aws.cloudfront.Distribution
Explore with Pulumi AI
Creates an Amazon CloudFront web distribution.
For information about CloudFront distributions, see the Amazon CloudFront Developer Guide. For specific information about creating CloudFront web distributions, see the POST Distribution page in the Amazon CloudFront API Reference.
NOTE: CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the
retain_on_delete
flag.
Example Usage
S3 Origin
The example below creates a CloudFront distribution with an S3 origin.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const b = new aws.s3.BucketV2("b", {
bucket: "mybucket",
tags: {
Name: "My bucket",
},
});
const bAcl = new aws.s3.BucketAclV2("b_acl", {
bucket: b.id,
acl: "private",
});
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
origins: [{
domainName: b.bucketRegionalDomainName,
originAccessControlId: _default.id,
originId: s3OriginId,
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
loggingConfig: {
includeCookies: false,
bucket: "mylogs.s3.amazonaws.com",
prefix: "myprefix",
},
aliases: [
"mysite.example.com",
"yoursite.example.com",
],
defaultCacheBehavior: {
allowedMethods: [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
viewerProtocolPolicy: "allow-all",
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
},
orderedCacheBehaviors: [
{
pathPattern: "/content/immutable/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
headers: ["Origin"],
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 86400,
maxTtl: 31536000,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
{
pathPattern: "/content/*",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
cachedMethods: [
"GET",
"HEAD",
],
targetOriginId: s3OriginId,
forwardedValues: {
queryString: false,
cookies: {
forward: "none",
},
},
minTtl: 0,
defaultTtl: 3600,
maxTtl: 86400,
compress: true,
viewerProtocolPolicy: "redirect-to-https",
},
],
priceClass: "PriceClass_200",
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
tags: {
Environment: "production",
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
import pulumi
import pulumi_aws as aws
b = aws.s3.BucketV2("b",
bucket="mybucket",
tags={
"Name": "My bucket",
})
b_acl = aws.s3.BucketAclV2("b_acl",
bucket=b.id,
acl="private")
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[{
"domain_name": b.bucket_regional_domain_name,
"origin_access_control_id": default["id"],
"origin_id": s3_origin_id,
}],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
logging_config={
"include_cookies": False,
"bucket": "mylogs.s3.amazonaws.com",
"prefix": "myprefix",
},
aliases=[
"mysite.example.com",
"yoursite.example.com",
],
default_cache_behavior={
"allowed_methods": [
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
],
"cached_methods": [
"GET",
"HEAD",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"cookies": {
"forward": "none",
},
},
"viewer_protocol_policy": "allow-all",
"min_ttl": 0,
"default_ttl": 3600,
"max_ttl": 86400,
},
ordered_cache_behaviors=[
{
"path_pattern": "/content/immutable/*",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"cached_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"headers": ["Origin"],
"cookies": {
"forward": "none",
},
},
"min_ttl": 0,
"default_ttl": 86400,
"max_ttl": 31536000,
"compress": True,
"viewer_protocol_policy": "redirect-to-https",
},
{
"path_pattern": "/content/*",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"cached_methods": [
"GET",
"HEAD",
],
"target_origin_id": s3_origin_id,
"forwarded_values": {
"query_string": False,
"cookies": {
"forward": "none",
},
},
"min_ttl": 0,
"default_ttl": 3600,
"max_ttl": 86400,
"compress": True,
"viewer_protocol_policy": "redirect-to-https",
},
],
price_class="PriceClass_200",
restrictions={
"geo_restriction": {
"restriction_type": "whitelist",
"locations": [
"US",
"CA",
"GB",
"DE",
],
},
},
tags={
"Environment": "production",
},
viewer_certificate={
"cloudfront_default_certificate": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/s3"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
b, err := s3.NewBucketV2(ctx, "b", &s3.BucketV2Args{
Bucket: pulumi.String("mybucket"),
Tags: pulumi.StringMap{
"Name": pulumi.String("My bucket"),
},
})
if err != nil {
return err
}
_, err = s3.NewBucketAclV2(ctx, "b_acl", &s3.BucketAclV2Args{
Bucket: b.ID(),
Acl: pulumi.String("private"),
})
if err != nil {
return err
}
s3OriginId := "myS3Origin"
_, err = cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: b.BucketRegionalDomainName,
OriginAccessControlId: pulumi.Any(_default.Id),
OriginId: pulumi.String(s3OriginId),
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
IncludeCookies: pulumi.Bool(false),
Bucket: pulumi.String("mylogs.s3.amazonaws.com"),
Prefix: pulumi.String("myprefix"),
},
Aliases: pulumi.StringArray{
pulumi.String("mysite.example.com"),
pulumi.String("yoursite.example.com"),
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("DELETE"),
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
pulumi.String("PATCH"),
pulumi.String("POST"),
pulumi.String("PUT"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
ViewerProtocolPolicy: pulumi.String("allow-all"),
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/immutable/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("Origin"),
},
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(86400),
MaxTtl: pulumi.Int(31536000),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
&cloudfront.DistributionOrderedCacheBehaviorArgs{
PathPattern: pulumi.String("/content/*"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
CachedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
},
TargetOriginId: pulumi.String(s3OriginId),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
QueryString: pulumi.Bool(false),
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("none"),
},
},
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(3600),
MaxTtl: pulumi.Int(86400),
Compress: pulumi.Bool(true),
ViewerProtocolPolicy: pulumi.String("redirect-to-https"),
},
},
PriceClass: pulumi.String("PriceClass_200"),
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
Tags: pulumi.StringMap{
"Environment": pulumi.String("production"),
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var b = new Aws.S3.BucketV2("b", new()
{
Bucket = "mybucket",
Tags =
{
{ "Name", "My bucket" },
},
});
var bAcl = new Aws.S3.BucketAclV2("b_acl", new()
{
Bucket = b.Id,
Acl = "private",
});
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = b.BucketRegionalDomainName,
OriginAccessControlId = @default.Id,
OriginId = s3OriginId,
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
IncludeCookies = false,
Bucket = "mylogs.s3.amazonaws.com",
Prefix = "myprefix",
},
Aliases = new[]
{
"mysite.example.com",
"yoursite.example.com",
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
ViewerProtocolPolicy = "allow-all",
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/immutable/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Headers = new[]
{
"Origin",
},
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 86400,
MaxTtl = 31536000,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
PathPattern = "/content/*",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
CachedMethods = new[]
{
"GET",
"HEAD",
},
TargetOriginId = s3OriginId,
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
QueryString = false,
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "none",
},
},
MinTtl = 0,
DefaultTtl = 3600,
MaxTtl = 86400,
Compress = true,
ViewerProtocolPolicy = "redirect-to-https",
},
},
PriceClass = "PriceClass_200",
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
Tags =
{
{ "Environment", "production" },
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.s3.BucketV2;
import com.pulumi.aws.s3.BucketV2Args;
import com.pulumi.aws.s3.BucketAclV2;
import com.pulumi.aws.s3.BucketAclV2Args;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionLoggingConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var b = new BucketV2("b", BucketV2Args.builder()
.bucket("mybucket")
.tags(Map.of("Name", "My bucket"))
.build());
var bAcl = new BucketAclV2("bAcl", BucketAclV2Args.builder()
.bucket(b.id())
.acl("private")
.build());
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(b.bucketRegionalDomainName())
.originAccessControlId(default_.id())
.originId(s3OriginId)
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.loggingConfig(DistributionLoggingConfigArgs.builder()
.includeCookies(false)
.bucket("mylogs.s3.amazonaws.com")
.prefix("myprefix")
.build())
.aliases(
"mysite.example.com",
"yoursite.example.com")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods(
"DELETE",
"GET",
"HEAD",
"OPTIONS",
"PATCH",
"POST",
"PUT")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.viewerProtocolPolicy("allow-all")
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.build())
.orderedCacheBehaviors(
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/immutable/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.headers("Origin")
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(86400)
.maxTtl(31536000)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build(),
DistributionOrderedCacheBehaviorArgs.builder()
.pathPattern("/content/*")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.cachedMethods(
"GET",
"HEAD")
.targetOriginId(s3OriginId)
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.queryString(false)
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("none")
.build())
.build())
.minTtl(0)
.defaultTtl(3600)
.maxTtl(86400)
.compress(true)
.viewerProtocolPolicy("redirect-to-https")
.build())
.priceClass("PriceClass_200")
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.tags(Map.of("Environment", "production"))
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
resources:
b:
type: aws:s3:BucketV2
properties:
bucket: mybucket
tags:
Name: My bucket
bAcl:
type: aws:s3:BucketAclV2
name: b_acl
properties:
bucket: ${b.id}
acl: private
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
origins:
- domainName: ${b.bucketRegionalDomainName}
originAccessControlId: ${default.id}
originId: ${s3OriginId}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
loggingConfig:
includeCookies: false
bucket: mylogs.s3.amazonaws.com
prefix: myprefix
aliases:
- mysite.example.com
- yoursite.example.com
defaultCacheBehavior:
allowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
viewerProtocolPolicy: allow-all
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
orderedCacheBehaviors:
- pathPattern: /content/immutable/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
headers:
- Origin
cookies:
forward: none
minTtl: 0
defaultTtl: 86400
maxTtl: 3.1536e+07
compress: true
viewerProtocolPolicy: redirect-to-https
- pathPattern: /content/*
allowedMethods:
- GET
- HEAD
- OPTIONS
cachedMethods:
- GET
- HEAD
targetOriginId: ${s3OriginId}
forwardedValues:
queryString: false
cookies:
forward: none
minTtl: 0
defaultTtl: 3600
maxTtl: 86400
compress: true
viewerProtocolPolicy: redirect-to-https
priceClass: PriceClass_200
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
tags:
Environment: production
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
With Failover Routing
The example below creates a CloudFront distribution with an origin group for failover routing.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
originGroups: [{
originId: "groupS3",
failoverCriteria: {
statusCodes: [
403,
404,
500,
502,
],
},
members: [
{
originId: "primaryS3",
},
{
originId: "failoverS3",
},
],
}],
origins: [
{
domainName: primary.bucketRegionalDomainName,
originId: "primaryS3",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
},
{
domainName: failover.bucketRegionalDomainName,
originId: "failoverS3",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
},
],
defaultCacheBehavior: {
targetOriginId: "groupS3",
},
});
import pulumi
import pulumi_aws as aws
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origin_groups=[{
"origin_id": "groupS3",
"failover_criteria": {
"status_codes": [
403,
404,
500,
502,
],
},
"members": [
{
"origin_id": "primaryS3",
},
{
"origin_id": "failoverS3",
},
],
}],
origins=[
{
"domain_name": primary["bucketRegionalDomainName"],
"origin_id": "primaryS3",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
},
{
"domain_name": failover["bucketRegionalDomainName"],
"origin_id": "failoverS3",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
},
],
default_cache_behavior={
"target_origin_id": "groupS3",
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
OriginId: pulumi.String("groupS3"),
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(403),
pulumi.Int(404),
pulumi.Int(500),
pulumi.Int(502),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("primaryS3"),
},
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("failoverS3"),
},
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(primary.BucketRegionalDomainName),
OriginId: pulumi.String("primaryS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(failover.BucketRegionalDomainName),
OriginId: pulumi.String("failoverS3"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
TargetOriginId: pulumi.String("groupS3"),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
OriginId = "groupS3",
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
403,
404,
500,
502,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "primaryS3",
},
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "failoverS3",
},
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = primary.BucketRegionalDomainName,
OriginId = "primaryS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = failover.BucketRegionalDomainName,
OriginId = "failoverS3",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
TargetOriginId = "groupS3",
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginGroupFailoverCriteriaArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.originGroups(DistributionOriginGroupArgs.builder()
.originId("groupS3")
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(
403,
404,
500,
502)
.build())
.members(
DistributionOriginGroupMemberArgs.builder()
.originId("primaryS3")
.build(),
DistributionOriginGroupMemberArgs.builder()
.originId("failoverS3")
.build())
.build())
.origins(
DistributionOriginArgs.builder()
.domainName(primary.bucketRegionalDomainName())
.originId("primaryS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build(),
DistributionOriginArgs.builder()
.domainName(failover.bucketRegionalDomainName())
.originId("failoverS3")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.targetOriginId("groupS3")
.build())
.build());
}
}
resources:
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
originGroups:
- originId: groupS3
failoverCriteria:
statusCodes:
- 403
- 404
- 500
- 502
members:
- originId: primaryS3
- originId: failoverS3
origins:
- domainName: ${primary.bucketRegionalDomainName}
originId: primaryS3
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
- domainName: ${failover.bucketRegionalDomainName}
originId: failoverS3
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
defaultCacheBehavior:
targetOriginId: groupS3
With Managed Caching Policy
The example below creates a CloudFront distribution with an AWS managed caching policy.
import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";
const s3OriginId = "myS3Origin";
const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", {
origins: [{
domainName: primary.bucketRegionalDomainName,
originId: "myS3Origin",
s3OriginConfig: {
originAccessIdentity: _default.cloudfrontAccessIdentityPath,
},
}],
enabled: true,
isIpv6Enabled: true,
comment: "Some comment",
defaultRootObject: "index.html",
defaultCacheBehavior: {
cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
allowedMethods: [
"GET",
"HEAD",
"OPTIONS",
],
targetOriginId: s3OriginId,
},
restrictions: {
geoRestriction: {
restrictionType: "whitelist",
locations: [
"US",
"CA",
"GB",
"DE",
],
},
},
viewerCertificate: {
cloudfrontDefaultCertificate: true,
},
});
import pulumi
import pulumi_aws as aws
s3_origin_id = "myS3Origin"
s3_distribution = aws.cloudfront.Distribution("s3_distribution",
origins=[{
"domain_name": primary["bucketRegionalDomainName"],
"origin_id": "myS3Origin",
"s3_origin_config": {
"origin_access_identity": default["cloudfrontAccessIdentityPath"],
},
}],
enabled=True,
is_ipv6_enabled=True,
comment="Some comment",
default_root_object="index.html",
default_cache_behavior={
"cache_policy_id": "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
"allowed_methods": [
"GET",
"HEAD",
"OPTIONS",
],
"target_origin_id": s3_origin_id,
},
restrictions={
"geo_restriction": {
"restriction_type": "whitelist",
"locations": [
"US",
"CA",
"GB",
"DE",
],
},
},
viewer_certificate={
"cloudfront_default_certificate": True,
})
package main
import (
"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
)
func main() {
pulumi.Run(func(ctx *pulumi.Context) error {
s3OriginId := "myS3Origin"
_, err := cloudfront.NewDistribution(ctx, "s3_distribution", &cloudfront.DistributionArgs{
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.Any(primary.BucketRegionalDomainName),
OriginId: pulumi.String("myS3Origin"),
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.Any(_default.CloudfrontAccessIdentityPath),
},
},
},
Enabled: pulumi.Bool(true),
IsIpv6Enabled: pulumi.Bool(true),
Comment: pulumi.String("Some comment"),
DefaultRootObject: pulumi.String("index.html"),
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
CachePolicyId: pulumi.String("4135ea2d-6df8-44a3-9df3-4b5a84be39ad"),
AllowedMethods: pulumi.StringArray{
pulumi.String("GET"),
pulumi.String("HEAD"),
pulumi.String("OPTIONS"),
},
TargetOriginId: pulumi.String(s3OriginId),
},
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("whitelist"),
Locations: pulumi.StringArray{
pulumi.String("US"),
pulumi.String("CA"),
pulumi.String("GB"),
pulumi.String("DE"),
},
},
},
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
CloudfrontDefaultCertificate: pulumi.Bool(true),
},
})
if err != nil {
return err
}
return nil
})
}
using System.Collections.Generic;
using System.Linq;
using Pulumi;
using Aws = Pulumi.Aws;
return await Deployment.RunAsync(() =>
{
var s3OriginId = "myS3Origin";
var s3Distribution = new Aws.CloudFront.Distribution("s3_distribution", new()
{
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = primary.BucketRegionalDomainName,
OriginId = "myS3Origin",
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = @default.CloudfrontAccessIdentityPath,
},
},
},
Enabled = true,
IsIpv6Enabled = true,
Comment = "Some comment",
DefaultRootObject = "index.html",
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
CachePolicyId = "4135ea2d-6df8-44a3-9df3-4b5a84be39ad",
AllowedMethods = new[]
{
"GET",
"HEAD",
"OPTIONS",
},
TargetOriginId = s3OriginId,
},
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "whitelist",
Locations = new[]
{
"US",
"CA",
"GB",
"DE",
},
},
},
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
CloudfrontDefaultCertificate = true,
},
});
});
package generated_program;
import com.pulumi.Context;
import com.pulumi.Pulumi;
import com.pulumi.core.Output;
import com.pulumi.aws.cloudfront.Distribution;
import com.pulumi.aws.cloudfront.DistributionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionOriginS3OriginConfigArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionDefaultCacheBehaviorArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionRestrictionsGeoRestrictionArgs;
import com.pulumi.aws.cloudfront.inputs.DistributionViewerCertificateArgs;
import java.util.List;
import java.util.ArrayList;
import java.util.Map;
import java.io.File;
import java.nio.file.Files;
import java.nio.file.Paths;
public class App {
public static void main(String[] args) {
Pulumi.run(App::stack);
}
public static void stack(Context ctx) {
final var s3OriginId = "myS3Origin";
var s3Distribution = new Distribution("s3Distribution", DistributionArgs.builder()
.origins(DistributionOriginArgs.builder()
.domainName(primary.bucketRegionalDomainName())
.originId("myS3Origin")
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity(default_.cloudfrontAccessIdentityPath())
.build())
.build())
.enabled(true)
.isIpv6Enabled(true)
.comment("Some comment")
.defaultRootObject("index.html")
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.cachePolicyId("4135ea2d-6df8-44a3-9df3-4b5a84be39ad")
.allowedMethods(
"GET",
"HEAD",
"OPTIONS")
.targetOriginId(s3OriginId)
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("whitelist")
.locations(
"US",
"CA",
"GB",
"DE")
.build())
.build())
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.cloudfrontDefaultCertificate(true)
.build())
.build());
}
}
resources:
s3Distribution:
type: aws:cloudfront:Distribution
name: s3_distribution
properties:
origins:
- domainName: ${primary.bucketRegionalDomainName}
originId: myS3Origin
s3OriginConfig:
originAccessIdentity: ${default.cloudfrontAccessIdentityPath}
enabled: true
isIpv6Enabled: true
comment: Some comment
defaultRootObject: index.html
defaultCacheBehavior:
cachePolicyId: 4135ea2d-6df8-44a3-9df3-4b5a84be39ad
allowedMethods:
- GET
- HEAD
- OPTIONS
targetOriginId: ${s3OriginId}
restrictions:
geoRestriction:
restrictionType: whitelist
locations:
- US
- CA
- GB
- DE
viewerCertificate:
cloudfrontDefaultCertificate: true
variables:
s3OriginId: myS3Origin
Create Distribution Resource
Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.
Constructor syntax
new Distribution(name: string, args: DistributionArgs, opts?: CustomResourceOptions);
@overload
def Distribution(resource_name: str,
args: DistributionArgs,
opts: Optional[ResourceOptions] = None)
@overload
def Distribution(resource_name: str,
opts: Optional[ResourceOptions] = None,
enabled: Optional[bool] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
http_version: Optional[str] = None,
is_ipv6_enabled: Optional[bool] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
aliases: Optional[Sequence[str]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
default_root_object: Optional[str] = None,
price_class: Optional[str] = None,
continuous_deployment_policy_id: Optional[str] = None,
retain_on_delete: Optional[bool] = None,
staging: Optional[bool] = None,
tags: Optional[Mapping[str, str]] = None,
comment: Optional[str] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None)
func NewDistribution(ctx *Context, name string, args DistributionArgs, opts ...ResourceOption) (*Distribution, error)
public Distribution(string name, DistributionArgs args, CustomResourceOptions? opts = null)
public Distribution(String name, DistributionArgs args)
public Distribution(String name, DistributionArgs args, CustomResourceOptions options)
type: aws:cloudfront:Distribution
properties: # The arguments to resource properties.
options: # Bag of options to control resource's behavior.
Parameters
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- resource_name str
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOptions
- Bag of options to control resource's behavior.
- ctx Context
- Context object for the current deployment.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts ResourceOption
- Bag of options to control resource's behavior.
- name string
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- opts CustomResourceOptions
- Bag of options to control resource's behavior.
- name String
- The unique name of the resource.
- args DistributionArgs
- The arguments to resource properties.
- options CustomResourceOptions
- Bag of options to control resource's behavior.
Constructor example
The following reference example uses placeholder values for all input properties.
var distributionResource = new Aws.CloudFront.Distribution("distributionResource", new()
{
Enabled = false,
ViewerCertificate = new Aws.CloudFront.Inputs.DistributionViewerCertificateArgs
{
AcmCertificateArn = "string",
CloudfrontDefaultCertificate = false,
IamCertificateId = "string",
MinimumProtocolVersion = "string",
SslSupportMethod = "string",
},
Restrictions = new Aws.CloudFront.Inputs.DistributionRestrictionsArgs
{
GeoRestriction = new Aws.CloudFront.Inputs.DistributionRestrictionsGeoRestrictionArgs
{
RestrictionType = "string",
Locations = new[]
{
"string",
},
},
},
Origins = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginArgs
{
DomainName = "string",
OriginId = "string",
ConnectionAttempts = 0,
ConnectionTimeout = 0,
CustomHeaders = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginCustomHeaderArgs
{
Name = "string",
Value = "string",
},
},
CustomOriginConfig = new Aws.CloudFront.Inputs.DistributionOriginCustomOriginConfigArgs
{
HttpPort = 0,
HttpsPort = 0,
OriginProtocolPolicy = "string",
OriginSslProtocols = new[]
{
"string",
},
OriginKeepaliveTimeout = 0,
OriginReadTimeout = 0,
},
OriginAccessControlId = "string",
OriginPath = "string",
OriginShield = new Aws.CloudFront.Inputs.DistributionOriginOriginShieldArgs
{
Enabled = false,
OriginShieldRegion = "string",
},
S3OriginConfig = new Aws.CloudFront.Inputs.DistributionOriginS3OriginConfigArgs
{
OriginAccessIdentity = "string",
},
},
},
DefaultCacheBehavior = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorArgs
{
AllowedMethods = new[]
{
"string",
},
ViewerProtocolPolicy = "string",
CachedMethods = new[]
{
"string",
},
TargetOriginId = "string",
LambdaFunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
{
EventType = "string",
LambdaArn = "string",
IncludeBody = false,
},
},
OriginRequestPolicyId = "string",
ForwardedValues = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesArgs
{
Cookies = new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "string",
WhitelistedNames = new[]
{
"string",
},
},
QueryString = false,
Headers = new[]
{
"string",
},
QueryStringCacheKeys = new[]
{
"string",
},
},
FunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionDefaultCacheBehaviorFunctionAssociationArgs
{
EventType = "string",
FunctionArn = "string",
},
},
DefaultTtl = 0,
MaxTtl = 0,
MinTtl = 0,
FieldLevelEncryptionId = "string",
RealtimeLogConfigArn = "string",
ResponseHeadersPolicyId = "string",
SmoothStreaming = false,
Compress = false,
TrustedKeyGroups = new[]
{
"string",
},
TrustedSigners = new[]
{
"string",
},
CachePolicyId = "string",
},
OrderedCacheBehaviors = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorArgs
{
AllowedMethods = new[]
{
"string",
},
ViewerProtocolPolicy = "string",
CachedMethods = new[]
{
"string",
},
TargetOriginId = "string",
PathPattern = "string",
MinTtl = 0,
DefaultTtl = 0,
FunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorFunctionAssociationArgs
{
EventType = "string",
FunctionArn = "string",
},
},
LambdaFunctionAssociations = new[]
{
new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
{
EventType = "string",
LambdaArn = "string",
IncludeBody = false,
},
},
MaxTtl = 0,
FieldLevelEncryptionId = "string",
OriginRequestPolicyId = "string",
ForwardedValues = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesArgs
{
Cookies = new Aws.CloudFront.Inputs.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
{
Forward = "string",
WhitelistedNames = new[]
{
"string",
},
},
QueryString = false,
Headers = new[]
{
"string",
},
QueryStringCacheKeys = new[]
{
"string",
},
},
RealtimeLogConfigArn = "string",
ResponseHeadersPolicyId = "string",
SmoothStreaming = false,
Compress = false,
TrustedKeyGroups = new[]
{
"string",
},
TrustedSigners = new[]
{
"string",
},
CachePolicyId = "string",
},
},
CustomErrorResponses = new[]
{
new Aws.CloudFront.Inputs.DistributionCustomErrorResponseArgs
{
ErrorCode = 0,
ErrorCachingMinTtl = 0,
ResponseCode = 0,
ResponsePagePath = "string",
},
},
HttpVersion = "string",
IsIpv6Enabled = false,
LoggingConfig = new Aws.CloudFront.Inputs.DistributionLoggingConfigArgs
{
Bucket = "string",
IncludeCookies = false,
Prefix = "string",
},
Aliases = new[]
{
"string",
},
OriginGroups = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupArgs
{
FailoverCriteria = new Aws.CloudFront.Inputs.DistributionOriginGroupFailoverCriteriaArgs
{
StatusCodes = new[]
{
0,
},
},
Members = new[]
{
new Aws.CloudFront.Inputs.DistributionOriginGroupMemberArgs
{
OriginId = "string",
},
},
OriginId = "string",
},
},
DefaultRootObject = "string",
PriceClass = "string",
ContinuousDeploymentPolicyId = "string",
RetainOnDelete = false,
Staging = false,
Tags =
{
{ "string", "string" },
},
Comment = "string",
WaitForDeployment = false,
WebAclId = "string",
});
example, err := cloudfront.NewDistribution(ctx, "distributionResource", &cloudfront.DistributionArgs{
Enabled: pulumi.Bool(false),
ViewerCertificate: &cloudfront.DistributionViewerCertificateArgs{
AcmCertificateArn: pulumi.String("string"),
CloudfrontDefaultCertificate: pulumi.Bool(false),
IamCertificateId: pulumi.String("string"),
MinimumProtocolVersion: pulumi.String("string"),
SslSupportMethod: pulumi.String("string"),
},
Restrictions: &cloudfront.DistributionRestrictionsArgs{
GeoRestriction: &cloudfront.DistributionRestrictionsGeoRestrictionArgs{
RestrictionType: pulumi.String("string"),
Locations: pulumi.StringArray{
pulumi.String("string"),
},
},
},
Origins: cloudfront.DistributionOriginArray{
&cloudfront.DistributionOriginArgs{
DomainName: pulumi.String("string"),
OriginId: pulumi.String("string"),
ConnectionAttempts: pulumi.Int(0),
ConnectionTimeout: pulumi.Int(0),
CustomHeaders: cloudfront.DistributionOriginCustomHeaderArray{
&cloudfront.DistributionOriginCustomHeaderArgs{
Name: pulumi.String("string"),
Value: pulumi.String("string"),
},
},
CustomOriginConfig: &cloudfront.DistributionOriginCustomOriginConfigArgs{
HttpPort: pulumi.Int(0),
HttpsPort: pulumi.Int(0),
OriginProtocolPolicy: pulumi.String("string"),
OriginSslProtocols: pulumi.StringArray{
pulumi.String("string"),
},
OriginKeepaliveTimeout: pulumi.Int(0),
OriginReadTimeout: pulumi.Int(0),
},
OriginAccessControlId: pulumi.String("string"),
OriginPath: pulumi.String("string"),
OriginShield: &cloudfront.DistributionOriginOriginShieldArgs{
Enabled: pulumi.Bool(false),
OriginShieldRegion: pulumi.String("string"),
},
S3OriginConfig: &cloudfront.DistributionOriginS3OriginConfigArgs{
OriginAccessIdentity: pulumi.String("string"),
},
},
},
DefaultCacheBehavior: &cloudfront.DistributionDefaultCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
ViewerProtocolPolicy: pulumi.String("string"),
CachedMethods: pulumi.StringArray{
pulumi.String("string"),
},
TargetOriginId: pulumi.String("string"),
LambdaFunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArray{
&cloudfront.DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs{
EventType: pulumi.String("string"),
LambdaArn: pulumi.String("string"),
IncludeBody: pulumi.Bool(false),
},
},
OriginRequestPolicyId: pulumi.String("string"),
ForwardedValues: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesArgs{
Cookies: &cloudfront.DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("string"),
WhitelistedNames: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("string"),
},
QueryStringCacheKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
FunctionAssociations: cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArray{
&cloudfront.DistributionDefaultCacheBehaviorFunctionAssociationArgs{
EventType: pulumi.String("string"),
FunctionArn: pulumi.String("string"),
},
},
DefaultTtl: pulumi.Int(0),
MaxTtl: pulumi.Int(0),
MinTtl: pulumi.Int(0),
FieldLevelEncryptionId: pulumi.String("string"),
RealtimeLogConfigArn: pulumi.String("string"),
ResponseHeadersPolicyId: pulumi.String("string"),
SmoothStreaming: pulumi.Bool(false),
Compress: pulumi.Bool(false),
TrustedKeyGroups: pulumi.StringArray{
pulumi.String("string"),
},
TrustedSigners: pulumi.StringArray{
pulumi.String("string"),
},
CachePolicyId: pulumi.String("string"),
},
OrderedCacheBehaviors: cloudfront.DistributionOrderedCacheBehaviorArray{
&cloudfront.DistributionOrderedCacheBehaviorArgs{
AllowedMethods: pulumi.StringArray{
pulumi.String("string"),
},
ViewerProtocolPolicy: pulumi.String("string"),
CachedMethods: pulumi.StringArray{
pulumi.String("string"),
},
TargetOriginId: pulumi.String("string"),
PathPattern: pulumi.String("string"),
MinTtl: pulumi.Int(0),
DefaultTtl: pulumi.Int(0),
FunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArray{
&cloudfront.DistributionOrderedCacheBehaviorFunctionAssociationArgs{
EventType: pulumi.String("string"),
FunctionArn: pulumi.String("string"),
},
},
LambdaFunctionAssociations: cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArray{
&cloudfront.DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs{
EventType: pulumi.String("string"),
LambdaArn: pulumi.String("string"),
IncludeBody: pulumi.Bool(false),
},
},
MaxTtl: pulumi.Int(0),
FieldLevelEncryptionId: pulumi.String("string"),
OriginRequestPolicyId: pulumi.String("string"),
ForwardedValues: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesArgs{
Cookies: &cloudfront.DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs{
Forward: pulumi.String("string"),
WhitelistedNames: pulumi.StringArray{
pulumi.String("string"),
},
},
QueryString: pulumi.Bool(false),
Headers: pulumi.StringArray{
pulumi.String("string"),
},
QueryStringCacheKeys: pulumi.StringArray{
pulumi.String("string"),
},
},
RealtimeLogConfigArn: pulumi.String("string"),
ResponseHeadersPolicyId: pulumi.String("string"),
SmoothStreaming: pulumi.Bool(false),
Compress: pulumi.Bool(false),
TrustedKeyGroups: pulumi.StringArray{
pulumi.String("string"),
},
TrustedSigners: pulumi.StringArray{
pulumi.String("string"),
},
CachePolicyId: pulumi.String("string"),
},
},
CustomErrorResponses: cloudfront.DistributionCustomErrorResponseArray{
&cloudfront.DistributionCustomErrorResponseArgs{
ErrorCode: pulumi.Int(0),
ErrorCachingMinTtl: pulumi.Int(0),
ResponseCode: pulumi.Int(0),
ResponsePagePath: pulumi.String("string"),
},
},
HttpVersion: pulumi.String("string"),
IsIpv6Enabled: pulumi.Bool(false),
LoggingConfig: &cloudfront.DistributionLoggingConfigArgs{
Bucket: pulumi.String("string"),
IncludeCookies: pulumi.Bool(false),
Prefix: pulumi.String("string"),
},
Aliases: pulumi.StringArray{
pulumi.String("string"),
},
OriginGroups: cloudfront.DistributionOriginGroupArray{
&cloudfront.DistributionOriginGroupArgs{
FailoverCriteria: &cloudfront.DistributionOriginGroupFailoverCriteriaArgs{
StatusCodes: pulumi.IntArray{
pulumi.Int(0),
},
},
Members: cloudfront.DistributionOriginGroupMemberArray{
&cloudfront.DistributionOriginGroupMemberArgs{
OriginId: pulumi.String("string"),
},
},
OriginId: pulumi.String("string"),
},
},
DefaultRootObject: pulumi.String("string"),
PriceClass: pulumi.String("string"),
ContinuousDeploymentPolicyId: pulumi.String("string"),
RetainOnDelete: pulumi.Bool(false),
Staging: pulumi.Bool(false),
Tags: pulumi.StringMap{
"string": pulumi.String("string"),
},
Comment: pulumi.String("string"),
WaitForDeployment: pulumi.Bool(false),
WebAclId: pulumi.String("string"),
})
var distributionResource = new Distribution("distributionResource", DistributionArgs.builder()
.enabled(false)
.viewerCertificate(DistributionViewerCertificateArgs.builder()
.acmCertificateArn("string")
.cloudfrontDefaultCertificate(false)
.iamCertificateId("string")
.minimumProtocolVersion("string")
.sslSupportMethod("string")
.build())
.restrictions(DistributionRestrictionsArgs.builder()
.geoRestriction(DistributionRestrictionsGeoRestrictionArgs.builder()
.restrictionType("string")
.locations("string")
.build())
.build())
.origins(DistributionOriginArgs.builder()
.domainName("string")
.originId("string")
.connectionAttempts(0)
.connectionTimeout(0)
.customHeaders(DistributionOriginCustomHeaderArgs.builder()
.name("string")
.value("string")
.build())
.customOriginConfig(DistributionOriginCustomOriginConfigArgs.builder()
.httpPort(0)
.httpsPort(0)
.originProtocolPolicy("string")
.originSslProtocols("string")
.originKeepaliveTimeout(0)
.originReadTimeout(0)
.build())
.originAccessControlId("string")
.originPath("string")
.originShield(DistributionOriginOriginShieldArgs.builder()
.enabled(false)
.originShieldRegion("string")
.build())
.s3OriginConfig(DistributionOriginS3OriginConfigArgs.builder()
.originAccessIdentity("string")
.build())
.build())
.defaultCacheBehavior(DistributionDefaultCacheBehaviorArgs.builder()
.allowedMethods("string")
.viewerProtocolPolicy("string")
.cachedMethods("string")
.targetOriginId("string")
.lambdaFunctionAssociations(DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs.builder()
.eventType("string")
.lambdaArn("string")
.includeBody(false)
.build())
.originRequestPolicyId("string")
.forwardedValues(DistributionDefaultCacheBehaviorForwardedValuesArgs.builder()
.cookies(DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("string")
.whitelistedNames("string")
.build())
.queryString(false)
.headers("string")
.queryStringCacheKeys("string")
.build())
.functionAssociations(DistributionDefaultCacheBehaviorFunctionAssociationArgs.builder()
.eventType("string")
.functionArn("string")
.build())
.defaultTtl(0)
.maxTtl(0)
.minTtl(0)
.fieldLevelEncryptionId("string")
.realtimeLogConfigArn("string")
.responseHeadersPolicyId("string")
.smoothStreaming(false)
.compress(false)
.trustedKeyGroups("string")
.trustedSigners("string")
.cachePolicyId("string")
.build())
.orderedCacheBehaviors(DistributionOrderedCacheBehaviorArgs.builder()
.allowedMethods("string")
.viewerProtocolPolicy("string")
.cachedMethods("string")
.targetOriginId("string")
.pathPattern("string")
.minTtl(0)
.defaultTtl(0)
.functionAssociations(DistributionOrderedCacheBehaviorFunctionAssociationArgs.builder()
.eventType("string")
.functionArn("string")
.build())
.lambdaFunctionAssociations(DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs.builder()
.eventType("string")
.lambdaArn("string")
.includeBody(false)
.build())
.maxTtl(0)
.fieldLevelEncryptionId("string")
.originRequestPolicyId("string")
.forwardedValues(DistributionOrderedCacheBehaviorForwardedValuesArgs.builder()
.cookies(DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs.builder()
.forward("string")
.whitelistedNames("string")
.build())
.queryString(false)
.headers("string")
.queryStringCacheKeys("string")
.build())
.realtimeLogConfigArn("string")
.responseHeadersPolicyId("string")
.smoothStreaming(false)
.compress(false)
.trustedKeyGroups("string")
.trustedSigners("string")
.cachePolicyId("string")
.build())
.customErrorResponses(DistributionCustomErrorResponseArgs.builder()
.errorCode(0)
.errorCachingMinTtl(0)
.responseCode(0)
.responsePagePath("string")
.build())
.httpVersion("string")
.isIpv6Enabled(false)
.loggingConfig(DistributionLoggingConfigArgs.builder()
.bucket("string")
.includeCookies(false)
.prefix("string")
.build())
.aliases("string")
.originGroups(DistributionOriginGroupArgs.builder()
.failoverCriteria(DistributionOriginGroupFailoverCriteriaArgs.builder()
.statusCodes(0)
.build())
.members(DistributionOriginGroupMemberArgs.builder()
.originId("string")
.build())
.originId("string")
.build())
.defaultRootObject("string")
.priceClass("string")
.continuousDeploymentPolicyId("string")
.retainOnDelete(false)
.staging(false)
.tags(Map.of("string", "string"))
.comment("string")
.waitForDeployment(false)
.webAclId("string")
.build());
distribution_resource = aws.cloudfront.Distribution("distributionResource",
enabled=False,
viewer_certificate={
"acm_certificate_arn": "string",
"cloudfront_default_certificate": False,
"iam_certificate_id": "string",
"minimum_protocol_version": "string",
"ssl_support_method": "string",
},
restrictions={
"geo_restriction": {
"restriction_type": "string",
"locations": ["string"],
},
},
origins=[{
"domain_name": "string",
"origin_id": "string",
"connection_attempts": 0,
"connection_timeout": 0,
"custom_headers": [{
"name": "string",
"value": "string",
}],
"custom_origin_config": {
"http_port": 0,
"https_port": 0,
"origin_protocol_policy": "string",
"origin_ssl_protocols": ["string"],
"origin_keepalive_timeout": 0,
"origin_read_timeout": 0,
},
"origin_access_control_id": "string",
"origin_path": "string",
"origin_shield": {
"enabled": False,
"origin_shield_region": "string",
},
"s3_origin_config": {
"origin_access_identity": "string",
},
}],
default_cache_behavior={
"allowed_methods": ["string"],
"viewer_protocol_policy": "string",
"cached_methods": ["string"],
"target_origin_id": "string",
"lambda_function_associations": [{
"event_type": "string",
"lambda_arn": "string",
"include_body": False,
}],
"origin_request_policy_id": "string",
"forwarded_values": {
"cookies": {
"forward": "string",
"whitelisted_names": ["string"],
},
"query_string": False,
"headers": ["string"],
"query_string_cache_keys": ["string"],
},
"function_associations": [{
"event_type": "string",
"function_arn": "string",
}],
"default_ttl": 0,
"max_ttl": 0,
"min_ttl": 0,
"field_level_encryption_id": "string",
"realtime_log_config_arn": "string",
"response_headers_policy_id": "string",
"smooth_streaming": False,
"compress": False,
"trusted_key_groups": ["string"],
"trusted_signers": ["string"],
"cache_policy_id": "string",
},
ordered_cache_behaviors=[{
"allowed_methods": ["string"],
"viewer_protocol_policy": "string",
"cached_methods": ["string"],
"target_origin_id": "string",
"path_pattern": "string",
"min_ttl": 0,
"default_ttl": 0,
"function_associations": [{
"event_type": "string",
"function_arn": "string",
}],
"lambda_function_associations": [{
"event_type": "string",
"lambda_arn": "string",
"include_body": False,
}],
"max_ttl": 0,
"field_level_encryption_id": "string",
"origin_request_policy_id": "string",
"forwarded_values": {
"cookies": {
"forward": "string",
"whitelisted_names": ["string"],
},
"query_string": False,
"headers": ["string"],
"query_string_cache_keys": ["string"],
},
"realtime_log_config_arn": "string",
"response_headers_policy_id": "string",
"smooth_streaming": False,
"compress": False,
"trusted_key_groups": ["string"],
"trusted_signers": ["string"],
"cache_policy_id": "string",
}],
custom_error_responses=[{
"error_code": 0,
"error_caching_min_ttl": 0,
"response_code": 0,
"response_page_path": "string",
}],
http_version="string",
is_ipv6_enabled=False,
logging_config={
"bucket": "string",
"include_cookies": False,
"prefix": "string",
},
aliases=["string"],
origin_groups=[{
"failover_criteria": {
"status_codes": [0],
},
"members": [{
"origin_id": "string",
}],
"origin_id": "string",
}],
default_root_object="string",
price_class="string",
continuous_deployment_policy_id="string",
retain_on_delete=False,
staging=False,
tags={
"string": "string",
},
comment="string",
wait_for_deployment=False,
web_acl_id="string")
const distributionResource = new aws.cloudfront.Distribution("distributionResource", {
enabled: false,
viewerCertificate: {
acmCertificateArn: "string",
cloudfrontDefaultCertificate: false,
iamCertificateId: "string",
minimumProtocolVersion: "string",
sslSupportMethod: "string",
},
restrictions: {
geoRestriction: {
restrictionType: "string",
locations: ["string"],
},
},
origins: [{
domainName: "string",
originId: "string",
connectionAttempts: 0,
connectionTimeout: 0,
customHeaders: [{
name: "string",
value: "string",
}],
customOriginConfig: {
httpPort: 0,
httpsPort: 0,
originProtocolPolicy: "string",
originSslProtocols: ["string"],
originKeepaliveTimeout: 0,
originReadTimeout: 0,
},
originAccessControlId: "string",
originPath: "string",
originShield: {
enabled: false,
originShieldRegion: "string",
},
s3OriginConfig: {
originAccessIdentity: "string",
},
}],
defaultCacheBehavior: {
allowedMethods: ["string"],
viewerProtocolPolicy: "string",
cachedMethods: ["string"],
targetOriginId: "string",
lambdaFunctionAssociations: [{
eventType: "string",
lambdaArn: "string",
includeBody: false,
}],
originRequestPolicyId: "string",
forwardedValues: {
cookies: {
forward: "string",
whitelistedNames: ["string"],
},
queryString: false,
headers: ["string"],
queryStringCacheKeys: ["string"],
},
functionAssociations: [{
eventType: "string",
functionArn: "string",
}],
defaultTtl: 0,
maxTtl: 0,
minTtl: 0,
fieldLevelEncryptionId: "string",
realtimeLogConfigArn: "string",
responseHeadersPolicyId: "string",
smoothStreaming: false,
compress: false,
trustedKeyGroups: ["string"],
trustedSigners: ["string"],
cachePolicyId: "string",
},
orderedCacheBehaviors: [{
allowedMethods: ["string"],
viewerProtocolPolicy: "string",
cachedMethods: ["string"],
targetOriginId: "string",
pathPattern: "string",
minTtl: 0,
defaultTtl: 0,
functionAssociations: [{
eventType: "string",
functionArn: "string",
}],
lambdaFunctionAssociations: [{
eventType: "string",
lambdaArn: "string",
includeBody: false,
}],
maxTtl: 0,
fieldLevelEncryptionId: "string",
originRequestPolicyId: "string",
forwardedValues: {
cookies: {
forward: "string",
whitelistedNames: ["string"],
},
queryString: false,
headers: ["string"],
queryStringCacheKeys: ["string"],
},
realtimeLogConfigArn: "string",
responseHeadersPolicyId: "string",
smoothStreaming: false,
compress: false,
trustedKeyGroups: ["string"],
trustedSigners: ["string"],
cachePolicyId: "string",
}],
customErrorResponses: [{
errorCode: 0,
errorCachingMinTtl: 0,
responseCode: 0,
responsePagePath: "string",
}],
httpVersion: "string",
isIpv6Enabled: false,
loggingConfig: {
bucket: "string",
includeCookies: false,
prefix: "string",
},
aliases: ["string"],
originGroups: [{
failoverCriteria: {
statusCodes: [0],
},
members: [{
originId: "string",
}],
originId: "string",
}],
defaultRootObject: "string",
priceClass: "string",
continuousDeploymentPolicyId: "string",
retainOnDelete: false,
staging: false,
tags: {
string: "string",
},
comment: "string",
waitForDeployment: false,
webAclId: "string",
});
type: aws:cloudfront:Distribution
properties:
aliases:
- string
comment: string
continuousDeploymentPolicyId: string
customErrorResponses:
- errorCachingMinTtl: 0
errorCode: 0
responseCode: 0
responsePagePath: string
defaultCacheBehavior:
allowedMethods:
- string
cachePolicyId: string
cachedMethods:
- string
compress: false
defaultTtl: 0
fieldLevelEncryptionId: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
- string
headers:
- string
queryString: false
queryStringCacheKeys:
- string
functionAssociations:
- eventType: string
functionArn: string
lambdaFunctionAssociations:
- eventType: string
includeBody: false
lambdaArn: string
maxTtl: 0
minTtl: 0
originRequestPolicyId: string
realtimeLogConfigArn: string
responseHeadersPolicyId: string
smoothStreaming: false
targetOriginId: string
trustedKeyGroups:
- string
trustedSigners:
- string
viewerProtocolPolicy: string
defaultRootObject: string
enabled: false
httpVersion: string
isIpv6Enabled: false
loggingConfig:
bucket: string
includeCookies: false
prefix: string
orderedCacheBehaviors:
- allowedMethods:
- string
cachePolicyId: string
cachedMethods:
- string
compress: false
defaultTtl: 0
fieldLevelEncryptionId: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
- string
headers:
- string
queryString: false
queryStringCacheKeys:
- string
functionAssociations:
- eventType: string
functionArn: string
lambdaFunctionAssociations:
- eventType: string
includeBody: false
lambdaArn: string
maxTtl: 0
minTtl: 0
originRequestPolicyId: string
pathPattern: string
realtimeLogConfigArn: string
responseHeadersPolicyId: string
smoothStreaming: false
targetOriginId: string
trustedKeyGroups:
- string
trustedSigners:
- string
viewerProtocolPolicy: string
originGroups:
- failoverCriteria:
statusCodes:
- 0
members:
- originId: string
originId: string
origins:
- connectionAttempts: 0
connectionTimeout: 0
customHeaders:
- name: string
value: string
customOriginConfig:
httpPort: 0
httpsPort: 0
originKeepaliveTimeout: 0
originProtocolPolicy: string
originReadTimeout: 0
originSslProtocols:
- string
domainName: string
originAccessControlId: string
originId: string
originPath: string
originShield:
enabled: false
originShieldRegion: string
s3OriginConfig:
originAccessIdentity: string
priceClass: string
restrictions:
geoRestriction:
locations:
- string
restrictionType: string
retainOnDelete: false
staging: false
tags:
string: string
viewerCertificate:
acmCertificateArn: string
cloudfrontDefaultCertificate: false
iamCertificateId: string
minimumProtocolVersion: string
sslSupportMethod: string
waitForDeployment: false
webAclId: string
Distribution Resource Properties
To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.
Inputs
In Python, inputs that are objects can be passed either as argument classes or as dictionary literals.
The Distribution resource accepts the following input properties:
- Default
Cache DistributionBehavior Default Cache Behavior - Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origins
List<Distribution
Origin> - Restrictions
Distribution
Restrictions - Viewer
Certificate DistributionViewer Certificate - Aliases List<string>
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error List<DistributionResponses Custom Error Response> - Default
Root stringObject - Http
Version string - Is
Ipv6Enabled bool - Logging
Config DistributionLogging Config - Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Origin
Groups List<DistributionOrigin Group> - Price
Class string - Retain
On boolDelete - Staging bool
- Dictionary<string, string>
- Wait
For boolDeployment - Web
Acl stringId
- Default
Cache DistributionBehavior Default Cache Behavior Args - Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origins
[]Distribution
Origin Args - Restrictions
Distribution
Restrictions Args - Viewer
Certificate DistributionViewer Certificate Args - Aliases []string
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error []DistributionResponses Custom Error Response Args - Default
Root stringObject - Http
Version string - Is
Ipv6Enabled bool - Logging
Config DistributionLogging Config Args - Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args - Origin
Groups []DistributionOrigin Group Args - Price
Class string - Retain
On boolDelete - Staging bool
- map[string]string
- Wait
For boolDeployment - Web
Acl stringId
- default
Cache DistributionBehavior Default Cache Behavior - enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins
List<Distribution
Origin> - restrictions
Distribution
Restrictions - viewer
Certificate DistributionViewer Certificate - aliases List<String>
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<DistributionResponses Custom Error Response> - default
Root StringObject - http
Version String - is
Ipv6Enabled Boolean - logging
Config DistributionLogging Config - ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - origin
Groups List<DistributionOrigin Group> - price
Class String - retain
On BooleanDelete - staging Boolean
- Map<String,String>
- wait
For BooleanDeployment - web
Acl StringId
- default
Cache DistributionBehavior Default Cache Behavior - enabled boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins
Distribution
Origin[] - restrictions
Distribution
Restrictions - viewer
Certificate DistributionViewer Certificate - aliases string[]
- comment string
- continuous
Deployment stringPolicy Id - custom
Error DistributionResponses Custom Error Response[] - default
Root stringObject - http
Version string - is
Ipv6Enabled boolean - logging
Config DistributionLogging Config - ordered
Cache DistributionBehaviors Ordered Cache Behavior[] - origin
Groups DistributionOrigin Group[] - price
Class string - retain
On booleanDelete - staging boolean
- {[key: string]: string}
- wait
For booleanDeployment - web
Acl stringId
- default_
cache_ Distributionbehavior Default Cache Behavior Args - enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins
Sequence[Distribution
Origin Args] - restrictions
Distribution
Restrictions Args - viewer_
certificate DistributionViewer Certificate Args - aliases Sequence[str]
- comment str
- continuous_
deployment_ strpolicy_ id - custom_
error_ Sequence[Distributionresponses Custom Error Response Args] - default_
root_ strobject - http_
version str - is_
ipv6_ boolenabled - logging_
config DistributionLogging Config Args - ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] - origin_
groups Sequence[DistributionOrigin Group Args] - price_
class str - retain_
on_ booldelete - staging bool
- Mapping[str, str]
- wait_
for_ booldeployment - web_
acl_ strid
- default
Cache Property MapBehavior - enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origins List<Property Map>
- restrictions Property Map
- viewer
Certificate Property Map - aliases List<String>
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<Property Map>Responses - default
Root StringObject - http
Version String - is
Ipv6Enabled Boolean - logging
Config Property Map - ordered
Cache List<Property Map>Behaviors - origin
Groups List<Property Map> - price
Class String - retain
On BooleanDelete - staging Boolean
- Map<String>
- wait
For BooleanDeployment - web
Acl StringId
Outputs
All input properties are implicitly available as output properties. Additionally, the Distribution resource produces the following output properties:
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - Id string
- The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Status string
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - Id string
- The provider-assigned unique ID for this managed resource.
- In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Last
Modified stringTime - Date and time the distribution was last modified.
- Status string
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Trusted
Key []DistributionGroups Trusted Key Group - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []DistributionTrusted Signer - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - id String
- The provider-assigned unique ID for this managed resource.
- in
Progress IntegerValidation Batches - Number of invalidation batches currently in progress.
- last
Modified StringTime - Date and time the distribution was last modified.
- status String
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - id string
- The provider-assigned unique ID for this managed resource.
- in
Progress numberValidation Batches - Number of invalidation batches currently in progress.
- last
Modified stringTime - Date and time the distribution was last modified.
- status string
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted
Key DistributionGroups Trusted Key Group[] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers DistributionTrusted Signer[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn str
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller_
reference str - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - etag str
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted_
zone_ strid - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - id str
- The provider-assigned unique ID for this managed resource.
- in_
progress_ intvalidation_ batches - Number of invalidation batches currently in progress.
- last_
modified_ strtime - Date and time the distribution was last modified.
- status str
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted_
key_ Sequence[Distributiongroups Trusted Key Group] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[DistributionTrusted Signer] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - id String
- The provider-assigned unique ID for this managed resource.
- in
Progress NumberValidation Batches - Number of invalidation batches currently in progress.
- last
Modified StringTime - Date and time the distribution was last modified.
- status String
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted
Key List<Property Map>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<Property Map> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
Look up Existing Distribution Resource
Get an existing Distribution resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.
public static get(name: string, id: Input<ID>, state?: DistributionState, opts?: CustomResourceOptions): Distribution
@staticmethod
def get(resource_name: str,
id: str,
opts: Optional[ResourceOptions] = None,
aliases: Optional[Sequence[str]] = None,
arn: Optional[str] = None,
caller_reference: Optional[str] = None,
comment: Optional[str] = None,
continuous_deployment_policy_id: Optional[str] = None,
custom_error_responses: Optional[Sequence[DistributionCustomErrorResponseArgs]] = None,
default_cache_behavior: Optional[DistributionDefaultCacheBehaviorArgs] = None,
default_root_object: Optional[str] = None,
domain_name: Optional[str] = None,
enabled: Optional[bool] = None,
etag: Optional[str] = None,
hosted_zone_id: Optional[str] = None,
http_version: Optional[str] = None,
in_progress_validation_batches: Optional[int] = None,
is_ipv6_enabled: Optional[bool] = None,
last_modified_time: Optional[str] = None,
logging_config: Optional[DistributionLoggingConfigArgs] = None,
ordered_cache_behaviors: Optional[Sequence[DistributionOrderedCacheBehaviorArgs]] = None,
origin_groups: Optional[Sequence[DistributionOriginGroupArgs]] = None,
origins: Optional[Sequence[DistributionOriginArgs]] = None,
price_class: Optional[str] = None,
restrictions: Optional[DistributionRestrictionsArgs] = None,
retain_on_delete: Optional[bool] = None,
staging: Optional[bool] = None,
status: Optional[str] = None,
tags: Optional[Mapping[str, str]] = None,
tags_all: Optional[Mapping[str, str]] = None,
trusted_key_groups: Optional[Sequence[DistributionTrustedKeyGroupArgs]] = None,
trusted_signers: Optional[Sequence[DistributionTrustedSignerArgs]] = None,
viewer_certificate: Optional[DistributionViewerCertificateArgs] = None,
wait_for_deployment: Optional[bool] = None,
web_acl_id: Optional[str] = None) -> Distribution
func GetDistribution(ctx *Context, name string, id IDInput, state *DistributionState, opts ...ResourceOption) (*Distribution, error)
public static Distribution Get(string name, Input<string> id, DistributionState? state, CustomResourceOptions? opts = null)
public static Distribution get(String name, Output<String> id, DistributionState state, CustomResourceOptions options)
Resource lookup is not supported in YAML
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- resource_name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- name
- The unique name of the resulting resource.
- id
- The unique provider ID of the resource to lookup.
- state
- Any extra arguments used during the lookup.
- opts
- A bag of options that control this resource's behavior.
- Aliases List<string>
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error List<DistributionResponses Custom Error Response> - Default
Cache DistributionBehavior Default Cache Behavior - Default
Root stringObject - Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - Http
Version string - In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool - Last
Modified stringTime - Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config - Ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - Origin
Groups List<DistributionOrigin Group> - Origins
List<Distribution
Origin> - Price
Class string - Restrictions
Distribution
Restrictions - Retain
On boolDelete - Staging bool
- Status string
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Dictionary<string, string>
- Dictionary<string, string>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Viewer
Certificate DistributionViewer Certificate - Wait
For boolDeployment - Web
Acl stringId
- Aliases []string
- Arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - Caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- Comment string
- Continuous
Deployment stringPolicy Id - Custom
Error []DistributionResponses Custom Error Response Args - Default
Cache DistributionBehavior Default Cache Behavior Args - Default
Root stringObject - Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - Hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - Http
Version string - In
Progress intValidation Batches - Number of invalidation batches currently in progress.
- Is
Ipv6Enabled bool - Last
Modified stringTime - Date and time the distribution was last modified.
- Logging
Config DistributionLogging Config Args - Ordered
Cache []DistributionBehaviors Ordered Cache Behavior Args - Origin
Groups []DistributionOrigin Group Args - Origins
[]Distribution
Origin Args - Price
Class string - Restrictions
Distribution
Restrictions Args - Retain
On boolDelete - Staging bool
- Status string
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - map[string]string
- map[string]string
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - Trusted
Key []DistributionGroups Trusted Key Group Args - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []DistributionTrusted Signer Args - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Viewer
Certificate DistributionViewer Certificate Args - Wait
For boolDeployment - Web
Acl stringId
- aliases List<String>
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<DistributionResponses Custom Error Response> - default
Cache DistributionBehavior Default Cache Behavior - default
Root StringObject - domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - http
Version String - in
Progress IntegerValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean - last
Modified StringTime - Date and time the distribution was last modified.
- logging
Config DistributionLogging Config - ordered
Cache List<DistributionBehaviors Ordered Cache Behavior> - origin
Groups List<DistributionOrigin Group> - origins
List<Distribution
Origin> - price
Class String - restrictions
Distribution
Restrictions - retain
On BooleanDelete - staging Boolean
- status String
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String,String>
- Map<String,String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted
Key List<DistributionGroups Trusted Key Group> - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<DistributionTrusted Signer> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate DistributionViewer Certificate - wait
For BooleanDeployment - web
Acl StringId
- aliases string[]
- arn string
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller
Reference string - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment string
- continuous
Deployment stringPolicy Id - custom
Error DistributionResponses Custom Error Response[] - default
Cache DistributionBehavior Default Cache Behavior - default
Root stringObject - domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - enabled boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag string
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted
Zone stringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - http
Version string - in
Progress numberValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled boolean - last
Modified stringTime - Date and time the distribution was last modified.
- logging
Config DistributionLogging Config - ordered
Cache DistributionBehaviors Ordered Cache Behavior[] - origin
Groups DistributionOrigin Group[] - origins
Distribution
Origin[] - price
Class string - restrictions
Distribution
Restrictions - retain
On booleanDelete - staging boolean
- status string
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - {[key: string]: string}
- {[key: string]: string}
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted
Key DistributionGroups Trusted Key Group[] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers DistributionTrusted Signer[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate DistributionViewer Certificate - wait
For booleanDeployment - web
Acl stringId
- aliases Sequence[str]
- arn str
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller_
reference str - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment str
- continuous_
deployment_ strpolicy_ id - custom_
error_ Sequence[Distributionresponses Custom Error Response Args] - default_
cache_ Distributionbehavior Default Cache Behavior Args - default_
root_ strobject - domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag str
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted_
zone_ strid - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - http_
version str - in_
progress_ intvalidation_ batches - Number of invalidation batches currently in progress.
- is_
ipv6_ boolenabled - last_
modified_ strtime - Date and time the distribution was last modified.
- logging_
config DistributionLogging Config Args - ordered_
cache_ Sequence[Distributionbehaviors Ordered Cache Behavior Args] - origin_
groups Sequence[DistributionOrigin Group Args] - origins
Sequence[Distribution
Origin Args] - price_
class str - restrictions
Distribution
Restrictions Args - retain_
on_ booldelete - staging bool
- status str
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Mapping[str, str]
- Mapping[str, str]
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted_
key_ Sequence[Distributiongroups Trusted Key Group Args] - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[DistributionTrusted Signer Args] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer_
certificate DistributionViewer Certificate Args - wait_
for_ booldeployment - web_
acl_ strid
- aliases List<String>
- arn String
- ARN for the distribution. For example:
arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5
, where123456789012
is your AWS account ID. - caller
Reference String - Internal value used by CloudFront to allow future updates to the distribution configuration.
- comment String
- continuous
Deployment StringPolicy Id - custom
Error List<Property Map>Responses - default
Cache Property MapBehavior - default
Root StringObject - domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- etag String
- Current version of the distribution's information. For example:
E2QWRUHAPOMQZL
. - hosted
Zone StringId - CloudFront Route 53 zone ID that can be used to route an Alias Resource Record Set to. This attribute is simply an alias for the zone ID
Z2FDTNDATAQYW2
. - http
Version String - in
Progress NumberValidation Batches - Number of invalidation batches currently in progress.
- is
Ipv6Enabled Boolean - last
Modified StringTime - Date and time the distribution was last modified.
- logging
Config Property Map - ordered
Cache List<Property Map>Behaviors - origin
Groups List<Property Map> - origins List<Property Map>
- price
Class String - restrictions Property Map
- retain
On BooleanDelete - staging Boolean
- status String
- Current status of the distribution.
Deployed
if the distribution's information is fully propagated throughout the Amazon CloudFront system. - Map<String>
- Map<String>
- Map of tags assigned to the resource, including those inherited from the provider
default_tags
configuration block. - trusted
Key List<Property Map>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<Property Map> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- viewer
Certificate Property Map - wait
For BooleanDeployment - web
Acl StringId
Supporting Types
DistributionCustomErrorResponse, DistributionCustomErrorResponseArgs
- Error
Code int - 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath - Path of the custom error page (for example,
/custom_404.html
).
- Error
Code int - 4xx or 5xx HTTP status code that you want to customize.
- Error
Caching intMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- Response
Code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- Response
Page stringPath - Path of the custom error page (for example,
/custom_404.html
).
- error
Code Integer - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching IntegerMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Integer - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath - Path of the custom error page (for example,
/custom_404.html
).
- error
Code number - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching numberMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code number - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page stringPath - Path of the custom error page (for example,
/custom_404.html
).
- error_
code int - 4xx or 5xx HTTP status code that you want to customize.
- error_
caching_ intmin_ ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response_
code int - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response_
page_ strpath - Path of the custom error page (for example,
/custom_404.html
).
- error
Code Number - 4xx or 5xx HTTP status code that you want to customize.
- error
Caching NumberMin Ttl - Minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
- response
Code Number - HTTP status code that you want CloudFront to return with the custom error page to the viewer.
- response
Page StringPath - Path of the custom error page (for example,
/custom_404.html
).
DistributionDefaultCacheBehavior, DistributionDefaultCacheBehaviorArgs
- Allowed
Methods List<string> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionDefault Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<string> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Allowed
Methods []string - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionDefault Cache Behavior Function Association - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function []DistributionAssociations Default Cache Behavior Lambda Function Association - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []string - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default
Ttl Integer - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionDefault Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<DistributionAssociations Default Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min
Ttl Integer - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods string[] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default
Ttl number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field
Level stringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionDefault Cache Behavior Function Association[] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function DistributionAssociations Default Cache Behavior Lambda Function Association[] - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min
Ttl number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers string[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed_
methods Sequence[str] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target_
origin_ strid - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache_
policy_ strid - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default_
ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field_
level_ strencryption_ id - Field level encryption configuration ID.
- forwarded_
values DistributionDefault Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionDefault Cache Behavior Function Association] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda_
function_ Sequence[Distributionassociations Default Cache Behavior Lambda Function Association] - A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min_
ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin_
request_ strpolicy_ id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id - Identifier for a response headers policy.
- smooth_
streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[str] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default
Ttl Number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values Property Map - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<Property Map>Associations - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min
Ttl Number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
DistributionDefaultCacheBehaviorForwardedValues, DistributionDefaultCacheBehaviorForwardedValuesArgs
- Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - Query
String List<string>Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - Query
String []stringCache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query
String string[]Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Default Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query_
string_ Sequence[str]cache_ keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Property Map
- The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
DistributionDefaultCacheBehaviorForwardedValuesCookies, DistributionDefaultCacheBehaviorForwardedValuesCookiesArgs
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - Whitelisted
Names List<string> - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - Whitelisted
Names []string - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted
Names List<String> - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted
Names string[] - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted_
names Sequence[str] - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted
Names List<String> - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionDefaultCacheBehaviorFunctionAssociation, DistributionDefaultCacheBehaviorFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - Function
Arn string - ARN of the CloudFront function.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - Function
Arn string - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function
Arn String - ARN of the CloudFront function.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function
Arn string - ARN of the CloudFront function.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function_
arn str - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function
Arn String - ARN of the CloudFront function.
DistributionDefaultCacheBehaviorLambdaFunctionAssociation, DistributionDefaultCacheBehaviorLambdaFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda
Arn string - ARN of the Lambda function.
- include
Body boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda_
arn str - ARN of the Lambda function.
- include_
body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
DistributionLoggingConfig, DistributionLoggingConfigArgs
DistributionOrderedCacheBehavior, DistributionOrderedCacheBehaviorArgs
- Allowed
Methods List<string> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods List<string> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string - Pattern (for example,
images/*.jpg
) that specifies which requests you want this cache behavior to apply to. - Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations List<DistributionOrdered Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key List<string>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers List<string> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- Allowed
Methods []string - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- Cached
Methods []string - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- Path
Pattern string - Pattern (for example,
images/*.jpg
) that specifies which requests you want this cache behavior to apply to. - Target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- Viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - Cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - Compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - Default
Ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - Field
Level stringEncryption Id - Field level encryption configuration ID.
- Forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- Function
Associations []DistributionOrdered Cache Behavior Function Association - A config block that triggers a cloudfront function with specific actions (maximum 2).
- Lambda
Function []DistributionAssociations Ordered Cache Behavior Lambda Function Association - A config block that triggers a lambda function with specific actions (maximum 4).
- Max
Ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - Min
Ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- Origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- Realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- Response
Headers stringPolicy Id - Identifier for a response headers policy.
- Smooth
Streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- Trusted
Key []stringGroups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- Trusted
Signers []string - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String - Pattern (for example,
images/*.jpg
) that specifies which requests you want this cache behavior to apply to. - target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default
Ttl Integer - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<DistributionOrdered Cache Behavior Function Association> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<DistributionAssociations Ordered Cache Behavior Lambda Function Association> - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Integer - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min
Ttl Integer - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods string[] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods string[] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern string - Pattern (for example,
images/*.jpg
) that specifies which requests you want this cache behavior to apply to. - target
Origin stringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol stringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache
Policy stringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default
Ttl number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field
Level stringEncryption Id - Field level encryption configuration ID.
- forwarded
Values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations DistributionOrdered Cache Behavior Function Association[] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function DistributionAssociations Ordered Cache Behavior Lambda Function Association[] - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min
Ttl number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request stringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log stringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers stringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key string[]Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers string[] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed_
methods Sequence[str] - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached_
methods Sequence[str] - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path_
pattern str - Pattern (for example,
images/*.jpg
) that specifies which requests you want this cache behavior to apply to. - target_
origin_ strid - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer_
protocol_ strpolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache_
policy_ strid - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress bool
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default_
ttl int - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field_
level_ strencryption_ id - Field level encryption configuration ID.
- forwarded_
values DistributionOrdered Cache Behavior Forwarded Values - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function_
associations Sequence[DistributionOrdered Cache Behavior Function Association] - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda_
function_ Sequence[Distributionassociations Ordered Cache Behavior Lambda Function Association] - A config block that triggers a lambda function with specific actions (maximum 4).
- max_
ttl int - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min_
ttl int - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin_
request_ strpolicy_ id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime_
log_ strconfig_ arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response_
headers_ strpolicy_ id - Identifier for a response headers policy.
- smooth_
streaming bool - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted_
key_ Sequence[str]groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted_
signers Sequence[str] - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
- allowed
Methods List<String> - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
- cached
Methods List<String> - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
- path
Pattern String - Pattern (for example,
images/*.jpg
) that specifies which requests you want this cache behavior to apply to. - target
Origin StringId - Value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
- viewer
Protocol StringPolicy - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of
allow-all
,https-only
, orredirect-to-https
. - cache
Policy StringId - Unique identifier of the cache policy that is attached to the cache behavior. If configuring the
default_cache_behavior
eithercache_policy_id
orforwarded_values
must be set. - compress Boolean
- Whether you want CloudFront to automatically compress content for web requests that include
Accept-Encoding: gzip
in the request header (default:false
). - default
Ttl Number - Default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an
Cache-Control max-age
orExpires
header. - field
Level StringEncryption Id - Field level encryption configuration ID.
- forwarded
Values Property Map - The forwarded values configuration that specifies how CloudFront handles query strings, cookies and headers (maximum one).
- function
Associations List<Property Map> - A config block that triggers a cloudfront function with specific actions (maximum 2).
- lambda
Function List<Property Map>Associations - A config block that triggers a lambda function with specific actions (maximum 4).
- max
Ttl Number - Maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of
Cache-Control max-age
,Cache-Control s-maxage
, andExpires
headers. - min
Ttl Number - Minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. Defaults to 0 seconds.
- origin
Request StringPolicy Id - Unique identifier of the origin request policy that is attached to the behavior.
- realtime
Log StringConfig Arn - ARN of the real-time log configuration that is attached to this cache behavior.
- response
Headers StringPolicy Id - Identifier for a response headers policy.
- smooth
Streaming Boolean - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
- trusted
Key List<String>Groups - List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs.
- trusted
Signers List<String> - List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs.
DistributionOrderedCacheBehaviorForwardedValues, DistributionOrderedCacheBehaviorForwardedValuesArgs
- Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers List<string>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - Query
String List<string>Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- Query
String bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- Headers []string
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - Query
String []stringCache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers string[]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query
String string[]Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Distribution
Ordered Cache Behavior Forwarded Values Cookies - The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query_
string bool - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers Sequence[str]
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query_
string_ Sequence[str]cache_ keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
- Property Map
- The forwarded values cookies that specifies how CloudFront handles cookies (maximum one).
- query
String Boolean - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
- headers List<String>
- Headers, if any, that you want CloudFront to vary upon for this cache behavior. Specify
*
to include all headers. - query
String List<String>Cache Keys - When specified, along with a value of
true
forquery_string
, all query strings are forwarded, however only the query string keys listed in this argument are cached. When omitted with a value oftrue
forquery_string
, all query string keys are cached.
DistributionOrderedCacheBehaviorForwardedValuesCookies, DistributionOrderedCacheBehaviorForwardedValuesCookiesArgs
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - Whitelisted
Names List<string> - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- Forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - Whitelisted
Names []string - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted
Names List<String> - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward string
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted
Names string[] - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward str
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted_
names Sequence[str] - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
- forward String
- Whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify
all
,none
orwhitelist
. Ifwhitelist
, you must include the subsequentwhitelisted_names
. - whitelisted
Names List<String> - If you have specified
whitelist
toforward
, the whitelisted cookies that you want CloudFront to forward to your origin.
DistributionOrderedCacheBehaviorFunctionAssociation, DistributionOrderedCacheBehaviorFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - Function
Arn string - ARN of the CloudFront function.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - Function
Arn string - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function
Arn String - ARN of the CloudFront function.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function
Arn string - ARN of the CloudFront function.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function_
arn str - ARN of the CloudFront function.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
orviewer-response
. - function
Arn String - ARN of the CloudFront function.
DistributionOrderedCacheBehaviorLambdaFunctionAssociation, DistributionOrderedCacheBehaviorLambdaFunctionAssociationArgs
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- Event
Type string - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - Lambda
Arn string - ARN of the Lambda function.
- Include
Body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event
Type string - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda
Arn string - ARN of the Lambda function.
- include
Body boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event_
type str - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda_
arn str - ARN of the Lambda function.
- include_
body bool - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
- event
Type String - Specific event to trigger this function. Valid values:
viewer-request
,origin-request
,viewer-response
,origin-response
. - lambda
Arn String - ARN of the Lambda function.
- include
Body Boolean - When set to true it exposes the request body to the lambda function. Defaults to false. Valid values:
true
,false
.
DistributionOrigin, DistributionOriginArgs
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - Origin
Id string - Connection
Attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers List<DistributionOrigin Custom Header> - One or more sub-resources with
name
andvalue
parameters that specify header data that will be sent to the origin (multiples allowed). - Custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_id
ors3_origin_config
instead. - Origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_config
instead.
- Domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - Origin
Id string - Connection
Attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- Connection
Timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- Custom
Headers []DistributionOrigin Custom Header - One or more sub-resources with
name
andvalue
parameters that specify header data that will be sent to the origin (multiples allowed). - Custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_id
ors3_origin_config
instead. - Origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- Origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- Origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- S3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_config
instead.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - origin
Id String - connection
Attempts Integer - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Integer - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<DistributionOrigin Custom Header> - One or more sub-resources with
name
andvalue
parameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_id
ors3_origin_config
instead. - origin
Access StringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_config
instead.
- domain
Name string - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - origin
Id string - connection
Attempts number - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout number - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers DistributionOrigin Custom Header[] - One or more sub-resources with
name
andvalue
parameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin DistributionConfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_id
ors3_origin_config
instead. - origin
Access stringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path string - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config DistributionOrigin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_config
instead.
- domain_
name str - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - origin_
id str - connection_
attempts int - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection_
timeout int - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom_
headers Sequence[DistributionOrigin Custom Header] - One or more sub-resources with
name
andvalue
parameters that specify header data that will be sent to the origin (multiples allowed). - custom_
origin_ Distributionconfig Origin Custom Origin Config - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_id
ors3_origin_config
instead. - origin_
access_ strcontrol_ id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin_
path str - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin_
shield DistributionOrigin Origin Shield - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3_
origin_ Distributionconfig Origin S3Origin Config - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_config
instead.
- domain
Name String - Domain name corresponding to the distribution. For example:
d604721fxaaqy9.cloudfront.net
. - origin
Id String - connection
Attempts Number - Number of times that CloudFront attempts to connect to the origin. Must be between 1-3. Defaults to 3.
- connection
Timeout Number - Number of seconds that CloudFront waits when trying to establish a connection to the origin. Must be between 1-10. Defaults to 10.
- custom
Headers List<Property Map> - One or more sub-resources with
name
andvalue
parameters that specify header data that will be sent to the origin (multiples allowed). - custom
Origin Property MapConfig - The CloudFront custom origin configuration information. If an S3 origin is required, use
origin_access_control_id
ors3_origin_config
instead. - origin
Access StringControl Id - Unique identifier of a [CloudFront origin access control][8] for this origin.
- origin
Path String - Optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
- origin
Shield Property Map - CloudFront Origin Shield configuration information. Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- s3Origin
Config Property Map - CloudFront S3 origin configuration information. If a custom origin is required, use
custom_origin_config
instead.
DistributionOriginCustomHeader, DistributionOriginCustomHeaderArgs
DistributionOriginCustomOriginConfig, DistributionOriginCustomOriginConfigArgs
- Http
Port int - HTTP port the custom origin listens on.
- Https
Port int - HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only
,https-only
, ormatch-viewer
. - Origin
Ssl List<string>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3
,TLSv1
,TLSv1.1
,TLSv1.2
. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - Origin
Keepalive intTimeout - The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to5
. - Origin
Read intTimeout - The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to30
.
- Http
Port int - HTTP port the custom origin listens on.
- Https
Port int - HTTPS port the custom origin listens on.
- Origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only
,https-only
, ormatch-viewer
. - Origin
Ssl []stringProtocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3
,TLSv1
,TLSv1.1
,TLSv1.2
. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - Origin
Keepalive intTimeout - The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to5
. - Origin
Read intTimeout - The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to30
.
- http
Port Integer - HTTP port the custom origin listens on.
- https
Port Integer - HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy - Origin protocol policy to apply to your origin. One of
http-only
,https-only
, ormatch-viewer
. - origin
Ssl List<String>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3
,TLSv1
,TLSv1.1
,TLSv1.2
. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive IntegerTimeout - The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to5
. - origin
Read IntegerTimeout - The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to30
.
- http
Port number - HTTP port the custom origin listens on.
- https
Port number - HTTPS port the custom origin listens on.
- origin
Protocol stringPolicy - Origin protocol policy to apply to your origin. One of
http-only
,https-only
, ormatch-viewer
. - origin
Ssl string[]Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3
,TLSv1
,TLSv1.1
,TLSv1.2
. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive numberTimeout - The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to5
. - origin
Read numberTimeout - The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to30
.
- http_
port int - HTTP port the custom origin listens on.
- https_
port int - HTTPS port the custom origin listens on.
- origin_
protocol_ strpolicy - Origin protocol policy to apply to your origin. One of
http-only
,https-only
, ormatch-viewer
. - origin_
ssl_ Sequence[str]protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3
,TLSv1
,TLSv1.1
,TLSv1.2
. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin_
keepalive_ inttimeout - The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to5
. - origin_
read_ inttimeout - The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to30
.
- http
Port Number - HTTP port the custom origin listens on.
- https
Port Number - HTTPS port the custom origin listens on.
- origin
Protocol StringPolicy - Origin protocol policy to apply to your origin. One of
http-only
,https-only
, ormatch-viewer
. - origin
Ssl List<String>Protocols - List of SSL/TLS protocols that CloudFront can use when connecting to your origin over HTTPS. Valid values:
SSLv3
,TLSv1
,TLSv1.1
,TLSv1.2
. For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide. - origin
Keepalive NumberTimeout - The Custom KeepAlive timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to5
. - origin
Read NumberTimeout - The Custom Read timeout, in seconds. By default, AWS enforces an upper limit of
60
. But you can request an increase. Defaults to30
.
DistributionOriginGroup, DistributionOriginGroupArgs
- Failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- Members
List<Distribution
Origin Group Member> - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string
- Failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- Members
[]Distribution
Origin Group Member - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- Origin
Id string
- failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
List<Distribution
Origin Group Member> - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String
- failover
Criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
Distribution
Origin Group Member[] - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id string
- failover_
criteria DistributionOrigin Group Failover Criteria - The failover criteria for when to failover to the secondary origin.
- members
Sequence[Distribution
Origin Group Member] - Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin_
id str
- failover
Criteria Property Map - The failover criteria for when to failover to the secondary origin.
- members List<Property Map>
- Ordered member configuration blocks assigned to the origin group, where the first member is the primary origin. You must specify two members.
- origin
Id String
DistributionOriginGroupFailoverCriteria, DistributionOriginGroupFailoverCriteriaArgs
- Status
Codes List<int> - List of HTTP status codes for the origin group.
- Status
Codes []int - List of HTTP status codes for the origin group.
- status
Codes List<Integer> - List of HTTP status codes for the origin group.
- status
Codes number[] - List of HTTP status codes for the origin group.
- status_
codes Sequence[int] - List of HTTP status codes for the origin group.
- status
Codes List<Number> - List of HTTP status codes for the origin group.
DistributionOriginGroupMember, DistributionOriginGroupMemberArgs
- Origin
Id string
- Origin
Id string
- origin
Id String
- origin
Id string
- origin_
id str
- origin
Id String
DistributionOriginOriginShield, DistributionOriginOriginShieldArgs
- Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2
.
- Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2
.
- enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin
Shield StringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2
.
- enabled boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin
Shield stringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2
.
- enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin_
shield_ strregion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2
.
- enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- origin
Shield StringRegion - AWS Region for Origin Shield. To specify a region, use the region code, not the region name. For example, specify the US East (Ohio) region as
us-east-2
.
DistributionOriginS3OriginConfig, DistributionOriginS3OriginConfigArgs
- Origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- Origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity - The CloudFront origin access identity to associate with the origin.
- origin
Access stringIdentity - The CloudFront origin access identity to associate with the origin.
- origin_
access_ stridentity - The CloudFront origin access identity to associate with the origin.
- origin
Access StringIdentity - The CloudFront origin access identity to associate with the origin.
DistributionRestrictions, DistributionRestrictionsArgs
DistributionRestrictionsGeoRestriction, DistributionRestrictionsGeoRestrictionArgs
- Restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none
,whitelist
, orblacklist
. - Locations List<string>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist
) or not distribute your content (blacklist
). If the type is specified asnone
an empty array can be used.
- Restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none
,whitelist
, orblacklist
. - Locations []string
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist
) or not distribute your content (blacklist
). If the type is specified asnone
an empty array can be used.
- restriction
Type String - Method that you want to use to restrict distribution of your content by country:
none
,whitelist
, orblacklist
. - locations List<String>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist
) or not distribute your content (blacklist
). If the type is specified asnone
an empty array can be used.
- restriction
Type string - Method that you want to use to restrict distribution of your content by country:
none
,whitelist
, orblacklist
. - locations string[]
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist
) or not distribute your content (blacklist
). If the type is specified asnone
an empty array can be used.
- restriction_
type str - Method that you want to use to restrict distribution of your content by country:
none
,whitelist
, orblacklist
. - locations Sequence[str]
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist
) or not distribute your content (blacklist
). If the type is specified asnone
an empty array can be used.
- restriction
Type String - Method that you want to use to restrict distribution of your content by country:
none
,whitelist
, orblacklist
. - locations List<String>
- [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (
whitelist
) or not distribute your content (blacklist
). If the type is specified asnone
an empty array can be used.
DistributionTrustedKeyGroup, DistributionTrustedKeyGroupArgs
- Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
List<Distribution
Trusted Key Group Item> - List of nested attributes for each trusted signer
- Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
[]Distribution
Trusted Key Group Item - List of nested attributes for each trusted signer
- enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
List<Distribution
Trusted Key Group Item> - List of nested attributes for each trusted signer
- enabled boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Distribution
Trusted Key Group Item[] - List of nested attributes for each trusted signer
- enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Sequence[Distribution
Trusted Key Group Item] - List of nested attributes for each trusted signer
- enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items List<Property Map>
- List of nested attributes for each trusted signer
DistributionTrustedKeyGroupItem, DistributionTrustedKeyGroupItemArgs
- Key
Group stringId - ID of the key group that contains the public keys.
- Key
Pair List<string>Ids - Set of active CloudFront key pairs associated with the signer account
- Key
Group stringId - ID of the key group that contains the public keys.
- Key
Pair []stringIds - Set of active CloudFront key pairs associated with the signer account
- key
Group StringId - ID of the key group that contains the public keys.
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
- key
Group stringId - ID of the key group that contains the public keys.
- key
Pair string[]Ids - Set of active CloudFront key pairs associated with the signer account
- key_
group_ strid - ID of the key group that contains the public keys.
- key_
pair_ Sequence[str]ids - Set of active CloudFront key pairs associated with the signer account
- key
Group StringId - ID of the key group that contains the public keys.
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
DistributionTrustedSigner, DistributionTrustedSignerArgs
- Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
List<Distribution
Trusted Signer Item> - List of nested attributes for each trusted signer
- Enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- Items
[]Distribution
Trusted Signer Item - List of nested attributes for each trusted signer
- enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
List<Distribution
Trusted Signer Item> - List of nested attributes for each trusted signer
- enabled boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Distribution
Trusted Signer Item[] - List of nested attributes for each trusted signer
- enabled bool
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items
Sequence[Distribution
Trusted Signer Item] - List of nested attributes for each trusted signer
- enabled Boolean
true
if any of the AWS accounts listed as trusted signers have active CloudFront key pairs- items List<Property Map>
- List of nested attributes for each trusted signer
DistributionTrustedSignerItem, DistributionTrustedSignerItemArgs
- Aws
Account stringNumber - AWS account ID or
self
- Key
Pair List<string>Ids - Set of active CloudFront key pairs associated with the signer account
- Aws
Account stringNumber - AWS account ID or
self
- Key
Pair []stringIds - Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber - AWS account ID or
self
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
- aws
Account stringNumber - AWS account ID or
self
- key
Pair string[]Ids - Set of active CloudFront key pairs associated with the signer account
- aws_
account_ strnumber - AWS account ID or
self
- key_
pair_ Sequence[str]ids - Set of active CloudFront key pairs associated with the signer account
- aws
Account StringNumber - AWS account ID or
self
- key
Pair List<String>Ids - Set of active CloudFront key pairs associated with the signer account
DistributionViewerCertificate, DistributionViewerCertificateArgs
- Acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate
, oriam_certificate_id
. The ACM certificate must be in US-EAST-1. - Cloudfront
Default boolCertificate true
if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn
, oriam_certificate_id
.- Iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn
, orcloudfront_default_certificate
. - Minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false
. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019
andTLSv1.2_2021
. Default:TLSv1
. NOTE: If you are using a custom certificate (specified withacm_certificate_arn
oriam_certificate_id
), and have specifiedsni-only
inssl_support_method
,TLSv1
or later must be specified. If you have specifiedvip
inssl_support_method
, onlySSLv3
orTLSv1
can be specified. If you have specifiedcloudfront_default_certificate
,TLSv1
must be specified. - Ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip
,sni-only
, orstatic-ip
. Required if you specifyacm_certificate_arn
oriam_certificate_id
. NOTE:vip
causes CloudFront to use a dedicated IP address and may incur extra charges.
- Acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate
, oriam_certificate_id
. The ACM certificate must be in US-EAST-1. - Cloudfront
Default boolCertificate true
if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn
, oriam_certificate_id
.- Iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn
, orcloudfront_default_certificate
. - Minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false
. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019
andTLSv1.2_2021
. Default:TLSv1
. NOTE: If you are using a custom certificate (specified withacm_certificate_arn
oriam_certificate_id
), and have specifiedsni-only
inssl_support_method
,TLSv1
or later must be specified. If you have specifiedvip
inssl_support_method
, onlySSLv3
orTLSv1
can be specified. If you have specifiedcloudfront_default_certificate
,TLSv1
must be specified. - Ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip
,sni-only
, orstatic-ip
. Required if you specifyacm_certificate_arn
oriam_certificate_id
. NOTE:vip
causes CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate
, oriam_certificate_id
. The ACM certificate must be in US-EAST-1. - cloudfront
Default BooleanCertificate true
if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn
, oriam_certificate_id
.- iam
Certificate StringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn
, orcloudfront_default_certificate
. - minimum
Protocol StringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false
. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019
andTLSv1.2_2021
. Default:TLSv1
. NOTE: If you are using a custom certificate (specified withacm_certificate_arn
oriam_certificate_id
), and have specifiedsni-only
inssl_support_method
,TLSv1
or later must be specified. If you have specifiedvip
inssl_support_method
, onlySSLv3
orTLSv1
can be specified. If you have specifiedcloudfront_default_certificate
,TLSv1
must be specified. - ssl
Support StringMethod - How you want CloudFront to serve HTTPS requests. One of
vip
,sni-only
, orstatic-ip
. Required if you specifyacm_certificate_arn
oriam_certificate_id
. NOTE:vip
causes CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate stringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate
, oriam_certificate_id
. The ACM certificate must be in US-EAST-1. - cloudfront
Default booleanCertificate true
if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn
, oriam_certificate_id
.- iam
Certificate stringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn
, orcloudfront_default_certificate
. - minimum
Protocol stringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false
. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019
andTLSv1.2_2021
. Default:TLSv1
. NOTE: If you are using a custom certificate (specified withacm_certificate_arn
oriam_certificate_id
), and have specifiedsni-only
inssl_support_method
,TLSv1
or later must be specified. If you have specifiedvip
inssl_support_method
, onlySSLv3
orTLSv1
can be specified. If you have specifiedcloudfront_default_certificate
,TLSv1
must be specified. - ssl
Support stringMethod - How you want CloudFront to serve HTTPS requests. One of
vip
,sni-only
, orstatic-ip
. Required if you specifyacm_certificate_arn
oriam_certificate_id
. NOTE:vip
causes CloudFront to use a dedicated IP address and may incur extra charges.
- acm_
certificate_ strarn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate
, oriam_certificate_id
. The ACM certificate must be in US-EAST-1. - cloudfront_
default_ boolcertificate true
if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn
, oriam_certificate_id
.- iam_
certificate_ strid - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn
, orcloudfront_default_certificate
. - minimum_
protocol_ strversion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false
. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019
andTLSv1.2_2021
. Default:TLSv1
. NOTE: If you are using a custom certificate (specified withacm_certificate_arn
oriam_certificate_id
), and have specifiedsni-only
inssl_support_method
,TLSv1
or later must be specified. If you have specifiedvip
inssl_support_method
, onlySSLv3
orTLSv1
can be specified. If you have specifiedcloudfront_default_certificate
,TLSv1
must be specified. - ssl_
support_ strmethod - How you want CloudFront to serve HTTPS requests. One of
vip
,sni-only
, orstatic-ip
. Required if you specifyacm_certificate_arn
oriam_certificate_id
. NOTE:vip
causes CloudFront to use a dedicated IP address and may incur extra charges.
- acm
Certificate StringArn - ARN of the AWS Certificate Manager certificate that you wish to use with this distribution. Specify this,
cloudfront_default_certificate
, oriam_certificate_id
. The ACM certificate must be in US-EAST-1. - cloudfront
Default BooleanCertificate true
if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this,acm_certificate_arn
, oriam_certificate_id
.- iam
Certificate StringId - IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this,
acm_certificate_arn
, orcloudfront_default_certificate
. - minimum
Protocol StringVersion - Minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. Can only be set if
cloudfront_default_certificate = false
. See all possible values in this table under "Security policy." Some examples include:TLSv1.2_2019
andTLSv1.2_2021
. Default:TLSv1
. NOTE: If you are using a custom certificate (specified withacm_certificate_arn
oriam_certificate_id
), and have specifiedsni-only
inssl_support_method
,TLSv1
or later must be specified. If you have specifiedvip
inssl_support_method
, onlySSLv3
orTLSv1
can be specified. If you have specifiedcloudfront_default_certificate
,TLSv1
must be specified. - ssl
Support StringMethod - How you want CloudFront to serve HTTPS requests. One of
vip
,sni-only
, orstatic-ip
. Required if you specifyacm_certificate_arn
oriam_certificate_id
. NOTE:vip
causes CloudFront to use a dedicated IP address and may incur extra charges.
Import
Using pulumi import
, import CloudFront Distributions using the id
. For example:
$ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE
To learn more about importing existing cloud resources, see Importing resources.
Package Details
- Repository
- AWS Classic pulumi/pulumi-aws
- License
- Apache-2.0
- Notes
- This Pulumi package is based on the
aws
Terraform Provider.