1. Packages
  2. AWS
  3. API Docs
  4. cloudfront
  5. Distribution
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

aws.cloudfront.Distribution

Explore with Pulumi AI

aws logo
AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi

    Creates an Amazon CloudFront web distribution.

    For information about CloudFront distributions, see the Amazon CloudFront Developer Guide. For specific information about creating CloudFront web distributions, see the POST Distribution page in the Amazon CloudFront API Reference.

    NOTE: CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the retain_on_delete flag.

    Example Usage

    S3 Origin

    The example below creates a CloudFront distribution with an S3 origin.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const b = new aws.s3.BucketV2("b", {
        bucket: "mybucket",
        tags: {
            Name: "My bucket",
        },
    });
    const bAcl = new aws.s3.BucketAclV2("b_acl", {
        bucket: b.id,
        acl: "private",
    });
    const s3OriginId = "myS3Origin";
    const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
        origins: [{
            domainName: b.bucketRegionalDomainName,
            originAccessControlId: _default.id,
            originId: s3OriginId,
        }],
        enabled: true,
        isIpv6Enabled: true,
        comment: "Some comment",
        defaultRootObject: "index.html",
        loggingConfig: {
            includeCookies: false,
            bucket: "mylogs.s3.amazonaws.com",
            prefix: "myprefix",
        },
        aliases: [
            "mysite.example.com",
            "yoursite.example.com",
        ],
        defaultCacheBehavior: {
            allowedMethods: [
                "DELETE",
                "GET",
                "HEAD",
                "OPTIONS",
                "PATCH",
                "POST",
                "PUT",
            ],
            cachedMethods: [
                "GET",
                "HEAD",
            ],
            targetOriginId: s3OriginId,
            forwardedValues: {
                queryString: false,
                cookies: {
                    forward: "none",
                },
            },
            viewerProtocolPolicy: "allow-all",
            minTtl: 0,
            defaultTtl: 3600,
            maxTtl: 86400,
        },
        orderedCacheBehaviors: [
            {
                pathPattern: "/content/immutable/*",
                allowedMethods: [
                    "GET",
                    "HEAD",
                    "OPTIONS",
                ],
                cachedMethods: [
                    "GET",
                    "HEAD",
                    "OPTIONS",
                ],
                targetOriginId: s3OriginId,
                forwardedValues: {
                    queryString: false,
                    headers: ["Origin"],
                    cookies: {
                        forward: "none",
                    },
                },
                minTtl: 0,
                defaultTtl: 86400,
                maxTtl: 31536000,
                compress: true,
                viewerProtocolPolicy: "redirect-to-https",
            },
            {
                pathPattern: "/content/*",
                allowedMethods: [
                    "GET",
                    "HEAD",
                    "OPTIONS",
                ],
                cachedMethods: [
                    "GET",
                    "HEAD",
                ],
                targetOriginId: s3OriginId,
                forwardedValues: {
                    queryString: false,
                    cookies: {
                        forward: "none",
                    },
                },
                minTtl: 0,
                defaultTtl: 3600,
                maxTtl: 86400,
                compress: true,
                viewerProtocolPolicy: "redirect-to-https",
            },
        ],
        priceClass: "PriceClass_200",
        restrictions: {
            geoRestriction: {
                restrictionType: "whitelist",
                locations: [
                    "US",
                    "CA",
                    "GB",
                    "DE",
                ],
            },
        },
        tags: {
            Environment: "production",
        },
        viewerCertificate: {
            cloudfrontDefaultCertificate: true,
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    b = aws.s3.BucketV2("b",
        bucket="mybucket",
        tags={
            "Name": "My bucket",
        })
    b_acl = aws.s3.BucketAclV2("b_acl",
        bucket=b.id,
        acl="private")
    s3_origin_id = "myS3Origin"
    s3_distribution = aws.cloudfront.Distribution("s3_distribution",
        origins=[{
            "domain_name": b.bucket_regional_domain_name,
            "origin_access_control_id": default["id"],
            "origin_id": s3_origin_id,
        }],
        enabled=True,
        is_ipv6_enabled=True,
        comment="Some comment",
        default_root_object="index.html",
        logging_config={
            "include_cookies": False,
            "bucket": "mylogs.s3.amazonaws.com",
            "prefix": "myprefix",
        },
        aliases=[
            "mysite.example.com",
            "yoursite.example.com",
        ],
        default_cache_behavior={
            "allowed_methods": [
                "DELETE",
                "GET",
                "HEAD",
                "OPTIONS",
                "PATCH",
                "POST",
                "PUT",
            ],
            "cached_methods": [
                "GET",
                "HEAD",
            ],
            "target_origin_id": s3_origin_id,
            "forwarded_values": {
                "query_string": False,
                "cookies": {
                    "forward": "none",
                },
            },
            "viewer_protocol_policy": "allow-all",
            "min_ttl": 0,
            "default_ttl": 3600,
            "max_ttl": 86400,
        },
        ordered_cache_behaviors=[
            {
                "path_pattern": "/content/immutable/*",
                "allowed_methods": [
                    "GET",
                    "HEAD",
                    "OPTIONS",
                ],
                "cached_methods": [
                    "GET",
                    "HEAD",
                    "OPTIONS",
                ],
                "target_origin_id": s3_origin_id,
                "forwarded_values": {
                    "query_string": False,
                    "headers": ["Origin"],
                    "cookies": {
                        "forward": "none",
                    },
                },
                "min_ttl": 0,
                "default_ttl": 86400,
                "max_ttl": 31536000,
                "compress": True,
                "viewer_protocol_policy": "redirect-to-https",
            },
            {
                "path_pattern": "/content/*",
                "allowed_methods": [
                    "GET",
                    "HEAD",
                    "OPTIONS",
                ],
                "cached_methods": [
                    "GET",
                    "HEAD",
                ],
                "target_origin_id": s3_origin_id,
                "forwarded_values": {
                    "query_string": False,
                    "cookies": {
                        "forward": "none",
                    },
                },
                "min_ttl": 0,
                "default_ttl": 3600,
                "max_ttl": 86400,
                "compress": True,
                "viewer_protocol_policy": "redirect-to-https",
            },
        ],
        price_class="PriceClass_200",
        restrictions={
            "geo_restriction": {
                "restriction_type": "whitelist",
                "locations": [
                    "US",
                    "CA",
                    "GB",
                    "DE",
                ],
            },
        },
        tags={
            "Environment": "production",
        },
        viewer_certificate={
            "cloudfront_default_certificate": True,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		b, err := s3.NewBucketV2(ctx, "b", &s3.BucketV2Args{
    			Bucket: pulumi.String("mybucket"),
    			Tags: pulumi.StringMap{
    				"Name": pulumi.String("My bucket"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		_, err = s3.NewBucketAclV2(ctx, "b_acl", &s3.BucketAclV2Args{
    			Bucket: b.ID(),
    			Acl:    pulumi.String("private"),
    		})
    		if err != nil {
    			return err
    		}
    		s3OriginId := "myS3Origin"
    		_, err = cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
    			Origins: cloudfront.DistributionOriginArray{
    				&cloudfront.DistributionOriginArgs{
    					DomainName:            b.BucketRegionalDomainName,
    					OriginAccessControlId: pulumi.Any(_default.Id),
    					OriginId:              pulumi.String(s3OriginId),
    				},
    			},
    			Enabled:           pulumi.Bool(true),
    			IsIpv6Enabled:     pulumi.Bool(true),
    			Comment:           pulumi.String("Some comment"),
    			DefaultRootObject: pulumi.String("index.html"),
    			LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
    				IncludeCookies: pulumi.Bool(false),
    				Bucket:         pulumi.String("mylogs.s3.amazonaws.com"),
    				Prefix:         pulumi.String("myprefix"),
    			},
    			Aliases: pulumi.StringArray{
    				pulumi.String("mysite.example.com"),
    				pulumi.String("yoursite.example.com"),
    			},
    			DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
    				AllowedMethods: pulumi.StringArray{
    					pulumi.String("DELETE"),
    					pulumi.String("GET"),
    					pulumi.String("HEAD"),
    					pulumi.String("OPTIONS"),
    					pulumi.String("PATCH"),
    					pulumi.String("POST"),
    					pulumi.String("PUT"),
    				},
    				CachedMethods: pulumi.StringArray{
    					pulumi.String("GET"),
    					pulumi.String("HEAD"),
    				},
    				TargetOriginId: pulumi.String(s3OriginId),
    				ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
    					QueryString: pulumi.Bool(false),
    					Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
    						Forward: pulumi.String("none"),
    					},
    				},
    				ViewerProtocolPolicy: pulumi.String("allow-all"),
    				MinTtl:               pulumi.Int(0),
    				DefaultTtl:           pulumi.Int(3600),
    				MaxTtl:               pulumi.Int(86400),
    			},
    			OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
    				&cloudfront.DistributionOrderedCacheBehaviorArgs{
    					PathPattern: pulumi.String("/content/immutable/*"),
    					AllowedMethods: pulumi.StringArray{
    						pulumi.String("GET"),
    						pulumi.String("HEAD"),
    						pulumi.String("OPTIONS"),
    					},
    					CachedMethods: pulumi.StringArray{
    						pulumi.String("GET"),
    						pulumi.String("HEAD"),
    						pulumi.String("OPTIONS"),
    					},
    					TargetOriginId: pulumi.String(s3OriginId),
    					ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
    						QueryString: pulumi.Bool(false),
    						Headers: pulumi.StringArray{
    							pulumi.String("Origin"),
    						},
    						Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
    							Forward: pulumi.String("none"),
    						},
    					},
    					MinTtl:               pulumi.Int(0),
    					DefaultTtl:           pulumi.Int(86400),
    					MaxTtl:               pulumi.Int(31536000),
    					Compress:             pulumi.Bool(true),
    					ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
    				},
    				&cloudfront.DistributionOrderedCacheBehaviorArgs{
    					PathPattern: pulumi.String("/content/*"),
    					AllowedMethods: pulumi.StringArray{
    						pulumi.String("GET"),
    						pulumi.String("HEAD"),
    						pulumi.String("OPTIONS"),
    					},
    					CachedMethods: pulumi.StringArray{
    						pulumi.String("GET"),
    						pulumi.String("HEAD"),
    					},
    					TargetOriginId: pulumi.String(s3OriginId),
    					ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
    						QueryString: pulumi.Bool(false),
    						Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
    							Forward: pulumi.String("none"),
    						},
    					},
    					MinTtl:               pulumi.Int(0),
    					DefaultTtl:           pulumi.Int(3600),
    					MaxTtl:               pulumi.Int(86400),
    					Compress:             pulumi.Bool(true),
    					ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
    				},
    			},
    			PriceClass: pulumi.String("PriceClass_200"),
    			Restrictions: &cloudfront.DistributionRestrictionsArgs{
    				GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
    					RestrictionType: pulumi.String("whitelist"),
    					Locations: pulumi.StringArray{
    						pulumi.String("US"),
    						pulumi.String("CA"),
    						pulumi.String("GB"),
    						pulumi.String("DE"),
    					},
    				},
    			},
    			Tags: pulumi.StringMap{
    				"Environment": pulumi.String("production"),
    			},
    			ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
    				CloudfrontDefaultCertificate: pulumi.Bool(true),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var b = new Aws.S3.BucketV2("b", new()
        {
            Bucket = "mybucket",
            Tags = 
            {
                { "Name", "My bucket" },
            },
        });
    
        var bAcl = new Aws.S3.BucketAclV2("b_acl", new()
        {
            Bucket = b.Id,
            Acl = "private",
        });
    
        var s3OriginId = "myS3Origin";
    
        var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
        {
            Origins = new[]
            {
                new Aws.CloudFront.Inputs.DistributionOriginArgs
                {
                    DomainName = b.BucketRegionalDomainName,
                    OriginAccessControlId = @default.Id,
                    OriginId = s3OriginId,
                },
            },
            Enabled = true,
            IsIpv6Enabled = true,
            Comment = "Some comment",
            DefaultRootObject = "index.html",
            LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
            {
                IncludeCookies = false,
                Bucket = "mylogs.s3.amazonaws.com",
                Prefix = "myprefix",
            },
            Aliases = new[]
            {
                "mysite.example.com",
                "yoursite.example.com",
            },
            DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
            {
                AllowedMethods = new[]
                {
                    "DELETE",
                    "GET",
                    "HEAD",
                    "OPTIONS",
                    "PATCH",
                    "POST",
                    "PUT",
                },
                CachedMethods = new[]
                {
                    "GET",
                    "HEAD",
                },
                TargetOriginId = s3OriginId,
                ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
                {
                    QueryString = false,
                    Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
                    {
                        Forward = "none",
                    },
                },
                ViewerProtocolPolicy = "allow-all",
                MinTtl = 0,
                DefaultTtl = 3600,
                MaxTtl = 86400,
            },
            OrderedCacheBehaviors = new[]
            {
                new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
                {
                    PathPattern = "/content/immutable/*",
                    AllowedMethods = new[]
                    {
                        "GET",
                        "HEAD",
                        "OPTIONS",
                    },
                    CachedMethods = new[]
                    {
                        "GET",
                        "HEAD",
                        "OPTIONS",
                    },
                    TargetOriginId = s3OriginId,
                    ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
                    {
                        QueryString = false,
                        Headers = new[]
                        {
                            "Origin",
                        },
                        Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
                        {
                            Forward = "none",
                        },
                    },
                    MinTtl = 0,
                    DefaultTtl = 86400,
                    MaxTtl = 31536000,
                    Compress = true,
                    ViewerProtocolPolicy = "redirect-to-https",
                },
                new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
                {
                    PathPattern = "/content/*",
                    AllowedMethods = new[]
                    {
                        "GET",
                        "HEAD",
                        "OPTIONS",
                    },
                    CachedMethods = new[]
                    {
                        "GET",
                        "HEAD",
                    },
                    TargetOriginId = s3OriginId,
                    ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
                    {
                        QueryString = false,
                        Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
                        {
                            Forward = "none",
                        },
                    },
                    MinTtl = 0,
                    DefaultTtl = 3600,
                    MaxTtl = 86400,
                    Compress = true,
                    ViewerProtocolPolicy = "redirect-to-https",
                },
            },
            PriceClass = "PriceClass_200",
            Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
            {
                GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
                {
                    RestrictionType = "whitelist",
                    Locations = new[]
                    {
                        "US",
                        "CA",
                        "GB",
                        "DE",
                    },
                },
            },
            Tags = 
            {
                { "Environment", "production" },
            },
            ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
            {
                CloudfrontDefaultCertificate = true,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.s3.BucketV2;
    import com.pulumi.aws.s3.BucketV2Args;
    import com.pulumi.aws.s3.BucketAclV2;
    import com.pulumi.aws.s3.BucketAclV2Args;
    import com.pulumi.aws.cloudfront.Distribution;
    import com.pulumi.aws.cloudfront.DistributionArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionLoggingConfigArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var b = new BucketV2("b", BucketV2Args.builder()
                .bucket("mybucket")
                .tags(Map.of("Name", "My bucket"))
                .build());
    
            var bAcl = new BucketAclV2("bAcl", BucketAclV2Args.builder()
                .bucket(b.id())
                .acl("private")
                .build());
    
            final var s3OriginId = "myS3Origin";
    
            var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
                .origins(DistributionOriginArgs.builder()
                    .domainName(b.bucketRegionalDomainName())
                    .originAccessControlId(default_.id())
                    .originId(s3OriginId)
                    .build())
                .enabled(true)
                .isIpv6Enabled(true)
                .comment("Some comment")
                .defaultRootObject("index.html")
                .loggingConfig(DistributionLoggingConfigArgs.builder()
                    .includeCookies(false)
                    .bucket("mylogs.s3.amazonaws.com")
                    .prefix("myprefix")
                    .build())
                .aliases(            
                    "mysite.example.com",
                    "yoursite.example.com")
                .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
                    .allowedMethods(                
                        "DELETE",
                        "GET",
                        "HEAD",
                        "OPTIONS",
                        "PATCH",
                        "POST",
                        "PUT")
                    .cachedMethods(                
                        "GET",
                        "HEAD")
                    .targetOriginId(s3OriginId)
                    .forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
                        .queryString(false)
                        .cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
                            .forward("none")
                            .build())
                        .build())
                    .viewerProtocolPolicy("allow-all")
                    .minTtl(0)
                    .defaultTtl(3600)
                    .maxTtl(86400)
                    .build())
                .orderedCacheBehaviors(            
                    DistributionOrderedCacheBehaviorArgs.builder()
                        .pathPattern("/content/immutable/*")
                        .allowedMethods(                    
                            "GET",
                            "HEAD",
                            "OPTIONS")
                        .cachedMethods(                    
                            "GET",
                            "HEAD",
                            "OPTIONS")
                        .targetOriginId(s3OriginId)
                        .forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
                            .queryString(false)
                            .headers("Origin")
                            .cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
                                .forward("none")
                                .build())
                            .build())
                        .minTtl(0)
                        .defaultTtl(86400)
                        .maxTtl(31536000)
                        .compress(true)
                        .viewerProtocolPolicy("redirect-to-https")
                        .build(),
                    DistributionOrderedCacheBehaviorArgs.builder()
                        .pathPattern("/content/*")
                        .allowedMethods(                    
                            "GET",
                            "HEAD",
                            "OPTIONS")
                        .cachedMethods(                    
                            "GET",
                            "HEAD")
                        .targetOriginId(s3OriginId)
                        .forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
                            .queryString(false)
                            .cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
                                .forward("none")
                                .build())
                            .build())
                        .minTtl(0)
                        .defaultTtl(3600)
                        .maxTtl(86400)
                        .compress(true)
                        .viewerProtocolPolicy("redirect-to-https")
                        .build())
                .priceClass("PriceClass_200")
                .restrictions(DistributionRestrictionsArgs.builder()
                    .geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
                        .restrictionType("whitelist")
                        .locations(                    
                            "US",
                            "CA",
                            "GB",
                            "DE")
                        .build())
                    .build())
                .tags(Map.of("Environment", "production"))
                .viewerCertificate(DistributionViewerCertificateArgs.builder()
                    .cloudfrontDefaultCertificate(true)
                    .build())
                .build());
    
        }
    }
    
    resources:
      b:
        type: aws:s3:BucketV2
        properties:
          bucket: mybucket
          tags:
            Name: My bucket
      bAcl:
        type: aws:s3:BucketAclV2
        name: b_acl
        properties:
          bucket: ${b.id}
          acl: private
      s3Distribution:
        type: aws:cloudfront:Distribution
        name: s3_distribution
        properties:
          origins:
            - domainName: ${b.bucketRegionalDomainName}
              originAccessControlId: ${default.id}
              originId: ${s3OriginId}
          enabled: true
          isIpv6Enabled: true
          comment: Some comment
          defaultRootObject: index.html
          loggingConfig:
            includeCookies: false
            bucket: mylogs.s3.amazonaws.com
            prefix: myprefix
          aliases:
            - mysite.example.com
            - yoursite.example.com
          defaultCacheBehavior:
            allowedMethods:
              - DELETE
              - GET
              - HEAD
              - OPTIONS
              - PATCH
              - POST
              - PUT
            cachedMethods:
              - GET
              - HEAD
            targetOriginId: ${s3OriginId}
            forwardedValues:
              queryString: false
              cookies:
                forward: none
            viewerProtocolPolicy: allow-all
            minTtl: 0
            defaultTtl: 3600
            maxTtl: 86400
          orderedCacheBehaviors:
            - pathPattern: /content/immutable/*
              allowedMethods:
                - GET
                - HEAD
                - OPTIONS
              cachedMethods:
                - GET
                - HEAD
                - OPTIONS
              targetOriginId: ${s3OriginId}
              forwardedValues:
                queryString: false
                headers:
                  - Origin
                cookies:
                  forward: none
              minTtl: 0
              defaultTtl: 86400
              maxTtl: 3.1536e+07
              compress: true
              viewerProtocolPolicy: redirect-to-https
            - pathPattern: /content/*
              allowedMethods:
                - GET
                - HEAD
                - OPTIONS
              cachedMethods:
                - GET
                - HEAD
              targetOriginId: ${s3OriginId}
              forwardedValues:
                queryString: false
                cookies:
                  forward: none
              minTtl: 0
              defaultTtl: 3600
              maxTtl: 86400
              compress: true
              viewerProtocolPolicy: redirect-to-https
          priceClass: PriceClass_200
          restrictions:
            geoRestriction:
              restrictionType: whitelist
              locations:
                - US
                - CA
                - GB
                - DE
          tags:
            Environment: production
          viewerCertificate:
            cloudfrontDefaultCertificate: true
    variables:
      s3OriginId: myS3Origin
    

    With Failover Routing

    The example below creates a CloudFront distribution with an origin group for failover routing.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
        originGroups: [{
            originId: "groupS3",
            failoverCriteria: {
                statusCodes: [
                    403,
                    404,
                    500,
                    502,
                ],
            },
            members: [
                {
                    originId: "primaryS3",
                },
                {
                    originId: "failoverS3",
                },
            ],
        }],
        origins: [
            {
                domainName: primary.bucketRegionalDomainName,
                originId: "primaryS3",
                s3OriginConfig: {
                    originAccessIdentity: _default.cloudfrontAccessIdentityPath,
                },
            },
            {
                domainName: failover.bucketRegionalDomainName,
                originId: "failoverS3",
                s3OriginConfig: {
                    originAccessIdentity: _default.cloudfrontAccessIdentityPath,
                },
            },
        ],
        defaultCacheBehavior: {
            targetOriginId: "groupS3",
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    s3_distribution = aws.cloudfront.Distribution("s3_distribution",
        origin_groups=[{
            "origin_id": "groupS3",
            "failover_criteria": {
                "status_codes": [
                    403,
                    404,
                    500,
                    502,
                ],
            },
            "members": [
                {
                    "origin_id": "primaryS3",
                },
                {
                    "origin_id": "failoverS3",
                },
            ],
        }],
        origins=[
            {
                "domain_name": primary["bucketRegionalDomainName"],
                "origin_id": "primaryS3",
                "s3_origin_config": {
                    "origin_access_identity": default["cloudfrontAccessIdentityPath"],
                },
            },
            {
                "domain_name": failover["bucketRegionalDomainName"],
                "origin_id": "failoverS3",
                "s3_origin_config": {
                    "origin_access_identity": default["cloudfrontAccessIdentityPath"],
                },
            },
        ],
        default_cache_behavior={
            "target_origin_id": "groupS3",
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
    			OriginGroups: cloudfront.DistributionOriginGroupArray{
    				&cloudfront.DistributionOriginGroupArgs{
    					OriginId: pulumi.String("groupS3"),
    					FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
    						StatusCodes: pulumi.IntArray{
    							pulumi.Int(403),
    							pulumi.Int(404),
    							pulumi.Int(500),
    							pulumi.Int(502),
    						},
    					},
    					Members: cloudfront.DistributionOriginGroupMemberArray{
    						&cloudfront.DistributionOriginGroupMemberArgs{
    							OriginId: pulumi.String("primaryS3"),
    						},
    						&cloudfront.DistributionOriginGroupMemberArgs{
    							OriginId: pulumi.String("failoverS3"),
    						},
    					},
    				},
    			},
    			Origins: cloudfront.DistributionOriginArray{
    				&cloudfront.DistributionOriginArgs{
    					DomainName: pulumi.Any(primary.BucketRegionalDomainName),
    					OriginId:   pulumi.String("primaryS3"),
    					S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
    						OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
    					},
    				},
    				&cloudfront.DistributionOriginArgs{
    					DomainName: pulumi.Any(failover.BucketRegionalDomainName),
    					OriginId:   pulumi.String("failoverS3"),
    					S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
    						OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
    					},
    				},
    			},
    			DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
    				TargetOriginId: pulumi.String("groupS3"),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
        {
            OriginGroups = new[]
            {
                new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
                {
                    OriginId = "groupS3",
                    FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
                    {
                        StatusCodes = new[]
                        {
                            403,
                            404,
                            500,
                            502,
                        },
                    },
                    Members = new[]
                    {
                        new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
                        {
                            OriginId = "primaryS3",
                        },
                        new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
                        {
                            OriginId = "failoverS3",
                        },
                    },
                },
            },
            Origins = new[]
            {
                new Aws.CloudFront.Inputs.DistributionOriginArgs
                {
                    DomainName = primary.BucketRegionalDomainName,
                    OriginId = "primaryS3",
                    S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
                    {
                        OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
                    },
                },
                new Aws.CloudFront.Inputs.DistributionOriginArgs
                {
                    DomainName = failover.BucketRegionalDomainName,
                    OriginId = "failoverS3",
                    S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
                    {
                        OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
                    },
                },
            },
            DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
            {
                TargetOriginId = "groupS3",
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.Distribution;
    import com.pulumi.aws.cloudfront.DistributionArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupFailoverCriteriaArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
                .originGroups(DistributionOriginGroupArgs.builder()
                    .originId("groupS3")
                    .failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
                        .statusCodes(                    
                            403,
                            404,
                            500,
                            502)
                        .build())
                    .members(                
                        DistributionOriginGroupMemberArgs.builder()
                            .originId("primaryS3")
                            .build(),
                        DistributionOriginGroupMemberArgs.builder()
                            .originId("failoverS3")
                            .build())
                    .build())
                .origins(            
                    DistributionOriginArgs.builder()
                        .domainName(primary.bucketRegionalDomainName())
                        .originId("primaryS3")
                        .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
                            .originAccessIdentity(default_.cloudfrontAccessIdentityPath())
                            .build())
                        .build(),
                    DistributionOriginArgs.builder()
                        .domainName(failover.bucketRegionalDomainName())
                        .originId("failoverS3")
                        .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
                            .originAccessIdentity(default_.cloudfrontAccessIdentityPath())
                            .build())
                        .build())
                .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
                    .targetOriginId("groupS3")
                    .build())
                .build());
    
        }
    }
    
    resources:
      s3Distribution:
        type: aws:cloudfront:Distribution
        name: s3_distribution
        properties:
          originGroups:
            - originId: groupS3
              failoverCriteria:
                statusCodes:
                  - 403
                  - 404
                  - 500
                  - 502
              members:
                - originId: primaryS3
                - originId: failoverS3
          origins:
            - domainName: ${primary.bucketRegionalDomainName}
              originId: primaryS3
              s3OriginConfig:
                originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
            - domainName: ${failover.bucketRegionalDomainName}
              originId: failoverS3
              s3OriginConfig:
                originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
          defaultCacheBehavior:
            targetOriginId: groupS3
    

    With Managed Caching Policy

    The example below creates a CloudFront distribution with an AWS managed caching policy.

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const s3OriginId = "myS3Origin";
    const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
        origins: [{
            domainName: primary.bucketRegionalDomainName,
            originId: "myS3Origin",
            s3OriginConfig: {
                originAccessIdentity: _default.cloudfrontAccessIdentityPath,
            },
        }],
        enabled: true,
        isIpv6Enabled: true,
        comment: "Some comment",
        defaultRootObject: "index.html",
        defaultCacheBehavior: {
            cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
            allowedMethods: [
                "GET",
                "HEAD",
                "OPTIONS",
            ],
            targetOriginId: s3OriginId,
        },
        restrictions: {
            geoRestriction: {
                restrictionType: "whitelist",
                locations: [
                    "US",
                    "CA",
                    "GB",
                    "DE",
                ],
            },
        },
        viewerCertificate: {
            cloudfrontDefaultCertificate: true,
        },
    });
    
    import pulumi
    import pulumi_aws as aws
    
    s3_origin_id = "myS3Origin"
    s3_distribution = aws.cloudfront.Distribution("s3_distribution",
        origins=[{
            "domain_name": primary["bucketRegionalDomainName"],
            "origin_id": "myS3Origin",
            "s3_origin_config": {
                "origin_access_identity": default["cloudfrontAccessIdentityPath"],
            },
        }],
        enabled=True,
        is_ipv6_enabled=True,
        comment="Some comment",
        default_root_object="index.html",
        default_cache_behavior={
            "cache_policy_id": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
            "allowed_methods": [
                "GET",
                "HEAD",
                "OPTIONS",
            ],
            "target_origin_id": s3_origin_id,
        },
        restrictions={
            "geo_restriction": {
                "restriction_type": "whitelist",
                "locations": [
                    "US",
                    "CA",
                    "GB",
                    "DE",
                ],
            },
        },
        viewer_certificate={
            "cloudfront_default_certificate": True,
        })
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		s3OriginId := "myS3Origin"
    		_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
    			Origins: cloudfront.DistributionOriginArray{
    				&cloudfront.DistributionOriginArgs{
    					DomainName: pulumi.Any(primary.BucketRegionalDomainName),
    					OriginId:   pulumi.String("myS3Origin"),
    					S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
    						OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
    					},
    				},
    			},
    			Enabled:           pulumi.Bool(true),
    			IsIpv6Enabled:     pulumi.Bool(true),
    			Comment:           pulumi.String("Some comment"),
    			DefaultRootObject: pulumi.String("index.html"),
    			DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
    				CachePolicyId: pulumi.String("4135ea2d-6df8-44a3-9df3-4b5a84be39ad"),
    				AllowedMethods: pulumi.StringArray{
    					pulumi.String("GET"),
    					pulumi.String("HEAD"),
    					pulumi.String("OPTIONS"),
    				},
    				TargetOriginId: pulumi.String(s3OriginId),
    			},
    			Restrictions: &cloudfront.DistributionRestrictionsArgs{
    				GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
    					RestrictionType: pulumi.String("whitelist"),
    					Locations: pulumi.StringArray{
    						pulumi.String("US"),
    						pulumi.String("CA"),
    						pulumi.String("GB"),
    						pulumi.String("DE"),
    					},
    				},
    			},
    			ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
    				CloudfrontDefaultCertificate: pulumi.Bool(true),
    			},
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var s3OriginId = "myS3Origin";
    
        var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
        {
            Origins = new[]
            {
                new Aws.CloudFront.Inputs.DistributionOriginArgs
                {
                    DomainName = primary.BucketRegionalDomainName,
                    OriginId = "myS3Origin",
                    S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
                    {
                        OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
                    },
                },
            },
            Enabled = true,
            IsIpv6Enabled = true,
            Comment = "Some comment",
            DefaultRootObject = "index.html",
            DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
            {
                CachePolicyId = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
                AllowedMethods = new[]
                {
                    "GET",
                    "HEAD",
                    "OPTIONS",
                },
                TargetOriginId = s3OriginId,
            },
            Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
            {
                GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
                {
                    RestrictionType = "whitelist",
                    Locations = new[]
                    {
                        "US",
                        "CA",
                        "GB",
                        "DE",
                    },
                },
            },
            ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
            {
                CloudfrontDefaultCertificate = true,
            },
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.Distribution;
    import com.pulumi.aws.cloudfront.DistributionArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
    import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            final var s3OriginId = "myS3Origin";
    
            var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
                .origins(DistributionOriginArgs.builder()
                    .domainName(primary.bucketRegionalDomainName())
                    .originId("myS3Origin")
                    .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
                        .originAccessIdentity(default_.cloudfrontAccessIdentityPath())
                        .build())
                    .build())
                .enabled(true)
                .isIpv6Enabled(true)
                .comment("Some comment")
                .defaultRootObject("index.html")
                .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
                    .cachePolicyId("4135ea2d-6df8-44a3-9df3-4b5a84be39ad")
                    .allowedMethods(                
                        "GET",
                        "HEAD",
                        "OPTIONS")
                    .targetOriginId(s3OriginId)
                    .build())
                .restrictions(DistributionRestrictionsArgs.builder()
                    .geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
                        .restrictionType("whitelist")
                        .locations(                    
                            "US",
                            "CA",
                            "GB",
                            "DE")
                        .build())
                    .build())
                .viewerCertificate(DistributionViewerCertificateArgs.builder()
                    .cloudfrontDefaultCertificate(true)
                    .build())
                .build());
    
        }
    }
    
    resources:
      s3Distribution:
        type: aws:cloudfront:Distribution
        name: s3_distribution
        properties:
          origins:
            - domainName: ${primary.bucketRegionalDomainName}
              originId: myS3Origin
              s3OriginConfig:
                originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
          enabled: true
          isIpv6Enabled: true
          comment: Some comment
          defaultRootObject: index.html
          defaultCacheBehavior:
            cachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
            allowedMethods:
              - GET
              - HEAD
              - OPTIONS
            targetOriginId: ${s3OriginId}
          restrictions:
            geoRestriction:
              restrictionType: whitelist
              locations:
                - US
                - CA
                - GB
                - DE
          viewerCertificate:
            cloudfrontDefaultCertificate: true
    variables:
      s3OriginId: myS3Origin
    

    Create Distribution Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new Distribution(name: string, args: DistributionArgs, opts?: CustomResourceOptions);
    @overload
    def Distribution(resource_name: str,
                     args: DistributionArgs,
                     opts: Optional[ResourceOptions] = None)
    
    @overload
    def Distribution(resource_name: str,
                     opts: Optional[ResourceOptions] = None,
                     enabled: Optional[bool] = None,
                     viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
                     restrictions: Optional[DistributionRestrictionsArgs] = None,
                     origins: Optional[Sequence[DistributionOriginArgs]] = None,
                     default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
                     ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
                     custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
                     http_version: Optional[str] = None,
                     is_ipv6_enabled: Optional[bool] = None,
                     logging_config: Optional[DistributionLoggingConfigArgs] = None,
                     aliases: Optional[Sequence[str]] = None,
                     origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
                     default_root_object: Optional[str] = None,
                     price_class: Optional[str] = None,
                     continuous_deployment_policy_id: Optional[str] = None,
                     retain_on_delete: Optional[bool] = None,
                     staging: Optional[bool] = None,
                     tags: Optional[Mapping[str, str]] = None,
                     comment: Optional[str] = None,
                     wait_for_deployment: Optional[bool] = None,
                     web_acl_id: Optional[str] = None)
    func NewDistribution(ctx *Context, name string, args DistributionArgs, opts ...ResourceOption) (*Distribution, error)
    public Distribution(string name, DistributionArgs args, CustomResourceOptions? opts = null)
    public Distribution(String name, DistributionArgs args)
    public Distribution(String name, DistributionArgs args, CustomResourceOptions options)
    
    type: aws:cloudfront:Distribution
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args DistributionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args DistributionArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args DistributionArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args DistributionArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args DistributionArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var distributionResource = new Aws.CloudFront.Distribution("distributionResource", new()
    {
        Enabled = false,
        ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
        {
            AcmCertificateArn = "string",
            CloudfrontDefaultCertificate = false,
            IamCertificateId = "string",
            MinimumProtocolVersion = "string",
            SslSupportMethod = "string",
        },
        Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
        {
            GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
            {
                RestrictionType = "string",
                Locations = new[]
                {
                    "string",
                },
            },
        },
        Origins = new[]
        {
            new Aws.CloudFront.Inputs.DistributionOriginArgs
            {
                DomainName = "string",
                OriginId = "string",
                ConnectionAttempts = 0,
                ConnectionTimeout = 0,
                CustomHeaders = new[]
                {
                    new Aws.CloudFront.Inputs.DistributionOriginCustomHeaderArgs
                    {
                        Name = "string",
                        Value = "string",
                    },
                },
                CustomOriginConfig = new Aws.CloudFront.Inputs.DistributionOriginCustomOriginConfigArgs
                {
                    HttpPort = 0,
                    HttpsPort = 0,
                    OriginProtocolPolicy = "string",
                    OriginSslProtocols = new[]
                    {
                        "string",
                    },
                    OriginKeepaliveTimeout = 0,
                    OriginReadTimeout = 0,
                },
                OriginAccessControlId = "string",
                OriginPath = "string",
                OriginShield = new Aws.CloudFront.Inputs.DistributionOriginOriginShieldArgs
                {
                    Enabled = false,
                    OriginShieldRegion = "string",
                },
                S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
                {
                    OriginAccessIdentity = "string",
                },
            },
        },
        DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
        {
            AllowedMethods = new[]
            {
                "string",
            },
            ViewerProtocolPolicy = "string",
            CachedMethods = new[]
            {
                "string",
            },
            TargetOriginId = "string",
            LambdaFunctionAssociations = new[]
            {
                new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
                {
                    EventType = "string",
                    LambdaArn = "string",
                    IncludeBody = false,
                },
            },
            OriginRequestPolicyId = "string",
            ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
            {
                Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
                {
                    Forward = "string",
                    WhitelistedNames = new[]
                    {
                        "string",
                    },
                },
                QueryString = false,
                Headers = new[]
                {
                    "string",
                },
                QueryStringCacheKeys = new[]
                {
                    "string",
                },
            },
            FunctionAssociations = new[]
            {
                new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorFunctionAssociationArgs
                {
                    EventType = "string",
                    FunctionArn = "string",
                },
            },
            DefaultTtl = 0,
            MaxTtl = 0,
            MinTtl = 0,
            FieldLevelEncryptionId = "string",
            RealtimeLogConfigArn = "string",
            ResponseHeadersPolicyId = "string",
            SmoothStreaming = false,
            Compress = false,
            TrustedKeyGroups = new[]
            {
                "string",
            },
            TrustedSigners = new[]
            {
                "string",
            },
            CachePolicyId = "string",
        },
        OrderedCacheBehaviors = new[]
        {
            new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
            {
                AllowedMethods = new[]
                {
                    "string",
                },
                ViewerProtocolPolicy = "string",
                CachedMethods = new[]
                {
                    "string",
                },
                TargetOriginId = "string",
                PathPattern = "string",
                MinTtl = 0,
                DefaultTtl = 0,
                FunctionAssociations = new[]
                {
                    new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorFunctionAssociationArgs
                    {
                        EventType = "string",
                        FunctionArn = "string",
                    },
                },
                LambdaFunctionAssociations = new[]
                {
                    new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
                    {
                        EventType = "string",
                        LambdaArn = "string",
                        IncludeBody = false,
                    },
                },
                MaxTtl = 0,
                FieldLevelEncryptionId = "string",
                OriginRequestPolicyId = "string",
                ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
                {
                    Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
                    {
                        Forward = "string",
                        WhitelistedNames = new[]
                        {
                            "string",
                        },
                    },
                    QueryString = false,
                    Headers = new[]
                    {
                        "string",
                    },
                    QueryStringCacheKeys = new[]
                    {
                        "string",
                    },
                },
                RealtimeLogConfigArn = "string",
                ResponseHeadersPolicyId = "string",
                SmoothStreaming = false,
                Compress = false,
                TrustedKeyGroups = new[]
                {
                    "string",
                },
                TrustedSigners = new[]
                {
                    "string",
                },
                CachePolicyId = "string",
            },
        },
        CustomErrorResponses = new[]
        {
            new Aws.CloudFront.Inputs.DistributionCustomErrorResponseArgs
            {
                ErrorCode = 0,
                ErrorCachingMinTtl = 0,
                ResponseCode = 0,
                ResponsePagePath = "string",
            },
        },
        HttpVersion = "string",
        IsIpv6Enabled = false,
        LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
        {
            Bucket = "string",
            IncludeCookies = false,
            Prefix = "string",
        },
        Aliases = new[]
        {
            "string",
        },
        OriginGroups = new[]
        {
            new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
            {
                FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
                {
                    StatusCodes = new[]
                    {
                        0,
                    },
                },
                Members = new[]
                {
                    new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
                    {
                        OriginId = "string",
                    },
                },
                OriginId = "string",
            },
        },
        DefaultRootObject = "string",
        PriceClass = "string",
        ContinuousDeploymentPolicyId = "string",
        RetainOnDelete = false,
        Staging = false,
        Tags = 
        {
            { "string", "string" },
        },
        Comment = "string",
        WaitForDeployment = false,
        WebAclId = "string",
    });
    
    example, err := cloudfront.NewDistribution(ctx, "distributionResource", &cloudfront.DistributionArgs{
    	Enabled: pulumi.Bool(false),
    	ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
    		AcmCertificateArn:            pulumi.String("string"),
    		CloudfrontDefaultCertificate: pulumi.Bool(false),
    		IamCertificateId:             pulumi.String("string"),
    		MinimumProtocolVersion:       pulumi.String("string"),
    		SslSupportMethod:             pulumi.String("string"),
    	},
    	Restrictions: &cloudfront.DistributionRestrictionsArgs{
    		GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
    			RestrictionType: pulumi.String("string"),
    			Locations: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    	},
    	Origins: cloudfront.DistributionOriginArray{
    		&cloudfront.DistributionOriginArgs{
    			DomainName:         pulumi.String("string"),
    			OriginId:           pulumi.String("string"),
    			ConnectionAttempts: pulumi.Int(0),
    			ConnectionTimeout:  pulumi.Int(0),
    			CustomHeaders: cloudfront.DistributionOriginCustomHeaderArray{
    				&cloudfront.DistributionOriginCustomHeaderArgs{
    					Name:  pulumi.String("string"),
    					Value: pulumi.String("string"),
    				},
    			},
    			CustomOriginConfig: &cloudfront.DistributionOriginCustomOriginConfigArgs{
    				HttpPort:             pulumi.Int(0),
    				HttpsPort:            pulumi.Int(0),
    				OriginProtocolPolicy: pulumi.String("string"),
    				OriginSslProtocols: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				OriginKeepaliveTimeout: pulumi.Int(0),
    				OriginReadTimeout:      pulumi.Int(0),
    			},
    			OriginAccessControlId: pulumi.String("string"),
    			OriginPath:            pulumi.String("string"),
    			OriginShield: &cloudfront.DistributionOriginOriginShieldArgs{
    				Enabled:            pulumi.Bool(false),
    				OriginShieldRegion: pulumi.String("string"),
    			},
    			S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
    				OriginAccessIdentity: pulumi.String("string"),
    			},
    		},
    	},
    	DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
    		AllowedMethods: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		ViewerProtocolPolicy: pulumi.String("string"),
    		CachedMethods: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		TargetOriginId: pulumi.String("string"),
    		LambdaFunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArray{
    			&cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs{
    				EventType:   pulumi.String("string"),
    				LambdaArn:   pulumi.String("string"),
    				IncludeBody: pulumi.Bool(false),
    			},
    		},
    		OriginRequestPolicyId: pulumi.String("string"),
    		ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
    			Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
    				Forward: pulumi.String("string"),
    				WhitelistedNames: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    			},
    			QueryString: pulumi.Bool(false),
    			Headers: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			QueryStringCacheKeys: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    		},
    		FunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArray{
    			&cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArgs{
    				EventType:   pulumi.String("string"),
    				FunctionArn: pulumi.String("string"),
    			},
    		},
    		DefaultTtl:              pulumi.Int(0),
    		MaxTtl:                  pulumi.Int(0),
    		MinTtl:                  pulumi.Int(0),
    		FieldLevelEncryptionId:  pulumi.String("string"),
    		RealtimeLogConfigArn:    pulumi.String("string"),
    		ResponseHeadersPolicyId: pulumi.String("string"),
    		SmoothStreaming:         pulumi.Bool(false),
    		Compress:                pulumi.Bool(false),
    		TrustedKeyGroups: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		TrustedSigners: pulumi.StringArray{
    			pulumi.String("string"),
    		},
    		CachePolicyId: pulumi.String("string"),
    	},
    	OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
    		&cloudfront.DistributionOrderedCacheBehaviorArgs{
    			AllowedMethods: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			ViewerProtocolPolicy: pulumi.String("string"),
    			CachedMethods: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			TargetOriginId: pulumi.String("string"),
    			PathPattern:    pulumi.String("string"),
    			MinTtl:         pulumi.Int(0),
    			DefaultTtl:     pulumi.Int(0),
    			FunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArray{
    				&cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArgs{
    					EventType:   pulumi.String("string"),
    					FunctionArn: pulumi.String("string"),
    				},
    			},
    			LambdaFunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArray{
    				&cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs{
    					EventType:   pulumi.String("string"),
    					LambdaArn:   pulumi.String("string"),
    					IncludeBody: pulumi.Bool(false),
    				},
    			},
    			MaxTtl:                 pulumi.Int(0),
    			FieldLevelEncryptionId: pulumi.String("string"),
    			OriginRequestPolicyId:  pulumi.String("string"),
    			ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
    				Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
    					Forward: pulumi.String("string"),
    					WhitelistedNames: pulumi.StringArray{
    						pulumi.String("string"),
    					},
    				},
    				QueryString: pulumi.Bool(false),
    				Headers: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    				QueryStringCacheKeys: pulumi.StringArray{
    					pulumi.String("string"),
    				},
    			},
    			RealtimeLogConfigArn:    pulumi.String("string"),
    			ResponseHeadersPolicyId: pulumi.String("string"),
    			SmoothStreaming:         pulumi.Bool(false),
    			Compress:                pulumi.Bool(false),
    			TrustedKeyGroups: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			TrustedSigners: pulumi.StringArray{
    				pulumi.String("string"),
    			},
    			CachePolicyId: pulumi.String("string"),
    		},
    	},
    	CustomErrorResponses: cloudfront.DistributionCustomErrorResponseArray{
    		&cloudfront.DistributionCustomErrorResponseArgs{
    			ErrorCode:          pulumi.Int(0),
    			ErrorCachingMinTtl: pulumi.Int(0),
    			ResponseCode:       pulumi.Int(0),
    			ResponsePagePath:   pulumi.String("string"),
    		},
    	},
    	HttpVersion:   pulumi.String("string"),
    	IsIpv6Enabled: pulumi.Bool(false),
    	LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
    		Bucket:         pulumi.String("string"),
    		IncludeCookies: pulumi.Bool(false),
    		Prefix:         pulumi.String("string"),
    	},
    	Aliases: pulumi.StringArray{
    		pulumi.String("string"),
    	},
    	OriginGroups: cloudfront.DistributionOriginGroupArray{
    		&cloudfront.DistributionOriginGroupArgs{
    			FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
    				StatusCodes: pulumi.IntArray{
    					pulumi.Int(0),
    				},
    			},
    			Members: cloudfront.DistributionOriginGroupMemberArray{
    				&cloudfront.DistributionOriginGroupMemberArgs{
    					OriginId: pulumi.String("string"),
    				},
    			},
    			OriginId: pulumi.String("string"),
    		},
    	},
    	DefaultRootObject:            pulumi.String("string"),
    	PriceClass:                   pulumi.String("string"),
    	ContinuousDeploymentPolicyId: pulumi.String("string"),
    	RetainOnDelete:               pulumi.Bool(false),
    	Staging:                      pulumi.Bool(false),
    	Tags: pulumi.StringMap{
    		"string": pulumi.String("string"),
    	},
    	Comment:           pulumi.String("string"),
    	WaitForDeployment: pulumi.Bool(false),
    	WebAclId:          pulumi.String("string"),
    })
    
    var distributionResource = new Distribution("distributionResource", DistributionArgs.builder()
        .enabled(false)
        .viewerCertificate(DistributionViewerCertificateArgs.builder()
            .acmCertificateArn("string")
            .cloudfrontDefaultCertificate(false)
            .iamCertificateId("string")
            .minimumProtocolVersion("string")
            .sslSupportMethod("string")
            .build())
        .restrictions(DistributionRestrictionsArgs.builder()
            .geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
                .restrictionType("string")
                .locations("string")
                .build())
            .build())
        .origins(DistributionOriginArgs.builder()
            .domainName("string")
            .originId("string")
            .connectionAttempts(0)
            .connectionTimeout(0)
            .customHeaders(DistributionOriginCustomHeaderArgs.builder()
                .name("string")
                .value("string")
                .build())
            .customOriginConfig(DistributionOriginCustomOriginConfigArgs.builder()
                .httpPort(0)
                .httpsPort(0)
                .originProtocolPolicy("string")
                .originSslProtocols("string")
                .originKeepaliveTimeout(0)
                .originReadTimeout(0)
                .build())
            .originAccessControlId("string")
            .originPath("string")
            .originShield(DistributionOriginOriginShieldArgs.builder()
                .enabled(false)
                .originShieldRegion("string")
                .build())
            .s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
                .originAccessIdentity("string")
                .build())
            .build())
        .defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
            .allowedMethods("string")
            .viewerProtocolPolicy("string")
            .cachedMethods("string")
            .targetOriginId("string")
            .lambdaFunctionAssociations(DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs.builder()
                .eventType("string")
                .lambdaArn("string")
                .includeBody(false)
                .build())
            .originRequestPolicyId("string")
            .forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
                .cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
                    .forward("string")
                    .whitelistedNames("string")
                    .build())
                .queryString(false)
                .headers("string")
                .queryStringCacheKeys("string")
                .build())
            .functionAssociations(DistributionDefaultCacheBehaviorFunctionAssociationArgs.builder()
                .eventType("string")
                .functionArn("string")
                .build())
            .defaultTtl(0)
            .maxTtl(0)
            .minTtl(0)
            .fieldLevelEncryptionId("string")
            .realtimeLogConfigArn("string")
            .responseHeadersPolicyId("string")
            .smoothStreaming(false)
            .compress(false)
            .trustedKeyGroups("string")
            .trustedSigners("string")
            .cachePolicyId("string")
            .build())
        .orderedCacheBehaviors(DistributionOrderedCacheBehaviorArgs.builder()
            .allowedMethods("string")
            .viewerProtocolPolicy("string")
            .cachedMethods("string")
            .targetOriginId("string")
            .pathPattern("string")
            .minTtl(0)
            .defaultTtl(0)
            .functionAssociations(DistributionOrderedCacheBehaviorFunctionAssociationArgs.builder()
                .eventType("string")
                .functionArn("string")
                .build())
            .lambdaFunctionAssociations(DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs.builder()
                .eventType("string")
                .lambdaArn("string")
                .includeBody(false)
                .build())
            .maxTtl(0)
            .fieldLevelEncryptionId("string")
            .originRequestPolicyId("string")
            .forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
                .cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
                    .forward("string")
                    .whitelistedNames("string")
                    .build())
                .queryString(false)
                .headers("string")
                .queryStringCacheKeys("string")
                .build())
            .realtimeLogConfigArn("string")
            .responseHeadersPolicyId("string")
            .smoothStreaming(false)
            .compress(false)
            .trustedKeyGroups("string")
            .trustedSigners("string")
            .cachePolicyId("string")
            .build())
        .customErrorResponses(DistributionCustomErrorResponseArgs.builder()
            .errorCode(0)
            .errorCachingMinTtl(0)
            .responseCode(0)
            .responsePagePath("string")
            .build())
        .httpVersion("string")
        .isIpv6Enabled(false)
        .loggingConfig(DistributionLoggingConfigArgs.builder()
            .bucket("string")
            .includeCookies(false)
            .prefix("string")
            .build())
        .aliases("string")
        .originGroups(DistributionOriginGroupArgs.builder()
            .failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
                .statusCodes(0)
                .build())
            .members(DistributionOriginGroupMemberArgs.builder()
                .originId("string")
                .build())
            .originId("string")
            .build())
        .defaultRootObject("string")
        .priceClass("string")
        .continuousDeploymentPolicyId("string")
        .retainOnDelete(false)
        .staging(false)
        .tags(Map.of("string", "string"))
        .comment("string")
        .waitForDeployment(false)
        .webAclId("string")
        .build());
    
    distribution_resource = aws.cloudfront.Distribution("distributionResource",
        enabled=False,
        viewer_certificate={
            "acm_certificate_arn": "string",
            "cloudfront_default_certificate": False,
            "iam_certificate_id": "string",
            "minimum_protocol_version": "string",
            "ssl_support_method": "string",
        },
        restrictions={
            "geo_restriction": {
                "restriction_type": "string",
                "locations": ["string"],
            },
        },
        origins=[{
            "domain_name": "string",
            "origin_id": "string",
            "connection_attempts": 0,
            "connection_timeout": 0,
            "custom_headers": [{
                "name": "string",
                "value": "string",
            }],
            "custom_origin_config": {
                "http_port": 0,
                "https_port": 0,
                "origin_protocol_policy": "string",
                "origin_ssl_protocols": ["string"],
                "origin_keepalive_timeout": 0,
                "origin_read_timeout": 0,
            },
            "origin_access_control_id": "string",
            "origin_path": "string",
            "origin_shield": {
                "enabled": False,
                "origin_shield_region": "string",
            },
            "s3_origin_config": {
                "origin_access_identity": "string",
            },
        }],
        default_cache_behavior={
            "allowed_methods": ["string"],
            "viewer_protocol_policy": "string",
            "cached_methods": ["string"],
            "target_origin_id": "string",
            "lambda_function_associations": [{
                "event_type": "string",
                "lambda_arn": "string",
                "include_body": False,
            }],
            "origin_request_policy_id": "string",
            "forwarded_values": {
                "cookies": {
                    "forward": "string",
                    "whitelisted_names": ["string"],
                },
                "query_string": False,
                "headers": ["string"],
                "query_string_cache_keys": ["string"],
            },
            "function_associations": [{
                "event_type": "string",
                "function_arn": "string",
            }],
            "default_ttl": 0,
            "max_ttl": 0,
            "min_ttl": 0,
            "field_level_encryption_id": "string",
            "realtime_log_config_arn": "string",
            "response_headers_policy_id": "string",
            "smooth_streaming": False,
            "compress": False,
            "trusted_key_groups": ["string"],
            "trusted_signers": ["string"],
            "cache_policy_id": "string",
        },
        ordered_cache_behaviors=[{
            "allowed_methods": ["string"],
            "viewer_protocol_policy": "string",
            "cached_methods": ["string"],
            "target_origin_id": "string",
            "path_pattern": "string",
            "min_ttl": 0,
            "default_ttl": 0,
            "function_associations": [{
                "event_type": "string",
                "function_arn": "string",
            }],
            "lambda_function_associations": [{
                "event_type": "string",
                "lambda_arn": "string",
                "include_body": False,
            }],
            "max_ttl": 0,
            "field_level_encryption_id": "string",
            "origin_request_policy_id": "string",
            "forwarded_values": {
                "cookies": {
                    "forward": "string",
                    "whitelisted_names": ["string"],
                },
                "query_string": False,
                "headers": ["string"],
                "query_string_cache_keys": ["string"],
            },
            "realtime_log_config_arn": "string",
            "response_headers_policy_id": "string",
            "smooth_streaming": False,
            "compress": False,
            "trusted_key_groups": ["string"],
            "trusted_signers": ["string"],
            "cache_policy_id": "string",
        }],
        custom_error_responses=[{
            "error_code": 0,
            "error_caching_min_ttl": 0,
            "response_code": 0,
            "response_page_path": "string",
        }],
        http_version="string",
        is_ipv6_enabled=False,
        logging_config={
            "bucket": "string",
            "include_cookies": False,
            "prefix": "string",
        },
        aliases=["string"],
        origin_groups=[{
            "failover_criteria": {
                "status_codes": [0],
            },
            "members": [{
                "origin_id": "string",
            }],
            "origin_id": "string",
        }],
        default_root_object="string",
        price_class="string",
        continuous_deployment_policy_id="string",
        retain_on_delete=False,
        staging=False,
        tags={
            "string": "string",
        },
        comment="string",
        wait_for_deployment=False,
        web_acl_id="string")
    
    const distributionResource = new aws.cloudfront.Distribution("distributionResource", {
        enabled: false,
        viewerCertificate: {
            acmCertificateArn: "string",
            cloudfrontDefaultCertificate: false,
            iamCertificateId: "string",
            minimumProtocolVersion: "string",
            sslSupportMethod: "string",
        },
        restrictions: {
            geoRestriction: {
                restrictionType: "string",
                locations: ["string"],
            },
        },
        origins: [{
            domainName: "string",
            originId: "string",
            connectionAttempts: 0,
            connectionTimeout: 0,
            customHeaders: [{
                name: "string",
                value: "string",
            }],
            customOriginConfig: {
                httpPort: 0,
                httpsPort: 0,
                originProtocolPolicy: "string",
                originSslProtocols: ["string"],
                originKeepaliveTimeout: 0,
                originReadTimeout: 0,
            },
            originAccessControlId: "string",
            originPath: "string",
            originShield: {
                enabled: false,
                originShieldRegion: "string",
            },
            s3OriginConfig: {
                originAccessIdentity: "string",
            },
        }],
        defaultCacheBehavior: {
            allowedMethods: ["string"],
            viewerProtocolPolicy: "string",
            cachedMethods: ["string"],
            targetOriginId: "string",
            lambdaFunctionAssociations: [{
                eventType: "string",
                lambdaArn: "string",
                includeBody: false,
            }],
            originRequestPolicyId: "string",
            forwardedValues: {
                cookies: {
                    forward: "string",
                    whitelistedNames: ["string"],
                },
                queryString: false,
                headers: ["string"],
                queryStringCacheKeys: ["string"],
            },
            functionAssociations: [{
                eventType: "string",
                functionArn: "string",
            }],
            defaultTtl: 0,
            maxTtl: 0,
            minTtl: 0,
            fieldLevelEncryptionId: "string",
            realtimeLogConfigArn: "string",
            responseHeadersPolicyId: "string",
            smoothStreaming: false,
            compress: false,
            trustedKeyGroups: ["string"],
            trustedSigners: ["string"],
            cachePolicyId: "string",
        },
        orderedCacheBehaviors: [{
            allowedMethods: ["string"],
            viewerProtocolPolicy: "string",
            cachedMethods: ["string"],
            targetOriginId: "string",
            pathPattern: "string",
            minTtl: 0,
            defaultTtl: 0,
            functionAssociations: [{
                eventType: "string",
                functionArn: "string",
            }],
            lambdaFunctionAssociations: [{
                eventType: "string",
                lambdaArn: "string",
                includeBody: false,
            }],
            maxTtl: 0,
            fieldLevelEncryptionId: "string",
            originRequestPolicyId: "string",
            forwardedValues: {
                cookies: {
                    forward: "string",
                    whitelistedNames: ["string"],
                },
                queryString: false,
                headers: ["string"],
                queryStringCacheKeys: ["string"],
            },
            realtimeLogConfigArn: "string",
            responseHeadersPolicyId: "string",
            smoothStreaming: false,
            compress: false,
            trustedKeyGroups: ["string"],
            trustedSigners: ["string"],
            cachePolicyId: "string",
        }],
        customErrorResponses: [{
            errorCode: 0,
            errorCachingMinTtl: 0,
            responseCode: 0,
            responsePagePath: "string",
        }],
        httpVersion: "string",
        isIpv6Enabled: false,
        loggingConfig: {
            bucket: "string",
            includeCookies: false,
            prefix: "string",
        },
        aliases: ["string"],
        originGroups: [{
            failoverCriteria: {
                statusCodes: [0],
            },
            members: [{
                originId: "string",
            }],
            originId: "string",
        }],
        defaultRootObject: "string",
        priceClass: "string",
        continuousDeploymentPolicyId: "string",
        retainOnDelete: false,
        staging: false,
        tags: {
            string: "string",
        },
        comment: "string",
        waitForDeployment: false,
        webAclId: "string",
    });
    
    type: aws:cloudfront:Distribution
    properties:
        aliases:
            - string
        comment: string
        continuousDeploymentPolicyId: string
        customErrorResponses:
            - errorCachingMinTtl: 0
              errorCode: 0
              responseCode: 0
              responsePagePath: string
        defaultCacheBehavior:
            allowedMethods:
                - string
            cachePolicyId: string
            cachedMethods:
                - string
            compress: false
            defaultTtl: 0
            fieldLevelEncryptionId: string
            forwardedValues:
                cookies:
                    forward: string
                    whitelistedNames:
                        - string
                headers:
                    - string
                queryString: false
                queryStringCacheKeys:
                    - string
            functionAssociations:
                - eventType: string
                  functionArn: string
            lambdaFunctionAssociations:
                - eventType: string
                  includeBody: false
                  lambdaArn: string
            maxTtl: 0
            minTtl: 0
            originRequestPolicyId: string
            realtimeLogConfigArn: string
            responseHeadersPolicyId: string
            smoothStreaming: false
            targetOriginId: string
            trustedKeyGroups:
                - string
            trustedSigners:
                - string
            viewerProtocolPolicy: string
        defaultRootObject: string
        enabled: false
        httpVersion: string
        isIpv6Enabled: false
        loggingConfig:
            bucket: string
            includeCookies: false
            prefix: string
        orderedCacheBehaviors:
            - allowedMethods:
                - string
              cachePolicyId: string
              cachedMethods:
                - string
              compress: false
              defaultTtl: 0
              fieldLevelEncryptionId: string
              forwardedValues:
                cookies:
                    forward: string
                    whitelistedNames:
                        - string
                headers:
                    - string
                queryString: false
                queryStringCacheKeys:
                    - string
              functionAssociations:
                - eventType: string
                  functionArn: string
              lambdaFunctionAssociations:
                - eventType: string
                  includeBody: false
                  lambdaArn: string
              maxTtl: 0
              minTtl: 0
              originRequestPolicyId: string
              pathPattern: string
              realtimeLogConfigArn: string
              responseHeadersPolicyId: string
              smoothStreaming: false
              targetOriginId: string
              trustedKeyGroups:
                - string
              trustedSigners:
                - string
              viewerProtocolPolicy: string
        originGroups:
            - failoverCriteria:
                statusCodes:
                    - 0
              members:
                - originId: string
              originId: string
        origins:
            - connectionAttempts: 0
              connectionTimeout: 0
              customHeaders:
                - name: string
                  value: string
              customOriginConfig:
                httpPort: 0
                httpsPort: 0
                originKeepaliveTimeout: 0
                originProtocolPolicy: string
                originReadTimeout: 0
                originSslProtocols:
                    - string
              domainName: string
              originAccessControlId: string
              originId: string
              originPath: string
              originShield:
                enabled: false
                originShieldRegion: string
              s3OriginConfig:
                originAccessIdentity: string
        priceClass: string
        restrictions:
            geoRestriction:
                locations:
                    - string
                restrictionType: string
        retainOnDelete: false
        staging: false
        tags:
            string: string
        viewerCertificate:
            acmCertificateArn: string
            cloudfrontDefaultCertificate: false
            iamCertificateId: string
            minimumProtocolVersion: string
            sslSupportMethod: string
        waitForDeployment: false
        webAclId: string
    

    Distribution Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.

    The Distribution resource accepts the following input properties:

    Outputs

    All input properties are implicitly available as output properties. Additionally, the Distribution resource produces the following output properties:

    Arn string
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    CallerReference string
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    DomainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    Etag string
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    HostedZoneId string
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    Id string
    The provider-assigned unique ID for this managed resource.
    InProgressValidationBatches int
    Number of invalidation batches currently in progress.
    LastModifiedTime string
    Date and time the distribution was last modified.
    Status string
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    TagsAll Dictionary<string, string>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    TrustedKeyGroups List<DistributionTrustedKeyGroup>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners List<DistributionTrustedSigner>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    Arn string
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    CallerReference string
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    DomainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    Etag string
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    HostedZoneId string
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    Id string
    The provider-assigned unique ID for this managed resource.
    InProgressValidationBatches int
    Number of invalidation batches currently in progress.
    LastModifiedTime string
    Date and time the distribution was last modified.
    Status string
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    TagsAll map[string]string
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    TrustedKeyGroups []DistributionTrustedKeyGroup
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners []DistributionTrustedSigner
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    arn String
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    callerReference String
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    domainName String
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    etag String
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hostedZoneId String
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    id String
    The provider-assigned unique ID for this managed resource.
    inProgressValidationBatches Integer
    Number of invalidation batches currently in progress.
    lastModifiedTime String
    Date and time the distribution was last modified.
    status String
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tagsAll Map<String,String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trustedKeyGroups List<DistributionTrustedKeyGroup>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<DistributionTrustedSigner>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    arn string
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    callerReference string
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    domainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    etag string
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hostedZoneId string
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    id string
    The provider-assigned unique ID for this managed resource.
    inProgressValidationBatches number
    Number of invalidation batches currently in progress.
    lastModifiedTime string
    Date and time the distribution was last modified.
    status string
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tagsAll {[key: string]: string}
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trustedKeyGroups DistributionTrustedKeyGroup[]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners DistributionTrustedSigner[]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    arn str
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    caller_reference str
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    domain_name str
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    etag str
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hosted_zone_id str
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    id str
    The provider-assigned unique ID for this managed resource.
    in_progress_validation_batches int
    Number of invalidation batches currently in progress.
    last_modified_time str
    Date and time the distribution was last modified.
    status str
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tags_all Mapping[str, str]
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trusted_key_groups Sequence[DistributionTrustedKeyGroup]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trusted_signers Sequence[DistributionTrustedSigner]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    arn String
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    callerReference String
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    domainName String
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    etag String
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hostedZoneId String
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    id String
    The provider-assigned unique ID for this managed resource.
    inProgressValidationBatches Number
    Number of invalidation batches currently in progress.
    lastModifiedTime String
    Date and time the distribution was last modified.
    status String
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tagsAll Map<String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trustedKeyGroups List<Property Map>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<Property Map>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.

    Look up Existing Distribution Resource

    Get an existing Distribution resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: DistributionState, opts?: CustomResourceOptions): Distribution
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            aliases: Optional[Sequence[str]] = None,
            arn: Optional[str] = None,
            caller_reference: Optional[str] = None,
            comment: Optional[str] = None,
            continuous_deployment_policy_id: Optional[str] = None,
            custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
            default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
            default_root_object: Optional[str] = None,
            domain_name: Optional[str] = None,
            enabled: Optional[bool] = None,
            etag: Optional[str] = None,
            hosted_zone_id: Optional[str] = None,
            http_version: Optional[str] = None,
            in_progress_validation_batches: Optional[int] = None,
            is_ipv6_enabled: Optional[bool] = None,
            last_modified_time: Optional[str] = None,
            logging_config: Optional[DistributionLoggingConfigArgs] = None,
            ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
            origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
            origins: Optional[Sequence[DistributionOriginArgs]] = None,
            price_class: Optional[str] = None,
            restrictions: Optional[DistributionRestrictionsArgs] = None,
            retain_on_delete: Optional[bool] = None,
            staging: Optional[bool] = None,
            status: Optional[str] = None,
            tags: Optional[Mapping[str, str]] = None,
            tags_all: Optional[Mapping[str, str]] = None,
            trusted_key_groups: Optional[Sequence[DistributionTrustedKeyGroupArgs]] = None,
            trusted_signers: Optional[Sequence[DistributionTrustedSignerArgs]] = None,
            viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
            wait_for_deployment: Optional[bool] = None,
            web_acl_id: Optional[str] = None) -> Distribution
    func GetDistribution(ctx *Context, name string, id IDInput, state *DistributionState, opts ...ResourceOption) (*Distribution, error)
    public static Distribution Get(string name, Input<string> id, DistributionState? state, CustomResourceOptions? opts = null)
    public static Distribution get(String name, Output<String> id, DistributionState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Aliases List<string>
    Arn string
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    CallerReference string
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    Comment string
    ContinuousDeploymentPolicyId string
    CustomErrorResponses List<DistributionCustomErrorResponse>
    DefaultCacheBehavior DistributionDefaultCacheBehavior
    DefaultRootObject string
    DomainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    Etag string
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    HostedZoneId string
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    HttpVersion string
    InProgressValidationBatches int
    Number of invalidation batches currently in progress.
    IsIpv6Enabled bool
    LastModifiedTime string
    Date and time the distribution was last modified.
    LoggingConfig DistributionLoggingConfig
    OrderedCacheBehaviors List<DistributionOrderedCacheBehavior>
    OriginGroups List<DistributionOriginGroup>
    Origins List<DistributionOrigin>
    PriceClass string
    Restrictions DistributionRestrictions
    RetainOnDelete bool
    Staging bool
    Status string
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    Tags Dictionary<string, string>
    TagsAll Dictionary<string, string>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    TrustedKeyGroups List<DistributionTrustedKeyGroup>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners List<DistributionTrustedSigner>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    ViewerCertificate DistributionViewerCertificate
    WaitForDeployment bool
    WebAclId string
    Aliases []string
    Arn string
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    CallerReference string
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    Comment string
    ContinuousDeploymentPolicyId string
    CustomErrorResponses []DistributionCustomErrorResponseArgs
    DefaultCacheBehavior DistributionDefaultCacheBehaviorArgs
    DefaultRootObject string
    DomainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    Etag string
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    HostedZoneId string
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    HttpVersion string
    InProgressValidationBatches int
    Number of invalidation batches currently in progress.
    IsIpv6Enabled bool
    LastModifiedTime string
    Date and time the distribution was last modified.
    LoggingConfig DistributionLoggingConfigArgs
    OrderedCacheBehaviors []DistributionOrderedCacheBehaviorArgs
    OriginGroups []DistributionOriginGroupArgs
    Origins []DistributionOriginArgs
    PriceClass string
    Restrictions DistributionRestrictionsArgs
    RetainOnDelete bool
    Staging bool
    Status string
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    Tags map[string]string
    TagsAll map[string]string
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    TrustedKeyGroups []DistributionTrustedKeyGroupArgs
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners []DistributionTrustedSignerArgs
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    ViewerCertificate DistributionViewerCertificateArgs
    WaitForDeployment bool
    WebAclId string
    aliases List<String>
    arn String
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    callerReference String
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    comment String
    continuousDeploymentPolicyId String
    customErrorResponses List<DistributionCustomErrorResponse>
    defaultCacheBehavior DistributionDefaultCacheBehavior
    defaultRootObject String
    domainName String
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    etag String
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hostedZoneId String
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    httpVersion String
    inProgressValidationBatches Integer
    Number of invalidation batches currently in progress.
    isIpv6Enabled Boolean
    lastModifiedTime String
    Date and time the distribution was last modified.
    loggingConfig DistributionLoggingConfig
    orderedCacheBehaviors List<DistributionOrderedCacheBehavior>
    originGroups List<DistributionOriginGroup>
    origins List<DistributionOrigin>
    priceClass String
    restrictions DistributionRestrictions
    retainOnDelete Boolean
    staging Boolean
    status String
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tags Map<String,String>
    tagsAll Map<String,String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trustedKeyGroups List<DistributionTrustedKeyGroup>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<DistributionTrustedSigner>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    viewerCertificate DistributionViewerCertificate
    waitForDeployment Boolean
    webAclId String
    aliases string[]
    arn string
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    callerReference string
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    comment string
    continuousDeploymentPolicyId string
    customErrorResponses DistributionCustomErrorResponse[]
    defaultCacheBehavior DistributionDefaultCacheBehavior
    defaultRootObject string
    domainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    enabled boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    etag string
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hostedZoneId string
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    httpVersion string
    inProgressValidationBatches number
    Number of invalidation batches currently in progress.
    isIpv6Enabled boolean
    lastModifiedTime string
    Date and time the distribution was last modified.
    loggingConfig DistributionLoggingConfig
    orderedCacheBehaviors DistributionOrderedCacheBehavior[]
    originGroups DistributionOriginGroup[]
    origins DistributionOrigin[]
    priceClass string
    restrictions DistributionRestrictions
    retainOnDelete boolean
    staging boolean
    status string
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tags {[key: string]: string}
    tagsAll {[key: string]: string}
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trustedKeyGroups DistributionTrustedKeyGroup[]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners DistributionTrustedSigner[]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    viewerCertificate DistributionViewerCertificate
    waitForDeployment boolean
    webAclId string
    aliases Sequence[str]
    arn str
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    caller_reference str
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    comment str
    continuous_deployment_policy_id str
    custom_error_responses Sequence[DistributionCustomErrorResponseArgs]
    default_cache_behavior DistributionDefaultCacheBehaviorArgs
    default_root_object str
    domain_name str
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    etag str
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hosted_zone_id str
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    http_version str
    in_progress_validation_batches int
    Number of invalidation batches currently in progress.
    is_ipv6_enabled bool
    last_modified_time str
    Date and time the distribution was last modified.
    logging_config DistributionLoggingConfigArgs
    ordered_cache_behaviors Sequence[DistributionOrderedCacheBehaviorArgs]
    origin_groups Sequence[DistributionOriginGroupArgs]
    origins Sequence[DistributionOriginArgs]
    price_class str
    restrictions DistributionRestrictionsArgs
    retain_on_delete bool
    staging bool
    status str
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tags Mapping[str, str]
    tags_all Mapping[str, str]
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trusted_key_groups Sequence[DistributionTrustedKeyGroupArgs]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trusted_signers Sequence[DistributionTrustedSignerArgs]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    viewer_certificate DistributionViewerCertificateArgs
    wait_for_deployment bool
    web_acl_id str
    aliases List<String>
    arn String
    ARN for the distribution. For example: arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where 123456789012 is your AWS account ID.
    callerReference String
    Internal value used by CloudFront to allow future updates to the distribution configuration.
    comment String
    continuousDeploymentPolicyId String
    customErrorResponses List<Property Map>
    defaultCacheBehavior Property Map
    defaultRootObject String
    domainName String
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    etag String
    Current version of the distribution's information. For example: E2QWRUHAPOMQZL.
    hostedZoneId String
    CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID Z2FDTNDATAQYW2.
    httpVersion String
    inProgressValidationBatches Number
    Number of invalidation batches currently in progress.
    isIpv6Enabled Boolean
    lastModifiedTime String
    Date and time the distribution was last modified.
    loggingConfig Property Map
    orderedCacheBehaviors List<Property Map>
    originGroups List<Property Map>
    origins List<Property Map>
    priceClass String
    restrictions Property Map
    retainOnDelete Boolean
    staging Boolean
    status String
    Current status of the distribution. Deployed if the distribution's information is fully propagated throughout the Amazon CloudFront system.
    tags Map<String>
    tagsAll Map<String>
    Map of tags assigned to the resource, including those inherited from the provider default_tags configuration block.

    Deprecated: Please use tags instead.

    trustedKeyGroups List<Property Map>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<Property Map>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    viewerCertificate Property Map
    waitForDeployment Boolean
    webAclId String

    Supporting Types

    DistributionCustomErrorResponse, DistributionCustomErrorResponseArgs

    ErrorCode int
    4xx or 5xx HTTP status code that you want to customize.
    ErrorCachingMinTtl int
    Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
    ResponseCode int
    HTTP status code that you want CloudFront to return with the custom error page to the viewer.
    ResponsePagePath string
    Path of the custom error page (for example, /custom_404.html).
    ErrorCode int
    4xx or 5xx HTTP status code that you want to customize.
    ErrorCachingMinTtl int
    Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
    ResponseCode int
    HTTP status code that you want CloudFront to return with the custom error page to the viewer.
    ResponsePagePath string
    Path of the custom error page (for example, /custom_404.html).
    errorCode Integer
    4xx or 5xx HTTP status code that you want to customize.
    errorCachingMinTtl Integer
    Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
    responseCode Integer
    HTTP status code that you want CloudFront to return with the custom error page to the viewer.
    responsePagePath String
    Path of the custom error page (for example, /custom_404.html).
    errorCode number
    4xx or 5xx HTTP status code that you want to customize.
    errorCachingMinTtl number
    Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
    responseCode number
    HTTP status code that you want CloudFront to return with the custom error page to the viewer.
    responsePagePath string
    Path of the custom error page (for example, /custom_404.html).
    error_code int
    4xx or 5xx HTTP status code that you want to customize.
    error_caching_min_ttl int
    Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
    response_code int
    HTTP status code that you want CloudFront to return with the custom error page to the viewer.
    response_page_path str
    Path of the custom error page (for example, /custom_404.html).
    errorCode Number
    4xx or 5xx HTTP status code that you want to customize.
    errorCachingMinTtl Number
    Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
    responseCode Number
    HTTP status code that you want CloudFront to return with the custom error page to the viewer.
    responsePagePath String
    Path of the custom error page (for example, /custom_404.html).

    DistributionDefaultCacheBehavior, DistributionDefaultCacheBehaviorArgs

    AllowedMethods List<string>
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    CachedMethods List<string>
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    TargetOriginId string
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    ViewerProtocolPolicy string
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    CachePolicyId string
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    Compress bool
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    DefaultTtl int
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    FieldLevelEncryptionId string
    Field level encryption configuration ID.
    ForwardedValues DistributionDefaultCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    FunctionAssociations List<DistributionDefaultCacheBehaviorFunctionAssociation>
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    LambdaFunctionAssociations List<DistributionDefaultCacheBehaviorLambdaFunctionAssociation>
    A config block that triggers a lambda function with specific actions (maximum 4).
    MaxTtl int
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    MinTtl int
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    OriginRequestPolicyId string
    Unique identifier of the origin request policy that is attached to the behavior.
    RealtimeLogConfigArn string
    ARN of the real-time log configuration that is attached to this cache behavior.
    ResponseHeadersPolicyId string
    Identifier for a response headers policy.
    SmoothStreaming bool
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    TrustedKeyGroups List<string>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners List<string>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    AllowedMethods []string
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    CachedMethods []string
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    TargetOriginId string
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    ViewerProtocolPolicy string
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    CachePolicyId string
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    Compress bool
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    DefaultTtl int
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    FieldLevelEncryptionId string
    Field level encryption configuration ID.
    ForwardedValues DistributionDefaultCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    FunctionAssociations []DistributionDefaultCacheBehaviorFunctionAssociation
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    LambdaFunctionAssociations []DistributionDefaultCacheBehaviorLambdaFunctionAssociation
    A config block that triggers a lambda function with specific actions (maximum 4).
    MaxTtl int
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    MinTtl int
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    OriginRequestPolicyId string
    Unique identifier of the origin request policy that is attached to the behavior.
    RealtimeLogConfigArn string
    ARN of the real-time log configuration that is attached to this cache behavior.
    ResponseHeadersPolicyId string
    Identifier for a response headers policy.
    SmoothStreaming bool
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    TrustedKeyGroups []string
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners []string
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowedMethods List<String>
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cachedMethods List<String>
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    targetOriginId String
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewerProtocolPolicy String
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cachePolicyId String
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress Boolean
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    defaultTtl Integer
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    fieldLevelEncryptionId String
    Field level encryption configuration ID.
    forwardedValues DistributionDefaultCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    functionAssociations List<DistributionDefaultCacheBehaviorFunctionAssociation>
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambdaFunctionAssociations List<DistributionDefaultCacheBehaviorLambdaFunctionAssociation>
    A config block that triggers a lambda function with specific actions (maximum 4).
    maxTtl Integer
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    minTtl Integer
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    originRequestPolicyId String
    Unique identifier of the origin request policy that is attached to the behavior.
    realtimeLogConfigArn String
    ARN of the real-time log configuration that is attached to this cache behavior.
    responseHeadersPolicyId String
    Identifier for a response headers policy.
    smoothStreaming Boolean
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trustedKeyGroups List<String>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<String>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowedMethods string[]
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cachedMethods string[]
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    targetOriginId string
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewerProtocolPolicy string
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cachePolicyId string
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress boolean
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    defaultTtl number
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    fieldLevelEncryptionId string
    Field level encryption configuration ID.
    forwardedValues DistributionDefaultCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    functionAssociations DistributionDefaultCacheBehaviorFunctionAssociation[]
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambdaFunctionAssociations DistributionDefaultCacheBehaviorLambdaFunctionAssociation[]
    A config block that triggers a lambda function with specific actions (maximum 4).
    maxTtl number
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    minTtl number
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    originRequestPolicyId string
    Unique identifier of the origin request policy that is attached to the behavior.
    realtimeLogConfigArn string
    ARN of the real-time log configuration that is attached to this cache behavior.
    responseHeadersPolicyId string
    Identifier for a response headers policy.
    smoothStreaming boolean
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trustedKeyGroups string[]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners string[]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowed_methods Sequence[str]
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cached_methods Sequence[str]
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    target_origin_id str
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewer_protocol_policy str
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cache_policy_id str
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress bool
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    default_ttl int
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    field_level_encryption_id str
    Field level encryption configuration ID.
    forwarded_values DistributionDefaultCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    function_associations Sequence[DistributionDefaultCacheBehaviorFunctionAssociation]
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambda_function_associations Sequence[DistributionDefaultCacheBehaviorLambdaFunctionAssociation]
    A config block that triggers a lambda function with specific actions (maximum 4).
    max_ttl int
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    min_ttl int
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    origin_request_policy_id str
    Unique identifier of the origin request policy that is attached to the behavior.
    realtime_log_config_arn str
    ARN of the real-time log configuration that is attached to this cache behavior.
    response_headers_policy_id str
    Identifier for a response headers policy.
    smooth_streaming bool
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trusted_key_groups Sequence[str]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trusted_signers Sequence[str]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowedMethods List<String>
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cachedMethods List<String>
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    targetOriginId String
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewerProtocolPolicy String
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cachePolicyId String
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress Boolean
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    defaultTtl Number
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    fieldLevelEncryptionId String
    Field level encryption configuration ID.
    forwardedValues Property Map
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    functionAssociations List<Property Map>
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambdaFunctionAssociations List<Property Map>
    A config block that triggers a lambda function with specific actions (maximum 4).
    maxTtl Number
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    minTtl Number
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    originRequestPolicyId String
    Unique identifier of the origin request policy that is attached to the behavior.
    realtimeLogConfigArn String
    ARN of the real-time log configuration that is attached to this cache behavior.
    responseHeadersPolicyId String
    Identifier for a response headers policy.
    smoothStreaming Boolean
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trustedKeyGroups List<String>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<String>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.

    DistributionDefaultCacheBehaviorForwardedValues, DistributionDefaultCacheBehaviorForwardedValuesArgs

    Cookies DistributionDefaultCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    QueryString bool
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    Headers List<string>
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    QueryStringCacheKeys List<string>
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    Cookies DistributionDefaultCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    QueryString bool
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    Headers []string
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    QueryStringCacheKeys []string
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies DistributionDefaultCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    queryString Boolean
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers List<String>
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    queryStringCacheKeys List<String>
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies DistributionDefaultCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    queryString boolean
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers string[]
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    queryStringCacheKeys string[]
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies DistributionDefaultCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    query_string bool
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers Sequence[str]
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    query_string_cache_keys Sequence[str]
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies Property Map
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    queryString Boolean
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers List<String>
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    queryStringCacheKeys List<String>
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.

    DistributionDefaultCacheBehaviorForwardedValuesCookies, DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs

    Forward string
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    WhitelistedNames List<string>
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    Forward string
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    WhitelistedNames []string
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward String
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelistedNames List<String>
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward string
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelistedNames string[]
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward str
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelisted_names Sequence[str]
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward String
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelistedNames List<String>
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.

    DistributionDefaultCacheBehaviorFunctionAssociation, DistributionDefaultCacheBehaviorFunctionAssociationArgs

    EventType string
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    FunctionArn string
    ARN of the CloudFront function.
    EventType string
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    FunctionArn string
    ARN of the CloudFront function.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    functionArn String
    ARN of the CloudFront function.
    eventType string
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    functionArn string
    ARN of the CloudFront function.
    event_type str
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    function_arn str
    ARN of the CloudFront function.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    functionArn String
    ARN of the CloudFront function.

    DistributionDefaultCacheBehaviorLambdaFunctionAssociation, DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs

    EventType string
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    LambdaArn string
    ARN of the Lambda function.
    IncludeBody bool
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    EventType string
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    LambdaArn string
    ARN of the Lambda function.
    IncludeBody bool
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambdaArn String
    ARN of the Lambda function.
    includeBody Boolean
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    eventType string
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambdaArn string
    ARN of the Lambda function.
    includeBody boolean
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    event_type str
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambda_arn str
    ARN of the Lambda function.
    include_body bool
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambdaArn String
    ARN of the Lambda function.
    includeBody Boolean
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.

    DistributionLoggingConfig, DistributionLoggingConfigArgs

    Bucket string
    Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
    IncludeCookies bool
    Whether to include cookies in access logs (default: false).
    Prefix string
    Prefix to the access log filenames for this distribution, for example, myprefix/.
    Bucket string
    Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
    IncludeCookies bool
    Whether to include cookies in access logs (default: false).
    Prefix string
    Prefix to the access log filenames for this distribution, for example, myprefix/.
    bucket String
    Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
    includeCookies Boolean
    Whether to include cookies in access logs (default: false).
    prefix String
    Prefix to the access log filenames for this distribution, for example, myprefix/.
    bucket string
    Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
    includeCookies boolean
    Whether to include cookies in access logs (default: false).
    prefix string
    Prefix to the access log filenames for this distribution, for example, myprefix/.
    bucket str
    Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
    include_cookies bool
    Whether to include cookies in access logs (default: false).
    prefix str
    Prefix to the access log filenames for this distribution, for example, myprefix/.
    bucket String
    Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
    includeCookies Boolean
    Whether to include cookies in access logs (default: false).
    prefix String
    Prefix to the access log filenames for this distribution, for example, myprefix/.

    DistributionOrderedCacheBehavior, DistributionOrderedCacheBehaviorArgs

    AllowedMethods List<string>
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    CachedMethods List<string>
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    PathPattern string
    Pattern (for example, images/*.jpg) that specifies which requests you want this cache behavior to apply to.
    TargetOriginId string
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    ViewerProtocolPolicy string
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    CachePolicyId string
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    Compress bool
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    DefaultTtl int
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    FieldLevelEncryptionId string
    Field level encryption configuration ID.
    ForwardedValues DistributionOrderedCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    FunctionAssociations List<DistributionOrderedCacheBehaviorFunctionAssociation>
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    LambdaFunctionAssociations List<DistributionOrderedCacheBehaviorLambdaFunctionAssociation>
    A config block that triggers a lambda function with specific actions (maximum 4).
    MaxTtl int
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    MinTtl int
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    OriginRequestPolicyId string
    Unique identifier of the origin request policy that is attached to the behavior.
    RealtimeLogConfigArn string
    ARN of the real-time log configuration that is attached to this cache behavior.
    ResponseHeadersPolicyId string
    Identifier for a response headers policy.
    SmoothStreaming bool
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    TrustedKeyGroups List<string>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners List<string>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    AllowedMethods []string
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    CachedMethods []string
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    PathPattern string
    Pattern (for example, images/*.jpg) that specifies which requests you want this cache behavior to apply to.
    TargetOriginId string
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    ViewerProtocolPolicy string
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    CachePolicyId string
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    Compress bool
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    DefaultTtl int
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    FieldLevelEncryptionId string
    Field level encryption configuration ID.
    ForwardedValues DistributionOrderedCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    FunctionAssociations []DistributionOrderedCacheBehaviorFunctionAssociation
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    LambdaFunctionAssociations []DistributionOrderedCacheBehaviorLambdaFunctionAssociation
    A config block that triggers a lambda function with specific actions (maximum 4).
    MaxTtl int
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    MinTtl int
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    OriginRequestPolicyId string
    Unique identifier of the origin request policy that is attached to the behavior.
    RealtimeLogConfigArn string
    ARN of the real-time log configuration that is attached to this cache behavior.
    ResponseHeadersPolicyId string
    Identifier for a response headers policy.
    SmoothStreaming bool
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    TrustedKeyGroups []string
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    TrustedSigners []string
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowedMethods List<String>
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cachedMethods List<String>
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    pathPattern String
    Pattern (for example, images/*.jpg) that specifies which requests you want this cache behavior to apply to.
    targetOriginId String
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewerProtocolPolicy String
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cachePolicyId String
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress Boolean
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    defaultTtl Integer
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    fieldLevelEncryptionId String
    Field level encryption configuration ID.
    forwardedValues DistributionOrderedCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    functionAssociations List<DistributionOrderedCacheBehaviorFunctionAssociation>
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambdaFunctionAssociations List<DistributionOrderedCacheBehaviorLambdaFunctionAssociation>
    A config block that triggers a lambda function with specific actions (maximum 4).
    maxTtl Integer
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    minTtl Integer
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    originRequestPolicyId String
    Unique identifier of the origin request policy that is attached to the behavior.
    realtimeLogConfigArn String
    ARN of the real-time log configuration that is attached to this cache behavior.
    responseHeadersPolicyId String
    Identifier for a response headers policy.
    smoothStreaming Boolean
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trustedKeyGroups List<String>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<String>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowedMethods string[]
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cachedMethods string[]
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    pathPattern string
    Pattern (for example, images/*.jpg) that specifies which requests you want this cache behavior to apply to.
    targetOriginId string
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewerProtocolPolicy string
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cachePolicyId string
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress boolean
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    defaultTtl number
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    fieldLevelEncryptionId string
    Field level encryption configuration ID.
    forwardedValues DistributionOrderedCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    functionAssociations DistributionOrderedCacheBehaviorFunctionAssociation[]
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambdaFunctionAssociations DistributionOrderedCacheBehaviorLambdaFunctionAssociation[]
    A config block that triggers a lambda function with specific actions (maximum 4).
    maxTtl number
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    minTtl number
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    originRequestPolicyId string
    Unique identifier of the origin request policy that is attached to the behavior.
    realtimeLogConfigArn string
    ARN of the real-time log configuration that is attached to this cache behavior.
    responseHeadersPolicyId string
    Identifier for a response headers policy.
    smoothStreaming boolean
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trustedKeyGroups string[]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners string[]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowed_methods Sequence[str]
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cached_methods Sequence[str]
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    path_pattern str
    Pattern (for example, images/*.jpg) that specifies which requests you want this cache behavior to apply to.
    target_origin_id str
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewer_protocol_policy str
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cache_policy_id str
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress bool
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    default_ttl int
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    field_level_encryption_id str
    Field level encryption configuration ID.
    forwarded_values DistributionOrderedCacheBehaviorForwardedValues
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    function_associations Sequence[DistributionOrderedCacheBehaviorFunctionAssociation]
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambda_function_associations Sequence[DistributionOrderedCacheBehaviorLambdaFunctionAssociation]
    A config block that triggers a lambda function with specific actions (maximum 4).
    max_ttl int
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    min_ttl int
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    origin_request_policy_id str
    Unique identifier of the origin request policy that is attached to the behavior.
    realtime_log_config_arn str
    ARN of the real-time log configuration that is attached to this cache behavior.
    response_headers_policy_id str
    Identifier for a response headers policy.
    smooth_streaming bool
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trusted_key_groups Sequence[str]
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trusted_signers Sequence[str]
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
    allowedMethods List<String>
    Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
    cachedMethods List<String>
    Controls whether CloudFront caches the response to requests using the specified HTTP methods.
    pathPattern String
    Pattern (for example, images/*.jpg) that specifies which requests you want this cache behavior to apply to.
    targetOriginId String
    Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
    viewerProtocolPolicy String
    Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of allow-all, https-only, or redirect-to-https.
    cachePolicyId String
    Unique identifier of the cache policy that is attached to the cache behavior. If configuring the default_cache_behavior either cache_policy_id or forwarded_values must be set.
    compress Boolean
    Whether you want CloudFront to automatically compress content for web requests that include Accept-Encoding: gzip in the request header (default: false).
    defaultTtl Number
    Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an Cache-Control max-age or Expires header.
    fieldLevelEncryptionId String
    Field level encryption configuration ID.
    forwardedValues Property Map
    The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
    functionAssociations List<Property Map>
    A config block that triggers a cloudfront function with specific actions (maximum 2).
    lambdaFunctionAssociations List<Property Map>
    A config block that triggers a lambda function with specific actions (maximum 4).
    maxTtl Number
    Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of Cache-Control max-age, Cache-Control s-maxage, and Expires headers.
    minTtl Number
    Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
    originRequestPolicyId String
    Unique identifier of the origin request policy that is attached to the behavior.
    realtimeLogConfigArn String
    ARN of the real-time log configuration that is attached to this cache behavior.
    responseHeadersPolicyId String
    Identifier for a response headers policy.
    smoothStreaming Boolean
    Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
    trustedKeyGroups List<String>
    List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
    trustedSigners List<String>
    List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.

    DistributionOrderedCacheBehaviorForwardedValues, DistributionOrderedCacheBehaviorForwardedValuesArgs

    Cookies DistributionOrderedCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    QueryString bool
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    Headers List<string>
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    QueryStringCacheKeys List<string>
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    Cookies DistributionOrderedCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    QueryString bool
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    Headers []string
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    QueryStringCacheKeys []string
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies DistributionOrderedCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    queryString Boolean
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers List<String>
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    queryStringCacheKeys List<String>
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies DistributionOrderedCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    queryString boolean
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers string[]
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    queryStringCacheKeys string[]
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies DistributionOrderedCacheBehaviorForwardedValuesCookies
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    query_string bool
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers Sequence[str]
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    query_string_cache_keys Sequence[str]
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.
    cookies Property Map
    The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
    queryString Boolean
    Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
    headers List<String>
    Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify * to include all headers.
    queryStringCacheKeys List<String>
    When specified, along with a value of true for query_string, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value of true for query_string, all query string keys are cached.

    DistributionOrderedCacheBehaviorForwardedValuesCookies, DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs

    Forward string
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    WhitelistedNames List<string>
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    Forward string
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    WhitelistedNames []string
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward String
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelistedNames List<String>
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward string
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelistedNames string[]
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward str
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelisted_names Sequence[str]
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.
    forward String
    Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify all, none or whitelist. If whitelist, you must include the subsequent whitelisted_names.
    whitelistedNames List<String>
    If you have specified whitelist to forward, the whitelisted cookies that you want CloudFront to forward to your origin.

    DistributionOrderedCacheBehaviorFunctionAssociation, DistributionOrderedCacheBehaviorFunctionAssociationArgs

    EventType string
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    FunctionArn string
    ARN of the CloudFront function.
    EventType string
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    FunctionArn string
    ARN of the CloudFront function.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    functionArn String
    ARN of the CloudFront function.
    eventType string
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    functionArn string
    ARN of the CloudFront function.
    event_type str
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    function_arn str
    ARN of the CloudFront function.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request or viewer-response.
    functionArn String
    ARN of the CloudFront function.

    DistributionOrderedCacheBehaviorLambdaFunctionAssociation, DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs

    EventType string
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    LambdaArn string
    ARN of the Lambda function.
    IncludeBody bool
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    EventType string
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    LambdaArn string
    ARN of the Lambda function.
    IncludeBody bool
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambdaArn String
    ARN of the Lambda function.
    includeBody Boolean
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    eventType string
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambdaArn string
    ARN of the Lambda function.
    includeBody boolean
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    event_type str
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambda_arn str
    ARN of the Lambda function.
    include_body bool
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.
    eventType String
    Specific event to trigger this function. Valid values: viewer-request, origin-request, viewer-response, origin-response.
    lambdaArn String
    ARN of the Lambda function.
    includeBody Boolean
    When set to true it exposes the request body to the lambda function. Defaults to false. Valid values: true, false.

    DistributionOrigin, DistributionOriginArgs

    DomainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    OriginId string
    ConnectionAttempts int
    Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
    ConnectionTimeout int
    Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
    CustomHeaders List<DistributionOriginCustomHeader>
    One or more sub-resources with name and value parameters that specify header data that will be sent to the origin (multiples allowed).
    CustomOriginConfig DistributionOriginCustomOriginConfig
    The CloudFront custom origin configuration information. If an S3 origin is required, use origin_access_control_id or s3_origin_config instead.
    OriginAccessControlId string
    Unique identifier of a [CloudFront origin access control][8] for this origin.
    OriginPath string
    Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    OriginShield DistributionOriginOriginShield
    CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
    S3OriginConfig DistributionOriginS3OriginConfig
    CloudFront S3 origin configuration information. If a custom origin is required, use custom_origin_config instead.
    DomainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    OriginId string
    ConnectionAttempts int
    Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
    ConnectionTimeout int
    Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
    CustomHeaders []DistributionOriginCustomHeader
    One or more sub-resources with name and value parameters that specify header data that will be sent to the origin (multiples allowed).
    CustomOriginConfig DistributionOriginCustomOriginConfig
    The CloudFront custom origin configuration information. If an S3 origin is required, use origin_access_control_id or s3_origin_config instead.
    OriginAccessControlId string
    Unique identifier of a [CloudFront origin access control][8] for this origin.
    OriginPath string
    Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    OriginShield DistributionOriginOriginShield
    CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
    S3OriginConfig DistributionOriginS3OriginConfig
    CloudFront S3 origin configuration information. If a custom origin is required, use custom_origin_config instead.
    domainName String
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    originId String
    connectionAttempts Integer
    Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
    connectionTimeout Integer
    Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
    customHeaders List<DistributionOriginCustomHeader>
    One or more sub-resources with name and value parameters that specify header data that will be sent to the origin (multiples allowed).
    customOriginConfig DistributionOriginCustomOriginConfig
    The CloudFront custom origin configuration information. If an S3 origin is required, use origin_access_control_id or s3_origin_config instead.
    originAccessControlId String
    Unique identifier of a [CloudFront origin access control][8] for this origin.
    originPath String
    Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    originShield DistributionOriginOriginShield
    CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
    s3OriginConfig DistributionOriginS3OriginConfig
    CloudFront S3 origin configuration information. If a custom origin is required, use custom_origin_config instead.
    domainName string
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    originId string
    connectionAttempts number
    Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
    connectionTimeout number
    Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
    customHeaders DistributionOriginCustomHeader[]
    One or more sub-resources with name and value parameters that specify header data that will be sent to the origin (multiples allowed).
    customOriginConfig DistributionOriginCustomOriginConfig
    The CloudFront custom origin configuration information. If an S3 origin is required, use origin_access_control_id or s3_origin_config instead.
    originAccessControlId string
    Unique identifier of a [CloudFront origin access control][8] for this origin.
    originPath string
    Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    originShield DistributionOriginOriginShield
    CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
    s3OriginConfig DistributionOriginS3OriginConfig
    CloudFront S3 origin configuration information. If a custom origin is required, use custom_origin_config instead.
    domain_name str
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    origin_id str
    connection_attempts int
    Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
    connection_timeout int
    Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
    custom_headers Sequence[DistributionOriginCustomHeader]
    One or more sub-resources with name and value parameters that specify header data that will be sent to the origin (multiples allowed).
    custom_origin_config DistributionOriginCustomOriginConfig
    The CloudFront custom origin configuration information. If an S3 origin is required, use origin_access_control_id or s3_origin_config instead.
    origin_access_control_id str
    Unique identifier of a [CloudFront origin access control][8] for this origin.
    origin_path str
    Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    origin_shield DistributionOriginOriginShield
    CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
    s3_origin_config DistributionOriginS3OriginConfig
    CloudFront S3 origin configuration information. If a custom origin is required, use custom_origin_config instead.
    domainName String
    Domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
    originId String
    connectionAttempts Number
    Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
    connectionTimeout Number
    Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
    customHeaders List<Property Map>
    One or more sub-resources with name and value parameters that specify header data that will be sent to the origin (multiples allowed).
    customOriginConfig Property Map
    The CloudFront custom origin configuration information. If an S3 origin is required, use origin_access_control_id or s3_origin_config instead.
    originAccessControlId String
    Unique identifier of a [CloudFront origin access control][8] for this origin.
    originPath String
    Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
    originShield Property Map
    CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
    s3OriginConfig Property Map
    CloudFront S3 origin configuration information. If a custom origin is required, use custom_origin_config instead.

    DistributionOriginCustomHeader, DistributionOriginCustomHeaderArgs

    Name string
    Value string
    Name string
    Value string
    name String
    value String
    name string
    value string
    name str
    value str
    name String
    value String

    DistributionOriginCustomOriginConfig, DistributionOriginCustomOriginConfigArgs

    HttpPort int
    HTTP port the custom origin listens on.
    HttpsPort int
    HTTPS port the custom origin listens on.
    OriginProtocolPolicy string
    Origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer.
    OriginSslProtocols List<string>
    List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: SSLv3, TLSv1, TLSv1.1, TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
    OriginKeepaliveTimeout int
    The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 5.
    OriginReadTimeout int
    The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 30.
    HttpPort int
    HTTP port the custom origin listens on.
    HttpsPort int
    HTTPS port the custom origin listens on.
    OriginProtocolPolicy string
    Origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer.
    OriginSslProtocols []string
    List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: SSLv3, TLSv1, TLSv1.1, TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
    OriginKeepaliveTimeout int
    The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 5.
    OriginReadTimeout int
    The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 30.
    httpPort Integer
    HTTP port the custom origin listens on.
    httpsPort Integer
    HTTPS port the custom origin listens on.
    originProtocolPolicy String
    Origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer.
    originSslProtocols List<String>
    List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: SSLv3, TLSv1, TLSv1.1, TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
    originKeepaliveTimeout Integer
    The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 5.
    originReadTimeout Integer
    The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 30.
    httpPort number
    HTTP port the custom origin listens on.
    httpsPort number
    HTTPS port the custom origin listens on.
    originProtocolPolicy string
    Origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer.
    originSslProtocols string[]
    List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: SSLv3, TLSv1, TLSv1.1, TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
    originKeepaliveTimeout number
    The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 5.
    originReadTimeout number
    The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 30.
    http_port int
    HTTP port the custom origin listens on.
    https_port int
    HTTPS port the custom origin listens on.
    origin_protocol_policy str
    Origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer.
    origin_ssl_protocols Sequence[str]
    List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: SSLv3, TLSv1, TLSv1.1, TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
    origin_keepalive_timeout int
    The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 5.
    origin_read_timeout int
    The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 30.
    httpPort Number
    HTTP port the custom origin listens on.
    httpsPort Number
    HTTPS port the custom origin listens on.
    originProtocolPolicy String
    Origin protocol policy to apply to your origin. One of http-only, https-only, or match-viewer.
    originSslProtocols List<String>
    List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values: SSLv3, TLSv1, TLSv1.1, TLSv1.2. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
    originKeepaliveTimeout Number
    The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 5.
    originReadTimeout Number
    The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of 60. But you can request an increase. Defaults to 30.

    DistributionOriginGroup, DistributionOriginGroupArgs

    FailoverCriteria DistributionOriginGroupFailoverCriteria
    The failover criteria for when to failover to the secondary origin.
    Members List<DistributionOriginGroupMember>
    Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
    OriginId string
    FailoverCriteria DistributionOriginGroupFailoverCriteria
    The failover criteria for when to failover to the secondary origin.
    Members []DistributionOriginGroupMember
    Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
    OriginId string
    failoverCriteria DistributionOriginGroupFailoverCriteria
    The failover criteria for when to failover to the secondary origin.
    members List<DistributionOriginGroupMember>
    Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
    originId String
    failoverCriteria DistributionOriginGroupFailoverCriteria
    The failover criteria for when to failover to the secondary origin.
    members DistributionOriginGroupMember[]
    Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
    originId string
    failover_criteria DistributionOriginGroupFailoverCriteria
    The failover criteria for when to failover to the secondary origin.
    members Sequence[DistributionOriginGroupMember]
    Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
    origin_id str
    failoverCriteria Property Map
    The failover criteria for when to failover to the secondary origin.
    members List<Property Map>
    Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
    originId String

    DistributionOriginGroupFailoverCriteria, DistributionOriginGroupFailoverCriteriaArgs

    StatusCodes List<int>
    List of HTTP status codes for the origin group.
    StatusCodes []int
    List of HTTP status codes for the origin group.
    statusCodes List<Integer>
    List of HTTP status codes for the origin group.
    statusCodes number[]
    List of HTTP status codes for the origin group.
    status_codes Sequence[int]
    List of HTTP status codes for the origin group.
    statusCodes List<Number>
    List of HTTP status codes for the origin group.

    DistributionOriginGroupMember, DistributionOriginGroupMemberArgs

    OriginId string
    OriginId string
    originId String
    originId string
    originId String

    DistributionOriginOriginShield, DistributionOriginOriginShieldArgs

    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    OriginShieldRegion string
    AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    OriginShieldRegion string
    AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    originShieldRegion String
    AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
    enabled boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    originShieldRegion string
    AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
    enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    origin_shield_region str
    AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    originShieldRegion String
    AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as us-east-2.

    DistributionOriginS3OriginConfig, DistributionOriginS3OriginConfigArgs

    OriginAccessIdentity string
    The CloudFront origin access identity to associate with the origin.
    OriginAccessIdentity string
    The CloudFront origin access identity to associate with the origin.
    originAccessIdentity String
    The CloudFront origin access identity to associate with the origin.
    originAccessIdentity string
    The CloudFront origin access identity to associate with the origin.
    origin_access_identity str
    The CloudFront origin access identity to associate with the origin.
    originAccessIdentity String
    The CloudFront origin access identity to associate with the origin.

    DistributionRestrictions, DistributionRestrictionsArgs

    DistributionRestrictionsGeoRestriction, DistributionRestrictionsGeoRestrictionArgs

    RestrictionType string
    Method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist.
    Locations List<string>
    [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). If the type is specified as none an empty array can be used.
    RestrictionType string
    Method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist.
    Locations []string
    [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). If the type is specified as none an empty array can be used.
    restrictionType String
    Method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist.
    locations List<String>
    [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). If the type is specified as none an empty array can be used.
    restrictionType string
    Method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist.
    locations string[]
    [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). If the type is specified as none an empty array can be used.
    restriction_type str
    Method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist.
    locations Sequence[str]
    [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). If the type is specified as none an empty array can be used.
    restrictionType String
    Method that you want to use to restrict distribution of your content by country: none, whitelist, or blacklist.
    locations List<String>
    [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist). If the type is specified as none an empty array can be used.

    DistributionTrustedKeyGroup, DistributionTrustedKeyGroupArgs

    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    Items List<DistributionTrustedKeyGroupItem>
    List of nested attributes for each trusted signer
    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    Items []DistributionTrustedKeyGroupItem
    List of nested attributes for each trusted signer
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items List<DistributionTrustedKeyGroupItem>
    List of nested attributes for each trusted signer
    enabled boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items DistributionTrustedKeyGroupItem[]
    List of nested attributes for each trusted signer
    enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items Sequence[DistributionTrustedKeyGroupItem]
    List of nested attributes for each trusted signer
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items List<Property Map>
    List of nested attributes for each trusted signer

    DistributionTrustedKeyGroupItem, DistributionTrustedKeyGroupItemArgs

    KeyGroupId string
    ID of the key group that contains the public keys.
    KeyPairIds List<string>
    Set of active CloudFront key pairs associated with the signer account
    KeyGroupId string
    ID of the key group that contains the public keys.
    KeyPairIds []string
    Set of active CloudFront key pairs associated with the signer account
    keyGroupId String
    ID of the key group that contains the public keys.
    keyPairIds List<String>
    Set of active CloudFront key pairs associated with the signer account
    keyGroupId string
    ID of the key group that contains the public keys.
    keyPairIds string[]
    Set of active CloudFront key pairs associated with the signer account
    key_group_id str
    ID of the key group that contains the public keys.
    key_pair_ids Sequence[str]
    Set of active CloudFront key pairs associated with the signer account
    keyGroupId String
    ID of the key group that contains the public keys.
    keyPairIds List<String>
    Set of active CloudFront key pairs associated with the signer account

    DistributionTrustedSigner, DistributionTrustedSignerArgs

    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    Items List<DistributionTrustedSignerItem>
    List of nested attributes for each trusted signer
    Enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    Items []DistributionTrustedSignerItem
    List of nested attributes for each trusted signer
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items List<DistributionTrustedSignerItem>
    List of nested attributes for each trusted signer
    enabled boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items DistributionTrustedSignerItem[]
    List of nested attributes for each trusted signer
    enabled bool
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items Sequence[DistributionTrustedSignerItem]
    List of nested attributes for each trusted signer
    enabled Boolean
    true if any of the AWS accounts listed as trusted signers have active CloudFront key pairs
    items List<Property Map>
    List of nested attributes for each trusted signer

    DistributionTrustedSignerItem, DistributionTrustedSignerItemArgs

    AwsAccountNumber string
    AWS account ID or self
    KeyPairIds List<string>
    Set of active CloudFront key pairs associated with the signer account
    AwsAccountNumber string
    AWS account ID or self
    KeyPairIds []string
    Set of active CloudFront key pairs associated with the signer account
    awsAccountNumber String
    AWS account ID or self
    keyPairIds List<String>
    Set of active CloudFront key pairs associated with the signer account
    awsAccountNumber string
    AWS account ID or self
    keyPairIds string[]
    Set of active CloudFront key pairs associated with the signer account
    aws_account_number str
    AWS account ID or self
    key_pair_ids Sequence[str]
    Set of active CloudFront key pairs associated with the signer account
    awsAccountNumber String
    AWS account ID or self
    keyPairIds List<String>
    Set of active CloudFront key pairs associated with the signer account

    DistributionViewerCertificate, DistributionViewerCertificateArgs

    AcmCertificateArn string
    ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1.
    CloudfrontDefaultCertificate bool
    true if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, acm_certificate_arn, or iam_certificate_id.
    IamCertificateId string
    IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, acm_certificate_arn, or cloudfront_default_certificate.
    MinimumProtocolVersion string
    Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include: TLSv1.2_2019 and TLSv1.2_2021. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified.
    SslSupportMethod string
    How you want CloudFront to serve HTTPS requests. One of vip, sni-only, or static-ip. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges.
    AcmCertificateArn string
    ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1.
    CloudfrontDefaultCertificate bool
    true if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, acm_certificate_arn, or iam_certificate_id.
    IamCertificateId string
    IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, acm_certificate_arn, or cloudfront_default_certificate.
    MinimumProtocolVersion string
    Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include: TLSv1.2_2019 and TLSv1.2_2021. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified.
    SslSupportMethod string
    How you want CloudFront to serve HTTPS requests. One of vip, sni-only, or static-ip. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges.
    acmCertificateArn String
    ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1.
    cloudfrontDefaultCertificate Boolean
    true if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, acm_certificate_arn, or iam_certificate_id.
    iamCertificateId String
    IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, acm_certificate_arn, or cloudfront_default_certificate.
    minimumProtocolVersion String
    Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include: TLSv1.2_2019 and TLSv1.2_2021. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified.
    sslSupportMethod String
    How you want CloudFront to serve HTTPS requests. One of vip, sni-only, or static-ip. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges.
    acmCertificateArn string
    ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1.
    cloudfrontDefaultCertificate boolean
    true if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, acm_certificate_arn, or iam_certificate_id.
    iamCertificateId string
    IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, acm_certificate_arn, or cloudfront_default_certificate.
    minimumProtocolVersion string
    Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include: TLSv1.2_2019 and TLSv1.2_2021. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified.
    sslSupportMethod string
    How you want CloudFront to serve HTTPS requests. One of vip, sni-only, or static-ip. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges.
    acm_certificate_arn str
    ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1.
    cloudfront_default_certificate bool
    true if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, acm_certificate_arn, or iam_certificate_id.
    iam_certificate_id str
    IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, acm_certificate_arn, or cloudfront_default_certificate.
    minimum_protocol_version str
    Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include: TLSv1.2_2019 and TLSv1.2_2021. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified.
    ssl_support_method str
    How you want CloudFront to serve HTTPS requests. One of vip, sni-only, or static-ip. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges.
    acmCertificateArn String
    ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this, cloudfront_default_certificate, or iam_certificate_id. The ACM certificate must be in US-EAST-1.
    cloudfrontDefaultCertificate Boolean
    true if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, acm_certificate_arn, or iam_certificate_id.
    iamCertificateId String
    IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, acm_certificate_arn, or cloudfront_default_certificate.
    minimumProtocolVersion String
    Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if cloudfront_default_certificate = false. See all possible values in this table under "Security policy." Some examples include: TLSv1.2_2019 and TLSv1.2_2021. Default: TLSv1. NOTE: If you are using a custom certificate (specified with acm_certificate_arn or iam_certificate_id), and have specified sni-only in ssl_support_method, TLSv1 or later must be specified. If you have specified vip in ssl_support_method, only SSLv3 or TLSv1 can be specified. If you have specified cloudfront_default_certificate, TLSv1 must be specified.
    sslSupportMethod String
    How you want CloudFront to serve HTTPS requests. One of vip, sni-only, or static-ip. Required if you specify acm_certificate_arn or iam_certificate_id. NOTE: vip causes CloudFront to use a dedicated IP address and may incur extra charges.

    Import

    Using pulumi import, import CloudFront Distributions using the id. For example:

    $ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.60.0 published on Tuesday, Nov 19, 2024 by Pulumi