aws_sdk_cloudfront/types/_origin_access_control_config.rs
1// Code generated by software.amazon.smithy.rust.codegen.smithy-rs. DO NOT EDIT.
2
3/// <p>A CloudFront origin access control configuration.</p>
4#[non_exhaustive]
5#[derive(::std::clone::Clone, ::std::cmp::PartialEq, ::std::fmt::Debug)]
6pub struct OriginAccessControlConfig {
7 /// <p>A name to identify the origin access control. You can specify up to 64 characters.</p>
8 pub name: ::std::string::String,
9 /// <p>A description of the origin access control.</p>
10 pub description: ::std::option::Option<::std::string::String>,
11 /// <p>The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is <code>sigv4</code>.</p>
12 pub signing_protocol: crate::types::OriginAccessControlSigningProtocols,
13 /// <p>Specifies which requests CloudFront signs (adds authentication information to). Specify <code>always</code> for the most common use case. For more information, see <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings">origin access control advanced settings</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>
14 /// <p>This field can have one of the following values:</p>
15 /// <ul>
16 /// <li>
17 /// <p><code>always</code> – CloudFront signs all origin requests, overwriting the <code>Authorization</code> header from the viewer request if one exists.</p></li>
18 /// <li>
19 /// <p><code>never</code> – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.</p></li>
20 /// <li>
21 /// <p><code>no-override</code> – If the viewer request doesn't contain the <code>Authorization</code> header, then CloudFront signs the origin request. If the viewer request contains the <code>Authorization</code> header, then CloudFront doesn't sign the origin request and instead passes along the <code>Authorization</code> header from the viewer request. <b>WARNING: To pass along the <code>Authorization</code> header from the viewer request, you <i>must</i> add the <code>Authorization</code> header to a <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html">cache policy</a> for all cache behaviors that use origins associated with this origin access control.</b></p></li>
22 /// </ul>
23 pub signing_behavior: crate::types::OriginAccessControlSigningBehaviors,
24 /// <p>The type of origin that this origin access control is for.</p>
25 pub origin_access_control_origin_type: crate::types::OriginAccessControlOriginTypes,
26}
27impl OriginAccessControlConfig {
28 /// <p>A name to identify the origin access control. You can specify up to 64 characters.</p>
29 pub fn name(&self) -> &str {
30 use std::ops::Deref;
31 self.name.deref()
32 }
33 /// <p>A description of the origin access control.</p>
34 pub fn description(&self) -> ::std::option::Option<&str> {
35 self.description.as_deref()
36 }
37 /// <p>The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is <code>sigv4</code>.</p>
38 pub fn signing_protocol(&self) -> &crate::types::OriginAccessControlSigningProtocols {
39 &self.signing_protocol
40 }
41 /// <p>Specifies which requests CloudFront signs (adds authentication information to). Specify <code>always</code> for the most common use case. For more information, see <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings">origin access control advanced settings</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>
42 /// <p>This field can have one of the following values:</p>
43 /// <ul>
44 /// <li>
45 /// <p><code>always</code> – CloudFront signs all origin requests, overwriting the <code>Authorization</code> header from the viewer request if one exists.</p></li>
46 /// <li>
47 /// <p><code>never</code> – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.</p></li>
48 /// <li>
49 /// <p><code>no-override</code> – If the viewer request doesn't contain the <code>Authorization</code> header, then CloudFront signs the origin request. If the viewer request contains the <code>Authorization</code> header, then CloudFront doesn't sign the origin request and instead passes along the <code>Authorization</code> header from the viewer request. <b>WARNING: To pass along the <code>Authorization</code> header from the viewer request, you <i>must</i> add the <code>Authorization</code> header to a <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html">cache policy</a> for all cache behaviors that use origins associated with this origin access control.</b></p></li>
50 /// </ul>
51 pub fn signing_behavior(&self) -> &crate::types::OriginAccessControlSigningBehaviors {
52 &self.signing_behavior
53 }
54 /// <p>The type of origin that this origin access control is for.</p>
55 pub fn origin_access_control_origin_type(&self) -> &crate::types::OriginAccessControlOriginTypes {
56 &self.origin_access_control_origin_type
57 }
58}
59impl OriginAccessControlConfig {
60 /// Creates a new builder-style object to manufacture [`OriginAccessControlConfig`](crate::types::OriginAccessControlConfig).
61 pub fn builder() -> crate::types::builders::OriginAccessControlConfigBuilder {
62 crate::types::builders::OriginAccessControlConfigBuilder::default()
63 }
64}
65
66/// A builder for [`OriginAccessControlConfig`](crate::types::OriginAccessControlConfig).
67#[derive(::std::clone::Clone, ::std::cmp::PartialEq, ::std::default::Default, ::std::fmt::Debug)]
68#[non_exhaustive]
69pub struct OriginAccessControlConfigBuilder {
70 pub(crate) name: ::std::option::Option<::std::string::String>,
71 pub(crate) description: ::std::option::Option<::std::string::String>,
72 pub(crate) signing_protocol: ::std::option::Option<crate::types::OriginAccessControlSigningProtocols>,
73 pub(crate) signing_behavior: ::std::option::Option<crate::types::OriginAccessControlSigningBehaviors>,
74 pub(crate) origin_access_control_origin_type: ::std::option::Option<crate::types::OriginAccessControlOriginTypes>,
75}
76impl OriginAccessControlConfigBuilder {
77 /// <p>A name to identify the origin access control. You can specify up to 64 characters.</p>
78 /// This field is required.
79 pub fn name(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
80 self.name = ::std::option::Option::Some(input.into());
81 self
82 }
83 /// <p>A name to identify the origin access control. You can specify up to 64 characters.</p>
84 pub fn set_name(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
85 self.name = input;
86 self
87 }
88 /// <p>A name to identify the origin access control. You can specify up to 64 characters.</p>
89 pub fn get_name(&self) -> &::std::option::Option<::std::string::String> {
90 &self.name
91 }
92 /// <p>A description of the origin access control.</p>
93 pub fn description(mut self, input: impl ::std::convert::Into<::std::string::String>) -> Self {
94 self.description = ::std::option::Option::Some(input.into());
95 self
96 }
97 /// <p>A description of the origin access control.</p>
98 pub fn set_description(mut self, input: ::std::option::Option<::std::string::String>) -> Self {
99 self.description = input;
100 self
101 }
102 /// <p>A description of the origin access control.</p>
103 pub fn get_description(&self) -> &::std::option::Option<::std::string::String> {
104 &self.description
105 }
106 /// <p>The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is <code>sigv4</code>.</p>
107 /// This field is required.
108 pub fn signing_protocol(mut self, input: crate::types::OriginAccessControlSigningProtocols) -> Self {
109 self.signing_protocol = ::std::option::Option::Some(input);
110 self
111 }
112 /// <p>The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is <code>sigv4</code>.</p>
113 pub fn set_signing_protocol(mut self, input: ::std::option::Option<crate::types::OriginAccessControlSigningProtocols>) -> Self {
114 self.signing_protocol = input;
115 self
116 }
117 /// <p>The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is <code>sigv4</code>.</p>
118 pub fn get_signing_protocol(&self) -> &::std::option::Option<crate::types::OriginAccessControlSigningProtocols> {
119 &self.signing_protocol
120 }
121 /// <p>Specifies which requests CloudFront signs (adds authentication information to). Specify <code>always</code> for the most common use case. For more information, see <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings">origin access control advanced settings</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>
122 /// <p>This field can have one of the following values:</p>
123 /// <ul>
124 /// <li>
125 /// <p><code>always</code> – CloudFront signs all origin requests, overwriting the <code>Authorization</code> header from the viewer request if one exists.</p></li>
126 /// <li>
127 /// <p><code>never</code> – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.</p></li>
128 /// <li>
129 /// <p><code>no-override</code> – If the viewer request doesn't contain the <code>Authorization</code> header, then CloudFront signs the origin request. If the viewer request contains the <code>Authorization</code> header, then CloudFront doesn't sign the origin request and instead passes along the <code>Authorization</code> header from the viewer request. <b>WARNING: To pass along the <code>Authorization</code> header from the viewer request, you <i>must</i> add the <code>Authorization</code> header to a <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html">cache policy</a> for all cache behaviors that use origins associated with this origin access control.</b></p></li>
130 /// </ul>
131 /// This field is required.
132 pub fn signing_behavior(mut self, input: crate::types::OriginAccessControlSigningBehaviors) -> Self {
133 self.signing_behavior = ::std::option::Option::Some(input);
134 self
135 }
136 /// <p>Specifies which requests CloudFront signs (adds authentication information to). Specify <code>always</code> for the most common use case. For more information, see <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings">origin access control advanced settings</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>
137 /// <p>This field can have one of the following values:</p>
138 /// <ul>
139 /// <li>
140 /// <p><code>always</code> – CloudFront signs all origin requests, overwriting the <code>Authorization</code> header from the viewer request if one exists.</p></li>
141 /// <li>
142 /// <p><code>never</code> – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.</p></li>
143 /// <li>
144 /// <p><code>no-override</code> – If the viewer request doesn't contain the <code>Authorization</code> header, then CloudFront signs the origin request. If the viewer request contains the <code>Authorization</code> header, then CloudFront doesn't sign the origin request and instead passes along the <code>Authorization</code> header from the viewer request. <b>WARNING: To pass along the <code>Authorization</code> header from the viewer request, you <i>must</i> add the <code>Authorization</code> header to a <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html">cache policy</a> for all cache behaviors that use origins associated with this origin access control.</b></p></li>
145 /// </ul>
146 pub fn set_signing_behavior(mut self, input: ::std::option::Option<crate::types::OriginAccessControlSigningBehaviors>) -> Self {
147 self.signing_behavior = input;
148 self
149 }
150 /// <p>Specifies which requests CloudFront signs (adds authentication information to). Specify <code>always</code> for the most common use case. For more information, see <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings">origin access control advanced settings</a> in the <i>Amazon CloudFront Developer Guide</i>.</p>
151 /// <p>This field can have one of the following values:</p>
152 /// <ul>
153 /// <li>
154 /// <p><code>always</code> – CloudFront signs all origin requests, overwriting the <code>Authorization</code> header from the viewer request if one exists.</p></li>
155 /// <li>
156 /// <p><code>never</code> – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.</p></li>
157 /// <li>
158 /// <p><code>no-override</code> – If the viewer request doesn't contain the <code>Authorization</code> header, then CloudFront signs the origin request. If the viewer request contains the <code>Authorization</code> header, then CloudFront doesn't sign the origin request and instead passes along the <code>Authorization</code> header from the viewer request. <b>WARNING: To pass along the <code>Authorization</code> header from the viewer request, you <i>must</i> add the <code>Authorization</code> header to a <a href="https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html">cache policy</a> for all cache behaviors that use origins associated with this origin access control.</b></p></li>
159 /// </ul>
160 pub fn get_signing_behavior(&self) -> &::std::option::Option<crate::types::OriginAccessControlSigningBehaviors> {
161 &self.signing_behavior
162 }
163 /// <p>The type of origin that this origin access control is for.</p>
164 /// This field is required.
165 pub fn origin_access_control_origin_type(mut self, input: crate::types::OriginAccessControlOriginTypes) -> Self {
166 self.origin_access_control_origin_type = ::std::option::Option::Some(input);
167 self
168 }
169 /// <p>The type of origin that this origin access control is for.</p>
170 pub fn set_origin_access_control_origin_type(mut self, input: ::std::option::Option<crate::types::OriginAccessControlOriginTypes>) -> Self {
171 self.origin_access_control_origin_type = input;
172 self
173 }
174 /// <p>The type of origin that this origin access control is for.</p>
175 pub fn get_origin_access_control_origin_type(&self) -> &::std::option::Option<crate::types::OriginAccessControlOriginTypes> {
176 &self.origin_access_control_origin_type
177 }
178 /// Consumes the builder and constructs a [`OriginAccessControlConfig`](crate::types::OriginAccessControlConfig).
179 /// This method will fail if any of the following fields are not set:
180 /// - [`name`](crate::types::builders::OriginAccessControlConfigBuilder::name)
181 /// - [`signing_protocol`](crate::types::builders::OriginAccessControlConfigBuilder::signing_protocol)
182 /// - [`signing_behavior`](crate::types::builders::OriginAccessControlConfigBuilder::signing_behavior)
183 /// - [`origin_access_control_origin_type`](crate::types::builders::OriginAccessControlConfigBuilder::origin_access_control_origin_type)
184 pub fn build(self) -> ::std::result::Result<crate::types::OriginAccessControlConfig, ::aws_smithy_types::error::operation::BuildError> {
185 ::std::result::Result::Ok(crate::types::OriginAccessControlConfig {
186 name: self.name.ok_or_else(|| {
187 ::aws_smithy_types::error::operation::BuildError::missing_field(
188 "name",
189 "name was not specified but it is required when building OriginAccessControlConfig",
190 )
191 })?,
192 description: self.description,
193 signing_protocol: self.signing_protocol.ok_or_else(|| {
194 ::aws_smithy_types::error::operation::BuildError::missing_field(
195 "signing_protocol",
196 "signing_protocol was not specified but it is required when building OriginAccessControlConfig",
197 )
198 })?,
199 signing_behavior: self.signing_behavior.ok_or_else(|| {
200 ::aws_smithy_types::error::operation::BuildError::missing_field(
201 "signing_behavior",
202 "signing_behavior was not specified but it is required when building OriginAccessControlConfig",
203 )
204 })?,
205 origin_access_control_origin_type: self.origin_access_control_origin_type.ok_or_else(|| {
206 ::aws_smithy_types::error::operation::BuildError::missing_field(
207 "origin_access_control_origin_type",
208 "origin_access_control_origin_type was not specified but it is required when building OriginAccessControlConfig",
209 )
210 })?,
211 })
212 }
213}