Docs
Packages
AWS Classic v5.41.0, May 15 23
AWS Classic v5.41.0, May 15 23
aws.cloudfront.Distribution
Explore with Pulumi AI
Creates an Amazon CloudFront web distribution.
For information about CloudFront distributions, see the Amazon CloudFront Developer Guide. For specific information about creating CloudFront web distributions, see the POST Distribution page in the Amazon CloudFront API Reference.
NOTE: CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the
retain_on_deleteflag.
Example Usage
The following example below creates a CloudFront distribution with an S3 origin.
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var bucketV2 = new Aws.S3.BucketV2("bucketV2", new()
{
Tags =
{
{ "Name", "My bucket" },
},
});
var bAcl = new Aws.S3.BucketAclV2("bAcl", new()
{
Bucket = bucketV2.Id,
Acl = "private",
});
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3Distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = bucketV2.BucketRegionalDomainName,
OriginAccessControlId = aws_cloudfront_origin_access_control.Default.Id,
OriginId = s3OriginId,
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
IncludeCookies = false,
Bucket = "mylogs.s3.amazonaws.com",
Prefix = "myprefix",
},
Aliases = new[]
{
"mysite.example.com",
"yoursite.example.com",
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
ViewerProtocolPolicy = "allow-all",
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/immutable/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Headers = new[]
{
"Origin",
},
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 86400,
MaxTtl = 31536000,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
},
PriceClass = "PriceClass_200",
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
Tags =
{
{ "Environment", "production" },
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudfront"
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
bucketV2, err := s3.NewBucketV2(ctx, "bucketV2", &s3.BucketV2Args{
Tags: pulumi.StringMap{
"Name": pulumi.String("My bucket"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "bAcl", &s3.BucketAclV2Args{
Bucket: bucketV2.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
s3OriginId := "myS3Origin"
_, err = cloudfront.NewDistribution(ctx, "s3Distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: bucketV2.BucketRegionalDomainName,
OriginAccessControlId: pulumi.Any(aws_cloudfront_origin_access_control.Default.Id),
OriginId: pulumi.String(s3OriginId),
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
IncludeCookies: pulumi.Bool(false),
Bucket: pulumi.String("mylogs.s3.amazonaws.com"),
Prefix: pulumi.String("myprefix"),
},
Aliases: pulumi.StringArray{
pulumi.String("mysite.example.com"),
pulumi.String("yoursite.example.com"),
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("DELETE"),
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
pulumi.String("PATCH"),
pulumi.String("POST"),
pulumi.String("PUT"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
ViewerProtocolPolicy: pulumi.String("allow-all"),
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/immutable/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("Origin"),
},
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(86400),
MaxTtl: pulumi.Int(31536000),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
},
PriceClass: pulumi.String("PriceClass_200"),
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
Tags: pulumi.StringMap{
"Environment": pulumi.String("production"),
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionLoggingConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var bucketV2 = new BucketV2("bucketV2", BucketV2Args.builder()
.tags(Map.of("Name", "My bucket"))
.build());
var bAcl = new BucketAclV2("bAcl", BucketAclV2Args.builder()
.bucket(bucketV2.id())
.acl("private")
.build());
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(bucketV2.bucketRegionalDomainName())
.originAccessControlId(aws_cloudfront_origin_access_control.default().id())
.originId(s3OriginId)
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.loggingConfig(DistributionLoggingConfigArgs.builder()
.includeCookies(false)
.bucket("mylogs.s3.amazonaws.com")
.prefix("myprefix")
.build())
.aliases(
"mysite.example.com",
"yoursite.example.com")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods(
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.viewerProtocolPolicy("allow-all")
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.build())
.orderedCacheBehaviors(
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/immutable/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.headers("Origin")
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(86400)
.maxTtl(31536000)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build(),
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build())
.priceClass("PriceClass_200")
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.tags(Map.of("Environment", "production"))
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
bucket_v2 = aws.s3.BucketV2("bucketV2", tags={
"Name": "My bucket",
})
b_acl = aws.s3.BucketAclV2("bAcl",
bucket=bucket_v2.id,
acl="private")
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3Distribution",
origins=[aws.cloudfront.DistributionOriginArgs(
domain_name=bucket_v2.bucket_regional_domain_name,
origin_access_control_id=aws_cloudfront_origin_access_control["default"]["id"],
origin_id=s3_origin_id,
)],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
logging_config=aws.cloudfront.DistributionLoggingConfigArgs(
include_cookies=False,
bucket="mylogs.s3.amazonaws.com",
prefix="myprefix",
),
aliases=[
"mysite.example.com",
"yoursite.example.com",
],
default_cache_behavior=aws.cloudfront.DistributionDefaultCacheBehaviorArgs(
allowed_methods=[
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
cached_methods=[
"GET",
"HEAD",
],
target_origin_id=s3_origin_id,
forwarded_values=aws.cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs(
query_string=False,
cookies=aws.cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs(
forward="none",
),
),
viewer_protocol_policy="allow-all",
min_ttl=0,
default_ttl=3600,
max_ttl=86400,
),
ordered_cache_behaviors=[
aws.cloudfront.DistributionOrderedCacheBehaviorArgs(
path_pattern="/content/immutable/*",
allowed_methods=[
"GET",
"HEAD",
"OPTIONS",
],
cached_methods=[
"GET",
"HEAD",
"OPTIONS",
],
target_origin_id=s3_origin_id,
forwarded_values=aws.cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs(
query_string=False,
headers=["Origin"],
cookies=aws.cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs(
forward="none",
),
),
min_ttl=0,
default_ttl=86400,
max_ttl=31536000,
compress=True,
viewer_protocol_policy="redirect-to-https",
),
aws.cloudfront.DistributionOrderedCacheBehaviorArgs(
path_pattern="/content/*",
allowed_methods=[
"GET",
"HEAD",
"OPTIONS",
],
cached_methods=[
"GET",
"HEAD",
],
target_origin_id=s3_origin_id,
forwarded_values=aws.cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs(
query_string=False,
cookies=aws.cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs(
forward="none",
),
),
min_ttl=0,
default_ttl=3600,
max_ttl=86400,
compress=True,
viewer_protocol_policy="redirect-to-https",
),
],
price_class="PriceClass_200",
restrictions=aws.cloudfront.DistributionRestrictionsArgs(
geo_restriction=aws.cloudfront.DistributionRestrictionsGeoRestrictionArgs(
restriction_type="whitelist",
locations=[
"US",
"CA",
"GB",
"DE",
],
),
),
tags={
"Environment": "production",
},
viewer_certificate=aws.cloudfront.DistributionViewerCertificateArgs(
cloudfront_default_certificate=True,
))
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const bucketV2 = new aws.s3.BucketV2("bucketV2", {tags: {
Name: "My bucket",
}});
const bAcl = new aws.s3.BucketAclV2("bAcl", {
bucket: bucketV2.id,
acl: "private",
});
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3Distribution", {
origins: [{
domainName: bucketV2.bucketRegionalDomainName,
originAccessControlId: aws_cloudfront_origin_access_control["default"].id,
originId: s3OriginId,
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
loggingConfig: {
includeCookies: false,
bucket: "mylogs.s3.amazonaws.com",
prefix: "myprefix",
},
aliases: [
"mysite.example.com",
"yoursite.example.com",
],
defaultCacheBehavior: {
allowedMethods: [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
viewerProtocolPolicy: "allow-all",
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
},
orderedCacheBehaviors: [
{
pathPattern: "/content/immutable/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
headers: ["Origin"],
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 86400,
maxTtl: 31536000,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
{
pathPattern: "/content/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
],
priceClass: "PriceClass_200",
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
tags: {
Environment: "production",
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
resources:
bucketV2:
type: aws:s3:BucketV2
properties:
tags:
Name: My bucket
bAcl:
type: aws:s3:BucketAclV2
properties:
bucket: ${bucketV2.id}
acl: private
s3Distribution:
type: aws:cloudfront:Distribution
properties:
origins:
- domainName: ${bucketV2.bucketRegionalDomainName}
originAccessControlId: ${aws_cloudfront_origin_access_control.default.id}
originId: ${s3OriginId}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
loggingConfig:
includeCookies: false
bucket: mylogs.s3.amazonaws.com
prefix: myprefix
aliases:
- mysite.example.com
- yoursite.example.com
defaultCacheBehavior:
allowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
viewerProtocolPolicy: allow-all
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
# Cache behavior with precedence 0
orderedCacheBehaviors:
- pathPattern: /content/immutable/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
headers:
- Origin
cookies:
forward: none
minTtl: 0
defaultTtl: 86400
maxTtl: 3.1536e+07
compress: true
viewerProtocolPolicy: redirect-to-https
- pathPattern: /content/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
compress: true
viewerProtocolPolicy: redirect-to-https
priceClass: PriceClass_200
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
tags:
Environment: production
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
The example below creates a CloudFront distribution with an origin group for failover routing
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3Distribution = new Aws.CloudFront.Distribution("s3Distribution", new()
{
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
OriginId = "groupS3",
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
403,
404,
500,
502,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "primaryS3",
},
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "failoverS3",
},
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = aws_s3_bucket.Primary.Bucket_regional_domain_name,
OriginId = "primaryS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = aws_cloudfront_origin_access_identity.Default.Cloudfront_access_identity_path,
},
},
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = aws_s3_bucket.Failover.Bucket_regional_domain_name,
OriginId = "failoverS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = aws_cloudfront_origin_access_identity.Default.Cloudfront_access_identity_path,
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
TargetOriginId = "groupS3",
},
});
// ... other configuration ...
});
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v5/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewDistribution(ctx, "s3Distribution", &cloudfront.DistributionArgs{
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
OriginId: pulumi.String("groupS3"),
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(403),
pulumi.Int(404),
pulumi.Int(500),
pulumi.Int(502),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("primaryS3"),
},
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("failoverS3"),
},
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(aws_s3_bucket.Primary.Bucket_regional_domain_name),
OriginId: pulumi.String("primaryS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(aws_cloudfront_origin_access_identity.Default.Cloudfront_access_identity_path),
},
},
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(aws_s3_bucket.Failover.Bucket_regional_domain_name),
OriginId: pulumi.String("failoverS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(aws_cloudfront_origin_access_identity.Default.Cloudfront_access_identity_path),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
TargetOriginId: pulumi.String("groupS3"),
},
})
if err != nil {
return err
}
return nil
})
}
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupFailoverCriteriaArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.originGroups(DistributionOriginGroupArgs.builder()
.originId("groupS3")
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(
403,
404,
500,
502)
.build())
.members(
DistributionOriginGroupMemberArgs.builder()
.originId("primaryS3")
.build(),
DistributionOriginGroupMemberArgs.builder()
.originId("failoverS3")
.build())
.build())
.origins(
DistributionOriginArgs.builder()
.domainName(aws_s3_bucket.primary().bucket_regional_domain_name())
.originId("primaryS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(aws_cloudfront_origin_access_identity.default().cloudfront_access_identity_path())
.build())
.build(),
DistributionOriginArgs.builder()
.domainName(aws_s3_bucket.failover().bucket_regional_domain_name())
.originId("failoverS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(aws_cloudfront_origin_access_identity.default().cloudfront_access_identity_path())
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.targetOriginId("groupS3")
.build())
.build());
}
}
import pulumi
import pulumi_aws as aws
s3_distribution = aws.cloudfront.Distribution("s3Distribution",
origin_groups=[aws.cloudfront.DistributionOriginGroupArgs(
origin_id="groupS3",
failover_criteria=aws.cloudfront.DistributionOriginGroupFailoverCriteriaArgs(
status_codes=[
403,
404,
500,
502,
],
),
members=[
aws.cloudfront.DistributionOriginGroupMemberArgs(
origin_id="primaryS3",
),
aws.cloudfront.DistributionOriginGroupMemberArgs(
origin_id="failoverS3",
),
],
)],
origins=[
aws.cloudfront.DistributionOriginArgs(
domain_name=aws_s3_bucket["primary"]["bucket_regional_domain_name"],
origin_id="primaryS3",
s3_origin_config=aws.cloudfront.DistributionOriginS3OriginConfigArgs(
origin_access_identity=aws_cloudfront_origin_access_identity["default"]["cloudfront_access_identity_path"],
),
),
aws.cloudfront.DistributionOriginArgs(
domain_name=aws_s3_bucket["failover"]["bucket_regional_domain_name"],
origin_id="failoverS3",
s3_origin_config=aws.cloudfront.DistributionOriginS3OriginConfigArgs(
origin_access_identity=aws_cloudfront_origin_access_identity["default"]["cloudfront_access_identity_path"],
),
),
],
default_cache_behavior=aws.cloudfront.DistributionDefaultCacheBehaviorArgs(
target_origin_id="groupS3",
))
# ... other configuration ...
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3Distribution = new aws.cloudfront.Distribution("s3Distribution", {
originGroups: [{
originId: "groupS3",
failoverCriteria: {
statusCodes: [
403,
404,
500,
502,
],
},
members: [
{
originId: "primaryS3",
},
{
originId: "failoverS3",
},
],
}],
origins: [
{
domainName: aws_s3_bucket.primary.bucket_regional_domain_name,
originId: "primaryS3",
s3OriginConfig: {
originAccessIdentity: aws_cloudfront_origin_access_identity["default"].cloudfront_access_identity_path,
},
},
{
domainName: aws_s3_bucket.failover.bucket_regional_domain_name,
originId: "failoverS3",
s3OriginConfig: {
originAccessIdentity: aws_cloudfront_origin_access_identity["default"].cloudfront_access_identity_path,
},
},
],
defaultCacheBehavior: {
targetOriginId: "groupS3",
},
});
// ... other configuration ...
resources:
s3Distribution:
type: aws:cloudfront:Distribution
properties:
originGroups:
- originId: groupS3
failoverCriteria:
statusCodes:
- 403
- 404
- 500
- 502
members:
- originId: primaryS3
- originId: failoverS3
origins:
- domainName: ${aws_s3_bucket.primary.bucket_regional_domain_name}
originId: primaryS3
s3OriginConfig:
originAccessIdentity: ${aws_cloudfront_origin_access_identity.default.cloudfront_access_identity_path}
- domainName: ${aws_s3_bucket.failover.bucket_regional_domain_name}
originId: failoverS3
s3OriginConfig:
originAccessIdentity: ${aws_cloudfront_origin_access_identity.default.cloudfront_access_identity_path}
defaultCacheBehavior:
targetOriginId: groupS3
(ex: CachingDisabled)
Coming soon!
Coming soon!
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(aws_s3_bucket.primary().bucket_regional_domain_name())
.originId("myS3Origin")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(aws_cloudfront_origin_access_identity.default().cloudfront_access_identity_path())
.build())
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.cachePolicyId("4135ea2d-6df8-44a3-9df3-4b5a84be39ad")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.pathPattern("/content/*")
.targetOriginId(s3OriginId)
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
Coming soon!
Coming soon!
resources:
s3Distribution:
type: aws:cloudfront:Distribution
properties:
origins:
- domainName: ${aws_s3_bucket.primary.bucket_regional_domain_name}
originId: myS3Origin
s3OriginConfig:
originAccessIdentity: ${aws_cloudfront_origin_access_identity.default.cloudfront_access_identity_path}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
defaultCacheBehavior:
cachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
allowedMethods:
- GET
- HEAD
- OPTIONS
pathPattern: /content/*
targetOriginId: ${s3OriginId}
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
Create Distribution Resource
new Distribution(name: string, args: DistributionArgs, opts?: CustomResourceOptions);@overload
def Distribution(resource_name: str,
opts: Optional[ResourceOptions] = None,
aliases: Optional[Sequence[str]] = None,
comment: Optional[str] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
default_root_object: Optional[str] = None,
enabled: Optional[bool] = None,
http_version: Optional[str] = None,
is_ipv6_enabled: Optional[bool] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
price_class: Optional[str] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
retain_on_delete: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None)
@overload
def Distribution(resource_name: str,
args: DistributionArgs,
opts: Optional[ResourceOptions] = None)func NewDistribution(ctx *Context, name string, args DistributionArgs, opts ...ResourceOption) (*Distribution, error)public Distribution(string name, DistributionArgs args, CustomResourceOptions? opts = null)
public Distribution(String name, DistributionArgs args)
public Distribution(String name, DistributionArgs args, CustomResourceOptions options)
type: aws:cloudfront:Distribution
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Distribution Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
The Distribution resource accepts the following input properties:
- Default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Origins
List<Distribution
Origin Args> One or more origins for this distribution (multiples allowed).
- Restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- Viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- Aliases List<string>
Extra CNAMEs (alternate domain names), if any, for this distribution.
- Comment string
Any comments you want to include about the distribution.
- Custom
Error List<DistributionResponses Custom Error Response Args> One or more custom error response elements (multiples allowed).
- Default
Root stringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Http
Version string Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- Is
Ipv6Enabled bool Whether the IPv6 is enabled for the distribution.
- Logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior Args> Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups List<DistributionOrigin Group Args> One or more origin_group for this distribution (multiples allowed).
- Price
Class string Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- Retain
On boolDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- Dictionary<string, string>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Wait
For boolDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- Web
Acl stringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- Default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Origins
[]Distribution
Origin Args One or more origins for this distribution (multiples allowed).
- Restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- Viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- Aliases []string
Extra CNAMEs (alternate domain names), if any, for this distribution.
- Comment string
Any comments you want to include about the distribution.
- Custom
Error []DistributionResponses Custom Error Response Args One or more custom error response elements (multiples allowed).
- Default
Root stringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Http
Version string Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- Is
Ipv6Enabled bool Whether the IPv6 is enabled for the distribution.
- Logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups []DistributionOrigin Group Args One or more origin_group for this distribution (multiples allowed).
- Price
Class string Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- Retain
On boolDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- map[string]string
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Wait
For boolDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- Web
Acl stringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- origins
List<Distribution
Origin Args> One or more origins for this distribution (multiples allowed).
- restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- aliases List<String>
Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment String
Any comments you want to include about the distribution.
- custom
Error List<DistributionResponses Custom Error Response Args> One or more custom error response elements (multiples allowed).
- default
Root StringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http
Version String Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- is
Ipv6Enabled Boolean Whether the IPv6 is enabled for the distribution.
- logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered
Cache List<DistributionBehaviors Ordered Cache Behavior Args> Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<DistributionOrigin Group Args> One or more origin_group for this distribution (multiples allowed).
- price
Class String Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- retain
On BooleanDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- Map<String,String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- wait
For BooleanDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web
Acl StringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- enabled boolean
Whether the distribution is enabled to accept end user requests for content.
- origins
Distribution
Origin Args[] One or more origins for this distribution (multiples allowed).
- restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- aliases string[]
Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment string
Any comments you want to include about the distribution.
- custom
Error DistributionResponses Custom Error Response Args[] One or more custom error response elements (multiples allowed).
- default
Root stringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http
Version string Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- is
Ipv6Enabled boolean Whether the IPv6 is enabled for the distribution.
- logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered
Cache DistributionBehaviors Ordered Cache Behavior Args[] Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups DistributionOrigin Group Args[] One or more origin_group for this distribution (multiples allowed).
- price
Class string Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- retain
On booleanDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- {[key: string]: string}
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- wait
For booleanDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web
Acl stringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default_
cache_ Distributionbehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- enabled bool
Whether the distribution is enabled to accept end user requests for content.
- origins
Sequence[Distribution
Origin Args] One or more origins for this distribution (multiples allowed).
- restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- viewer_
certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- aliases Sequence[str]
Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment str
Any comments you want to include about the distribution.
- custom_
error_ Sequence[Distributionresponses Custom Error Response Args] One or more custom error response elements (multiples allowed).
- default_
root_ strobject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http_
version str Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- is_
ipv6_ boolenabled Whether the IPv6 is enabled for the distribution.
- logging_
config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin_
groups Sequence[DistributionOrigin Group Args] One or more origin_group for this distribution (multiples allowed).
- price_
class str Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- retain_
on_ booldelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- Mapping[str, str]
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- wait_
for_ booldeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web_
acl_ strid Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- default
Cache Property MapBehavior Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- origins List<Property Map>
One or more origins for this distribution (multiples allowed).
- restrictions Property Map
The restriction configuration for this distribution (maximum one).
- viewer
Certificate Property Map The SSL configuration for this distribution (maximum one).
- aliases List<String>
Extra CNAMEs (alternate domain names), if any, for this distribution.
- comment String
Any comments you want to include about the distribution.
- custom
Error List<Property Map>Responses One or more custom error response elements (multiples allowed).
- default
Root StringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- http
Version String Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- is
Ipv6Enabled Boolean Whether the IPv6 is enabled for the distribution.
- logging
Config Property Map The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered
Cache List<Property Map>Behaviors Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<Property Map> One or more origin_group for this distribution (multiples allowed).
- price
Class String Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- retain
On BooleanDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- Map<String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- wait
For BooleanDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web
Acl StringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
Outputs
All input properties are implicitly available as output properties. Additionally, the Distribution resource produces the following output properties:
- Arn string
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- Caller
Reference string Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- Etag string
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- Hosted
Zone stringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- Id string
The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches Number of invalidation batches currently in progress.
- Last
Modified stringTime Date and time the distribution was last modified.
- Status string
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- Trusted
Key List<DistributionGroups Trusted Key Group> List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers List<DistributionTrusted Signer> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- Arn string
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- Caller
Reference string Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- Etag string
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- Hosted
Zone stringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- Id string
The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches Number of invalidation batches currently in progress.
- Last
Modified stringTime Date and time the distribution was last modified.
- Status string
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- Trusted
Key []DistributionGroups Trusted Key Group List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers []DistributionTrusted Signer List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- arn String
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller
Reference String Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String DNS domain name of either the S3 bucket, or web site of your custom origin.
- etag String
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted
Zone StringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- id String
The provider-assigned unique ID for this managed resource.
- in
Progress IntegerValidation Batches Number of invalidation batches currently in progress.
- last
Modified StringTime Date and time the distribution was last modified.
- status String
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted
Key List<DistributionGroups Trusted Key Group> List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<DistributionTrusted Signer> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- arn string
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller
Reference string Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- etag string
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted
Zone stringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- id string
The provider-assigned unique ID for this managed resource.
- in
Progress numberValidation Batches Number of invalidation batches currently in progress.
- last
Modified stringTime Date and time the distribution was last modified.
- status string
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted
Key DistributionGroups Trusted Key Group[] List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers DistributionTrusted Signer[] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- arn str
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller_
reference str Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain_
name str DNS domain name of either the S3 bucket, or web site of your custom origin.
- etag str
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted_
zone_ strid CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- id str
The provider-assigned unique ID for this managed resource.
- in_
progress_ intvalidation_ batches Number of invalidation batches currently in progress.
- last_
modified_ strtime Date and time the distribution was last modified.
- status str
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted_
key_ Sequence[Distributiongroups Trusted Key Group] List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted_
signers Sequence[DistributionTrusted Signer] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- arn String
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller
Reference String Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String DNS domain name of either the S3 bucket, or web site of your custom origin.
- etag String
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted
Zone StringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- id String
The provider-assigned unique ID for this managed resource.
- in
Progress NumberValidation Batches Number of invalidation batches currently in progress.
- last
Modified StringTime Date and time the distribution was last modified.
- status String
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted
Key List<Property Map>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<Property Map> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
Look up Existing Distribution Resource
Get an existing Distribution resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DistributionState, opts?: CustomResourceOptions): Distribution@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aliases: Optional[Sequence[str]] = None,
arn: Optional[str] = None,
caller_reference: Optional[str] = None,
comment: Optional[str] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
default_root_object: Optional[str] = None,
domain_name: Optional[str] = None,
enabled: Optional[bool] = None,
etag: Optional[str] = None,
hosted_zone_id: Optional[str] = None,
http_version: Optional[str] = None,
in_progress_validation_batches: Optional[int] = None,
is_ipv6_enabled: Optional[bool] = None,
last_modified_time: Optional[str] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
price_class: Optional[str] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
retain_on_delete: Optional[bool] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
trusted_key_groups: Optional[Sequence[DistributionTrustedKeyGroupArgs]] = None,
trusted_signers: Optional[Sequence[DistributionTrustedSignerArgs]] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None) -> Distributionfunc GetDistribution(ctx *Context, name string, id IDInput, state *DistributionState, opts ...ResourceOption) (*Distribution, error)public static Distribution Get(string name, Input<string> id, DistributionState? state, CustomResourceOptions? opts = null)public static Distribution get(String name, Output<String> id, DistributionState state, CustomResourceOptions options)Resource lookup is not supported in YAML- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aliases List<string>
Extra CNAMEs (alternate domain names), if any, for this distribution.
- Arn string
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- Caller
Reference string Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
Any comments you want to include about the distribution.
- Custom
Error List<DistributionResponses Custom Error Response Args> One or more custom error response elements (multiples allowed).
- Default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- Default
Root stringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Etag string
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- Hosted
Zone stringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- Http
Version string Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- In
Progress intValidation Batches Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool Whether the IPv6 is enabled for the distribution.
- Last
Modified stringTime Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior Args> Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups List<DistributionOrigin Group Args> One or more origin_group for this distribution (multiples allowed).
- Origins
List<Distribution
Origin Args> One or more origins for this distribution (multiples allowed).
- Price
Class string Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- Restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- Retain
On boolDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- Status string
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Dictionary<string, string>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Dictionary<string, string>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- Trusted
Key List<DistributionGroups Trusted Key Group Args> List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers List<DistributionTrusted Signer Args> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.- Viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- Wait
For boolDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- Web
Acl stringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- Aliases []string
Extra CNAMEs (alternate domain names), if any, for this distribution.
- Arn string
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- Caller
Reference string Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
Any comments you want to include about the distribution.
- Custom
Error []DistributionResponses Custom Error Response Args One or more custom error response elements (multiples allowed).
- Default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- Default
Root stringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- Domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Etag string
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- Hosted
Zone stringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- Http
Version string Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- In
Progress intValidation Batches Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool Whether the IPv6 is enabled for the distribution.
- Last
Modified stringTime Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- Origin
Groups []DistributionOrigin Group Args One or more origin_group for this distribution (multiples allowed).
- Origins
[]Distribution
Origin Args One or more origins for this distribution (multiples allowed).
- Price
Class string Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- Restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- Retain
On boolDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- Status string
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- map[string]string
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- map[string]string
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- Trusted
Key []DistributionGroups Trusted Key Group Args List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers []DistributionTrusted Signer Args List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.- Viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- Wait
For boolDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- Web
Acl stringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases List<String>
Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn String
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller
Reference String Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
Any comments you want to include about the distribution.
- custom
Error List<DistributionResponses Custom Error Response Args> One or more custom error response elements (multiples allowed).
- default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- default
Root StringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain
Name String DNS domain name of either the S3 bucket, or web site of your custom origin.
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- etag String
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted
Zone StringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- http
Version String Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- in
Progress IntegerValidation Batches Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean Whether the IPv6 is enabled for the distribution.
- last
Modified StringTime Date and time the distribution was last modified.
- logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered
Cache List<DistributionBehaviors Ordered Cache Behavior Args> Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<DistributionOrigin Group Args> One or more origin_group for this distribution (multiples allowed).
- origins
List<Distribution
Origin Args> One or more origins for this distribution (multiples allowed).
- price
Class String Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- retain
On BooleanDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- status String
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Map<String,String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String,String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted
Key List<DistributionGroups Trusted Key Group Args> List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<DistributionTrusted Signer Args> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.- viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- wait
For BooleanDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web
Acl StringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases string[]
Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn string
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller
Reference string Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment string
Any comments you want to include about the distribution.
- custom
Error DistributionResponses Custom Error Response Args[] One or more custom error response elements (multiples allowed).
- default
Cache DistributionBehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- default
Root stringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- enabled boolean
Whether the distribution is enabled to accept end user requests for content.
- etag string
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted
Zone stringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- http
Version string Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- in
Progress numberValidation Batches Number of invalidation batches currently in progress.
- is
Ipv6Enabled boolean Whether the IPv6 is enabled for the distribution.
- last
Modified stringTime Date and time the distribution was last modified.
- logging
Config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered
Cache DistributionBehaviors Ordered Cache Behavior Args[] Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups DistributionOrigin Group Args[] One or more origin_group for this distribution (multiples allowed).
- origins
Distribution
Origin Args[] One or more origins for this distribution (multiples allowed).
- price
Class string Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- retain
On booleanDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- status string
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- {[key: string]: string}
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- {[key: string]: string}
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted
Key DistributionGroups Trusted Key Group Args[] List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers DistributionTrusted Signer Args[] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.- viewer
Certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- wait
For booleanDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web
Acl stringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases Sequence[str]
Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn str
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller_
reference str Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment str
Any comments you want to include about the distribution.
- custom_
error_ Sequence[Distributionresponses Custom Error Response Args] One or more custom error response elements (multiples allowed).
- default_
cache_ Distributionbehavior Default Cache Behavior Args Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- default_
root_ strobject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain_
name str DNS domain name of either the S3 bucket, or web site of your custom origin.
- enabled bool
Whether the distribution is enabled to accept end user requests for content.
- etag str
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted_
zone_ strid CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- http_
version str Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- in_
progress_ intvalidation_ batches Number of invalidation batches currently in progress.
- is_
ipv6_ boolenabled Whether the IPv6 is enabled for the distribution.
- last_
modified_ strtime Date and time the distribution was last modified.
- logging_
config DistributionLogging Config Args The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin_
groups Sequence[DistributionOrigin Group Args] One or more origin_group for this distribution (multiples allowed).
- origins
Sequence[Distribution
Origin Args] One or more origins for this distribution (multiples allowed).
- price_
class str Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- restrictions
Distribution
Restrictions Args The restriction configuration for this distribution (maximum one).
- retain_
on_ booldelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- status str
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Mapping[str, str]
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Mapping[str, str]
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted_
key_ Sequence[Distributiongroups Trusted Key Group Args] List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted_
signers Sequence[DistributionTrusted Signer Args] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.- viewer_
certificate DistributionViewer Certificate Args The SSL configuration for this distribution (maximum one).
- wait_
for_ booldeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web_
acl_ strid Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
- aliases List<String>
Extra CNAMEs (alternate domain names), if any, for this distribution.
- arn String
ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012is your AWS account ID.- caller
Reference String Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
Any comments you want to include about the distribution.
- custom
Error List<Property Map>Responses One or more custom error response elements (multiples allowed).
- default
Cache Property MapBehavior Default cache behavior for this distribution (maximum one). Requires either
cache_policy_id(preferred) orforwarded_values(deprecated) be set.- default
Root StringObject Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
- domain
Name String DNS domain name of either the S3 bucket, or web site of your custom origin.
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- etag String
Current version of the distribution's information. For example:
E2QWRUHAPOMQZL.- hosted
Zone StringId CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2.- http
Version String Maximum HTTP version to support on the distribution. Allowed values are
http1.1,http2,http2and3andhttp3. The default ishttp2.- in
Progress NumberValidation Batches Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean Whether the IPv6 is enabled for the distribution.
- last
Modified StringTime Date and time the distribution was last modified.
- logging
Config Property Map The logging configuration that controls how logs are written to your distribution (maximum one).
- ordered
Cache List<Property Map>Behaviors Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0.
- origin
Groups List<Property Map> One or more origin_group for this distribution (multiples allowed).
- origins List<Property Map>
One or more origins for this distribution (multiples allowed).
- price
Class String Price class for this distribution. One of
PriceClass_All,PriceClass_200,PriceClass_100.- restrictions Property Map
The restriction configuration for this distribution (maximum one).
- retain
On BooleanDelete Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default:
false.- status String
Current status of the distribution.
Deployedif the distribution's information is fully propagated throughout the Amazon CloudFront system.- Map<String>
A map of tags to assign to the resource. If configured with a provider
default_tagsconfiguration block present, tags with matching keys will overwrite those defined at the provider-level.- Map<String>
Map of tags assigned to the resource, including those inherited from the provider
default_tagsconfiguration block.- trusted
Key List<Property Map>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<Property Map> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.- viewer
Certificate Property Map The SSL configuration for this distribution (maximum one).
- wait
For BooleanDeployment If enabled, the resource will wait for the distribution status to change from
InProgresstoDeployed. Setting this tofalsewill skip the process. Default:true.- web
Acl StringId Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example
aws_wafv2_web_acl.example.arn. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for exampleaws_waf_web_acl.example.id. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must havewaf:GetWebACLpermissions assigned.
Supporting Types
DistributionCustomErrorResponse
- Error
Code int 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath Path of the custom error page (for example,
/custom_404.html).
- Error
Code int 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath Path of the custom error page (for example,
/custom_404.html).
- error
Code Integer 4xx or 5xx HTTP status code that you want to customize.
- error
Caching IntegerMin Ttl Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Integer HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath Path of the custom error page (for example,
/custom_404.html).
- error
Code number 4xx or 5xx HTTP status code that you want to customize.
- error
Caching numberMin Ttl Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code number HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page stringPath Path of the custom error page (for example,
/custom_404.html).
- error_
code int 4xx or 5xx HTTP status code that you want to customize.
- error_
caching_ intmin_ ttl Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response_
code int HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response_
page_ strpath Path of the custom error page (for example,
/custom_404.html).
- error
Code Number 4xx or 5xx HTTP status code that you want to customize.
- error
Caching NumberMin Ttl Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Number HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath Path of the custom error page (for example,
/custom_404.html).
DistributionDefaultCacheBehavior
- Allowed
Methods List<string> Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- Cache
Policy stringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- Compress bool
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- Default
Ttl int Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- Field
Level stringEncryption Id Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionDefault Cache Behavior Function Association> A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- Min
Ttl int Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id Identifier for a response headers policy.
- Smooth
Streaming bool Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers List<string> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- Allowed
Methods []string Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- Cache
Policy stringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- Compress bool
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- Default
Ttl int Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- Field
Level stringEncryption Id Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionDefault Cache Behavior Function Association A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function []DistributionAssociations Default Cache Behavior Lambda Function Association A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- Min
Ttl int Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id Identifier for a response headers policy.
- Smooth
Streaming bool Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers []string List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed
Methods List<String> Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache
Policy StringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress Boolean
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default
Ttl Integer Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field
Level StringEncryption Id Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionDefault Cache Behavior Function Association> A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min
Ttl Integer Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id Identifier for a response headers policy.
- smooth
Streaming Boolean Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<String> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed
Methods string[] Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin stringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache
Policy stringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress boolean
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default
Ttl number Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field
Level stringEncryption Id Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionDefault Cache Behavior Function Association[] A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function DistributionAssociations Default Cache Behavior Lambda Function Association[] A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min
Ttl number Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request stringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id Identifier for a response headers policy.
- smooth
Streaming boolean Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers string[] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed_
methods Sequence[str] Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target_
origin_ strid Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache_
policy_ strid Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress bool
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default_
ttl int Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field_
level_ strencryption_ id Field level encryption configuration ID.
- forwarded_
values DistributionDefault Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionDefault Cache Behavior Function Association] A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda_
function_ Sequence[Distributionassociations Default Cache Behavior Lambda Function Association] A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min_
ttl int Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin_
request_ strpolicy_ id Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id Identifier for a response headers policy.
- smooth_
streaming bool Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted_
signers Sequence[str] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed
Methods List<String> Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache
Policy StringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress Boolean
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default
Ttl Number Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field
Level StringEncryption Id Field level encryption configuration ID.
- forwarded
Values Property Map The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<Property Map>Associations A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min
Ttl Number Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id Identifier for a response headers policy.
- smooth
Streaming Boolean Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<String> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
DistributionDefaultCacheBehaviorForwardedValues
-
Distribution
Default Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- Query
String List<string>Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- Query
String []stringCache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query
String List<String>Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query
String string[]Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Default Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query_
string_ Sequence[str]cache_ keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
- Property Map
The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query
String List<String>Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
DistributionDefaultCacheBehaviorForwardedValuesCookies
- Forward string
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- Whitelisted
Names List<string> If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- Whitelisted
Names []string If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted
Names List<String> If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted
Names string[] If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted_
names Sequence[str] If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted
Names List<String> If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionDefaultCacheBehaviorFunctionAssociation
- Event
Type string Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- Function
Arn string ARN of the CloudFront function.
- Event
Type string Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- Function
Arn string ARN of the CloudFront function.
- event
Type String Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function
Arn String ARN of the CloudFront function.
- event
Type string Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function
Arn string ARN of the CloudFront function.
- event_
type str Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function_
arn str ARN of the CloudFront function.
- event
Type String Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function
Arn String ARN of the CloudFront function.
DistributionDefaultCacheBehaviorLambdaFunctionAssociation
- Event
Type string Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- Lambda
Arn string ARN of the Lambda function.
- Include
Body bool When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- Event
Type string Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- Lambda
Arn string ARN of the Lambda function.
- Include
Body bool When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda
Arn String ARN of the Lambda function.
- include
Body Boolean When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type string Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda
Arn string ARN of the Lambda function.
- include
Body boolean When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event_
type str Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda_
arn str ARN of the Lambda function.
- include_
body bool When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda
Arn String ARN of the Lambda function.
- include
Body Boolean When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
DistributionLoggingConfig
DistributionOrderedCacheBehavior
- Allowed
Methods List<string> Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to.- Target
Origin stringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- Cache
Policy stringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- Compress bool
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- Default
Ttl int Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- Field
Level stringEncryption Id Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionOrdered Cache Behavior Function Association> A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- Min
Ttl int Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id Identifier for a response headers policy.
- Smooth
Streaming bool Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers List<string> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- Allowed
Methods []string Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to.- Target
Origin stringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- Cache
Policy stringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- Compress bool
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- Default
Ttl int Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- Field
Level stringEncryption Id Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionOrdered Cache Behavior Function Association A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function []DistributionAssociations Ordered Cache Behavior Lambda Function Association A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- Min
Ttl int Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id Identifier for a response headers policy.
- Smooth
Streaming bool Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- Trusted
Signers []string List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed
Methods List<String> Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to.- target
Origin StringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache
Policy StringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress Boolean
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default
Ttl Integer Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field
Level StringEncryption Id Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionOrdered Cache Behavior Function Association> A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min
Ttl Integer Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id Identifier for a response headers policy.
- smooth
Streaming Boolean Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<String> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed
Methods string[] Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern string Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to.- target
Origin stringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache
Policy stringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress boolean
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default
Ttl number Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field
Level stringEncryption Id Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionOrdered Cache Behavior Function Association[] A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function DistributionAssociations Ordered Cache Behavior Lambda Function Association[] A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min
Ttl number Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request stringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id Identifier for a response headers policy.
- smooth
Streaming boolean Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers string[] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed_
methods Sequence[str] Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path_
pattern str Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to.- target_
origin_ strid Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache_
policy_ strid Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress bool
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default_
ttl int Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field_
level_ strencryption_ id Field level encryption configuration ID.
- forwarded_
values DistributionOrdered Cache Behavior Forwarded Values The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionOrdered Cache Behavior Function Association] A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda_
function_ Sequence[Distributionassociations Ordered Cache Behavior Lambda Function Association] A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min_
ttl int Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin_
request_ strpolicy_ id Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id Identifier for a response headers policy.
- smooth_
streaming bool Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted_
signers Sequence[str] List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
- allowed
Methods List<String> Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String Pattern (for example,
images/*.jpg) that specifies which requests you want this cache behavior to apply to.- target
Origin StringId Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all,https-only, orredirect-to-https.- cache
Policy StringId Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavioreithercache_policy_idorforwarded_valuesmust be set.- compress Boolean
Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzipin the request header (default:false).- default
Ttl Number Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-ageorExpiresheader.- field
Level StringEncryption Id Field level encryption configuration ID.
- forwarded
Values Property Map The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<Property Map>Associations A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age,Cache-Control s-maxage, andExpiresheaders.- min
Ttl Number Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id Identifier for a response headers policy.
- smooth
Streaming Boolean Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups List of key group IDs that CloudFront can use to validate signed URLs or signed cookies. See the CloudFront User Guide for more information about this feature.
- trusted
Signers List<String> List of AWS account IDs (or
self) that you want to allow to create signed URLs for private content. See the CloudFront User Guide for more information about this feature.
DistributionOrderedCacheBehaviorForwardedValues
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- Query
String List<string>Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- Query
String []stringCache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query
String List<String>Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query
String string[]Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
-
Distribution
Ordered Cache Behavior Forwarded Values Cookies The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query_
string_ Sequence[str]cache_ keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
- Property Map
The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*to include all headers.- query
String List<String>Cache Keys When specified, along with a value of
trueforquery_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrueforquery_string, all query string keys are cached.
DistributionOrderedCacheBehaviorForwardedValuesCookies
- Forward string
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- Whitelisted
Names List<string> If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- Whitelisted
Names []string If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted
Names List<String> If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted
Names string[] If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted_
names Sequence[str] If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all,noneorwhitelist. Ifwhitelist, you must include the subsequentwhitelisted_names.- whitelisted
Names List<String> If you have specified
whitelisttoforward, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionOrderedCacheBehaviorFunctionAssociation
- Event
Type string Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- Function
Arn string ARN of the CloudFront function.
- Event
Type string Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- Function
Arn string ARN of the CloudFront function.
- event
Type String Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function
Arn String ARN of the CloudFront function.
- event
Type string Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function
Arn string ARN of the CloudFront function.
- event_
type str Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function_
arn str ARN of the CloudFront function.
- event
Type String Specific event to trigger this function. Valid values:
viewer-requestorviewer-response.- function
Arn String ARN of the CloudFront function.
DistributionOrderedCacheBehaviorLambdaFunctionAssociation
- Event
Type string Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- Lambda
Arn string ARN of the Lambda function.
- Include
Body bool When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- Event
Type string Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- Lambda
Arn string ARN of the Lambda function.
- Include
Body bool When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda
Arn String ARN of the Lambda function.
- include
Body Boolean When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type string Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda
Arn string ARN of the Lambda function.
- include
Body boolean When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event_
type str Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda_
arn str ARN of the Lambda function.
- include_
body bool When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
- event
Type String Specific event to trigger this function. Valid values:
viewer-request,origin-request,viewer-response,origin-response.- lambda
Arn String ARN of the Lambda function.
- include
Body Boolean When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true,false.
DistributionOrigin
- Domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- Origin
Id string Unique identifier for the origin.
- Connection
Attempts int Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers List<DistributionOrigin Custom Header> One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed).- Custom
Origin DistributionConfig Origin Custom Origin Config The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead.- Origin
Access stringControl Id Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config The CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead.
- Domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- Origin
Id string Unique identifier for the origin.
- Connection
Attempts int Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers []DistributionOrigin Custom Header One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed).- Custom
Origin DistributionConfig Origin Custom Origin Config The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead.- Origin
Access stringControl Id Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config The CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead.
- domain
Name String DNS domain name of either the S3 bucket, or web site of your custom origin.
- origin
Id String Unique identifier for the origin.
- connection
Attempts Integer Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Integer Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<DistributionOrigin Custom Header> One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed).- custom
Origin DistributionConfig Origin Custom Origin Config The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead.- origin
Access StringControl Id Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config The CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead.
- domain
Name string DNS domain name of either the S3 bucket, or web site of your custom origin.
- origin
Id string Unique identifier for the origin.
- connection
Attempts number Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout number Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers DistributionOrigin Custom Header[] One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed).- custom
Origin DistributionConfig Origin Custom Origin Config The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead.- origin
Access stringControl Id Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path string Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config The CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead.
- domain_
name str DNS domain name of either the S3 bucket, or web site of your custom origin.
- origin_
id str Unique identifier for the origin.
- connection_
attempts int Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection_
timeout int Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom_
headers Sequence[DistributionOrigin Custom Header] One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed).- custom_
origin_ Distributionconfig Origin Custom Origin Config The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead.- origin_
access_ strcontrol_ id Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin_
path str Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin_
shield DistributionOrigin Origin Shield The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3_
origin_ Distributionconfig Origin S3Origin Config The CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead.
- domain
Name String DNS domain name of either the S3 bucket, or web site of your custom origin.
- origin
Id String Unique identifier for the origin.
- connection
Attempts Number Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Number Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<Property Map> One or more sub-resources with
nameandvalueparameters that specify header data that will be sent to the origin (multiples allowed).- custom
Origin Property MapConfig The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_idors3_origin_configinstead.- origin
Access StringControl Id Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield Property Map The CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config Property Map The CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_configinstead.
DistributionOriginCustomHeader
DistributionOriginCustomOriginConfig
- Http
Port int HTTP port the custom origin listens on.
- Https
Port int HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer.- Origin
Ssl List<string>Protocols SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of
SSLv3,TLSv1,TLSv1.1, andTLSv1.2.- Origin
Keepalive intTimeout The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.- Origin
Read intTimeout The Custom Read timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.
- Http
Port int HTTP port the custom origin listens on.
- Https
Port int HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer.- Origin
Ssl []stringProtocols SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of
SSLv3,TLSv1,TLSv1.1, andTLSv1.2.- Origin
Keepalive intTimeout The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.- Origin
Read intTimeout The Custom Read timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.
- http
Port Integer HTTP port the custom origin listens on.
- https
Port Integer HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer.- origin
Ssl List<String>Protocols SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of
SSLv3,TLSv1,TLSv1.1, andTLSv1.2.- origin
Keepalive IntegerTimeout The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.- origin
Read IntegerTimeout The Custom Read timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.
- http
Port number HTTP port the custom origin listens on.
- https
Port number HTTPS port the custom origin listens on.
- origin
Protocol stringPolicy Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer.- origin
Ssl string[]Protocols SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of
SSLv3,TLSv1,TLSv1.1, andTLSv1.2.- origin
Keepalive numberTimeout The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.- origin
Read numberTimeout The Custom Read timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.
- http_
port int HTTP port the custom origin listens on.
- https_
port int HTTPS port the custom origin listens on.
- origin_
protocol_ strpolicy Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer.- origin_
ssl_ Sequence[str]protocols SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of
SSLv3,TLSv1,TLSv1.1, andTLSv1.2.- origin_
keepalive_ inttimeout The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.- origin_
read_ inttimeout The Custom Read timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.
- http
Port Number HTTP port the custom origin listens on.
- https
Port Number HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy Origin protocol policy to apply to your origin. One of
http-only,https-only, ormatch-viewer.- origin
Ssl List<String>Protocols SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of
SSLv3,TLSv1,TLSv1.1, andTLSv1.2.- origin
Keepalive NumberTimeout The Custom KeepAlive timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.- origin
Read NumberTimeout The Custom Read timeout, in seconds. By default, AWS enforces a limit of
60. But you can request an increase.
DistributionOriginGroup
- Failover
Criteria DistributionOrigin Group Failover Criteria The failover criteria for when to failover to the secondary origin.
- Members
List<Distribution
Origin Group Member> Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string Unique identifier for the origin.
- Failover
Criteria DistributionOrigin Group Failover Criteria The failover criteria for when to failover to the secondary origin.
- Members
[]Distribution
Origin Group Member Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string Unique identifier for the origin.
- failover
Criteria DistributionOrigin Group Failover Criteria The failover criteria for when to failover to the secondary origin.
- members
List<Distribution
Origin Group Member> Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String Unique identifier for the origin.
- failover
Criteria DistributionOrigin Group Failover Criteria The failover criteria for when to failover to the secondary origin.
- members
Distribution
Origin Group Member[] Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id string Unique identifier for the origin.
- failover_
criteria DistributionOrigin Group Failover Criteria The failover criteria for when to failover to the secondary origin.
- members
Sequence[Distribution
Origin Group Member] Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin_
id str Unique identifier for the origin.
- failover
Criteria Property Map The failover criteria for when to failover to the secondary origin.
- members List<Property Map>
Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String Unique identifier for the origin.
DistributionOriginGroupFailoverCriteria
- Status
Codes List<int> List of HTTP status codes for the origin group.
- Status
Codes []int List of HTTP status codes for the origin group.
- status
Codes List<Integer> List of HTTP status codes for the origin group.
- status
Codes number[] List of HTTP status codes for the origin group.
- status_
codes Sequence[int] List of HTTP status codes for the origin group.
- status
Codes List<Number> List of HTTP status codes for the origin group.
DistributionOriginGroupMember
- Origin
Id string Unique identifier for the origin.
- Origin
Id string Unique identifier for the origin.
- origin
Id String Unique identifier for the origin.
- origin
Id string Unique identifier for the origin.
- origin_
id str Unique identifier for the origin.
- origin
Id String Unique identifier for the origin.
DistributionOriginOriginShield
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Origin
Shield stringRegion AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Origin
Shield stringRegion AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- origin
Shield StringRegion AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
- enabled boolean
Whether the distribution is enabled to accept end user requests for content.
- origin
Shield stringRegion AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
- enabled bool
Whether the distribution is enabled to accept end user requests for content.
- origin_
shield_ strregion AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- origin
Shield StringRegion AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
DistributionOriginS3OriginConfig
- Origin
Access stringIdentity The CloudFront origin access identity to associate with the origin.
- Origin
Access stringIdentity The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity The CloudFront origin access identity to associate with the origin.
- origin
Access stringIdentity The CloudFront origin access identity to associate with the origin.
- origin_
access_ stridentity The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity The CloudFront origin access identity to associate with the origin.
DistributionRestrictions
DistributionRestrictionsGeoRestriction
- Restriction
Type string Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist.- Locations List<string>
[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- Restriction
Type string Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist.- Locations []string
[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type String Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist.- locations List<String>
[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type string Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist.- locations string[]
[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction_
type str Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist.- locations Sequence[str]
[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
- restriction
Type String Method that you want to use to restrict distribution of your content by country:
none,whitelist, orblacklist.- locations List<String>
[ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist) or not distribute your content (blacklist). If the type is specified asnonean empty array can be used.
DistributionTrustedKeyGroup
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Items
List<Distribution
Trusted Key Group Item> List of nested attributes for each trusted signer
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Items
[]Distribution
Trusted Key Group Item List of nested attributes for each trusted signer
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- items
List<Distribution
Trusted Key Group Item> List of nested attributes for each trusted signer
- enabled boolean
Whether the distribution is enabled to accept end user requests for content.
- items
Distribution
Trusted Key Group Item[] List of nested attributes for each trusted signer
- enabled bool
Whether the distribution is enabled to accept end user requests for content.
- items
Sequence[Distribution
Trusted Key Group Item] List of nested attributes for each trusted signer
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- items List<Property Map>
List of nested attributes for each trusted signer
DistributionTrustedKeyGroupItem
- Key
Group stringId ID of the key group that contains the public keys.
- Key
Pair List<string>Ids Set of active CloudFront key pairs associated with the signer account
- Key
Group stringId ID of the key group that contains the public keys.
- Key
Pair []stringIds Set of active CloudFront key pairs associated with the signer account
- key
Group StringId ID of the key group that contains the public keys.
- key
Pair List<String>Ids Set of active CloudFront key pairs associated with the signer account
- key
Group stringId ID of the key group that contains the public keys.
- key
Pair string[]Ids Set of active CloudFront key pairs associated with the signer account
- key_
group_ strid ID of the key group that contains the public keys.
- key_
pair_ Sequence[str]ids Set of active CloudFront key pairs associated with the signer account
- key
Group StringId ID of the key group that contains the public keys.
- key
Pair List<String>Ids Set of active CloudFront key pairs associated with the signer account
DistributionTrustedSigner
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Items
List<Distribution
Trusted Signer Item> List of nested attributes for each trusted signer
- Enabled bool
Whether the distribution is enabled to accept end user requests for content.
- Items
[]Distribution
Trusted Signer Item List of nested attributes for each trusted signer
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- items
List<Distribution
Trusted Signer Item> List of nested attributes for each trusted signer
- enabled boolean
Whether the distribution is enabled to accept end user requests for content.
- items
Distribution
Trusted Signer Item[] List of nested attributes for each trusted signer
- enabled bool
Whether the distribution is enabled to accept end user requests for content.
- items
Sequence[Distribution
Trusted Signer Item] List of nested attributes for each trusted signer
- enabled Boolean
Whether the distribution is enabled to accept end user requests for content.
- items List<Property Map>
List of nested attributes for each trusted signer
DistributionTrustedSignerItem
- Aws
Account stringNumber AWS account ID or
self- Key
Pair List<string>Ids Set of active CloudFront key pairs associated with the signer account
- Aws
Account stringNumber AWS account ID or
self- Key
Pair []stringIds Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber AWS account ID or
self- key
Pair List<String>Ids Set of active CloudFront key pairs associated with the signer account
- aws
Account stringNumber AWS account ID or
self- key
Pair string[]Ids Set of active CloudFront key pairs associated with the signer account
- aws_
account_ strnumber AWS account ID or
self- key_
pair_ Sequence[str]ids Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber AWS account ID or
self- key
Pair List<String>Ids Set of active CloudFront key pairs associated with the signer account
DistributionViewerCertificate
- Acm
Certificate stringArn ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1.- Cloudfront
Default boolCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- Iam
Certificate stringId IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate.- Minimum
Protocol stringVersion Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified.- Ssl
Support stringMethod How you want CloudFront to serve HTTPS requests. One of
viporsni-only. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- Acm
Certificate stringArn ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1.- Cloudfront
Default boolCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- Iam
Certificate stringId IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate.- Minimum
Protocol stringVersion Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified.- Ssl
Support stringMethod How you want CloudFront to serve HTTPS requests. One of
viporsni-only. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1.- cloudfront
Default BooleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate StringId IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate.- minimum
Protocol StringVersion Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified.- ssl
Support StringMethod How you want CloudFront to serve HTTPS requests. One of
viporsni-only. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate stringArn ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1.- cloudfront
Default booleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate stringId IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate.- minimum
Protocol stringVersion Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified.- ssl
Support stringMethod How you want CloudFront to serve HTTPS requests. One of
viporsni-only. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm_
certificate_ strarn ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1.- cloudfront_
default_ boolcertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam_
certificate_ strid IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate.- minimum_
protocol_ strversion Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified.- ssl_
support_ strmethod How you want CloudFront to serve HTTPS requests. One of
viporsni-only. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate, oriam_certificate_id. The ACM certificate must be in US-EAST-1.- cloudfront
Default BooleanCertificate trueif you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn, oriam_certificate_id.- iam
Certificate StringId IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn, orcloudfront_default_certificate.- minimum
Protocol StringVersion Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019andTLSv1.2_2021. Default:TLSv1. NOTE: If you are using a custom certificate (specified withacm_certificate_arnoriam_certificate_id), and have specifiedsni-onlyinssl_support_method,TLSv1or later must be specified. If you have specifiedvipinssl_support_method, onlySSLv3orTLSv1can be specified. If you have specifiedcloudfront_default_certificate,TLSv1must be specified.- ssl
Support StringMethod How you want CloudFront to serve HTTPS requests. One of
viporsni-only. Required if you specifyacm_certificate_arnoriam_certificate_id. NOTE:vipcauses CloudFront to use a dedicated IP address and may incur extra charges.
Import
CloudFront Distributions can be imported using the id, e.g.,
$ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
This Pulumi package is based on the
awsTerraform Provider.