Module types

Data structures used by operation inputs/outputs.

Modules

• builders
  Builders
• error
  Error types that Amazon CloudFront can respond with.

Structs

• ActiveTrustedKeyGroups

  A list of key groups, and the public keys in each key group, that CloudFront can use to verify the signatures of signed URLs and signed cookies.

• ActiveTrustedSigners

  A list of Amazon Web Services accounts and the active CloudFront key pairs in each account that CloudFront can use to verify the signatures of signed URLs and signed cookies.

• AliasIcpRecordal

  Amazon Web Services services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions. The status is returned in the CloudFront response; you can't configure it yourself.

  For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Started with Amazon Web Services services in China.

• Aliases

  A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.

• AllowedMethods

  A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:

  • CloudFront forwards only GET and HEAD requests.

  • CloudFront forwards only GET, HEAD, and OPTIONS requests.

  • CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE requests.

  If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.

• CacheBehavior

  A complex type that describes how CloudFront processes requests.

  You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.

  For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see Quotas in the Amazon CloudFront Developer Guide.

  If you don't want to specify any cache behaviors, include only an empty CacheBehaviors element. Don't specify an empty individual CacheBehavior element, because this is invalid. For more information, see CacheBehaviors.

  To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty CacheBehaviors element.

  To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.

  For more information about cache behaviors, see Cache Behavior Settings in the Amazon CloudFront Developer Guide.

• CacheBehaviors

  A complex type that contains zero or more CacheBehavior elements.

• CachePolicy

  A cache policy.

  When it's attached to a cache behavior, the cache policy determines the following:

  • The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.

  • The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.

  The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but not include them in the cache key, use OriginRequestPolicy.

• CachePolicyConfig

  A cache policy configuration.

  This configuration determines the following:

  • The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.

  • The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.

  The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but not include them in the cache key, use OriginRequestPolicy.

• CachePolicyCookiesConfig

  An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.

• CachePolicyHeadersConfig

  An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.

• CachePolicyList

  A list of cache policies.

• CachePolicyQueryStringsConfig

  An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.

• CachePolicySummary

  Contains a cache policy.

• CachedMethods

  A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:

  • CloudFront caches responses to GET and HEAD requests.

  • CloudFront caches responses to GET, HEAD, and OPTIONS requests.

  If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.

• CloudFrontOriginAccessIdentity

  CloudFront origin access identity.

• CloudFrontOriginAccessIdentityConfig

  Origin access identity configuration. Send a GET request to the /CloudFront API version/CloudFront/identity ID/config resource.

• CloudFrontOriginAccessIdentityList

  Lists the origin access identities for CloudFront.Send a GET request to the /CloudFront API version/origin-access-identity/cloudfront resource. The response includes a CloudFrontOriginAccessIdentityList element with zero or more CloudFrontOriginAccessIdentitySummary child elements. By default, your entire list of origin access identities is returned in one single page. If the list is long, you can paginate it using the MaxItems and Marker parameters.

• CloudFrontOriginAccessIdentitySummary

  Summary of the information about a CloudFront origin access identity.

• ConflictingAlias

  An alias (also called a CNAME) and the CloudFront distribution and Amazon Web Services account ID that it's associated with. The distribution and account IDs are partially hidden, which allows you to identify the distributions and accounts that you own, but helps to protect the information of ones that you don't own.

• ConflictingAliasesList

  A list of aliases (also called CNAMEs) and the CloudFront distributions and Amazon Web Services accounts that they are associated with. In the list, the distribution and account IDs are partially hidden, which allows you to identify the distributions and accounts that you own, but helps to protect the information of ones that you don't own.

• ContentTypeProfile

  A field-level encryption content type profile.

• ContentTypeProfileConfig

  The configuration for a field-level encryption content type-profile mapping.

• ContentTypeProfiles

  Field-level encryption content type-profile.

• ContinuousDeploymentPolicy

  A continuous deployment policy.

• ContinuousDeploymentPolicyConfig

  Contains the configuration for a continuous deployment policy.

• ContinuousDeploymentPolicyList

  Contains a list of continuous deployment policies.

• ContinuousDeploymentPolicySummary

  A summary of the information about your continuous deployment policies.

• ContinuousDeploymentSingleHeaderConfig

  This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.

• ContinuousDeploymentSingleWeightConfig

  Contains the percentage of traffic to send to a staging distribution.

• CookieNames

  Contains a list of cookie names.

• CookiePreference

  This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.

  If you want to include cookies in the cache key, use CookiesConfig in a cache policy. See CachePolicy.

  If you want to send cookies to the origin but not include them in the cache key, use CookiesConfig in an origin request policy. See OriginRequestPolicy.

  A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see Caching Content Based on Cookies in the Amazon CloudFront Developer Guide.

• CustomErrorResponse

  A complex type that controls:

  • Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.

  • How long CloudFront caches HTTP status codes in the 4xx and 5xx range.

  For more information about custom error pages, see Customizing Error Responses in the Amazon CloudFront Developer Guide.

• CustomErrorResponses

  A complex type that controls:

  • Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.

  • How long CloudFront caches HTTP status codes in the 4xx and 5xx range.

  For more information about custom error pages, see Customizing Error Responses in the Amazon CloudFront Developer Guide.

• CustomHeaders

  A complex type that contains the list of Custom Headers for each origin.

• CustomOriginConfig

  A custom origin. A custom origin is any origin that is not an Amazon S3 bucket, with one exception. An Amazon S3 bucket that is configured with static website hosting is a custom origin.

• DefaultCacheBehavior

  A complex type that describes the default cache behavior if you don't specify a CacheBehavior element or if request URLs don't match any of the values of PathPattern in CacheBehavior elements. You must create exactly one default cache behavior.

• Distribution

  A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.

• DistributionConfig

  A distribution configuration.

• DistributionConfigWithTags

  A distribution Configuration and a list of tags to be associated with the distribution.

• DistributionIdList

  A list of distribution IDs.

• DistributionList

  A distribution list.

• DistributionSummary

  A summary of the information about a CloudFront distribution.

• EncryptionEntities

  Complex data type for field-level encryption profiles that includes all of the encryption entities.

• EncryptionEntity

  Complex data type for field-level encryption profiles that includes the encryption key and field pattern specifications.

• EndPoint

  Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.

• FieldLevelEncryption

  A complex data type that includes the profile configurations and other options specified for field-level encryption.

• FieldLevelEncryptionConfig

  A complex data type that includes the profile configurations specified for field-level encryption.

• FieldLevelEncryptionList

  List of field-level encryption configurations.

• FieldLevelEncryptionProfile

  A complex data type for field-level encryption profiles.

• FieldLevelEncryptionProfileConfig

  A complex data type of profiles for the field-level encryption.

• FieldLevelEncryptionProfileList

  List of field-level encryption profiles.

• FieldLevelEncryptionProfileSummary

  The field-level encryption profile summary.

• FieldLevelEncryptionSummary

  A summary of a field-level encryption item.

• FieldPatterns

  A complex data type that includes the field patterns to match for field-level encryption.

• ForwardedValues

  This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.

  If you want to include values in the cache key, use a cache policy. For more information, see Creating cache policies in the Amazon CloudFront Developer Guide.

  If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see Creating origin request policies in the Amazon CloudFront Developer Guide.

  A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

• FunctionAssociation

  A CloudFront function that is associated with a cache behavior in a CloudFront distribution.

• FunctionAssociations

  A list of CloudFront functions that are associated with a cache behavior in a CloudFront distribution. Your functions must be published to the LIVE stage to associate them with a cache behavior.

• FunctionConfig

  Contains configuration information about a CloudFront function.

• FunctionList

  A list of CloudFront functions.

• FunctionMetadata

  Contains metadata about a CloudFront function.

• FunctionSummary

  Contains configuration information and metadata about a CloudFront function.

• GeoRestriction

  A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using MaxMind GeoIP databases.

• Headers

  Contains a list of HTTP header names.

• ImportSource

  The import source for the key value store.

• Invalidation

  An invalidation.

• InvalidationBatch

  An invalidation batch.

• InvalidationList

  The InvalidationList complex type describes the list of invalidation objects. For more information about invalidation, see Invalidating Objects (Web Distributions Only) in the Amazon CloudFront Developer Guide.

• InvalidationSummary

  A summary of an invalidation request.

• KeyGroup

  A key group.

  A key group contains a list of public keys that you can use with CloudFront signed URLs and signed cookies.

• KeyGroupConfig

  A key group configuration.

  A key group contains a list of public keys that you can use with CloudFront signed URLs and signed cookies.

• KeyGroupList

  A list of key groups.

• KeyGroupSummary

  Contains information about a key group.

• KeyPairIds

  A list of CloudFront key pair identifiers.

• KeyValueStore

  The key value store. Use this to separate data from function code, allowing you to update data without having to publish a new version of a function. The key value store holds keys and their corresponding values.

• KeyValueStoreAssociation

  The key value store association.

• KeyValueStoreAssociations

  The key value store associations.

• KeyValueStoreList

  The key value store list.

• KgKeyPairIds

  A list of identifiers for the public keys that CloudFront can use to verify the signatures of signed URLs and signed cookies.

• KinesisStreamConfig

  Contains information about the Amazon Kinesis data stream where you are sending real-time log data.

• LambdaFunctionAssociation

  A complex type that contains a Lambda@Edge function association.

• LambdaFunctionAssociations

  A complex type that specifies a list of Lambda@Edge functions associations for a cache behavior.

  If you want to invoke one or more Lambda@Edge functions triggered by requests that match the PathPattern of the cache behavior, specify the applicable values for Quantity and Items. Note that there can be up to 4 LambdaFunctionAssociation items in this list (one for each possible value of EventType) and each EventType can be associated with only one function.

  If you don't want to invoke any Lambda@Edge functions for the requests that match PathPattern, specify 0 for Quantity and omit Items.

• LoggingConfig

  A complex type that controls whether access logs are written for the distribution.

• MonitoringSubscription

  A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.

• Origin

  An origin.

  An origin is the location where content is stored, and from which CloudFront gets content to serve to viewers. To specify an origin:

  • Use S3OriginConfig to specify an Amazon S3 bucket that is not configured with static website hosting.

  • Use CustomOriginConfig to specify all other kinds of origins, including:

    • An Amazon S3 bucket that is configured with static website hosting

    • An Elastic Load Balancing load balancer

    • An Elemental MediaPackage endpoint

    • An Elemental MediaStore container

    • Any other HTTP server, running on an Amazon EC2 instance or any other kind of host

  For the current maximum number of origins that you can specify per distribution, see General Quotas on Web Distributions in the Amazon CloudFront Developer Guide (quotas were formerly referred to as limits).

• OriginAccessControl

  A CloudFront origin access control, including its unique identifier.

• OriginAccessControlConfig

  A CloudFront origin access control configuration.

• OriginAccessControlList

  A list of CloudFront origin access controls.

• OriginAccessControlSummary

  A CloudFront origin access control.

• OriginCustomHeader

  A complex type that contains HeaderName and HeaderValue elements, if any, for this distribution.

• OriginGroup

  An origin group includes two origins (a primary origin and a second origin to failover to) and a failover criteria that you specify. You create an origin group to support origin failover in CloudFront. When you create or update a distribution, you can specify the origin group instead of a single origin, and CloudFront will failover from the primary origin to the second origin under the failover conditions that you've chosen.

• OriginGroupFailoverCriteria

  A complex data type that includes information about the failover criteria for an origin group, including the status codes for which CloudFront will failover from the primary origin to the second origin.

• OriginGroupMember

  An origin in an origin group.

• OriginGroupMembers

  A complex data type for the origins included in an origin group.

• OriginGroups

  A complex data type for the origin groups specified for a distribution.

• OriginRequestPolicy

  An origin request policy.

  When it's attached to a cache behavior, the origin request policy determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:

  • The request body and the URL path (without the domain name) from the viewer request.

  • The headers that CloudFront automatically includes in every origin request, including Host, User-Agent, and X-Amz-Cf-Id.

  • All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.

  CloudFront sends a request when it can't find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use CachePolicy.

• OriginRequestPolicyConfig

  An origin request policy configuration.

  This configuration determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:

  • The request body and the URL path (without the domain name) from the viewer request.

  • The headers that CloudFront automatically includes in every origin request, including Host, User-Agent, and X-Amz-Cf-Id.

  • All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.

  CloudFront sends a request when it can't find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use CachePolicy.

• OriginRequestPolicyCookiesConfig

  An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin.

• OriginRequestPolicyHeadersConfig

  An object that determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin.

• OriginRequestPolicyList

  A list of origin request policies.

• OriginRequestPolicyQueryStringsConfig

  An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin.

• OriginRequestPolicySummary

  Contains an origin request policy.

• OriginShield

  CloudFront Origin Shield.

  Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.

• OriginSslProtocols

  A complex type that contains information about the SSL/TLS protocols that CloudFront can use when establishing an HTTPS connection with your origin.

• Origins

  Contains information about the origins for this distribution.

• ParametersInCacheKeyAndForwardedToOrigin

  This object determines the values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.

  The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find an object in its cache that matches the request's cache key. If you want to send values to the origin but not include them in the cache key, use OriginRequestPolicy.

• Paths

  A complex type that contains information about the objects that you want to invalidate. For more information, see Specifying the Objects to Invalidate in the Amazon CloudFront Developer Guide.

• PublicKey

  A public key that you can use with signed URLs and signed cookies, or with field-level encryption.

• PublicKeyConfig

  Configuration information about a public key that you can use with signed URLs and signed cookies, or with field-level encryption.

• PublicKeyList

  A list of public keys that you can use with signed URLs and signed cookies, or with field-level encryption.

• PublicKeySummary

  Contains information about a public key.

• QueryArgProfile

  Query argument-profile mapping for field-level encryption.

• QueryArgProfileConfig

  Configuration for query argument-profile mapping for field-level encryption.

• QueryArgProfiles

  Query argument-profile mapping for field-level encryption.

• QueryStringCacheKeys

  This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.

  If you want to include query strings in the cache key, use QueryStringsConfig in a cache policy. See CachePolicy.

  If you want to send query strings to the origin but not include them in the cache key, use QueryStringsConfig in an origin request policy. See OriginRequestPolicy.

  A complex type that contains information about the query string parameters that you want CloudFront to use for caching for a cache behavior.

• QueryStringNames

  Contains a list of query string names.

• RealtimeLogConfig

  A real-time log configuration.

• RealtimeLogConfigs

  A list of real-time log configurations.

• RealtimeMetricsSubscriptionConfig

  A subscription configuration for additional CloudWatch metrics.

• ResponseHeadersPolicy

  A response headers policy.

  A response headers policy contains information about a set of HTTP response headers.

  After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it's attached to a cache behavior, the response headers policy affects the HTTP headers that CloudFront includes in HTTP responses to requests that match the cache behavior. CloudFront adds or removes response headers according to the configuration of the response headers policy.

  For more information, see Adding or removing HTTP headers in CloudFront responses in the Amazon CloudFront Developer Guide.

• ResponseHeadersPolicyAccessControlAllowHeaders

  A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.

  For more information about the Access-Control-Allow-Headers HTTP response header, see Access-Control-Allow-Headers in the MDN Web Docs.

• ResponseHeadersPolicyAccessControlAllowMethods

  A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

  For more information about the Access-Control-Allow-Methods HTTP response header, see Access-Control-Allow-Methods in the MDN Web Docs.

• ResponseHeadersPolicyAccessControlAllowOrigins

  A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.

  For more information about the Access-Control-Allow-Origin HTTP response header, see Access-Control-Allow-Origin in the MDN Web Docs.

• ResponseHeadersPolicyAccessControlExposeHeaders

  A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.

  For more information about the Access-Control-Expose-Headers HTTP response header, see Access-Control-Expose-Headers in the MDN Web Docs.

• ResponseHeadersPolicyConfig

  A response headers policy configuration.

  A response headers policy configuration contains metadata about the response headers policy, and configurations for sets of HTTP response headers.

• ResponseHeadersPolicyContentSecurityPolicy

  The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

  For more information about the Content-Security-Policy HTTP response header, see Content-Security-Policy in the MDN Web Docs.

• ResponseHeadersPolicyContentTypeOptions

  Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

  For more information about the X-Content-Type-Options HTTP response header, see X-Content-Type-Options in the MDN Web Docs.

• ResponseHeadersPolicyCorsConfig

  A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.

  For more information about CORS, see Cross-Origin Resource Sharing (CORS) in the MDN Web Docs.

• ResponseHeadersPolicyCustomHeader

  An HTTP response header name and its value. CloudFront includes this header in HTTP responses that it sends for requests that match a cache behavior that's associated with this response headers policy.

• ResponseHeadersPolicyCustomHeadersConfig

  A list of HTTP response header names and their values. CloudFront includes these headers in HTTP responses that it sends for requests that match a cache behavior that's associated with this response headers policy.

• ResponseHeadersPolicyFrameOptions

  Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.

  For more information about the X-Frame-Options HTTP response header, see X-Frame-Options in the MDN Web Docs.

• ResponseHeadersPolicyList

  A list of response headers policies.

• ResponseHeadersPolicyReferrerPolicy

  Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.

  For more information about the Referrer-Policy HTTP response header, see Referrer-Policy in the MDN Web Docs.

• ResponseHeadersPolicyRemoveHeader

  The name of an HTTP header that CloudFront removes from HTTP responses to requests that match the cache behavior that this response headers policy is attached to.

• ResponseHeadersPolicyRemoveHeadersConfig

  A list of HTTP header names that CloudFront removes from HTTP responses to requests that match the cache behavior that this response headers policy is attached to.

• ResponseHeadersPolicySecurityHeadersConfig

  A configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.

• ResponseHeadersPolicyServerTimingHeadersConfig

  A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. CloudFront adds this header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.

  You can use the Server-Timing header to view metrics that can help you gain insights about the behavior and performance of CloudFront. For example, you can see which cache layer served a cache hit, or the first byte latency from the origin when there was a cache miss. You can use the metrics in the Server-Timing header to troubleshoot issues or test the efficiency of your CloudFront configuration. For more information, see Server-Timing header in the Amazon CloudFront Developer Guide.

• ResponseHeadersPolicyStrictTransportSecurity

  Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.

  For more information about the Strict-Transport-Security HTTP response header, see Strict-Transport-Security in the MDN Web Docs.

• ResponseHeadersPolicySummary

  Contains a response headers policy.

• ResponseHeadersPolicyXssProtection

  Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.

  For more information about the X-XSS-Protection HTTP response header, see X-XSS-Protection in the MDN Web Docs.

• Restrictions

  A complex type that identifies ways in which you want to restrict distribution of your content.

• S3Origin

  A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.

• S3OriginConfig

  A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin or an S3 bucket that is configured as a website endpoint, use the CustomOriginConfig element instead.

• SessionStickinessConfig

  Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.

• Signer

  A list of Amazon Web Services accounts and the active CloudFront key pairs in each account that CloudFront can use to verify the signatures of signed URLs and signed cookies.

• StagingDistributionDnsNames

  The CloudFront domain name of the staging distribution.

• StatusCodes

  A complex data type for the status codes that you specify that, when returned by a primary origin, trigger CloudFront to failover to a second origin.

• StreamingDistribution

  A streaming distribution tells CloudFront where you want RTMP content to be delivered from, and the details about how to track and manage content delivery.

• StreamingDistributionConfig

  The RTMP distribution's configuration information.

• StreamingDistributionConfigWithTags

  A streaming distribution Configuration and a list of tags to be associated with the streaming distribution.

• StreamingDistributionList

  A streaming distribution list.

• StreamingDistributionSummary

  A summary of the information for a CloudFront streaming distribution.

• StreamingLoggingConfig

  A complex type that controls whether access logs are written for this streaming distribution.

• Tag

  A complex type that contains Tag key and Tag value.

• TagKeys

  A complex type that contains zero or more Tag elements.

• Tags

  A complex type that contains zero or more Tag elements.

• TestResult

  Contains the result of testing a CloudFront function with TestFunction.

• TrafficConfig

  The traffic configuration of your continuous deployment.

• TrustedKeyGroups

  A list of key groups whose public keys CloudFront can use to verify the signatures of signed URLs and signed cookies.

• TrustedSigners

  A list of Amazon Web Services accounts whose public keys CloudFront can use to verify the signatures of signed URLs and signed cookies.

• ViewerCertificate

  A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.

  If the distribution doesn't use Aliases (also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net—set CloudFrontDefaultCertificate to true and leave all other fields empty.

  If the distribution uses Aliases (alternate domain names or CNAMEs), use the fields in this type to specify the following settings:

  • Which viewers the distribution accepts HTTPS connections from: only viewers that support server name indication (SNI) (recommended), or all viewers including those that don't support SNI.

    • To accept HTTPS connections from only viewers that support SNI, set SSLSupportMethod to sni-only. This is recommended. Most browsers and clients support SNI.

    • To accept HTTPS connections from all viewers, including those that don't support SNI, set SSLSupportMethod to vip. This is not recommended, and results in additional monthly charges from CloudFront.

  • The minimum SSL/TLS protocol version that the distribution can use to communicate with viewers. To specify a minimum version, choose a value for MinimumProtocolVersion. For more information, see Security Policy in the Amazon CloudFront Developer Guide.

  • The location of the SSL/TLS certificate, Certificate Manager (ACM) (recommended) or Identity and Access Management (IAM). You specify the location by setting a value in one of the following fields (not both):

    • ACMCertificateArn

    • IAMCertificateId

  All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use ViewerProtocolPolicy in the CacheBehavior or DefaultCacheBehavior. To specify how CloudFront should use SSL/TLS to communicate with your custom origin, use CustomOriginConfig.

  For more information, see Using HTTPS with CloudFront and Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.

Enums

• CachePolicyCookieBehavior
  When writing a match expression against CachePolicyCookieBehavior, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• CachePolicyHeaderBehavior
  When writing a match expression against CachePolicyHeaderBehavior, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• CachePolicyQueryStringBehavior
  When writing a match expression against CachePolicyQueryStringBehavior, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• CachePolicyType
  When writing a match expression against CachePolicyType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• CertificateSource
  When writing a match expression against CertificateSource, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ContinuousDeploymentPolicyType
  When writing a match expression against ContinuousDeploymentPolicyType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• EventType
  When writing a match expression against EventType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• Format
  When writing a match expression against Format, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• FrameOptionsList
  When writing a match expression against FrameOptionsList, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• FunctionRuntime
  When writing a match expression against FunctionRuntime, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• FunctionStage
  When writing a match expression against FunctionStage, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• GeoRestrictionType
  When writing a match expression against GeoRestrictionType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• HttpVersion
  When writing a match expression against HttpVersion, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• IcpRecordalStatus
  When writing a match expression against IcpRecordalStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ImportSourceType
  When writing a match expression against ImportSourceType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ItemSelection
  When writing a match expression against ItemSelection, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• Method
  When writing a match expression against Method, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• MinimumProtocolVersion
  When writing a match expression against MinimumProtocolVersion, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginAccessControlOriginTypes
  When writing a match expression against OriginAccessControlOriginTypes, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginAccessControlSigningBehaviors
  When writing a match expression against OriginAccessControlSigningBehaviors, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginAccessControlSigningProtocols
  When writing a match expression against OriginAccessControlSigningProtocols, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginProtocolPolicy
  When writing a match expression against OriginProtocolPolicy, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginRequestPolicyCookieBehavior
  When writing a match expression against OriginRequestPolicyCookieBehavior, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginRequestPolicyHeaderBehavior
  When writing a match expression against OriginRequestPolicyHeaderBehavior, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginRequestPolicyQueryStringBehavior
  When writing a match expression against OriginRequestPolicyQueryStringBehavior, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• OriginRequestPolicyType
  When writing a match expression against OriginRequestPolicyType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• PriceClass
  When writing a match expression against PriceClass, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• RealtimeMetricsSubscriptionStatus
  When writing a match expression against RealtimeMetricsSubscriptionStatus, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ReferrerPolicyList
  When writing a match expression against ReferrerPolicyList, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ResponseHeadersPolicyAccessControlAllowMethodsValues
  When writing a match expression against ResponseHeadersPolicyAccessControlAllowMethodsValues, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ResponseHeadersPolicyType
  When writing a match expression against ResponseHeadersPolicyType, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• SslProtocol
  When writing a match expression against SslProtocol, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• SslSupportMethod
  When writing a match expression against SslSupportMethod, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.
• ViewerProtocolPolicy
  When writing a match expression against ViewerProtocolPolicy, it is important to ensure your code is forward-compatible. That is, if a match arm handles a case for a feature that is supported by the service but has not been represented as an enum variant in a current version of SDK, your code should continue to work when you upgrade SDK to a future version in which the enum does include a variant for that feature.