucketRegionalDomainName,
originId: "primaryS3",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
},
{
domainName: failover.bucketRegionalDomainName,
originId: "failoverS3",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
},
],
defaultCacheBehavior: {
targetOriginId: "groupS3",
},
});
import pulumi
import pulumi_aws as aws
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origin_groups=[{
"origin_id": "groupS3",
"failover_criteria": {
"status_codes": [
403,
404,
500,
502,
],
},
"members": [
{
"origin_id": "primaryS3",
},
{
"origin_id": "failoverS3",
},
],
}],
origins=[
{
"domain_name": primary["bucketRegionalDomainName"],
"origin_id": "primaryS3",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
},
{
"domain_name": failover["bucketRegionalDomainName"],
"origin_id": "failoverS3",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
},
],
default_cache_behavior={
"target_origin_id": "groupS3",
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
OriginId: pulumi.String("groupS3"),
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(403),
pulumi.Int(404),
pulumi.Int(500),
pulumi.Int(502),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("primaryS3"),
},
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("failoverS3"),
},
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(primary.BucketRegionalDomainName),
OriginId: pulumi.String("primaryS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(failover.BucketRegionalDomainName),
OriginId: pulumi.String("failoverS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
TargetOriginId: pulumi.String("groupS3"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
OriginId = "groupS3",
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
403,
404,
500,
502,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "primaryS3",
},
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "failoverS3",
},
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = primary.BucketRegionalDomainName,
OriginId = "primaryS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = failover.BucketRegionalDomainName,
OriginId = "failoverS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
TargetOriginId = "groupS3",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupFailoverCriteriaArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.originGroups(DistributionOriginGroupArgs.builder()
.originId("groupS3")
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(
403,
404,
500,
502)
.build())
.members(
DistributionOriginGroupMemberArgs.builder()
.originId("primaryS3")
.build(),
DistributionOriginGroupMemberArgs.builder()
.originId("failoverS3")
.build())
.build())
.origins(
DistributionOriginArgs.builder()
.domainName(primary.bucketRegionalDomainName())
.originId("primaryS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build(),
DistributionOriginArgs.builder()
.domainName(failover.bucketRegionalDomainName())
.originId("failoverS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.targetOriginId("groupS3")
.build())
.build());
}
}
resources:
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
originGroups:
- originId: groupS3
failoverCriteria:
statusCodes:
- 403
- 404
- 500
- 502
members:
- originId: primaryS3
- originId: failoverS3
origins:
- domainName: ${primary.bucketRegionalDomainName}
originId: primaryS3
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
- domainName: ${failover.bucketRegionalDomainName}
originId: failoverS3
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
defaultCacheBehavior:
targetOriginId: groupS3
With Managed Caching Policy
The example below creates a CloudFront distribution with an AWS managed caching policy.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
origins: [{
domainName: primary.bucketRegionalDomainName,
originId: "myS3Origin",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
defaultCacheBehavior: {
cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
},
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
import pulumi
import pulumi_aws as aws
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[{
"domain_name": primary["bucketRegionalDomainName"],
"origin_id": "myS3Origin",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
}],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
default_cache_behavior={
"cache_policy_id": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"target_origin_id": s3_origin_id,
},
restrictions={
"geo_restriction": {
"restriction_type": "whitelist",
"locations": [
"US",
"CA",
"GB",
"DE",
],
},
},
viewer_certificate={
"cloudfront_default_certificate": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
s3OriginId := "myS3Origin"
_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(primary.BucketRegionalDomainName),
OriginId: pulumi.String("myS3Origin"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
CachePolicyId: pulumi.String("4135ea2d-6df8-44a3-9df3-4b5a84be39ad"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
},
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = primary.BucketRegionalDomainName,
OriginId = "myS3Origin",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
CachePolicyId = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
},
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(primary.bucketRegionalDomainName())
.originId("myS3Origin")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.cachePolicyId("4135ea2d-6df8-44a3-9df3-4b5a84be39ad")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
resources:
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
origins:
- domainName: ${primary.bucketRegionalDomainName}
originId: myS3Origin
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
defaultCacheBehavior:
cachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
allowedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
With V2 logging to S3
The example below creates a CloudFront distribution with standard logging V2 to S3.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const example = new aws.cloudfront.Distribution("example", {});
const exampleLogDeliverySource = new aws.cloudwatch.LogDeliverySource("example", {
name: "example",
logType: "ACCESS_LOGS",
resourceArn: example.arn,
});
const exampleBucketV2 = new aws.s3.BucketV2("example", {
bucket: "testbucket",
forceDestroy: true,
});
const exampleLogDeliveryDestination = new aws.cloudwatch.LogDeliveryDestination("example", {
name: "s3-destination",
outputFormat: "parquet",
deliveryDestinationConfiguration: {
destinationResourceArn: pulumi.interpolate`${exampleBucketV2.arn}/prefix`,
},
});
const exampleLogDelivery = new aws.cloudwatch.LogDelivery("example", {
deliverySourceName: exampleLogDeliverySource.name,
deliveryDestinationArn: exampleLogDeliveryDestination.arn,
s3DeliveryConfigurations: [{
suffixPath: "/123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}",
}],
});
import pulumi
import pulumi_aws as aws
example = aws.cloudfront.Distribution("example")
example_log_delivery_source = aws.cloudwatch.LogDeliverySource("example",
name="example",
log_type="ACCESS_LOGS",
resource_arn=example.arn)
example_bucket_v2 = aws.s3.BucketV2("example",
bucket="testbucket",
force_destroy=True)
example_log_delivery_destination = aws.cloudwatch.LogDeliveryDestination("example",
name="s3-destination",
output_format="parquet",
delivery_destination_configuration={
"destination_resource_arn": example_bucket_v2.arn.apply(lambda arn: f"{arn}/prefix"),
})
example_log_delivery = aws.cloudwatch.LogDelivery("example",
delivery_source_name=example_log_delivery_source.name,
delivery_destination_arn=example_log_delivery_destination.arn,
s3_delivery_configurations=[{
"suffix_path": "/123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}",
}])
package main
import (
"fmt"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudwatch"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
example, err := cloudfront.NewDistribution(ctx, "example", nil)
if err != nil {
return err
}
exampleLogDeliverySource, err := cloudwatch.NewLogDeliverySource(ctx, "example", &cloudwatch.LogDeliverySourceArgs{
Name: pulumi.String("example"),
LogType: pulumi.String("ACCESS_LOGS"),
ResourceArn: example.Arn,
})
if err != nil {
return err
}
exampleBucketV2, err := s3.NewBucketV2(ctx, "example", &s3.BucketV2Args{
Bucket: pulumi.String("testbucket"),
ForceDestroy: pulumi.Bool(true),
})
if err != nil {
return err
}
exampleLogDeliveryDestination, err := cloudwatch.NewLogDeliveryDestination(ctx, "example", &cloudwatch.LogDeliveryDestinationArgs{
Name: pulumi.String("s3-destination"),
OutputFormat: pulumi.String("parquet"),
DeliveryDestinationConfiguration: &cloudwatch.LogDeliveryDestinationDeliveryDestinationConfigurationArgs{
DestinationResourceArn: exampleBucketV2.Arn.ApplyT(func(arn string) (string, error) {
return fmt.Sprintf("%v/prefix", arn), nil
}).(pulumi.StringOutput),
},
})
if err != nil {
return err
}
_, err = cloudwatch.NewLogDelivery(ctx, "example", &cloudwatch.LogDeliveryArgs{
DeliverySourceName: exampleLogDeliverySource.Name,
DeliveryDestinationArn: exampleLogDeliveryDestination.Arn,
S3DeliveryConfigurations: cloudwatch.LogDeliveryS3DeliveryConfigurationArray{
&cloudwatch.LogDeliveryS3DeliveryConfigurationArgs{
SuffixPath: pulumi.String("/123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}"),
},
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var example = new Aws.CloudFront.Distribution("example");
var exampleLogDeliverySource = new Aws.CloudWatch.LogDeliverySource("example", new()
{
Name = "example",
LogType = "ACCESS_LOGS",
ResourceArn = example.Arn,
});
var exampleBucketV2 = new Aws.S3.BucketV2("example", new()
{
Bucket = "testbucket",
ForceDestroy = true,
});
var exampleLogDeliveryDestination = new Aws.CloudWatch.LogDeliveryDestination("example", new()
{
Name = "s3-destination",
OutputFormat = "parquet",
DeliveryDestinationConfiguration = new Aws.CloudWatch.Inputs.LogDeliveryDestinationDeliveryDestinationConfigurationArgs
{
DestinationResourceArn = exampleBucketV2.Arn.Apply(arn => $"{arn}/prefix"),
},
});
var exampleLogDelivery = new Aws.CloudWatch.LogDelivery("example", new()
{
DeliverySourceName = exampleLogDeliverySource.Name,
DeliveryDestinationArn = exampleLogDeliveryDestination.Arn,
S3DeliveryConfigurations = new[]
{
new Aws.CloudWatch.Inputs.LogDeliveryS3DeliveryConfigurationArgs
{
SuffixPath = "/123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}",
},
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudwatch.LogDeliverySource;
import com.pulumi.aws.cloudwatch.LogDeliverySourceArgs;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.cloudwatch.LogDeliveryDestination;
import com.pulumi.aws.cloudwatch.LogDeliveryDestinationArgs;
import com.pulumi.aws.cloudwatch.inputs.LogDeliveryDestinationDeliveryDestinationConfigurationArgs;
import com.pulumi.aws.cloudwatch.LogDelivery;
import com.pulumi.aws.cloudwatch.LogDeliveryArgs;
import com.pulumi.aws.cloudwatch.inputs.LogDeliveryS3DeliveryConfigurationArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var example = new Distribution("example");
var exampleLogDeliverySource = new LogDeliverySource("exampleLogDeliverySource", LogDeliverySourceArgs.builder()
.name("example")
.logType("ACCESS_LOGS")
.resourceArn(example.arn())
.build());
var exampleBucketV2 = new BucketV2("exampleBucketV2", BucketV2Args.builder()
.bucket("testbucket")
.forceDestroy(true)
.build());
var exampleLogDeliveryDestination = new LogDeliveryDestination("exampleLogDeliveryDestination", LogDeliveryDestinationArgs.builder()
.name("s3-destination")
.outputFormat("parquet")
.deliveryDestinationConfiguration(LogDeliveryDestinationDeliveryDestinationConfigurationArgs.builder()
.destinationResourceArn(exampleBucketV2.arn().applyValue(_arn -> String.format("%s/prefix", _arn)))
.build())
.build());
var exampleLogDelivery = new LogDelivery("exampleLogDelivery", LogDeliveryArgs.builder()
.deliverySourceName(exampleLogDeliverySource.name())
.deliveryDestinationArn(exampleLogDeliveryDestination.arn())
.s3DeliveryConfigurations(LogDeliveryS3DeliveryConfigurationArgs.builder()
.suffixPath("/123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}")
.build())
.build());
}
}
resources:
example:
type: aws:cloudfront:Distribution
exampleLogDeliverySource:
type: aws:cloudwatch:LogDeliverySource
name: example
properties:
name: example
logType: ACCESS_LOGS
resourceArn: ${example.arn}
exampleBucketV2:
type: aws:s3:BucketV2
name: example
properties:
bucket: testbucket
forceDestroy: true
exampleLogDeliveryDestination:
type: aws:cloudwatch:LogDeliveryDestination
name: example
properties:
name: s3-destination
outputFormat: parquet
deliveryDestinationConfiguration:
destinationResourceArn: ${exampleBucketV2.arn}/prefix
exampleLogDelivery:
type: aws:cloudwatch:LogDelivery
name: example
properties:
deliverySourceName: ${exampleLogDeliverySource.name}
deliveryDestinationArn: ${exampleLogDeliveryDestination.arn}
s3DeliveryConfigurations:
- suffixPath: /123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}
Create Distribution Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Distribution(name: string, args: DistributionArgs, opts?: CustomResourceOptions);@overload
def Distribution(resource_name: str,
args: DistributionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Distribution(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
http_version: Optional[str] = None,
is_ipv6_enabled: Optional[bool] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
aliases: Optional[Sequence[str]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
default_root_object: Optional[str] = None,
price_class: Optional[str] = None,
continuous_deployment_policy_id: Optional[str] = None,
retain_on_delete: Optional[bool] = None,
staging: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
comment: Optional[str] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None)func NewDistribution(ctx *Context, name string, args DistributionArgs, opts ...ResourceOption) (*Distribution, error)public Distribution(string name, DistributionArgs args, CustomResourceOptions? opts = null)
public Distribution(String name, DistributionArgs args)
public Distribution(String name, DistributionArgs args, CustomResourceOptions options)
type: aws:cloudfront:Distribution
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var distributionResource = new Aws.CloudFront.Distribution("distributionResource", new()
{
Enabled = false,
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
AcmCertificateArn = "string",
CloudfrontDefaultCertificate = false,
IamCertificateId = "string",
MinimumProtocolVersion = "string",
SslSupportMethod = "string",
},
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "string",
Locations = new[]
{
"string",
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = "string",
OriginId = "string",
ConnectionAttempts = 0,
ConnectionTimeout = 0,
CustomHeaders = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginCustomHeaderArgs
{
Name = "string",
Value = "string",
},
},
CustomOriginConfig = new Aws.CloudFront.Inputs.DistributionOriginCustomOriginConfigArgs
{
HttpPort = 0,
HttpsPort = 0,
OriginProtocolPolicy = "string",
OriginSslProtocols = new[]
{
"string",
},
OriginKeepaliveTimeout = 0,
OriginReadTimeout = 0,
},
OriginAccessControlId = "string",
OriginPath = "string",
OriginShield = new Aws.CloudFront.Inputs.DistributionOriginOriginShieldArgs
{
Enabled = false,
OriginShieldRegion = "string",
},
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = "string",
},
VpcOriginConfig = new Aws.CloudFront.Inputs.DistributionOriginVpcOriginConfigArgs
{
VpcOriginId = "string",
OriginKeepaliveTimeout = 0,
OriginReadTimeout = 0,
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"string",
},
ViewerProtocolPolicy = "string",
CachedMethods = new[]
{
"string",
},
TargetOriginId = "string",
MaxTtl = 0,
MinTtl = 0,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "string",
WhitelistedNames = new[]
{
"string",
},
},
QueryString = false,
Headers = new[]
{
"string",
},
QueryStringCacheKeys = new[]
{
"string",
},
},
FunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorFunctionAssociationArgs
{
EventType = "string",
FunctionArn = "string",
},
},
GrpcConfig = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorGrpcConfigArgs
{
Enabled = false,
},
LambdaFunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
{
EventType = "string",
LambdaArn = "string",
IncludeBody = false,
},
},
DefaultTtl = 0,
FieldLevelEncryptionId = "string",
OriginRequestPolicyId = "string",
RealtimeLogConfigArn = "string",
ResponseHeadersPolicyId = "string",
SmoothStreaming = false,
Compress = false,
TrustedKeyGroups = new[]
{
"string",
},
TrustedSigners = new[]
{
"string",
},
CachePolicyId = "string",
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
AllowedMethods = new[]
{
"string",
},
ViewerProtocolPolicy = "string",
CachedMethods = new[]
{
"string",
},
TargetOriginId = "string",
PathPattern = "string",
MaxTtl = 0,
OriginRequestPolicyId = "string",
FunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorFunctionAssociationArgs
{
EventType = "string",
FunctionArn = "string",
},
},
GrpcConfig = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorGrpcConfigArgs
{
Enabled = false,
},
LambdaFunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
{
EventType = "string",
LambdaArn = "string",
IncludeBody = false,
},
},
FieldLevelEncryptionId = "string",
MinTtl = 0,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "string",
WhitelistedNames = new[]
{
"string",
},
},
QueryString = false,
Headers = new[]
{
"string",
},
QueryStringCacheKeys = new[]
{
"string",
},
},
DefaultTtl = 0,
RealtimeLogConfigArn = "string",
ResponseHeadersPolicyId = "string",
SmoothStreaming = false,
Compress = false,
TrustedKeyGroups = new[]
{
"string",
},
TrustedSigners = new[]
{
"string",
},
CachePolicyId = "string",
},
},
CustomErrorResponses = new[]
{
new Aws.CloudFront.Inputs.DistributionCustomErrorResponseArgs
{
ErrorCode = 0,
ErrorCachingMinTtl = 0,
ResponseCode = 0,
ResponsePagePath = "string",
},
},
HttpVersion = "string",
IsIpv6Enabled = false,
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
Bucket = "string",
IncludeCookies = false,
Prefix = "string",
},
Aliases = new[]
{
"string",
},
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
0,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "string",
},
},
OriginId = "string",
},
},
DefaultRootObject = "string",
PriceClass = "string",
ContinuousDeploymentPolicyId = "string",
RetainOnDelete = false,
Staging = false,
Tags =
{
{ "string", "string" },
},
Comment = "string",
WaitForDeployment = false,
WebAclId = "string",
});
example, err := cloudfront.NewDistribution(ctx, "distributionResource", &cloudfront.DistributionArgs{
Enabled: pulumi.Bool(false),
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
AcmCertificateArn: pulumi.String("string"),
CloudfrontDefaultCertificate: pulumi.Bool(false),
IamCertificateId: pulumi.String("string"),
MinimumProtocolVersion: pulumi.String("string"),
SslSupportMethod: pulumi.String("string"),
},
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("string"),
Locations: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.String("string"),
OriginId: pulumi.String("string"),
ConnectionAttempts: pulumi.Int(0),
ConnectionTimeout: pulumi.Int(0),
CustomHeaders: cloudfront.DistributionOriginCustomHeaderArray{
&cloudfront.DistributionOriginCustomHeaderArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
CustomOriginConfig: &cloudfront.DistributionOriginCustomOriginConfigArgs{
HttpPort: pulumi.Int(0),
HttpsPort: pulumi.Int(0),
OriginProtocolPolicy: pulumi.String("string"),
OriginSslProtocols: pulumi.StringArray{
pulumi.String("string"),
},
OriginKeepaliveTimeout: pulumi.Int(0),
OriginReadTimeout: pulumi.Int(0),
},
OriginAccessControlId: pulumi.String("string"),
OriginPath: pulumi.String("string"),
OriginShield: &cloudfront.DistributionOriginOriginShieldArgs{
Enabled: pulumi.Bool(false),
OriginShieldRegion: pulumi.String("string"),
},
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.String("string"),
},
VpcOriginConfig: &cloudfront.DistributionOriginVpcOriginConfigArgs{
VpcOriginId: pulumi.String("string"),
OriginKeepaliveTimeout: pulumi.Int(0),
OriginReadTimeout: pulumi.Int(0),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
ViewerProtocolPolicy: pulumi.String("string"),
CachedMethods: pulumi.StringArray{
pulumi.String("string"),
},
TargetOriginId: pulumi.String("string"),
MaxTtl: pulumi.Int(0),
MinTtl: pulumi.Int(0),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("string"),
WhitelistedNames: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("string"),
},
QueryStringCacheKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
FunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArray{
&cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArgs{
EventType: pulumi.String("string"),
FunctionArn: pulumi.String("string"),
},
},
GrpcConfig: &cloudfront.DistributionDefaultCacheBehaviorGrpcConfigArgs{
Enabled: pulumi.Bool(false),
},
LambdaFunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArray{
&cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs{
EventType: pulumi.String("string"),
LambdaArn: pulumi.String("string"),
IncludeBody: pulumi.Bool(false),
},
},
DefaultTtl: pulumi.Int(0),
FieldLevelEncryptionId: pulumi.String("string"),
OriginRequestPolicyId: pulumi.String("string"),
RealtimeLogConfigArn: pulumi.String("string"),
ResponseHeadersPolicyId: pulumi.String("string"),
SmoothStreaming: pulumi.Bool(false),
Compress: pulumi.Bool(false),
TrustedKeyGroups: pulumi.StringArray{
pulumi.String("string"),
},
TrustedSigners: pulumi.StringArray{
pulumi.String("string"),
},
CachePolicyId: pulumi.String("string"),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
ViewerProtocolPolicy: pulumi.String("string"),
CachedMethods: pulumi.StringArray{
pulumi.String("string"),
},
TargetOriginId: pulumi.String("string"),
PathPattern: pulumi.String("string"),
MaxTtl: pulumi.Int(0),
OriginRequestPolicyId: pulumi.String("string"),
FunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArray{
&cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArgs{
EventType: pulumi.String("string"),
FunctionArn: pulumi.String("string"),
},
},
GrpcConfig: &cloudfront.DistributionOrderedCacheBehaviorGrpcConfigArgs{
Enabled: pulumi.Bool(false),
},
LambdaFunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArray{
&cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs{
EventType: pulumi.String("string"),
LambdaArn: pulumi.String("string"),
IncludeBody: pulumi.Bool(false),
},
},
FieldLevelEncryptionId: pulumi.String("string"),
MinTtl: pulumi.Int(0),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("string"),
WhitelistedNames: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("string"),
},
QueryStringCacheKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
DefaultTtl: pulumi.Int(0),
RealtimeLogConfigArn: pulumi.String("string"),
ResponseHeadersPolicyId: pulumi.String("string"),
SmoothStreaming: pulumi.Bool(false),
Compress: pulumi.Bool(false),
TrustedKeyGroups: pulumi.StringArray{
pulumi.String("string"),
},
TrustedSigners: pulumi.StringArray{
pulumi.String("string"),
},
CachePolicyId: pulumi.String("string"),
},
},
CustomErrorResponses: cloudfront.DistributionCustomErrorResponseArray{
&cloudfront.DistributionCustomErrorResponseArgs{
ErrorCode: pulumi.Int(0),
ErrorCachingMinTtl: pulumi.Int(0),
ResponseCode: pulumi.Int(0),
ResponsePagePath: pulumi.String("string"),
},
},
HttpVersion: pulumi.String("string"),
IsIpv6Enabled: pulumi.Bool(false),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
Bucket: pulumi.String("string"),
IncludeCookies: pulumi.Bool(false),
Prefix: pulumi.String("string"),
},
Aliases: pulumi.StringArray{
pulumi.String("string"),
},
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(0),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("string"),
},
},
OriginId: pulumi.String("string"),
},
},
DefaultRootObject: pulumi.String("string"),
PriceClass: pulumi.String("string"),
ContinuousDeploymentPolicyId: pulumi.String("string"),
RetainOnDelete: pulumi.Bool(false),
Staging: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Comment: pulumi.String("string"),
WaitForDeployment: pulumi.Bool(false),
WebAclId: pulumi.String("string"),
})
var distributionResource = new com.pulumi.aws.cloudfront.Distribution("distributionResource", com.pulumi.aws.cloudfront.DistributionArgs.builder()
.enabled(false)
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.acmCertificateArn("string")
.cloudfrontDefaultCertificate(false)
.iamCertificateId("string")
.minimumProtocolVersion("string")
.sslSupportMethod("string")
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("string")
.locations("string")
.build())
.build())
.origins(DistributionOriginArgs.builder()
.domainName("string")
.originId("string")
.connectionAttempts(0)
.connectionTimeout(0)
.customHeaders(DistributionOriginCustomHeaderArgs.builder()
.name("string")
.value("string")
.build())
.customOriginConfig(DistributionOriginCustomOriginConfigArgs.builder()
.httpPort(0)
.httpsPort(0)
.originProtocolPolicy("string")
.originSslProtocols("string")
.originKeepaliveTimeout(0)
.originReadTimeout(0)
.build())
.originAccessControlId("string")
.originPath("string")
.originShield(DistributionOriginOriginShieldArgs.builder()
.enabled(false)
.originShieldRegion("string")
.build())
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity("string")
.build())
.vpcOriginConfig(DistributionOriginVpcOriginConfigArgs.builder()
.vpcOriginId("string")
.originKeepaliveTimeout(0)
.originReadTimeout(0)
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods("string")
.viewerProtocolPolicy("string")
.cachedMethods("string")
.targetOriginId("string")
.maxTtl(0)
.minTtl(0)
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("string")
.whitelistedNames("string")
.build())
.queryString(false)
.headers("string")
.queryStringCacheKeys("string")
.build())
.functionAssociations(DistributionDefaultCacheBehaviorFunctionAssociationArgs.builder()
.eventType("string")
.functionArn("string")
.build())
.grpcConfig(DistributionDefaultCacheBehaviorGrpcConfigArgs.builder()
.enabled(false)
.build())
.lambdaFunctionAssociations(DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs.builder()
.eventType("string")
.lambdaArn("string")
.includeBody(false)
.build())
.defaultTtl(0)
.fieldLevelEncryptionId("string")
.originRequestPolicyId("string")
.realtimeLogConfigArn("string")
.responseHeadersPolicyId("string")
.smoothStreaming(false)
.compress(false)
.trustedKeyGroups("string")
.trustedSigners("string")
.cachePolicyId("string")
.build())
.orderedCacheBehaviors(DistributionOrderedCacheBehaviorArgs.builder()
.allowedMethods("string")
.viewerProtocolPolicy("string")
.cachedMethods("string")
.targetOriginId("string")
.pathPattern("string")
.maxTtl(0)
.originRequestPolicyId("string")
.functionAssociations(DistributionOrderedCacheBehaviorFunctionAssociationArgs.builder()
.eventType("string")
.functionArn("string")
.build())
.grpcConfig(DistributionOrderedCacheBehaviorGrpcConfigArgs.builder()
.enabled(false)
.build())
.lambdaFunctionAssociations(DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs.builder()
.eventType("string")
.lambdaArn("string")
.includeBody(false)
.build())
.fieldLevelEncryptionId("string")
.minTtl(0)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("string")
.whitelistedNames("string")
.build())
.queryString(false)
.headers("string")
.queryStringCacheKeys("string")
.build())
.defaultTtl(0)
.realtimeLogConfigArn("string")
.responseHeadersPolicyId("string")
.smoothStreaming(false)
.compress(false)
.trustedKeyGroups("string")
.trustedSigners("string")
.cachePolicyId("string")
.build())
.customErrorResponses(DistributionCustomErrorResponseArgs.builder()
.errorCode(0)
.errorCachingMinTtl(0)
.responseCode(0)
.responsePagePath("string")
.build())
.httpVersion("string")
.isIpv6Enabled(false)
.loggingConfig(DistributionLoggingConfigArgs.builder()
.bucket("string")
.includeCookies(false)
.prefix("string")
.build())
.aliases("string")
.originGroups(DistributionOriginGroupArgs.builder()
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(0)
.build())
.members(DistributionOriginGroupMemberArgs.builder()
.originId("string")
.build())
.originId("string")
.build())
.defaultRootObject("string")
.priceClass("string")
.continuousDeploymentPolicyId("string")
.retainOnDelete(false)
.staging(false)
.tags(Map.of("string", "string"))
.comment("string")
.waitForDeployment(false)
.webAclId("string")
.build());
distribution_resource = aws.cloudfront.Distribution("distributionResource",
enabled=False,
viewer_certificate={
"acm_certificate_arn": "string",
"cloudfront_default_certificate": False,
"iam_certificate_id": "string",
"minimum_protocol_version": "string",
"ssl_support_method": "string",
},
restrictions={
"geo_restriction": {
"restriction_type": "string",
"locations": ["string"],
},
},
origins=[{
"domain_name": "string",
"origin_id": "string",
"connection_attempts": 0,
"connection_timeout": 0,
"custom_headers": [{
"name": "string",
"value": "string",
}],
"custom_origin_config": {
"http_port": 0,
"https_port": 0,
"origin_protocol_policy": "string",
"origin_ssl_protocols": ["string"],
"origin_keepalive_timeout": 0,
"origin_read_timeout": 0,
},
"origin_access_control_id": "string",
"origin_path": "string",
"origin_shield": {
"enabled": False,
"origin_shield_region": "string",
},
"s3_origin_config": {
"origin_access_identity": "string",
},
"vpc_origin_config": {
"vpc_origin_id": "string",
"origin_keepalive_timeout": 0,
"origin_read_timeout": 0,
},
}],
default_cache_behavior={
"allowed_methods": ["string"],
"viewer_protocol_policy": "string",
"cached_methods": ["string"],
"target_origin_id": "string",
"max_ttl": 0,
"min_ttl": 0,
"forwarded_values": {
"cookies": {
"forward": "string",
"whitelisted_names": ["string"],
},
"query_string": False,
"headers": ["string"],
"query_string_cache_keys": ["string"],
},
"function_associations": [{
"event_type": "string",
"function_arn": "string",
}],
"grpc_config": {
"enabled": False,
},
"lambda_function_associations": [{
"event_type": "string",
"lambda_arn": "string",
"include_body": False,
}],
"default_ttl": 0,
"field_level_encryption_id": "string",
"origin_request_policy_id": "string",
"realtime_log_config_arn": "string",
"response_headers_policy_id": "string",
"smooth_streaming": False,
"compress": False,
"trusted_key_groups": ["string"],
"trusted_signers": ["string"],
"cache_policy_id": "string",
},
ordered_cache_behaviors=[{
"allowed_methods": ["string"],
"viewer_protocol_policy": "string",
"cached_methods": ["string"],
"target_origin_id": "string",
"path_pattern": "string",
"max_ttl": 0,
"origin_request_policy_id": "string",
"function_associations": [{
"event_type": "string",
"function_arn": "string",
}],
"grpc_config": {
"enabled": False,
},
"lambda_function_associations": [{
"event_type": "string",
"lambda_arn": "string",
"include_body": False,
}],
"field_level_encryption_id": "string",
"min_ttl": 0,
"forwarded_values": {
"cookies": {
"forward": "string",
"whitelisted_names": ["string"],
},
"query_string": False,
"headers": ["string"],
"query_string_cache_keys": ["string"],
},
"default_ttl": 0,
"realtime_log_config_arn": "string",
"response_headers_policy_id": "string",
"smooth_streaming": False,
"compress": False,
"trusted_key_groups": ["string"],
"trusted_signers": ["string"],
"cache_policy_id": "string",
}],
custom_error_responses=[{
"error_code": 0,
"error_caching_min_ttl": 0,
"response_code": 0,
"response_page_path": "string",
}],
http_version="string",
is_ipv6_enabled=False,
logging_config={
"bucket": "string",
"include_cookies": False,
"prefix": "string",
},
aliases=["string"],
origin_groups=[{
"failover_criteria": {
"status_codes": [0],
},
"members": [{
"origin_id": "string",
}],
"origin_id": "string",
}],
default_root_object="string",
price_class="string",
continuous_deployment_policy_id="string",
retain_on_delete=False,
staging=False,
tags={
"string": "string",
},
comment="string",
wait_for_deployment=False,
web_acl_id="string")
const distributionResource = new aws.cloudfront.Distribution("distributionResource", {
enabled: false,
viewerCertificate: {
acmCertificateArn: "string",
cloudfrontDefaultCertificate: false,
iamCertificateId: "string",
minimumProtocolVersion: "string",
sslSupportMethod: "string",
},
restrictions: {
geoRestriction: {
restrictionType: "string",
locations: ["string"],
},
},
origins: [{
domainName: "string",
originId: "string",
connectionAttempts: 0,
connectionTimeout: 0,
customHeaders: [{
name: "string",
value: "string",
}],
customOriginConfig: {
httpPort: 0,
httpsPort: 0,
originProtocolPolicy: "string",
originSslProtocols: ["string"],
originKeepaliveTimeout: 0,
originReadTimeout: 0,
},
originAccessControlId: "string",
originPath: "string",
originShield: {
enabled: false,
originShieldRegion: "string",
},
s3OriginConfig: {
originAccessIdentity: "string",
},
vpcOriginConfig: {
vpcOriginId: "string",
originKeepaliveTimeout: 0,
originReadTimeout: 0,
},
}],
defaultCacheBehavior: {
allowedMethods: ["string"],
viewerProtocolPolicy: "string",
cachedMethods: ["string"],
targetOriginId: "string",
maxTtl: 0,
minTtl: 0,
forwardedValues: {
cookies: {
forward: "string",
whitelistedNames: ["string"],
},
queryString: false,
headers: ["string"],
queryStringCacheKeys: ["string"],
},
functionAssociations: [{
eventType: "string",
functionArn: "string",
}],
grpcConfig: {
enabled: false,
},
lambdaFunctionAssociations: [{
eventType: "string",
lambdaArn: "string",
includeBody: false,
}],
defaultTtl: 0,
fieldLevelEncryptionId: "string",
originRequestPolicyId: "string",
realtimeLogConfigArn: "string",
responseHeadersPolicyId: "string",
smoothStreaming: false,
compress: false,
trustedKeyGroups: ["string"],
trustedSigners: ["string"],
cachePolicyId: "string",
},
orderedCacheBehaviors: [{
allowedMethods: ["string"],
viewerProtocolPolicy: "string",
cachedMethods: ["string"],
targetOriginId: "string",
pathPattern: "string",
maxTtl: 0,
originRequestPolicyId: "string",
functionAssociations: [{
eventType: "string",
functionArn: "string",
}],
grpcConfig: {
enabled: false,
},
lambdaFunctionAssociations: [{
eventType: "string",
lambdaArn: "string",
includeBody: false,
}],
fieldLevelEncryptionId: "string",
minTtl: 0,
forwardedValues: {
cookies: {
forward: "string",
whitelistedNames: ["string"],
},
queryString: false,
headers: ["string"],
queryStringCacheKeys: ["string"],
},
defaultTtl: 0,
realtimeLogConfigArn: "string",
responseHeadersPolicyId: "string",
smoothStreaming: false,
compress: false,
trustedKeyGroups: ["string"],
trustedSigners: ["string"],
cachePolicyId: "string",
}],
customErrorResponses: [{
errorCode: 0,
errorCachingMinTtl: 0,
responseCode: 0,
responsePagePath: "string",
}],
httpVersion: "string",
isIpv6Enabled: false,
loggingConfig: {
bucket: "string",
includeCookies: false,
prefix: "string",
},
aliases: ["string"],
originGroups: [{
failoverCriteria: {
statusCodes: [0],
},
members: [{
originId: "string",
}],
originId: "string",
}],
defaultRootObject: "string",
priceClass: "string",
continuousDeploymentPolicyId: "string",
retainOnDelete: false,
staging: false,
tags: {
string: "string",
},
comment: "string",
waitForDeployment: false,
webAclId: "string",
});
type: aws:cloudfront:Distribution
properties:
aliases:
- string
comment: string
continuousDeploymentPolicyId: string
customErrorResponses:
- errorCachingMinTtl: 0
errorCode: 0
responseCode: 0
responsePagePath: string
defaultCacheBehavior:
allowedMethods:
- string
cachePolicyId: string
cachedMethods:
- string
compress: false
defaultTtl: 0
fieldLevelEncryptionId: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
- string
headers:
- string
queryString: false
queryStringCacheKeys:
- string
functionAssociations:
- eventType: string
functionArn: string
grpcConfig:
enabled: false
lambdaFunctionAssociations:
- eventType: string
includeBody: false
lambdaArn: string
maxTtl: 0
minTtl: 0
originRequestPolicyId: string
realtimeLogConfigArn: string
responseHeadersPolicyId: string
smoothStreaming: false
targetOriginId: string
trustedKeyGroups:
- string
trustedSigners:
- string
viewerProtocolPolicy: string
defaultRootObject: string
enabled: false
httpVersion: string
isIpv6Enabled: false
loggingConfig:
bucket: string
includeCookies: false
prefix: string
orderedCacheBehaviors:
- allowedMethods:
- string
cachePolicyId: string
cachedMethods:
- string
compress: false
defaultTtl: 0
fieldLevelEncryptionId: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
- string
headers:
- string
queryString: false
queryStringCacheKeys:
- string
functionAssociations:
- eventType: string
functionArn: string
grpcConfig:
enabled: false
lambdaFunctionAssociations:
- eventType: string
includeBody: false
lambdaArn: string
maxTtl: 0
minTtl: 0
originRequestPolicyId: string
pathPattern: string
realtimeLogConfigArn: string
responseHeadersPolicyId: string
smoothStreaming: false
targetOriginId: string
trustedKeyGroups:
- string
trustedSigners:
- string
viewerProtocolPolicy: string
originGroups:
- failoverCriteria:
statusCodes:
- 0
members:
- originId: string
originId: string
origins:
- connectionAttempts: 0
connectionTimeout: 0
customHeaders:
- name: string
value: string
customOriginConfig:
httpPort: 0
httpsPort: 0
originKeepaliveTimeout: 0
originProtocolPolicy: string
originReadTimeout: 0
originSslProtocols:
- string
domainName: string
originAccessControlId: string
originId: string
originPath: string
originShield:
enabled: false
originShieldRegion: string
s3OriginConfig:
originAccessIdentity: string
vpcOriginConfig:
originKeepaliveTimeout: 0
originReadTimeout: 0
vpcOriginId: string
priceClass: string
restrictions:
geoRestriction:
locations:
- string
restrictionType: string
retainOnDelete: false
staging: false
tags:
string: string
viewerCertificate:
acmCertificateArn: string
cloudfrontDefaultCertificate: false
iamCertificateId: string
minimumProtocolVersion: string
sslSupportMethod: string
waitForDeployment: false
webAclId: string
Distribution Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Distribution resource accepts the following input properties:
- Default
Cache DistributionBehavior Default Cache Behavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Origins
List<Distribution
Origin> - One or more origins for this distribution (multiples allowed).
- Restrictions
Distribution
Restrictions - The restriction configuration for this distribution (maximum one).
- Viewer
Certificate DistributionViewer Certificate - The SSL configuration for this distribution (maximum one).
- Aliases List<string>
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- Comment string
- Any comments you want to include about the distribution.
- Continuous
Deployment stringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - Custom
Error List<DistributionResponses Custom Error Response> - One or more custom error response elements (multiples allowed).
- Default
Root stringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Http
Version string - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - Is
Ipv6Enabled bool - Whether the IPv6 is enabled for the distribution.
- Logging
Config DistributionLogging Config - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups List<DistributionOrigin Group> - One or more origin_group for this distribution (multiples allowed).
- Price
Class string - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - Retain
On boolDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - Staging bool
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - Dictionary<string, string>
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Wait
For boolDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - Web
Acl stringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- Default
Cache DistributionBehavior Default Cache Behavior Args - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Origins
[]Distribution
Origin Args - One or more origins for this distribution (multiples allowed).
- Restrictions
Distribution
Restrictions Args - The restriction configuration for this distribution (maximum one).
- Viewer
Certificate DistributionViewer Certificate Args - The SSL configuration for this distribution (maximum one).
- Aliases []string
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- Comment string
- Any comments you want to include about the distribution.
- Continuous
Deployment stringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - Custom
Error []DistributionResponses Custom Error Response Args - One or more custom error response elements (multiples allowed).
- Default
Root stringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Http
Version string - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - Is
Ipv6Enabled bool - Whether the IPv6 is enabled for the distribution.
- Logging
Config DistributionLogging Config Args - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups []DistributionOrigin Group Args - One or more origin_group for this distribution (multiples allowed).
- Price
Class string - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - Retain
On boolDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - Staging bool
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - map[string]string
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Wait
For boolDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - Web
Acl stringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default
Cache DistributionBehavior Default Cache Behavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- origins
List<Distribution
Origin> - One or more origins for this distribution (multiples allowed).
- restrictions
Distribution
Restrictions - The restriction configuration for this distribution (maximum one).
- viewer
Certificate DistributionViewer Certificate - The SSL configuration for this distribution (maximum one).
- aliases List<String>
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment String
- Any comments you want to include about the distribution.
- continuous
Deployment StringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom
Error List<DistributionResponses Custom Error Response> - One or more custom error response elements (multiples allowed).
- default
Root StringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http
Version String - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - is
Ipv6Enabled Boolean - Whether the IPv6 is enabled for the distribution.
- logging
Config DistributionLogging Config - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<DistributionOrigin Group> - One or more origin_group for this distribution (multiples allowed).
- price
Class String - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - retain
On BooleanDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging Boolean
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - Map<String,String>
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - wait
For BooleanDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web
Acl StringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default
Cache DistributionBehavior Default Cache Behavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- origins
Distribution
Origin[] - One or more origins for this distribution (multiples allowed).
- restrictions
Distribution
Restrictions - The restriction configuration for this distribution (maximum one).
- viewer
Certificate DistributionViewer Certificate - The SSL configuration for this distribution (maximum one).
- aliases string[]
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment string
- Any comments you want to include about the distribution.
- continuous
Deployment stringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom
Error DistributionResponses Custom Error Response[] - One or more custom error response elements (multiples allowed).
- default
Root stringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http
Version string - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - is
Ipv6Enabled boolean - Whether the IPv6 is enabled for the distribution.
- logging
Config DistributionLogging Config - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered
Cache DistributionBehaviors Ordered Cache Behavior[] - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups DistributionOrigin Group[] - One or more origin_group for this distribution (multiples allowed).
- price
Class string - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - retain
On booleanDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging boolean
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - {[key: string]: string}
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - wait
For booleanDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web
Acl stringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default_
cache_ Distributionbehavior Default Cache Behavior Args - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- origins
Sequence[Distribution
Origin Args] - One or more origins for this distribution (multiples allowed).
- restrictions
Distribution
Restrictions Args - The restriction configuration for this distribution (maximum one).
- viewer_
certificate DistributionViewer Certificate Args - The SSL configuration for this distribution (maximum one).
- aliases Sequence[str]
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment str
- Any comments you want to include about the distribution.
- continuous_
deployment_ strpolicy_ id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom_
error_ Sequence[Distributionresponses Custom Error Response Args] - One or more custom error response elements (multiples allowed).
- default_
root_ strobject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http_
version str - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - is_
ipv6_ boolenabled - Whether the IPv6 is enabled for the distribution.
- logging_
config DistributionLogging Config Args - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin_
groups Sequence[DistributionOrigin Group Args] - One or more origin_group for this distribution (multiples allowed).
- price_
class str - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - retain_
on_ booldelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging bool
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - Mapping[str, str]
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - wait_
for_ booldeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web_
acl_ strid - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default
Cache Property MapBehavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- origins List<Property Map>
- One or more origins for this distribution (multiples allowed).
- restrictions Property Map
- The restriction configuration for this distribution (maximum one).
- viewer
Certificate Property Map - The SSL configuration for this distribution (maximum one).
- aliases List<String>
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment String
- Any comments you want to include about the distribution.
- continuous
Deployment StringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom
Error List<Property Map>Responses - One or more custom error response elements (multiples allowed).
- default
Root StringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http
Version String - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - is
Ipv6Enabled Boolean - Whether the IPv6 is enabled for the distribution.
- logging
Config Property Map - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered
Cache List<Property Map>Behaviors - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<Property Map> - One or more origin_group for this distribution (multiples allowed).
- price
Class String - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - retain
On BooleanDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging Boolean
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - Map<String>
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - wait
For BooleanDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web
Acl StringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
Outputs
All input properties are implicitly available as output properties. Additionally, the Distribution resource produces the following output properties:
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Id string
- The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Id string
- The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key []DistributionGroups Trusted Key Group - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []DistributionTrusted Signer - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id String
- The provider-assigned unique ID for this managed resource.
- in
Progress IntegerValidation Batches - Number of invalidation batches currently in progress.
- last
Modified StringTime - Date and time the distribution was last modified.
- status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id string
- The provider-assigned unique ID for this managed resource.
- in
Progress numberValidation Batches - Number of invalidation batches currently in progress.
- last
Modified stringTime - Date and time the distribution was last modified.
- status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key DistributionGroups Trusted Key Group[] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers DistributionTrusted Signer[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn str
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller_
reference str - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag str
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted_
zone_ strid - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id str
- The provider-assigned unique ID for this managed resource.
- in_
progress_ intvalidation_ batches - Number of invalidation batches currently in progress.
- last_
modified_ strtime - Date and time the distribution was last modified.
- status str
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted_
key_ Sequence[Distributiongroups Trusted Key Group] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[DistributionTrusted Signer] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - id String
- The provider-assigned unique ID for this managed resource.
- in
Progress NumberValidation Batches - Number of invalidation batches currently in progress.
- last
Modified StringTime - Date and time the distribution was last modified.
- status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<Property Map>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<Property Map> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
Look up Existing Distribution Resource
Get an existing Distribution resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DistributionState, opts?: CustomResourceOptions): Distribution@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aliases: Optional[Sequence[str]] = None,
arn: Optional[str] = None,
caller_reference: Optional[str] = None,
comment: Optional[str] = None,
continuous_deployment_policy_id: Optional[str] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
default_root_object: Optional[str] = None,
domain_name: Optional[str] = None,
enabled: Optional[bool] = None,
etag: Optional[str] = None,
hosted_zone_id: Optional[str] = None,
http_version: Optional[str] = None,
in_progress_validation_batches: Optional[int] = None,
is_ipv6_enabled: Optional[bool] = None,
last_modified_time: Optional[str] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
price_class: Optional[str] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
retain_on_delete: Optional[bool] = None,
staging: Optional[bool] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
trusted_key_groups: Optional[Sequence[DistributionTrustedKeyGroupArgs]] = None,
trusted_signers: Optional[Sequence[DistributionTrustedSignerArgs]] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None) -> Distributionfunc GetDistribution(ctx *Context, name string, id IDInput, state *DistributionState, opts ...ResourceOption) (*Distribution, error)public static Distribution Get(string name, Input<string> id, DistributionState? state, CustomResourceOptions? opts = null)public static Distribution get(String name, Output<String> id, DistributionState state, CustomResourceOptions options)resources: _: type: aws:cloudfront:Distribution get: id: ${id}- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aliases List<string>
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
- Any comments you want to include about the distribution.
- Continuous
Deployment stringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - Custom
Error List<DistributionResponses Custom Error Response> - One or more custom error response elements (multiples allowed).
- Default
Cache DistributionBehavior Default Cache Behavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - Default
Root stringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Http
Version string - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool - Whether the IPv6 is enabled for the distribution.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups List<DistributionOrigin Group> - One or more origin_group for this distribution (multiples allowed).
- Origins
List<Distribution
Origin> - One or more origins for this distribution (multiples allowed).
- Price
Class string - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - Restrictions
Distribution
Restrictions - The restriction configuration for this distribution (maximum one).
- Retain
On boolDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - Staging bool
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Dictionary<string, string>
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Viewer
Certificate DistributionViewer Certificate - The SSL configuration for this distribution (maximum one).
- Wait
For boolDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - Web
Acl stringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- Aliases []string
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
- Any comments you want to include about the distribution.
- Continuous
Deployment stringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - Custom
Error []DistributionResponses Custom Error Response Args - One or more custom error response elements (multiples allowed).
- Default
Cache DistributionBehavior Default Cache Behavior Args - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - Default
Root stringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - Http
Version string - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool - Whether the IPv6 is enabled for the distribution.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config Args - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups []DistributionOrigin Group Args - One or more origin_group for this distribution (multiples allowed).
- Origins
[]Distribution
Origin Args - One or more origins for this distribution (multiples allowed).
- Price
Class string - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - Restrictions
Distribution
Restrictions Args - The restriction configuration for this distribution (maximum one).
- Retain
On boolDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - Staging bool
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - Status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - map[string]string
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - Trusted
Key []DistributionGroups Trusted Key Group Args - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []DistributionTrusted Signer Args - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Viewer
Certificate DistributionViewer Certificate Args - The SSL configuration for this distribution (maximum one).
- Wait
For boolDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - Web
Acl stringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases List<String>
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
- Any comments you want to include about the distribution.
- continuous
Deployment StringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom
Error List<DistributionResponses Custom Error Response> - One or more custom error response elements (multiples allowed).
- default
Cache DistributionBehavior Default Cache Behavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - default
Root StringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http
Version String - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - in
Progress IntegerValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean - Whether the IPv6 is enabled for the distribution.
- last
Modified StringTime - Date and time the distribution was last modified.
- logging
Config DistributionLogging Config - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<DistributionOrigin Group> - One or more origin_group for this distribution (multiples allowed).
- origins
List<Distribution
Origin> - One or more origins for this distribution (multiples allowed).
- price
Class String - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - restrictions
Distribution
Restrictions - The restriction configuration for this distribution (maximum one).
- retain
On BooleanDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging Boolean
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String,String>
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate DistributionViewer Certificate - The SSL configuration for this distribution (maximum one).
- wait
For BooleanDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web
Acl StringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases string[]
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment string
- Any comments you want to include about the distribution.
- continuous
Deployment stringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom
Error DistributionResponses Custom Error Response[] - One or more custom error response elements (multiples allowed).
- default
Cache DistributionBehavior Default Cache Behavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - default
Root stringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http
Version string - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - in
Progress numberValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled boolean - Whether the IPv6 is enabled for the distribution.
- last
Modified stringTime - Date and time the distribution was last modified.
- logging
Config DistributionLogging Config - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered
Cache DistributionBehaviors Ordered Cache Behavior[] - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups DistributionOrigin Group[] - One or more origin_group for this distribution (multiples allowed).
- origins
Distribution
Origin[] - One or more origins for this distribution (multiples allowed).
- price
Class string - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - restrictions
Distribution
Restrictions - The restriction configuration for this distribution (maximum one).
- retain
On booleanDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging boolean
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - status string
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - {[key: string]: string}
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key DistributionGroups Trusted Key Group[] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers DistributionTrusted Signer[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate DistributionViewer Certificate - The SSL configuration for this distribution (maximum one).
- wait
For booleanDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web
Acl stringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases Sequence[str]
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn str
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller_
reference str - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment str
- Any comments you want to include about the distribution.
- continuous_
deployment_ strpolicy_ id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom_
error_ Sequence[Distributionresponses Custom Error Response Args] - One or more custom error response elements (multiples allowed).
- default_
cache_ Distributionbehavior Default Cache Behavior Args - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - default_
root_ strobject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- etag str
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted_
zone_ strid - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http_
version str - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - in_
progress_ intvalidation_ batches - Number of invalidation batches currently in progress.
- is_
ipv6_ boolenabled - Whether the IPv6 is enabled for the distribution.
- last_
modified_ strtime - Date and time the distribution was last modified.
- logging_
config DistributionLogging Config Args - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin_
groups Sequence[DistributionOrigin Group Args] - One or more origin_group for this distribution (multiples allowed).
- origins
Sequence[Distribution
Origin Args] - One or more origins for this distribution (multiples allowed).
- price_
class str - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - restrictions
Distribution
Restrictions Args - The restriction configuration for this distribution (maximum one).
- retain_
on_ booldelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging bool
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - status str
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Mapping[str, str]
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted_
key_ Sequence[Distributiongroups Trusted Key Group Args] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[DistributionTrusted Signer Args] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer_
certificate DistributionViewer Certificate Args - The SSL configuration for this distribution (maximum one).
- wait_
for_ booldeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web_
acl_ strid - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases List<String>
- Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
- Any comments you want to include about the distribution.
- continuous
Deployment StringPolicy Id - Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the
aws.cloudfront.ContinuousDeploymentPolicyresource for additional details. - custom
Error List<Property Map>Responses - One or more custom error response elements (multiples allowed).
- default
Cache Property MapBehavior - Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set. - default
Root StringObject - Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2. - http
Version String - Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2. - in
Progress NumberValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean - Whether the IPv6 is enabled for the distribution.
- last
Modified StringTime - Date and time the distribution was last modified.
- logging
Config Property Map - The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs.
- ordered
Cache List<Property Map>Behaviors - Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<Property Map> - One or more origin_group for this distribution (multiples allowed).
- origins List<Property Map>
- One or more origins for this distribution (multiples allowed).
- price
Class String - Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100. - restrictions Property Map
- The restriction configuration for this distribution (maximum one).
- retain
On BooleanDelete - Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false. - staging Boolean
- A Boolean that indicates whether this is a staging distribution. Defaults to
false. - status String
- Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String>
- A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block. - trusted
Key List<Property Map>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<Property Map> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate Property Map - The SSL configuration for this distribution (maximum one).
- wait
For BooleanDeployment - If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true. - web
Acl StringId - Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
Supporting Types
DistributionCustomErrorResponse, DistributionCustomErrorResponseArgs
- Error
Code int - 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath - Path of the custom error page (for example,
/custom_404.html).
- Error
Code int - 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath - Path of the custom error page (for example,
/custom_404.html).
- error
Code Integer - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching IntegerMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Integer - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath - Path of the custom error page (for example,
/custom_404.html).
- error
Code number - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching numberMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code number - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page stringPath - Path of the custom error page (for example,
/custom_404.html).
- error_
code int - 4xx or 5xx HTTP status code that you want to customize.
- error_
caching_ intmin_ ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response_
code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response_
page_ strpath - Path of the custom error page (for example,
/custom_404.html).
- error
Code Number - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching NumberMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Number - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath - Path of the custom error page (for example,
/custom_404.html).
DistributionDefaultCacheBehavior, DistributionDefaultCacheBehaviorArgs
- Allowed
Methods List<string> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionDefault Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<string> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Allowed
Methods []string - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionDefault Cache Behavior Function Association - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function []DistributionAssociations Default Cache Behavior Lambda Function Association - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []string - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Integer - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionDefault Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Integer - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods string[] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level stringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionDefault Cache Behavior Function Association[] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function DistributionAssociations Default Cache Behavior Lambda Function Association[] - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers string[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed_
methods Sequence[str] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target_
origin_ strid - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache_
policy_ strid - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default_
ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field_
level_ strencryption_ id - Field level encryption configuration ID.
- forwarded_
values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionDefault Cache Behavior Function Association] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc_
config DistributionDefault Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda_
function_ Sequence[Distributionassociations Default Cache Behavior Lambda Function Association] - A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min_
ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin_
request_ strpolicy_ id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id - Identifier for a response headers policy.
- smooth_
streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[str] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values Property Map - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config Property Map - A config block that sets the grpc config.
- lambda
Function List<Property Map>Associations - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
DistributionDefaultCacheBehaviorForwardedValues, DistributionDefaultCacheBehaviorForwardedValuesArgs
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String List<string>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String []stringCache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String string[]Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query_
string_ Sequence[str]cache_ keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
- Property Map
- The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
DistributionDefaultCacheBehaviorForwardedValuesCookies, DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names List<string> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names []string - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names string[] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted_
names Sequence[str] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionDefaultCacheBehaviorFunctionAssociation, DistributionDefaultCacheBehaviorFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn string - ARN of the CloudFront function.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function_
arn str - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
DistributionDefaultCacheBehaviorGrpcConfig, DistributionDefaultCacheBehaviorGrpcConfigArgs
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
DistributionDefaultCacheBehaviorLambdaFunctionAssociation, DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn string - ARN of the Lambda function.
- include
Body boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda_
arn str - ARN of the Lambda function.
- include_
body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
DistributionLoggingConfig, DistributionLoggingConfigArgs
- Bucket string
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - bool
- Whether to include cookies in access logs (default:
false). - Prefix string
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- Bucket string
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - bool
- Whether to include cookies in access logs (default:
false). - Prefix string
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket String
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - Boolean
- Whether to include cookies in access logs (default:
false). - prefix String
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket string
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - boolean
- Whether to include cookies in access logs (default:
false). - prefix string
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket str
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - bool
- Whether to include cookies in access logs (default:
false). - prefix str
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
- bucket String
- Amazon S3 bucket to store the access logs in, for example,
myawslogbucket.s3.amazonaws.com. The bucket must have correct ACL attached with "FULL_CONTROL" permission for "awslogsdelivery" account (Canonical ID: "c4c1ede66af53448b93c283ce9448c4ba468c9432aa01d700d3878632f77d2d0") for log transfer to work. - Boolean
- Whether to include cookies in access logs (default:
false). - prefix String
- Prefix to the access log filenames for this distribution, for example,
myprefix/.
DistributionOrderedCacheBehavior, DistributionOrderedCacheBehaviorArgs
- Allowed
Methods List<string> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionOrdered Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<string> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Allowed
Methods []string - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionOrdered Cache Behavior Function Association - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- Lambda
Function []DistributionAssociations Ordered Cache Behavior Lambda Function Association - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []string - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Integer - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionOrdered Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Integer - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods string[] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern string - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level stringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionOrdered Cache Behavior Function Association[] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda
Function DistributionAssociations Ordered Cache Behavior Lambda Function Association[] - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers string[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed_
methods Sequence[str] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path_
pattern str - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target_
origin_ strid - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache_
policy_ strid - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default_
ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field_
level_ strencryption_ id - Field level encryption configuration ID.
- forwarded_
values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionOrdered Cache Behavior Function Association] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc_
config DistributionOrdered Cache Behavior Grpc Config - A config block that sets the grpc config.
- lambda_
function_ Sequence[Distributionassociations Ordered Cache Behavior Lambda Function Association] - A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min_
ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin_
request_ strpolicy_ id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id - Identifier for a response headers policy.
- smooth_
streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[str] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String - Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to. - target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false). - default
Ttl Number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader. The TTL defined in Cache Policy overrides this configuration. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values Property Map - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- grpc
Config Property Map - A config block that sets the grpc config.
- lambda
Function List<Property Map>Associations - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders. The TTL defined in Cache Policy overrides this configuration. - min
Ttl Number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds. The TTL defined in Cache Policy overrides this configuration.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
DistributionOrderedCacheBehaviorForwardedValues, DistributionOrderedCacheBehaviorForwardedValuesArgs
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String List<string>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - Query
String []stringCache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String string[]Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query_
string_ Sequence[str]cache_ keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
- Property Map
- The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
DistributionOrderedCacheBehaviorForwardedValuesCookies, DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names List<string> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - Whitelisted
Names []string - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names string[] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted_
names Sequence[str] - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names. - whitelisted
Names List<String> - If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionOrderedCacheBehaviorFunctionAssociation, DistributionOrderedCacheBehaviorFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - Function
Arn string - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn string - ARN of the CloudFront function.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function_
arn str - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-requestorviewer-response. - function
Arn String - ARN of the CloudFront function.
DistributionOrderedCacheBehaviorGrpcConfig, DistributionOrderedCacheBehaviorGrpcConfigArgs
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
DistributionOrderedCacheBehaviorLambdaFunctionAssociation, DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn string - ARN of the Lambda function.
- include
Body boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda_
arn str - ARN of the Lambda function.
- include_
body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
DistributionOrigin, DistributionOriginArgs
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Origin
Id string - Connection
Attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers List<DistributionOrigin Custom Header> - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - Custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - Origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - Vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - Origin
Id string - Connection
Attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers []DistributionOrigin Custom Header - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - Custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - Origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - Vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin
Id String - connection
Attempts Integer - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Integer - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<DistributionOrigin Custom Header> - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin
Access StringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin
Id string - connection
Attempts number - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout number - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers DistributionOrigin Custom Header[] - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc
Origin DistributionConfig Origin Vpc Origin Config - The VPC origin configuration.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin_
id str - connection_
attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection_
timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom_
headers Sequence[DistributionOrigin Custom Header] - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom_
origin_ Distributionconfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin_
access_ strcontrol_ id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin_
path str - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin_
shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3_
origin_ Distributionconfig Origin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc_
origin_ Distributionconfig Origin Vpc Origin Config - The VPC origin configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net. - origin
Id String - connection
Attempts Number - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Number - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<Property Map> - One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin Property MapConfig - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead. - origin
Access StringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield Property Map - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config Property Map - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead. - vpc
Origin Property MapConfig - The VPC origin configuration.
DistributionOriginCustomHeader, DistributionOriginCustomHeaderArgs
DistributionOriginCustomOriginConfig, DistributionOriginCustomOriginConfigArgs
- Http
Port int - HTTP port the custom origin listens on.
- Https
Port int - HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - Origin
Ssl List<string>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - Origin
Keepalive intTimeout - Origin
Read intTimeout
- Http
Port int - HTTP port the custom origin listens on.
- Https
Port int - HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - Origin
Ssl []stringProtocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - Origin
Keepalive intTimeout - Origin
Read intTimeout
- http
Port Integer - HTTP port the custom origin listens on.
- https
Port Integer - HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin
Ssl List<String>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive IntegerTimeout - origin
Read IntegerTimeout
- http
Port number - HTTP port the custom origin listens on.
- https
Port number - HTTPS port the custom origin listens on.
- origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin
Ssl string[]Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive numberTimeout - origin
Read numberTimeout
- http_
port int - HTTP port the custom origin listens on.
- https_
port int - HTTPS port the custom origin listens on.
- origin_
protocol_ strpolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin_
ssl_ Sequence[str]protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin_
keepalive_ inttimeout - origin_
read_ inttimeout
- http
Port Number - HTTP port the custom origin listens on.
- https
Port Number - HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy - Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer. - origin
Ssl List<String>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3,TLSv1,TLSv1.1,TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive NumberTimeout - origin
Read NumberTimeout
DistributionOriginGroup, DistributionOriginGroupArgs
- Failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- Members
List<Distribution
Origin Group Member> - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string
- Failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- Members
[]Distribution
Origin Group Member - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string
- failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
List<Distribution
Origin Group Member> - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String
- failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
Distribution
Origin Group Member[] - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id string
- failover_
criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
Sequence[Distribution
Origin Group Member] - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin_
id str
- failover
Criteria Property Map - The failover criteria for when to failover to the secondary origin.
- members List<Property Map>
- Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String
DistributionOriginGroupFailoverCriteria, DistributionOriginGroupFailoverCriteriaArgs
- Status
Codes List<int> - List of HTTP status codes for the origin group.
- Status
Codes []int - List of HTTP status codes for the origin group.
- status
Codes List<Integer> - List of HTTP status codes for the origin group.
- status
Codes number[] - List of HTTP status codes for the origin group.
- status_
codes Sequence[int] - List of HTTP status codes for the origin group.
- status
Codes List<Number> - List of HTTP status codes for the origin group.
DistributionOriginGroupMember, DistributionOriginGroupMemberArgs
- Origin
Id string
- Origin
Id string
- origin
Id String
- origin
Id string
- origin_
id str
- origin
Id String
DistributionOriginOriginShield, DistributionOriginOriginShieldArgs
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- origin
Shield StringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- origin_
shield_ strregion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- origin
Shield StringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2.
DistributionOriginS3OriginConfig, DistributionOriginS3OriginConfigArgs
- Origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- Origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity - The CloudFront origin access identity to associate with the origin.
- origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- origin_
access_ stridentity - The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity - The CloudFront origin access identity to associate with the origin.
DistributionOriginVpcOriginConfig, DistributionOriginVpcOriginConfigArgs
- Vpc
Origin stringId - The VPC origin ID.
- Origin
Keepalive intTimeout - Origin
Read intTimeout
- Vpc
Origin stringId - The VPC origin ID.
- Origin
Keepalive intTimeout - Origin
Read intTimeout
- vpc
Origin StringId - The VPC origin ID.
- origin
Keepalive IntegerTimeout - origin
Read IntegerTimeout
- vpc
Origin stringId - The VPC origin ID.
- origin
Keepalive numberTimeout - origin
Read numberTimeout
- vpc_
origin_ strid - The VPC origin ID.
- origin_
keepalive_ inttimeout - origin_
read_ inttimeout
- vpc
Origin StringId - The VPC origin ID.
- origin
Keepalive NumberTimeout - origin
Read NumberTimeout
DistributionRestrictions, DistributionRestrictionsArgs
DistributionRestrictionsGeoRestriction, DistributionRestrictionsGeoRestrictionArgs
- Restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - Locations List<string>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- Restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - Locations []string
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type String - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations List<String>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations string[]
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction_
type str - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations Sequence[str]
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type String - Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist. - locations List<String>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
DistributionTrustedKeyGroup, DistributionTrustedKeyGroupArgs
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Items
List<Distribution
Trusted Key Group Item> - List of nested attributes for each trusted signer
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Items
[]Distribution
Trusted Key Group Item - List of nested attributes for each trusted signer
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- items
List<Distribution
Trusted Key Group Item> - List of nested attributes for each trusted signer
- enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- items
Distribution
Trusted Key Group Item[] - List of nested attributes for each trusted signer
- enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- items
Sequence[Distribution
Trusted Key Group Item] - List of nested attributes for each trusted signer
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- items List<Property Map>
- List of nested attributes for each trusted signer
DistributionTrustedKeyGroupItem, DistributionTrustedKeyGroupItemArgs
- Key
Group stringId - ID of the key group that contains the public keys.
- Key
Pair List<string>Ids - Set of active CloudFront key pairs associated with the signer account
- Key
Group stringId - ID of the key group that contains the public keys.
- Key
Pair []stringIds - Set of active CloudFront key pairs associated with the signer account
- key
Group StringId - ID of the key group that contains the public keys.
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
- key
Group stringId - ID of the key group that contains the public keys.
- key
Pair string[]Ids - Set of active CloudFront key pairs associated with the signer account
- key_
group_ strid - ID of the key group that contains the public keys.
- key_
pair_ Sequence[str]ids - Set of active CloudFront key pairs associated with the signer account
- key
Group StringId - ID of the key group that contains the public keys.
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
DistributionTrustedSigner, DistributionTrustedSignerArgs
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Items
List<Distribution
Trusted Signer Item> - List of nested attributes for each trusted signer
- Enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- Items
[]Distribution
Trusted Signer Item - List of nested attributes for each trusted signer
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- items
List<Distribution
Trusted Signer Item> - List of nested attributes for each trusted signer
- enabled boolean
- Whether the distribution is enabled to accept end user requests for content.
- items
Distribution
Trusted Signer Item[] - List of nested attributes for each trusted signer
- enabled bool
- Whether the distribution is enabled to accept end user requests for content.
- items
Sequence[Distribution
Trusted Signer Item] - List of nested attributes for each trusted signer
- enabled Boolean
- Whether the distribution is enabled to accept end user requests for content.
- items List<Property Map>
- List of nested attributes for each trusted signer
DistributionTrustedSignerItem, DistributionTrustedSignerItemArgs
- Aws
Account stringNumber - AWS account ID or
self - Key
Pair List<string>Ids - Set of active CloudFront key pairs associated with the signer account
- Aws
Account stringNumber - AWS account ID or
self - Key
Pair []stringIds - Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber - AWS account ID or
self - key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
- aws
Account stringNumber - AWS account ID or
self - key
Pair string[]Ids - Set of active CloudFront key pairs associated with the signer account
- aws_
account_ strnumber - AWS account ID or
self - key_
pair_ Sequence[str]ids - Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber - AWS account ID or
self - key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
DistributionViewerCertificate, DistributionViewerCertificateArgs
- Acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - Cloudfront
Default boolCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- Iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - Minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - Ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- Acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - Cloudfront
Default boolCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- Iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - Minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - Ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront
Default BooleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate StringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum
Protocol StringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl
Support StringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront
Default booleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm_
certificate_ strarn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront_
default_ boolcertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam_
certificate_ strid - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum_
protocol_ strversion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl_
support_ strmethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1. - cloudfront
Default BooleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate StringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate. - minimum
Protocol StringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified. - ssl
Support StringMethod - How you want CloudFront to serve HTTPS requests. One of
vip,sni-only, orstatic-ip. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
Import
Using pulumi import, import CloudFront Distributions using the id. For example:
$ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
awsTerraform Provider.