Expand description
This is the Amazon CloudFront API Reference. This guide is for developers who need detailed information about CloudFront API actions, data types, and errors. For detailed information about CloudFront features, see the Amazon CloudFront Developer Guide.
If you’re using the service, you’re probably looking for CloudFrontClient and CloudFront.
Structs§
- Active
Trusted KeyGroups A list of key groups, and the public keys in each key group, that CloudFront can use to verify the signatures of signed URLs and signed cookies.
- Active
Trusted Signers A list of AWS accounts and the active CloudFront key pairs in each account that CloudFront can use to verify the signatures of signed URLs and signed cookies.
- AliasICP
Recordal AWS services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions. The status is returned in the CloudFront response; you can't configure it yourself.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Started with AWS services in China.
- Alias
List Serializer - Aliases
A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.
- Aliases
Serializer - Allowed
Methods A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:
-
CloudFront forwards only
GET
andHEAD
requests. -
CloudFront forwards only
GET
,HEAD
, andOPTIONS
requests. -
CloudFront forwards
GET, HEAD, OPTIONS, PUT, PATCH, POST
, andDELETE
requests.
If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.
-
- Allowed
Methods Serializer - AwsAccount
Number List Serializer - Boolean
Serializer - Cache
Behavior A complex type that describes how CloudFront processes requests.
You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.
For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see Quotas in the Amazon CloudFront Developer Guide.
If you don’t want to specify any cache behaviors, include only an empty
CacheBehaviors
element. Don’t include an emptyCacheBehavior
element because this is invalid.To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty
CacheBehaviors
element.To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.
For more information about cache behaviors, see Cache Behavior Settings in the Amazon CloudFront Developer Guide.
- Cache
Behavior List Serializer - Cache
Behavior Serializer - Cache
Behaviors A complex type that contains zero or more
CacheBehavior
elements.- Cache
Behaviors Serializer - Cache
Policy A cache policy.
When it’s attached to a cache behavior, the cache policy determines the following:
-
The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
-
The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.
The headers, cookies, and query strings that are included in the cache key are automatically included in requests that CloudFront sends to the origin. CloudFront sends a request when it can’t find a valid object in its cache that matches the request’s cache key. If you want to send values to the origin but not include them in the cache key, use
OriginRequestPolicy
.-
- Cache
Policy Config A cache policy configuration.
This configuration determines the following:
-
The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
-
The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.
The headers, cookies, and query strings that are included in the cache key are automatically included in requests that CloudFront sends to the origin. CloudFront sends a request when it can’t find a valid object in its cache that matches the request’s cache key. If you want to send values to the origin but not include them in the cache key, use
OriginRequestPolicy
.-
- Cache
Policy Config Serializer - Cache
Policy Cookie Behavior Serializer - Cache
Policy Cookies Config An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and automatically included in requests that CloudFront sends to the origin.
- Cache
Policy Cookies Config Serializer - Cache
Policy Header Behavior Serializer - Cache
Policy Headers Config An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and automatically included in requests that CloudFront sends to the origin.
- Cache
Policy Headers Config Serializer - Cache
Policy List A list of cache policies.
- Cache
Policy Query String Behavior Serializer - Cache
Policy Query Strings Config An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and automatically included in requests that CloudFront sends to the origin.
- Cache
Policy Query Strings Config Serializer - Cache
Policy Summary Contains a cache policy.
- Cache
Policy Type Serializer - Cached
Methods A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:
-
CloudFront caches responses to
GET
andHEAD
requests. -
CloudFront caches responses to
GET
,HEAD
, andOPTIONS
requests.
If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.
-
- Cached
Methods Serializer - Cloud
Front Client - A client for the CloudFront API.
- Cloud
Front Origin Access Identity CloudFront origin access identity.
- Cloud
Front Origin Access Identity Config Origin access identity configuration. Send a
GET
request to the/CloudFront API version/CloudFront/identity ID/config
resource.- Cloud
Front Origin Access Identity Config Serializer - Cloud
Front Origin Access Identity List Lists the origin access identities for CloudFront.Send a
GET
request to the/CloudFront API version/origin-access-identity/cloudfront
resource. The response includes aCloudFrontOriginAccessIdentityList
element with zero or moreCloudFrontOriginAccessIdentitySummary
child elements. By default, your entire list of origin access identities is returned in one single page. If the list is long, you can paginate it using theMaxItems
andMarker
parameters.- Cloud
Front Origin Access Identity Summary Summary of the information about a CloudFront origin access identity.
- Comment
Type Serializer - Content
Type Profile A field-level encryption content type profile.
- Content
Type Profile Config The configuration for a field-level encryption content type-profile mapping.
- Content
Type Profile Config Serializer - Content
Type Profile List Serializer - Content
Type Profile Serializer - Content
Type Profiles Field-level encryption content type-profile.
- Content
Type Profiles Serializer - Cookie
Name List Serializer - Cookie
Names Contains a list of cookie names.
- Cookie
Names Serializer - Cookie
Preference This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.
If you want to include cookies in the cache key, use
CookiesConfig
in a cache policy. SeeCachePolicy
.If you want to send cookies to the origin but not include them in the cache key, use
CookiesConfig
in an origin request policy. SeeOriginRequestPolicy
.A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see Caching Content Based on Cookies in the Amazon CloudFront Developer Guide.
- Create
Cache Policy Request - Create
Cache Policy Result - Create
Cloud Front Origin Access Identity Request The request to create a new origin access identity (OAI). An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content. For more information, see Restricting Access to Amazon S3 Content by Using an Origin Access Identity in the Amazon CloudFront Developer Guide.
- Create
Cloud Front Origin Access Identity Result The returned result of the corresponding request.
- Create
Distribution Request The request to create a new distribution.
- Create
Distribution Result The returned result of the corresponding request.
- Create
Distribution With Tags Request The request to create a new distribution with tags.
- Create
Distribution With Tags Result The returned result of the corresponding request.
- Create
Field Level Encryption Config Request - Create
Field Level Encryption Config Result - Create
Field Level Encryption Profile Request - Create
Field Level Encryption Profile Result - Create
Function Request - Create
Function Request Serializer - Create
Function Result - Create
Invalidation Request The request to create an invalidation.
- Create
Invalidation Result The returned result of the corresponding request.
- Create
KeyGroup Request - Create
KeyGroup Result - Create
Monitoring Subscription Request - Create
Monitoring Subscription Result - Create
Origin Request Policy Request - Create
Origin Request Policy Result - Create
Public KeyRequest - Create
Public KeyResult - Create
Realtime LogConfig Request - Create
Realtime LogConfig Request Serializer - Create
Realtime LogConfig Result - Create
Streaming Distribution Request The request to create a new streaming distribution.
- Create
Streaming Distribution Result The returned result of the corresponding request.
- Create
Streaming Distribution With Tags Request The request to create a new streaming distribution with tags.
- Create
Streaming Distribution With Tags Result The returned result of the corresponding request.
- Custom
Error Response A complex type that controls:
-
Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.
-
How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the Amazon CloudFront Developer Guide.
-
- Custom
Error Response List Serializer - Custom
Error Response Serializer - Custom
Error Responses A complex type that controls:
-
Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.
-
How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the Amazon CloudFront Developer Guide.
-
- Custom
Error Responses Serializer - Custom
Headers A complex type that contains the list of Custom Headers for each origin.
- Custom
Headers Serializer - Custom
Origin Config A custom origin. A custom origin is any origin that is not an Amazon S3 bucket, with one exception. An Amazon S3 bucket that is configured with static website hosting is a custom origin.
- Custom
Origin Config Serializer - Default
Cache Behavior A complex type that describes the default cache behavior if you don’t specify a
CacheBehavior
element or if request URLs don’t match any of the values ofPathPattern
inCacheBehavior
elements. You must create exactly one default cache behavior.- Default
Cache Behavior Serializer - Delete
Cache Policy Request - Delete
Cloud Front Origin Access Identity Request Deletes a origin access identity.
- Delete
Distribution Request This action deletes a web distribution. To delete a web distribution using the CloudFront API, perform the following steps.
To delete a web distribution using the CloudFront API:
-
Disable the web distribution
-
Submit a
GET Distribution Config
request to get the current configuration and theEtag
header for the distribution. -
Update the XML document that was returned in the response to your
GET Distribution Config
request to change the value ofEnabled
tofalse
. -
Submit a
PUT Distribution Config
request to update the configuration for your distribution. In the request body, include the XML document that you updated in Step 3. Set the value of the HTTPIf-Match
header to the value of theETag
header that CloudFront returned when you submitted theGET Distribution Config
request in Step 2. -
Review the response to the
PUT Distribution Config
request to confirm that the distribution was successfully disabled. -
Submit a
GET Distribution
request to confirm that your changes have propagated. When propagation is complete, the value ofStatus
isDeployed
. -
Submit a
DELETE Distribution
request. Set the value of the HTTPIf-Match
header to the value of theETag
header that CloudFront returned when you submitted theGET Distribution Config
request in Step 6. -
Review the response to your
DELETE Distribution
request to confirm that the distribution was successfully deleted.
For information about deleting a distribution using the CloudFront console, see Deleting a Distribution in the Amazon CloudFront Developer Guide.
-
- Delete
Field Level Encryption Config Request - Delete
Field Level Encryption Profile Request - Delete
Function Request - Delete
KeyGroup Request - Delete
Monitoring Subscription Request - Delete
Monitoring Subscription Result - Delete
Origin Request Policy Request - Delete
Public KeyRequest - Delete
Realtime LogConfig Request - Delete
Realtime LogConfig Request Serializer - Delete
Streaming Distribution Request The request to delete a streaming distribution.
- Describe
Function Request - Describe
Function Result - Distribution
A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.
- Distribution
Config A distribution configuration.
- Distribution
Config Serializer - Distribution
Config With Tags A distribution Configuration and a list of tags to be associated with the distribution.
- Distribution
Config With Tags Serializer - Distribution
IdList A list of distribution IDs.
- Distribution
List A distribution list.
- Distribution
Summary A summary of the information about a CloudFront distribution.
- Encryption
Entities Complex data type for field-level encryption profiles that includes all of the encryption entities.
- Encryption
Entities Serializer - Encryption
Entity Complex data type for field-level encryption profiles that includes the encryption key and field pattern specifications.
- Encryption
Entity List Serializer - Encryption
Entity Serializer - EndPoint
Contains information about the Amazon Kinesis data stream where you are sending real-time log data in a real-time log configuration.
- EndPoint
List Serializer - EndPoint
Serializer - Event
Type Serializer - Field
Level Encryption A complex data type that includes the profile configurations and other options specified for field-level encryption.
- Field
Level Encryption Config A complex data type that includes the profile configurations specified for field-level encryption.
- Field
Level Encryption Config Serializer - Field
Level Encryption List List of field-level encrpytion configurations.
- Field
Level Encryption Profile A complex data type for field-level encryption profiles.
- Field
Level Encryption Profile Config A complex data type of profiles for the field-level encryption.
- Field
Level Encryption Profile Config Serializer - Field
Level Encryption Profile List List of field-level encryption profiles.
- Field
Level Encryption Profile Summary The field-level encryption profile summary.
- Field
Level Encryption Summary A summary of a field-level encryption item.
- Field
List Serializer - Field
Pattern List Serializer - Field
Patterns A complex data type that includes the field patterns to match for field-level encryption.
- Field
Patterns Serializer - Format
Serializer - Forwarded
Values This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.
If you want to include values in the cache key, use a cache policy. For more information, see Creating cache policies in the Amazon CloudFront Developer Guide.
If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see Creating origin request policies in the Amazon CloudFront Developer Guide.
A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.
- FunctionARN
Serializer - Function
Association A CloudFront function that is associated with a cache behavior in a CloudFront distribution.
- Function
Association List Serializer - Function
Association Serializer - Function
Associations A list of CloudFront functions that are associated with a cache behavior in a CloudFront distribution. CloudFront functions must be published to the
LIVE
stage to associate them with a cache behavior.- Function
Associations Serializer - Function
Blob Serializer - Function
Config Contains configuration information about a CloudFront function.
- Function
Config Serializer - Function
Event Object Serializer - Function
List A list of CloudFront functions.
- Function
Metadata Contains metadata about a CloudFront function.
- Function
Name Serializer - Function
Runtime Serializer - Function
Stage Serializer - Function
Summary Contains configuration information and metadata about a CloudFront function.
- GeoRestriction
A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using
MaxMind
GeoIP databases.- GeoRestriction
Serializer - GeoRestriction
Type Serializer - GetCache
Policy Config Request - GetCache
Policy Config Result - GetCache
Policy Request - GetCache
Policy Result - GetCloud
Front Origin Access Identity Config Request The origin access identity's configuration information. For more information, see CloudFrontOriginAccessIdentityConfig.
- GetCloud
Front Origin Access Identity Config Result The returned result of the corresponding request.
- GetCloud
Front Origin Access Identity Request The request to get an origin access identity's information.
- GetCloud
Front Origin Access Identity Result The returned result of the corresponding request.
- GetDistribution
Config Request The request to get a distribution configuration.
- GetDistribution
Config Result The returned result of the corresponding request.
- GetDistribution
Request The request to get a distribution's information.
- GetDistribution
Result The returned result of the corresponding request.
- GetField
Level Encryption Config Request - GetField
Level Encryption Config Result - GetField
Level Encryption Profile Config Request - GetField
Level Encryption Profile Config Result - GetField
Level Encryption Profile Request - GetField
Level Encryption Profile Result - GetField
Level Encryption Request - GetField
Level Encryption Result - GetFunction
Request - GetFunction
Result - GetInvalidation
Request The request to get an invalidation's information.
- GetInvalidation
Result The returned result of the corresponding request.
- GetKey
Group Config Request - GetKey
Group Config Result - GetKey
Group Request - GetKey
Group Result - GetMonitoring
Subscription Request - GetMonitoring
Subscription Result - GetOrigin
Request Policy Config Request - GetOrigin
Request Policy Config Result - GetOrigin
Request Policy Request - GetOrigin
Request Policy Result - GetPublic
KeyConfig Request - GetPublic
KeyConfig Result - GetPublic
KeyRequest - GetPublic
KeyResult - GetRealtime
LogConfig Request - GetRealtime
LogConfig Request Serializer - GetRealtime
LogConfig Result - GetStreaming
Distribution Config Request To request to get a streaming distribution configuration.
- GetStreaming
Distribution Config Result The returned result of the corresponding request.
- GetStreaming
Distribution Request The request to get a streaming distribution's information.
- GetStreaming
Distribution Result The returned result of the corresponding request.
- Header
List Serializer - Headers
Contains a list of HTTP header names.
- Headers
Serializer - Http
Version Serializer - Integer
Serializer - Invalidation
An invalidation.
- Invalidation
Batch An invalidation batch.
- Invalidation
Batch Serializer - Invalidation
List The
InvalidationList
complex type describes the list of invalidation objects. For more information about invalidation, see Invalidating Objects (Web Distributions Only) in the Amazon CloudFront Developer Guide.- Invalidation
Summary A summary of an invalidation request.
- KGKey
Pair Ids A list of identifiers for the public keys that CloudFront can use to verify the signatures of signed URLs and signed cookies.
- KeyGroup
A key group.
A key group contains a list of public keys that you can use with CloudFront signed URLs and signed cookies.
- KeyGroup
Config A key group configuration.
A key group contains a list of public keys that you can use with CloudFront signed URLs and signed cookies.
- KeyGroup
Config Serializer - KeyGroup
List A list of key groups.
- KeyGroup
Summary Contains information about a key group.
- KeyPair
Ids A list of CloudFront key pair identifiers.
- Kinesis
Stream Config Contains information about the Amazon Kinesis data stream where you are sending real-time log data.
- Kinesis
Stream Config Serializer - Lambda
FunctionARN Serializer - Lambda
Function Association A complex type that contains a Lambda function association.
- Lambda
Function Association List Serializer - Lambda
Function Association Serializer - Lambda
Function Associations A complex type that specifies a list of Lambda functions associations for a cache behavior.
If you want to invoke one or more Lambda functions triggered by requests that match the
PathPattern
of the cache behavior, specify the applicable values forQuantity
andItems
. Note that there can be up to 4LambdaFunctionAssociation
items in this list (one for each possible value ofEventType
) and eachEventType
can be associated with the Lambda function only once.If you don't want to invoke any Lambda functions for the requests that match
PathPattern
, specify0
forQuantity
and omitItems
.- Lambda
Function Associations Serializer - List
Cache Policies Request - List
Cache Policies Result - List
Cloud Front Origin Access Identities Request The request to list origin access identities.
- List
Cloud Front Origin Access Identities Result The returned result of the corresponding request.
- List
Distributions ByCache Policy IdRequest - List
Distributions ByCache Policy IdResult - List
Distributions ByKey Group Request - List
Distributions ByKey Group Result - List
Distributions ByOrigin Request Policy IdRequest - List
Distributions ByOrigin Request Policy IdResult - List
Distributions ByRealtime LogConfig Request - List
Distributions ByRealtime LogConfig Request Serializer - List
Distributions ByRealtime LogConfig Result - List
Distributions ByWebACL IdRequest The request to list distributions that are associated with a specified AWS WAF web ACL.
- List
Distributions ByWebACL IdResult The response to a request to list the distributions that are associated with a specified AWS WAF web ACL.
- List
Distributions Request The request to list your distributions.
- List
Distributions Result The returned result of the corresponding request.
- List
Field Level Encryption Configs Request - List
Field Level Encryption Configs Result - List
Field Level Encryption Profiles Request - List
Field Level Encryption Profiles Result - List
Functions Request - List
Functions Result - List
Invalidations Request The request to list invalidations.
- List
Invalidations Result The returned result of the corresponding request.
- List
KeyGroups Request - List
KeyGroups Result - List
Origin Request Policies Request - List
Origin Request Policies Result - List
Public Keys Request - List
Public Keys Result - List
Realtime LogConfigs Request - List
Realtime LogConfigs Result - List
Streaming Distributions Request The request to list your streaming distributions.
- List
Streaming Distributions Result The returned result of the corresponding request.
- List
Tags ForResource Request The request to list tags for a CloudFront resource.
- List
Tags ForResource Result The returned result of the corresponding request.
- Location
List Serializer - Logging
Config A complex type that controls whether access logs are written for the distribution.
- Logging
Config Serializer - Long
Serializer - Method
Serializer - Methods
List Serializer - Minimum
Protocol Version Serializer - Monitoring
Subscription A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.
- Monitoring
Subscription Serializer - Origin
An origin.
An origin is the location where content is stored, and from which CloudFront gets content to serve to viewers. To specify an origin:
-
Use
S3OriginConfig
to specify an Amazon S3 bucket that is not configured with static website hosting. -
Use
CustomOriginConfig
to specify all other kinds of origins, including:-
An Amazon S3 bucket that is configured with static website hosting
-
An Elastic Load Balancing load balancer
-
An AWS Elemental MediaPackage endpoint
-
An AWS Elemental MediaStore container
-
Any other HTTP server, running on an Amazon EC2 instance or any other kind of host
-
For the current maximum number of origins that you can specify per distribution, see General Quotas on Web Distributions in the Amazon CloudFront Developer Guide (quotas were formerly referred to as limits).
-
- Origin
Custom Header A complex type that contains
HeaderName
andHeaderValue
elements, if any, for this distribution.- Origin
Custom Header Serializer - Origin
Custom Headers List Serializer - Origin
Group An origin group includes two origins (a primary origin and a second origin to failover to) and a failover criteria that you specify. You create an origin group to support origin failover in CloudFront. When you create or update a distribution, you can specifiy the origin group instead of a single origin, and CloudFront will failover from the primary origin to the second origin under the failover conditions that you've chosen.
- Origin
Group Failover Criteria A complex data type that includes information about the failover criteria for an origin group, including the status codes for which CloudFront will failover from the primary origin to the second origin.
- Origin
Group Failover Criteria Serializer - Origin
Group List Serializer - Origin
Group Member An origin in an origin group.
- Origin
Group Member List Serializer - Origin
Group Member Serializer - Origin
Group Members A complex data type for the origins included in an origin group.
- Origin
Group Members Serializer - Origin
Group Serializer - Origin
Groups A complex data type for the origin groups specified for a distribution.
- Origin
Groups Serializer - Origin
List Serializer - Origin
Protocol Policy Serializer - Origin
Request Policy An origin request policy.
When it’s attached to a cache behavior, the origin request policy determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:
-
The request body and the URL path (without the domain name) from the viewer request.
-
The headers that CloudFront automatically includes in every origin request, including
Host
,User-Agent
, andX-Amz-Cf-Id
. -
All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.
CloudFront sends a request when it can’t find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use
CachePolicy
.-
- Origin
Request Policy Config An origin request policy configuration.
This configuration determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:
-
The request body and the URL path (without the domain name) from the viewer request.
-
The headers that CloudFront automatically includes in every origin request, including
Host
,User-Agent
, andX-Amz-Cf-Id
. -
All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.
CloudFront sends a request when it can’t find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use
CachePolicy
.-
- Origin
Request Policy Config Serializer - Origin
Request Policy Cookie Behavior Serializer - Origin
Request Policy Cookies Config An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin.
- Origin
Request Policy Cookies Config Serializer - Origin
Request Policy Header Behavior Serializer - Origin
Request Policy Headers Config An object that determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin.
- Origin
Request Policy Headers Config Serializer - Origin
Request Policy List A list of origin request policies.
- Origin
Request Policy Query String Behavior Serializer - Origin
Request Policy Query Strings Config An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin.
- Origin
Request Policy Query Strings Config Serializer - Origin
Request Policy Summary Contains an origin request policy.
- Origin
Request Policy Type Serializer - Origin
Serializer - Origin
Shield CloudFront Origin Shield.
Using Origin Shield can help reduce the load on your origin. For more information, see Using Origin Shield in the Amazon CloudFront Developer Guide.
- Origin
Shield Region Serializer - Origin
Shield Serializer - Origin
SslProtocols A complex type that contains information about the SSL/TLS protocols that CloudFront can use when establishing an HTTPS connection with your origin.
- Origin
SslProtocols Serializer - Origins
Contains information about the origins for this distribution.
- Origins
Serializer - Parameters
InCache KeyAnd Forwarded ToOrigin This object determines the values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
The headers, cookies, and query strings that are included in the cache key are automatically included in requests that CloudFront sends to the origin. CloudFront sends a request when it can’t find an object in its cache that matches the request’s cache key. If you want to send values to the origin but not include them in the cache key, use
OriginRequestPolicy
.- Parameters
InCache KeyAnd Forwarded ToOrigin Serializer - Path
List Serializer - Paths
A complex type that contains information about the objects that you want to invalidate. For more information, see Specifying the Objects to Invalidate in the Amazon CloudFront Developer Guide.
- Paths
Serializer - Price
Class Serializer - Public
Key A public key that you can use with signed URLs and signed cookies, or with field-level encryption.
- Public
KeyConfig Configuration information about a public key that you can use with signed URLs and signed cookies, or with field-level encryption.
- Public
KeyConfig Serializer - Public
KeyId List Serializer - Public
KeyList A list of public keys that you can use with signed URLs and signed cookies, or with field-level encryption.
- Public
KeySummary Contains information about a public key.
- Publish
Function Request - Publish
Function Result - Query
ArgProfile Query argument-profile mapping for field-level encryption.
- Query
ArgProfile Config Configuration for query argument-profile mapping for field-level encryption.
- Query
ArgProfile Config Serializer - Query
ArgProfile List Serializer - Query
ArgProfile Serializer - Query
ArgProfiles Query argument-profile mapping for field-level encryption.
- Query
ArgProfiles Serializer - Query
String Cache Keys This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.
If you want to include query strings in the cache key, use
QueryStringsConfig
in a cache policy. SeeCachePolicy
.If you want to send query strings to the origin but not include them in the cache key, use
QueryStringsConfig
in an origin request policy. SeeOriginRequestPolicy
.A complex type that contains information about the query string parameters that you want CloudFront to use for caching for a cache behavior.
- Query
String Names Contains a list of query string names.
- Query
String Names List Serializer - Query
String Names Serializer - Realtime
LogConfig A real-time log configuration.
- Realtime
LogConfigs A list of real-time log configurations.
- Realtime
Metrics Subscription Config A subscription configuration for additional CloudWatch metrics.
- Realtime
Metrics Subscription Config Serializer - Realtime
Metrics Subscription Status Serializer - ResourceARN
Serializer - Restrictions
A complex type that identifies ways in which you want to restrict distribution of your content.
- Restrictions
Serializer - S3Origin
A complex type that contains information about the Amazon S3 bucket from which you want CloudFront to get your media files for distribution.
- S3Origin
Config A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin or an S3 bucket that is configured as a website endpoint, use the
CustomOriginConfig
element instead.- S3Origin
Config Serializer - S3Origin
Serializer - SSLSupport
Method Serializer - Signer
A list of AWS accounts and the active CloudFront key pairs in each account that CloudFront can use to verify the signatures of signed URLs and signed cookies.
- SslProtocol
Serializer - SslProtocols
List Serializer - Status
Code List Serializer - Status
Codes A complex data type for the status codes that you specify that, when returned by a primary origin, trigger CloudFront to failover to a second origin.
- Status
Codes Serializer - Streaming
Distribution A streaming distribution tells CloudFront where you want RTMP content to be delivered from, and the details about how to track and manage content delivery.
- Streaming
Distribution Config The RTMP distribution's configuration information.
- Streaming
Distribution Config Serializer - Streaming
Distribution Config With Tags A streaming distribution Configuration and a list of tags to be associated with the streaming distribution.
- Streaming
Distribution Config With Tags Serializer - Streaming
Distribution List A streaming distribution list.
- Streaming
Distribution Summary A summary of the information for a CloudFront streaming distribution.
- Streaming
Logging Config A complex type that controls whether access logs are written for this streaming distribution.
- Streaming
Logging Config Serializer - String
Serializer - Tag
A complex type that contains
Tag
key andTag
value.- TagKey
List Serializer - TagKey
Serializer - TagKeys
A complex type that contains zero or more
Tag
elements.- TagKeys
Serializer - TagList
Serializer - TagResource
Request The request to add tags to a CloudFront resource.
- TagSerializer
- TagValue
Serializer - Tags
A complex type that contains zero or more
Tag
elements.- Tags
Serializer - Test
Function Request - Test
Function Request Serializer - Test
Function Result - Test
Result Contains the result of testing a CloudFront function with
TestFunction
.- Trusted
KeyGroup IdList Serializer - Trusted
KeyGroups A list of key groups whose public keys CloudFront can use to verify the signatures of signed URLs and signed cookies.
- Trusted
KeyGroups Serializer - Trusted
Signers A list of AWS accounts whose public keys CloudFront can use to verify the signatures of signed URLs and signed cookies.
- Trusted
Signers Serializer - Untag
Resource Request The request to remove tags from a CloudFront resource.
- Update
Cache Policy Request - Update
Cache Policy Result - Update
Cloud Front Origin Access Identity Request The request to update an origin access identity.
- Update
Cloud Front Origin Access Identity Result The returned result of the corresponding request.
- Update
Distribution Request The request to update a distribution.
- Update
Distribution Result The returned result of the corresponding request.
- Update
Field Level Encryption Config Request - Update
Field Level Encryption Config Result - Update
Field Level Encryption Profile Request - Update
Field Level Encryption Profile Result - Update
Function Request - Update
Function Request Serializer - Update
Function Result - Update
KeyGroup Request - Update
KeyGroup Result - Update
Origin Request Policy Request - Update
Origin Request Policy Result - Update
Public KeyRequest - Update
Public KeyResult - Update
Realtime LogConfig Request - Update
Realtime LogConfig Request Serializer - Update
Realtime LogConfig Result - Update
Streaming Distribution Request The request to update a streaming distribution.
- Update
Streaming Distribution Result The returned result of the corresponding request.
- Viewer
Certificate A complex type that determines the distribution’s SSL/TLS configuration for communicating with viewers.
If the distribution doesn’t use
Aliases
(also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such asd111111abcdef8.cloudfront.net
—setCloudFrontDefaultCertificate
totrue
and leave all other fields empty.If the distribution uses
Aliases
(alternate domain names or CNAMEs), use the fields in this type to specify the following settings:-
Which viewers the distribution accepts HTTPS connections from: only viewers that support server name indication (SNI) (recommended), or all viewers including those that don’t support SNI.
-
To accept HTTPS connections from only viewers that support SNI, set
SSLSupportMethod
tosni-only
. This is recommended. Most browsers and clients support SNI. -
To accept HTTPS connections from all viewers, including those that don’t support SNI, set
SSLSupportMethod
tovip
. This is not recommended, and results in additional monthly charges from CloudFront.
-
-
The minimum SSL/TLS protocol version that the distribution can use to communicate with viewers. To specify a minimum version, choose a value for
MinimumProtocolVersion
. For more information, see Security Policy in the Amazon CloudFront Developer Guide. -
The location of the SSL/TLS certificate, AWS Certificate Manager (ACM) (recommended) or AWS Identity and Access Management (AWS IAM). You specify the location by setting a value in one of the following fields (not both):
-
ACMCertificateArn
-
IAMCertificateId
-
All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use
ViewerProtocolPolicy
in theCacheBehavior
orDefaultCacheBehavior
. To specify how CloudFront should use SSL/TLS to communicate with your custom origin, useCustomOriginConfig
.For more information, see Using HTTPS with CloudFront and Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.
-
- Viewer
Certificate Serializer - Viewer
Protocol Policy Serializer
Enums§
- Create
Cache Policy Error - Errors returned by CreateCachePolicy
- Create
Cloud Front Origin Access Identity Error - Errors returned by CreateCloudFrontOriginAccessIdentity
- Create
Distribution Error - Errors returned by CreateDistribution
- Create
Distribution With Tags Error - Errors returned by CreateDistributionWithTags
- Create
Field Level Encryption Config Error - Errors returned by CreateFieldLevelEncryptionConfig
- Create
Field Level Encryption Profile Error - Errors returned by CreateFieldLevelEncryptionProfile
- Create
Function Error - Errors returned by CreateFunction
- Create
Invalidation Error - Errors returned by CreateInvalidation
- Create
KeyGroup Error - Errors returned by CreateKeyGroup
- Create
Monitoring Subscription Error - Errors returned by CreateMonitoringSubscription
- Create
Origin Request Policy Error - Errors returned by CreateOriginRequestPolicy
- Create
Public KeyError - Errors returned by CreatePublicKey
- Create
Realtime LogConfig Error - Errors returned by CreateRealtimeLogConfig
- Create
Streaming Distribution Error - Errors returned by CreateStreamingDistribution
- Create
Streaming Distribution With Tags Error - Errors returned by CreateStreamingDistributionWithTags
- Delete
Cache Policy Error - Errors returned by DeleteCachePolicy
- Delete
Cloud Front Origin Access Identity Error - Errors returned by DeleteCloudFrontOriginAccessIdentity
- Delete
Distribution Error - Errors returned by DeleteDistribution
- Delete
Field Level Encryption Config Error - Errors returned by DeleteFieldLevelEncryptionConfig
- Delete
Field Level Encryption Profile Error - Errors returned by DeleteFieldLevelEncryptionProfile
- Delete
Function Error - Errors returned by DeleteFunction
- Delete
KeyGroup Error - Errors returned by DeleteKeyGroup
- Delete
Monitoring Subscription Error - Errors returned by DeleteMonitoringSubscription
- Delete
Origin Request Policy Error - Errors returned by DeleteOriginRequestPolicy
- Delete
Public KeyError - Errors returned by DeletePublicKey
- Delete
Realtime LogConfig Error - Errors returned by DeleteRealtimeLogConfig
- Delete
Streaming Distribution Error - Errors returned by DeleteStreamingDistribution
- Describe
Function Error - Errors returned by DescribeFunction
- GetCache
Policy Config Error - Errors returned by GetCachePolicyConfig
- GetCache
Policy Error - Errors returned by GetCachePolicy
- GetCloud
Front Origin Access Identity Config Error - Errors returned by GetCloudFrontOriginAccessIdentityConfig
- GetCloud
Front Origin Access Identity Error - Errors returned by GetCloudFrontOriginAccessIdentity
- GetDistribution
Config Error - Errors returned by GetDistributionConfig
- GetDistribution
Error - Errors returned by GetDistribution
- GetField
Level Encryption Config Error - Errors returned by GetFieldLevelEncryptionConfig
- GetField
Level Encryption Error - Errors returned by GetFieldLevelEncryption
- GetField
Level Encryption Profile Config Error - Errors returned by GetFieldLevelEncryptionProfileConfig
- GetField
Level Encryption Profile Error - Errors returned by GetFieldLevelEncryptionProfile
- GetFunction
Error - Errors returned by GetFunction
- GetInvalidation
Error - Errors returned by GetInvalidation
- GetKey
Group Config Error - Errors returned by GetKeyGroupConfig
- GetKey
Group Error - Errors returned by GetKeyGroup
- GetMonitoring
Subscription Error - Errors returned by GetMonitoringSubscription
- GetOrigin
Request Policy Config Error - Errors returned by GetOriginRequestPolicyConfig
- GetOrigin
Request Policy Error - Errors returned by GetOriginRequestPolicy
- GetPublic
KeyConfig Error - Errors returned by GetPublicKeyConfig
- GetPublic
KeyError - Errors returned by GetPublicKey
- GetRealtime
LogConfig Error - Errors returned by GetRealtimeLogConfig
- GetStreaming
Distribution Config Error - Errors returned by GetStreamingDistributionConfig
- GetStreaming
Distribution Error - Errors returned by GetStreamingDistribution
- List
Cache Policies Error - Errors returned by ListCachePolicies
- List
Cloud Front Origin Access Identities Error - Errors returned by ListCloudFrontOriginAccessIdentities
- List
Distributions ByCache Policy IdError - Errors returned by ListDistributionsByCachePolicyId
- List
Distributions ByKey Group Error - Errors returned by ListDistributionsByKeyGroup
- List
Distributions ByOrigin Request Policy IdError - Errors returned by ListDistributionsByOriginRequestPolicyId
- List
Distributions ByRealtime LogConfig Error - Errors returned by ListDistributionsByRealtimeLogConfig
- List
Distributions ByWebACL IdError - Errors returned by ListDistributionsByWebACLId
- List
Distributions Error - Errors returned by ListDistributions
- List
Field Level Encryption Configs Error - Errors returned by ListFieldLevelEncryptionConfigs
- List
Field Level Encryption Profiles Error - Errors returned by ListFieldLevelEncryptionProfiles
- List
Functions Error - Errors returned by ListFunctions
- List
Invalidations Error - Errors returned by ListInvalidations
- List
KeyGroups Error - Errors returned by ListKeyGroups
- List
Origin Request Policies Error - Errors returned by ListOriginRequestPolicies
- List
Public Keys Error - Errors returned by ListPublicKeys
- List
Realtime LogConfigs Error - Errors returned by ListRealtimeLogConfigs
- List
Streaming Distributions Error - Errors returned by ListStreamingDistributions
- List
Tags ForResource Error - Errors returned by ListTagsForResource
- Publish
Function Error - Errors returned by PublishFunction
- TagResource
Error - Errors returned by TagResource
- Test
Function Error - Errors returned by TestFunction
- Untag
Resource Error - Errors returned by UntagResource
- Update
Cache Policy Error - Errors returned by UpdateCachePolicy
- Update
Cloud Front Origin Access Identity Error - Errors returned by UpdateCloudFrontOriginAccessIdentity
- Update
Distribution Error - Errors returned by UpdateDistribution
- Update
Field Level Encryption Config Error - Errors returned by UpdateFieldLevelEncryptionConfig
- Update
Field Level Encryption Profile Error - Errors returned by UpdateFieldLevelEncryptionProfile
- Update
Function Error - Errors returned by UpdateFunction
- Update
KeyGroup Error - Errors returned by UpdateKeyGroup
- Update
Origin Request Policy Error - Errors returned by UpdateOriginRequestPolicy
- Update
Public KeyError - Errors returned by UpdatePublicKey
- Update
Realtime LogConfig Error - Errors returned by UpdateRealtimeLogConfig
- Update
Streaming Distribution Error - Errors returned by UpdateStreamingDistribution
Traits§
- Cloud
Front - Trait representing the capabilities of the CloudFront API. CloudFront clients implement this trait.