Class: AWSCDK::CloudFront::CfnDistribution::CacheBehaviorProperty

Inherits:
Jsii::Struct
  • Object
show all
Defined in:
cloud_front/cfn_distribution.rb

Overview

A complex type that describes how CloudFront processes requests.

You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.

For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see Quotas in the Amazon CloudFront Developer Guide .

If you don't want to specify any cache behaviors, include only an empty CacheBehaviors element. Don't specify an empty individual CacheBehavior element, because this is invalid. For more information, see CacheBehaviors .

To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty CacheBehaviors element.

To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.

If your minimum TTL is greater than 0, CloudFront will cache content for at least the duration specified in the cache policy's minimum TTL, even if the Cache-Control: no-cache , no-store , or private directives are present in the origin headers.

For more information about cache behaviors, see Cache Behavior Settings in the Amazon CloudFront Developer Guide .

Instance Attribute Summary collapse

Class Method Summary collapse

Instance Method Summary collapse

Constructor Details

#initialize(path_pattern:, target_origin_id:, viewer_protocol_policy:, allowed_methods: nil, cached_methods: nil, cache_policy_id: nil, compress: nil, default_ttl: nil, field_level_encryption_id: nil, forwarded_values: nil, function_associations: nil, grpc_config: nil, lambda_function_associations: nil, max_ttl: nil, min_ttl: nil, origin_request_policy_id: nil, realtime_log_config_arn: nil, response_headers_policy_id: nil, smooth_streaming: nil, trusted_key_groups: nil, trusted_signers: nil) ⇒ CacheBehaviorProperty

Returns a new instance of CacheBehaviorProperty.

Parameters:

  • path_pattern (String)

    The pattern (for example, images/*.jpg ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.

  • target_origin_id (String)

    The value of ID for the origin that you want CloudFront to route requests to when they match this cache behavior.

  • viewer_protocol_policy (String)

    The protocol that viewers can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern .

  • allowed_methods (Array<String>, nil) (defaults to: nil)

    A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.

  • cached_methods (Array<String>, nil) (defaults to: nil)

    A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods.

  • cache_policy_id (String, nil) (defaults to: nil)

    The unique identifier of the cache policy that is attached to this cache behavior.

  • compress (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    Whether you want CloudFront to automatically compress certain files for this cache behavior.

  • default_ttl (Numeric, nil) (defaults to: nil)

    This field only supports standard distributions.

  • field_level_encryption_id (String, nil) (defaults to: nil)

    The value of ID for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.

  • forwarded_values (AWSCDK::IResolvable, AWSCDK::CloudFront::CfnDistribution::ForwardedValuesProperty, nil) (defaults to: nil)

    This field is deprecated.

  • function_associations (AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::CloudFront::CfnDistribution::FunctionAssociationProperty>, nil) (defaults to: nil)

    A list of CloudFront functions that are associated with this cache behavior.

  • grpc_config (AWSCDK::IResolvable, AWSCDK::CloudFront::CfnDistribution::GrpcConfigProperty, nil) (defaults to: nil)

    The gRPC configuration for your cache behavior.

  • lambda_function_associations (AWSCDK::IResolvable, Array<AWSCDK::IResolvable, AWSCDK::CloudFront::CfnDistribution::LambdaFunctionAssociationProperty>, nil) (defaults to: nil)

    A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.

  • max_ttl (Numeric, nil) (defaults to: nil)

    This field only supports standard distributions.

  • min_ttl (Numeric, nil) (defaults to: nil)

    This field only supports standard distributions.

  • origin_request_policy_id (String, nil) (defaults to: nil)

    The unique identifier of the origin request policy that is attached to this cache behavior.

  • realtime_log_config_arn (String, nil) (defaults to: nil)

    The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior.

  • response_headers_policy_id (String, nil) (defaults to: nil)

    The identifier for a response headers policy.

  • smooth_streaming (Boolean, AWSCDK::IResolvable, nil) (defaults to: nil)

    This field only supports standard distributions.

  • trusted_key_groups (Array<String>, nil) (defaults to: nil)

    A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

  • trusted_signers (Array<String>, nil) (defaults to: nil)

    We recommend using TrustedKeyGroups instead of TrustedSigners .



588
589
590
591
592
593
594
595
596
597
598
599
600
601
602
603
604
605
606
607
608
609
610
611
612
613
614
615
616
617
618
619
620
621
622
623
624
625
626
627
628
629
630
631
# File 'cloud_front/cfn_distribution.rb', line 588

def initialize(path_pattern:, target_origin_id:, viewer_protocol_policy:, allowed_methods: nil, cached_methods: nil, cache_policy_id: nil, compress: nil, default_ttl: nil, field_level_encryption_id: nil, forwarded_values: nil, function_associations: nil, grpc_config: nil, lambda_function_associations: nil, max_ttl: nil, min_ttl: nil, origin_request_policy_id: nil, realtime_log_config_arn: nil, response_headers_policy_id: nil, smooth_streaming: nil, trusted_key_groups: nil, trusted_signers: nil)
  @path_pattern = path_pattern
  Jsii::Type.check_type(@path_pattern, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "pathPattern")
  @target_origin_id = target_origin_id
  Jsii::Type.check_type(@target_origin_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "targetOriginId")
  @viewer_protocol_policy = viewer_protocol_policy
  Jsii::Type.check_type(@viewer_protocol_policy, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "viewerProtocolPolicy")
  @allowed_methods = allowed_methods
  Jsii::Type.check_type(@allowed_methods, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "allowedMethods") unless @allowed_methods.nil?
  @cached_methods = cached_methods
  Jsii::Type.check_type(@cached_methods, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "cachedMethods") unless @cached_methods.nil?
  @cache_policy_id = cache_policy_id
  Jsii::Type.check_type(@cache_policy_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "cachePolicyId") unless @cache_policy_id.nil?
  @compress = compress
  Jsii::Type.check_type(@compress, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "compress") unless @compress.nil?
  @default_ttl = default_ttl
  Jsii::Type.check_type(@default_ttl, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "defaultTtl") unless @default_ttl.nil?
  @field_level_encryption_id = field_level_encryption_id
  Jsii::Type.check_type(@field_level_encryption_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "fieldLevelEncryptionId") unless @field_level_encryption_id.nil?
  @forwarded_values = forwarded_values.is_a?(Hash) ? ::AWSCDK::CloudFront::CfnDistribution::ForwardedValuesProperty.new(**forwarded_values.transform_keys(&:to_sym)) : forwarded_values
  Jsii::Type.check_type(@forwarded_values, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jbG91ZGZyb250LkNmbkRpc3RyaWJ1dGlvbi5Gb3J3YXJkZWRWYWx1ZXNQcm9wZXJ0eSJ9XX19")), "forwardedValues") unless @forwarded_values.nil?
  @function_associations = function_associations
  Jsii::Type.check_type(@function_associations, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5DZm5EaXN0cmlidXRpb24uRnVuY3Rpb25Bc3NvY2lhdGlvblByb3BlcnR5In1dfX0sImtpbmQiOiJhcnJheSJ9fV19fQ==")), "functionAssociations") unless @function_associations.nil?
  @grpc_config = grpc_config.is_a?(Hash) ? ::AWSCDK::CloudFront::CfnDistribution::GrpcConfigProperty.new(**grpc_config.transform_keys(&:to_sym)) : grpc_config
  Jsii::Type.check_type(@grpc_config, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImZxbiI6ImF3cy1jZGstbGliLmF3c19jbG91ZGZyb250LkNmbkRpc3RyaWJ1dGlvbi5HcnBjQ29uZmlnUHJvcGVydHkifV19fQ==")), "grpcConfig") unless @grpc_config.nil?
  @lambda_function_associations = lambda_function_associations
  Jsii::Type.check_type(@lambda_function_associations, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3siZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifSx7ImNvbGxlY3Rpb24iOnsiZWxlbWVudHR5cGUiOnsidW5pb24iOnsidHlwZXMiOlt7ImZxbiI6ImF3cy1jZGstbGliLklSZXNvbHZhYmxlIn0seyJmcW4iOiJhd3MtY2RrLWxpYi5hd3NfY2xvdWRmcm9udC5DZm5EaXN0cmlidXRpb24uTGFtYmRhRnVuY3Rpb25Bc3NvY2lhdGlvblByb3BlcnR5In1dfX0sImtpbmQiOiJhcnJheSJ9fV19fQ==")), "lambdaFunctionAssociations") unless @lambda_function_associations.nil?
  @max_ttl = max_ttl
  Jsii::Type.check_type(@max_ttl, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "maxTtl") unless @max_ttl.nil?
  @min_ttl = min_ttl
  Jsii::Type.check_type(@min_ttl, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJudW1iZXIifQ==")), "minTtl") unless @min_ttl.nil?
  @origin_request_policy_id = origin_request_policy_id
  Jsii::Type.check_type(@origin_request_policy_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "originRequestPolicyId") unless @origin_request_policy_id.nil?
  @realtime_log_config_arn = realtime_log_config_arn
  Jsii::Type.check_type(@realtime_log_config_arn, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "realtimeLogConfigArn") unless @realtime_log_config_arn.nil?
  @response_headers_policy_id = response_headers_policy_id
  Jsii::Type.check_type(@response_headers_policy_id, JSON.parse(Base64.strict_decode64("eyJwcmltaXRpdmUiOiJzdHJpbmcifQ==")), "responseHeadersPolicyId") unless @response_headers_policy_id.nil?
  @smooth_streaming = smooth_streaming
  Jsii::Type.check_type(@smooth_streaming, JSON.parse(Base64.strict_decode64("eyJ1bmlvbiI6eyJ0eXBlcyI6W3sicHJpbWl0aXZlIjoiYm9vbGVhbiJ9LHsiZnFuIjoiYXdzLWNkay1saWIuSVJlc29sdmFibGUifV19fQ==")), "smoothStreaming") unless @smooth_streaming.nil?
  @trusted_key_groups = trusted_key_groups
  Jsii::Type.check_type(@trusted_key_groups, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "trustedKeyGroups") unless @trusted_key_groups.nil?
  @trusted_signers = trusted_signers
  Jsii::Type.check_type(@trusted_signers, JSON.parse(Base64.strict_decode64("eyJjb2xsZWN0aW9uIjp7ImVsZW1lbnR0eXBlIjp7InByaW1pdGl2ZSI6InN0cmluZyJ9LCJraW5kIjoiYXJyYXkifX0=")), "trustedSigners") unless @trusted_signers.nil?
end

Instance Attribute Details

#allowed_methodsArray<String>? (readonly)

A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.

There are three choices:

  • CloudFront forwards only GET and HEAD requests.
  • CloudFront forwards only GET , HEAD , and OPTIONS requests.
  • CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST , and DELETE requests.

If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can't perform operations that you don't want them to. For example, you might not want users to have permissions to delete objects from your origin.



676
677
678
# File 'cloud_front/cfn_distribution.rb', line 676

def allowed_methods
  @allowed_methods
end

#cache_policy_idString? (readonly)

The unique identifier of the cache policy that is attached to this cache behavior.

For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide .

A CacheBehavior must include either a CachePolicyId or ForwardedValues . We recommend that you use a CachePolicyId .



697
698
699
# File 'cloud_front/cfn_distribution.rb', line 697

def cache_policy_id
  @cache_policy_id
end

#cached_methodsArray<String>? (readonly)

A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods.

There are two choices:

  • CloudFront caches responses to GET and HEAD requests.
  • CloudFront caches responses to GET , HEAD , and OPTIONS requests.

If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cached correctly.



688
689
690
# File 'cloud_front/cfn_distribution.rb', line 688

def cached_methods
  @cached_methods
end

#compressBoolean, ... (readonly)

Note:

Default: - false

Whether you want CloudFront to automatically compress certain files for this cache behavior.

If so, specify true; if not, specify false. For more information, see Serving Compressed Files in the Amazon CloudFront Developer Guide .



705
706
707
# File 'cloud_front/cfn_distribution.rb', line 705

def compress
  @compress
end

#default_ttlNumeric? (readonly)

Note:

Default: - 86400

This field only supports standard distributions.

You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .

This field is deprecated. We recommend that you use the DefaultTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide .

The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age , Cache-Control s-maxage , and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .



717
718
719
# File 'cloud_front/cfn_distribution.rb', line 717

def default_ttl
  @default_ttl
end

#field_level_encryption_idString? (readonly)

Note:

Default: - ""

The value of ID for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.



723
724
725
# File 'cloud_front/cfn_distribution.rb', line 723

def field_level_encryption_id
  @field_level_encryption_id
end

#forwarded_valuesAWSCDK::IResolvable, ... (readonly)

This field is deprecated.

We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see Working with policies in the Amazon CloudFront Developer Guide .

If you want to include values in the cache key, use a cache policy. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide .

If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide .

A CacheBehavior must include either a CachePolicyId or ForwardedValues . We recommend that you use a CachePolicyId .

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.



738
739
740
# File 'cloud_front/cfn_distribution.rb', line 738

def forwarded_values
  @forwarded_values
end

#function_associationsAWSCDK::IResolvable, ... (readonly)

A list of CloudFront functions that are associated with this cache behavior.

CloudFront functions must be published to the LIVE stage to associate them with a cache behavior.



745
746
747
# File 'cloud_front/cfn_distribution.rb', line 745

def function_associations
  @function_associations
end

#grpc_configAWSCDK::IResolvable, ... (readonly)

The gRPC configuration for your cache behavior.



750
751
752
# File 'cloud_front/cfn_distribution.rb', line 750

def grpc_config
  @grpc_config
end

#lambda_function_associationsAWSCDK::IResolvable, ... (readonly)

A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.



755
756
757
# File 'cloud_front/cfn_distribution.rb', line 755

def lambda_function_associations
  @lambda_function_associations
end

#max_ttlNumeric? (readonly)

Note:

Default: - 31536000

This field only supports standard distributions.

You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .

This field is deprecated. We recommend that you use the MaxTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide .

The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age , Cache-Control s-maxage , and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .



767
768
769
# File 'cloud_front/cfn_distribution.rb', line 767

def max_ttl
  @max_ttl
end

#min_ttlNumeric? (readonly)

Note:

Default: - 0

This field only supports standard distributions.

You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .

This field is deprecated. We recommend that you use the MinTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide .

The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin (under Headers , if you specify 1 for Quantity and * for Name ).



781
782
783
# File 'cloud_front/cfn_distribution.rb', line 781

def min_ttl
  @min_ttl
end

#origin_request_policy_idString? (readonly)

The unique identifier of the origin request policy that is attached to this cache behavior.

For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide .



788
789
790
# File 'cloud_front/cfn_distribution.rb', line 788

def origin_request_policy_id
  @origin_request_policy_id
end

#path_patternString (readonly)

The pattern (for example, images/*.jpg ) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.

You can optionally include a slash ( / ) at the beginning of the path pattern. For example, /images/*.jpg . CloudFront behavior is the same with or without the leading / .

The path pattern for the default cache behavior is * and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.

For more information, see Path Pattern in the Amazon CloudFront Developer Guide .



643
644
645
# File 'cloud_front/cfn_distribution.rb', line 643

def path_pattern
  @path_pattern
end

#realtime_log_config_arnString? (readonly)

The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior.

For more information, see Real-time logs in the Amazon CloudFront Developer Guide .



795
796
797
# File 'cloud_front/cfn_distribution.rb', line 795

def realtime_log_config_arn
  @realtime_log_config_arn
end

#response_headers_policy_idString? (readonly)

The identifier for a response headers policy.



800
801
802
# File 'cloud_front/cfn_distribution.rb', line 800

def response_headers_policy_id
  @response_headers_policy_id
end

#smooth_streamingBoolean, ... (readonly)

Note:

Default: - false

This field only supports standard distributions.

You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .

Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify true ; if not, specify false . If you specify true for SmoothStreaming , you can still distribute other content using this cache behavior if the content matches the value of PathPattern .



810
811
812
# File 'cloud_front/cfn_distribution.rb', line 810

def smooth_streaming
  @smooth_streaming
end

#target_origin_idString (readonly)

The value of ID for the origin that you want CloudFront to route requests to when they match this cache behavior.



648
649
650
# File 'cloud_front/cfn_distribution.rb', line 648

def target_origin_id
  @target_origin_id
end

#trusted_key_groupsArray<String>? (readonly)

A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide .



817
818
819
# File 'cloud_front/cfn_distribution.rb', line 817

def trusted_key_groups
  @trusted_key_groups
end

#trusted_signersArray<String>? (readonly)

We recommend using TrustedKeyGroups instead of TrustedSigners .

This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .

A list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer's AWS account . The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide .



828
829
830
# File 'cloud_front/cfn_distribution.rb', line 828

def trusted_signers
  @trusted_signers
end

#viewer_protocol_policyString (readonly)

The protocol that viewers can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern .

You can specify the following options:

  • allow-all : Viewers can use HTTP or HTTPS.
  • redirect-to-https : If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.
  • https-only : If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).

For more information about requiring the HTTPS protocol, see Requiring HTTPS Between Viewers and CloudFront in the Amazon CloudFront Developer Guide .

The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see Managing Cache Expiration in the Amazon CloudFront Developer Guide .



663
664
665
# File 'cloud_front/cfn_distribution.rb', line 663

def viewer_protocol_policy
  @viewer_protocol_policy
end

Class Method Details

.jsii_propertiesObject



830
831
832
833
834
835
836
837
838
839
840
841
842
843
844
845
846
847
848
849
850
851
852
853
854
# File 'cloud_front/cfn_distribution.rb', line 830

def self.jsii_properties
  {
    :path_pattern => "pathPattern",
    :target_origin_id => "targetOriginId",
    :viewer_protocol_policy => "viewerProtocolPolicy",
    :allowed_methods => "allowedMethods",
    :cached_methods => "cachedMethods",
    :cache_policy_id => "cachePolicyId",
    :compress => "compress",
    :default_ttl => "defaultTtl",
    :field_level_encryption_id => "fieldLevelEncryptionId",
    :forwarded_values => "forwardedValues",
    :function_associations => "functionAssociations",
    :grpc_config => "grpcConfig",
    :lambda_function_associations => "lambdaFunctionAssociations",
    :max_ttl => "maxTtl",
    :min_ttl => "minTtl",
    :origin_request_policy_id => "originRequestPolicyId",
    :realtime_log_config_arn => "realtimeLogConfigArn",
    :response_headers_policy_id => "responseHeadersPolicyId",
    :smooth_streaming => "smoothStreaming",
    :trusted_key_groups => "trustedKeyGroups",
    :trusted_signers => "trustedSigners",
  }
end

Instance Method Details

#to_jsiiObject



856
857
858
859
860
861
862
863
864
865
866
867
868
869
870
871
872
873
874
875
876
877
878
879
880
881
882
# File 'cloud_front/cfn_distribution.rb', line 856

def to_jsii
  result = {}
  result.merge!({
    "pathPattern" => @path_pattern,
    "targetOriginId" => @target_origin_id,
    "viewerProtocolPolicy" => @viewer_protocol_policy,
    "allowedMethods" => @allowed_methods,
    "cachedMethods" => @cached_methods,
    "cachePolicyId" => @cache_policy_id,
    "compress" => @compress,
    "defaultTtl" => @default_ttl,
    "fieldLevelEncryptionId" => @field_level_encryption_id,
    "forwardedValues" => @forwarded_values,
    "functionAssociations" => @function_associations,
    "grpcConfig" => @grpc_config,
    "lambdaFunctionAssociations" => @lambda_function_associations,
    "maxTtl" => @max_ttl,
    "minTtl" => @min_ttl,
    "originRequestPolicyId" => @origin_request_policy_id,
    "realtimeLogConfigArn" => @realtime_log_config_arn,
    "responseHeadersPolicyId" => @response_headers_policy_id,
    "smoothStreaming" => @smooth_streaming,
    "trustedKeyGroups" => @trusted_key_groups,
    "trustedSigners" => @trusted_signers,
  })
  result.compact
end