@aws-cdk/aws-cloudfront

  • Version 1.181.1
  • Published
  • 4.48 MB
  • 11 dependencies
  • Apache-2.0 license

Install

npm i @aws-cdk/aws-cloudfront
yarn add @aws-cdk/aws-cloudfront
pnpm add @aws-cdk/aws-cloudfront

Overview

The CDK Construct Library for AWS::CloudFront

Index

Classes

Interfaces

Enums

Namespaces

Classes

class AllowedMethods

class AllowedMethods {}
  • The HTTP methods that the Behavior will accept requests on.

property ALLOW_ALL

static readonly ALLOW_ALL: AllowedMethods;
  • All supported HTTP methods

property ALLOW_GET_HEAD

static readonly ALLOW_GET_HEAD: AllowedMethods;
  • HEAD and GET

property ALLOW_GET_HEAD_OPTIONS

static readonly ALLOW_GET_HEAD_OPTIONS: AllowedMethods;
  • HEAD, GET, and OPTIONS

property methods

readonly methods: string[];
  • HTTP methods supported

class CacheCookieBehavior

class CacheCookieBehavior {}
  • Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin.

property behavior

readonly behavior: string;
  • The behavior of cookies: allow all, none, an allow list, or a deny list.

property cookies

readonly cookies?: string[];
  • The cookies to allow or deny, if the behavior is an allow or deny list.

method all

static all: () => CacheCookieBehavior;
  • All cookies in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

method allowList

static allowList: (...cookies: string[]) => CacheCookieBehavior;
  • Only the provided cookies are included in the cache key and automatically included in requests that CloudFront sends to the origin.

method denyList

static denyList: (...cookies: string[]) => CacheCookieBehavior;
  • All cookies except the provided cookies are included in the cache key and automatically included in requests that CloudFront sends to the origin.

method none

static none: () => CacheCookieBehavior;
  • Cookies in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

class CachedMethods

class CachedMethods {}
  • The HTTP methods that the Behavior will cache requests on.

property CACHE_GET_HEAD

static readonly CACHE_GET_HEAD: CachedMethods;
  • HEAD and GET

property CACHE_GET_HEAD_OPTIONS

static readonly CACHE_GET_HEAD_OPTIONS: CachedMethods;
  • HEAD, GET, and OPTIONS

property methods

readonly methods: string[];
  • HTTP methods supported

class CacheHeaderBehavior

class CacheHeaderBehavior {}
  • Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin.

property behavior

readonly behavior: string;
  • If no headers will be passed, or an allow list of headers.

property headers

readonly headers?: string[];
  • The headers for the allow/deny list, if applicable.

method allowList

static allowList: (...headers: string[]) => CacheHeaderBehavior;
  • Listed headers are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

method none

static none: () => CacheHeaderBehavior;
  • HTTP headers are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

class CachePolicy

class CachePolicy extends Resource implements ICachePolicy {}
  • A Cache Policy configuration.

    AWS::CloudFront::CachePolicy https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html

constructor

constructor(scope: Construct, id: string, props?: CachePolicyProps);

    property AMPLIFY

    static readonly AMPLIFY: ICachePolicy;
    • This policy is designed for use with an origin that is an AWS Amplify web app.

    property cachePolicyId

    readonly cachePolicyId: string;

      property CACHING_DISABLED

      static readonly CACHING_DISABLED: ICachePolicy;
      • Disables caching. This policy is useful for dynamic content and for requests that are not cacheable.

      property CACHING_OPTIMIZED

      static readonly CACHING_OPTIMIZED: ICachePolicy;
      • Optimize cache efficiency by minimizing the values that CloudFront includes in the cache key. Query strings and cookies are not included in the cache key, and only the normalized 'Accept-Encoding' header is included.

      property CACHING_OPTIMIZED_FOR_UNCOMPRESSED_OBJECTS

      static readonly CACHING_OPTIMIZED_FOR_UNCOMPRESSED_OBJECTS: ICachePolicy;
      • Optimize cache efficiency by minimizing the values that CloudFront includes in the cache key. Query strings and cookies are not included in the cache key, and only the normalized 'Accept-Encoding' header is included. Disables cache compression.

      property ELEMENTAL_MEDIA_PACKAGE

      static readonly ELEMENTAL_MEDIA_PACKAGE: ICachePolicy;
      • Designed for use with an origin that is an AWS Elemental MediaPackage endpoint.

      method fromCachePolicyId

      static fromCachePolicyId: (
      scope: Construct,
      id: string,
      cachePolicyId: string
      ) => ICachePolicy;
      • Imports a Cache Policy from its id.

      class CacheQueryStringBehavior

      class CacheQueryStringBehavior {}
      • Determines whether any URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      property behavior

      readonly behavior: string;
      • The behavior of query strings -- allow all, none, only an allow list, or a deny list.

      property queryStrings

      readonly queryStrings?: string[];
      • The query strings to allow or deny, if the behavior is an allow or deny list.

      method all

      static all: () => CacheQueryStringBehavior;
      • All query strings in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

      method allowList

      static allowList: (...queryStrings: string[]) => CacheQueryStringBehavior;
      • Only the provided queryStrings are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      method denyList

      static denyList: (...queryStrings: string[]) => CacheQueryStringBehavior;
      • All query strings except the provided queryStrings are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      method none

      static none: () => CacheQueryStringBehavior;
      • Query strings in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

      class CfnCachePolicy

      class CfnCachePolicy extends cdk.CfnResource implements cdk.IInspectable {}
      • A CloudFormation AWS::CloudFront::CachePolicy

        A cache policy.

        When it’s attached to a cache behavior, the cache policy determines the following:

        - The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. - The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.

        The headers, cookies, and query strings that are included in the cache key are automatically included in requests that CloudFront sends to the origin. CloudFront sends a request when it can’t find a valid object in its cache that matches the request’s cache key. If you want to send values to the origin but *not* include them in the cache key, use OriginRequestPolicy .

        AWS::CloudFront::CachePolicy external

        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html

      constructor

      constructor(scope: cdk.Construct, id: string, props: CfnCachePolicyProps);
      • Create a new AWS::CloudFront::CachePolicy.

        Parameter scope

        scope in which this resource is defined

        Parameter id

        scoped id of the resource

        Parameter props

        resource properties

      property attrId

      readonly attrId: string;
      • The unique identifier for the cache policy. For example: 2766f7b2-75c5-41c6-8f06-bf4303a2f2f5 . Id

      property attrLastModifiedTime

      readonly attrLastModifiedTime: string;
      • The date and time when the cache policy was last modified. LastModifiedTime

      property cachePolicyConfig

      cachePolicyConfig: any;
      • The cache policy configuration.

        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html#cfn-cloudfront-cachepolicy-cachepolicyconfig

      property CFN_RESOURCE_TYPE_NAME

      static readonly CFN_RESOURCE_TYPE_NAME: string;
      • The CloudFormation resource type name for this resource class.

      property cfnProperties

      readonly cfnProperties: { [key: string]: any };

        method inspect

        inspect: (inspector: cdk.TreeInspector) => void;
        • Examines the CloudFormation resource and discloses attributes.

          Parameter inspector

          tree inspector to collect and process attributes

        method renderProperties

        protected renderProperties: (props: { [key: string]: any }) => {
        [key: string]: any;
        };

          class CfnCloudFrontOriginAccessIdentity

          class CfnCloudFrontOriginAccessIdentity
          extends cdk.CfnResource
          implements cdk.IInspectable {}
          • A CloudFormation AWS::CloudFront::CloudFrontOriginAccessIdentity

            The request to create a new origin access identity (OAI). An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content. For more information, see [Restricting Access to Amazon S3 Content by Using an Origin Access Identity](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .

            AWS::CloudFront::CloudFrontOriginAccessIdentity external

            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html

          constructor

          constructor(
          scope: cdk.Construct,
          id: string,
          props: CfnCloudFrontOriginAccessIdentityProps
          );
          • Create a new AWS::CloudFront::CloudFrontOriginAccessIdentity.

            Parameter scope

            scope in which this resource is defined

            Parameter id

            scoped id of the resource

            Parameter props

            resource properties

          property attrId

          readonly attrId: string;
          • Id

          property attrS3CanonicalUserId

          readonly attrS3CanonicalUserId: string;
          • The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3. For example: b970b42360b81c8ddbd79d2f5df0069ba9033c8a79655752abe380cd6d63ba8bcf23384d568fcf89fc49700b5e11a0fd . S3CanonicalUserId

          property CFN_RESOURCE_TYPE_NAME

          static readonly CFN_RESOURCE_TYPE_NAME: string;
          • The CloudFormation resource type name for this resource class.

          property cfnProperties

          readonly cfnProperties: { [key: string]: any };

            property cloudFrontOriginAccessIdentityConfig

            cloudFrontOriginAccessIdentityConfig: any;
            • The current configuration information for the identity.

              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html#cfn-cloudfront-cloudfrontoriginaccessidentity-cloudfrontoriginaccessidentityconfig

            method inspect

            inspect: (inspector: cdk.TreeInspector) => void;
            • Examines the CloudFormation resource and discloses attributes.

              Parameter inspector

              tree inspector to collect and process attributes

            method renderProperties

            protected renderProperties: (props: { [key: string]: any }) => {
            [key: string]: any;
            };

              class CfnDistribution

              class CfnDistribution extends cdk.CfnResource implements cdk.IInspectable {}
              • A CloudFormation AWS::CloudFront::Distribution

                A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.

                AWS::CloudFront::Distribution external

                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html

              constructor

              constructor(scope: cdk.Construct, id: string, props: CfnDistributionProps);
              • Create a new AWS::CloudFront::Distribution.

                Parameter scope

                scope in which this resource is defined

                Parameter id

                scoped id of the resource

                Parameter props

                resource properties

              property attrDomainName

              readonly attrDomainName: string;
              • The domain name of the resource, such as d111111abcdef8.cloudfront.net . DomainName

              property attrId

              readonly attrId: string;
              • Id

              property CFN_RESOURCE_TYPE_NAME

              static readonly CFN_RESOURCE_TYPE_NAME: string;
              • The CloudFormation resource type name for this resource class.

              property cfnProperties

              readonly cfnProperties: { [key: string]: any };

                property distributionConfig

                distributionConfig: any;
                • The current configuration information for the distribution. Send a GET request to the / *CloudFront API version* /distribution ID/config resource.

                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-distributionconfig

                property tags

                readonly tags: cdk.TagManager;
                • A complex type that contains zero or more Tag elements.

                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-tags

                method inspect

                inspect: (inspector: cdk.TreeInspector) => void;
                • Examines the CloudFormation resource and discloses attributes.

                  Parameter inspector

                  tree inspector to collect and process attributes

                method renderProperties

                protected renderProperties: (props: { [key: string]: any }) => {
                [key: string]: any;
                };

                  class CfnFunction

                  class CfnFunction extends cdk.CfnResource implements cdk.IInspectable {}
                  • A CloudFormation AWS::CloudFront::Function

                    Creates a CloudFront function.

                    To create a function, you provide the function code and some configuration information about the function. The response contains an Amazon Resource Name (ARN) that uniquely identifies the function, and the function’s stage.

                    By default, when you create a function, it’s in the DEVELOPMENT stage. In this stage, you can [test the function](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/test-function.html) in the CloudFront console (or with TestFunction in the CloudFront API).

                    When you’re ready to use your function with a CloudFront distribution, publish the function to the LIVE stage. You can do this in the CloudFront console, with PublishFunction in the CloudFront API, or by updating the AWS::CloudFront::Function resource with the AutoPublish property set to true . When the function is published to the LIVE stage, you can attach it to a distribution’s cache behavior, using the function’s ARN.

                    To automatically publish the function to the LIVE stage when it’s created, set the AutoPublish property to true .

                    AWS::CloudFront::Function external

                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html

                  constructor

                  constructor(scope: cdk.Construct, id: string, props: CfnFunctionProps);
                  • Create a new AWS::CloudFront::Function.

                    Parameter scope

                    scope in which this resource is defined

                    Parameter id

                    scoped id of the resource

                    Parameter props

                    resource properties

                  property attrFunctionArn

                  readonly attrFunctionArn: string;
                  • The ARN of the function. For example:

                    arn:aws:cloudfront::123456789012:function/ExampleFunction .

                    To get the function ARN, use the following syntax:

                    !GetAtt *Function_Logical_ID* .FunctionMetadata.FunctionARN FunctionARN

                  property attrFunctionMetadataFunctionArn

                  readonly attrFunctionMetadataFunctionArn: string;
                  • FunctionMetadata.FunctionARN

                  property attrStage

                  readonly attrStage: string;
                  • Stage

                  property autoPublish

                  autoPublish: any;
                  • A flag that determines whether to automatically publish the function to the LIVE stage when it’s created. To automatically publish to the LIVE stage, set this property to true .

                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-autopublish

                  property CFN_RESOURCE_TYPE_NAME

                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                  • The CloudFormation resource type name for this resource class.

                  property cfnProperties

                  readonly cfnProperties: { [key: string]: any };

                    property functionCode

                    functionCode: string;
                    • The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functioncode

                    property functionConfig

                    functionConfig: any;
                    • Contains configuration information about a CloudFront function.

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionconfig

                    property name

                    name: string;
                    • A name to identify the function.

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-name

                    method inspect

                    inspect: (inspector: cdk.TreeInspector) => void;
                    • Examines the CloudFormation resource and discloses attributes.

                      Parameter inspector

                      tree inspector to collect and process attributes

                    method renderProperties

                    protected renderProperties: (props: { [key: string]: any }) => {
                    [key: string]: any;
                    };

                      class CfnKeyGroup

                      class CfnKeyGroup extends cdk.CfnResource implements cdk.IInspectable {}
                      • A CloudFormation AWS::CloudFront::KeyGroup

                        A key group.

                        A key group contains a list of public keys that you can use with [CloudFront signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) .

                        AWS::CloudFront::KeyGroup external

                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html

                      constructor

                      constructor(scope: cdk.Construct, id: string, props: CfnKeyGroupProps);
                      • Create a new AWS::CloudFront::KeyGroup.

                        Parameter scope

                        scope in which this resource is defined

                        Parameter id

                        scoped id of the resource

                        Parameter props

                        resource properties

                      property attrId

                      readonly attrId: string;
                      • The identifier for the key group. Id

                      property attrLastModifiedTime

                      readonly attrLastModifiedTime: string;
                      • The date and time when the key group was last modified. LastModifiedTime

                      property CFN_RESOURCE_TYPE_NAME

                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                      • The CloudFormation resource type name for this resource class.

                      property cfnProperties

                      readonly cfnProperties: { [key: string]: any };

                        property keyGroupConfig

                        keyGroupConfig: any;
                        • The key group configuration.

                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig

                        method inspect

                        inspect: (inspector: cdk.TreeInspector) => void;
                        • Examines the CloudFormation resource and discloses attributes.

                          Parameter inspector

                          tree inspector to collect and process attributes

                        method renderProperties

                        protected renderProperties: (props: { [key: string]: any }) => {
                        [key: string]: any;
                        };

                          class CfnMonitoringSubscription

                          class CfnMonitoringSubscription
                          extends cdk.CfnResource
                          implements cdk.IInspectable {}
                          • A CloudFormation AWS::CloudFront::MonitoringSubscription

                            AWS::CloudFront::MonitoringSubscription external

                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html

                          constructor

                          constructor(
                          scope: cdk.Construct,
                          id: string,
                          props: CfnMonitoringSubscriptionProps
                          );
                          • Create a new AWS::CloudFront::MonitoringSubscription.

                            Parameter scope

                            scope in which this resource is defined

                            Parameter id

                            scoped id of the resource

                            Parameter props

                            resource properties

                          property CFN_RESOURCE_TYPE_NAME

                          static readonly CFN_RESOURCE_TYPE_NAME: string;
                          • The CloudFormation resource type name for this resource class.

                          property cfnProperties

                          readonly cfnProperties: { [key: string]: any };

                            property distributionId

                            distributionId: string;
                            • AWS::CloudFront::MonitoringSubscription.DistributionId

                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-distributionid

                            property monitoringSubscription

                            monitoringSubscription: any;
                            • AWS::CloudFront::MonitoringSubscription.MonitoringSubscription

                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-monitoringsubscription

                            method inspect

                            inspect: (inspector: cdk.TreeInspector) => void;
                            • Examines the CloudFormation resource and discloses attributes.

                              Parameter inspector

                              tree inspector to collect and process attributes

                            method renderProperties

                            protected renderProperties: (props: { [key: string]: any }) => {
                            [key: string]: any;
                            };

                              class CfnOriginAccessControl

                              class CfnOriginAccessControl extends cdk.CfnResource implements cdk.IInspectable {}
                              • A CloudFormation AWS::CloudFront::OriginAccessControl

                                AWS::CloudFront::OriginAccessControl external

                                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html

                              constructor

                              constructor(
                              scope: cdk.Construct,
                              id: string,
                              props: CfnOriginAccessControlProps
                              );
                              • Create a new AWS::CloudFront::OriginAccessControl.

                                Parameter scope

                                scope in which this resource is defined

                                Parameter id

                                scoped id of the resource

                                Parameter props

                                resource properties

                              property attrId

                              readonly attrId: string;
                              • Id

                              property CFN_RESOURCE_TYPE_NAME

                              static readonly CFN_RESOURCE_TYPE_NAME: string;
                              • The CloudFormation resource type name for this resource class.

                              property cfnProperties

                              readonly cfnProperties: { [key: string]: any };

                                property originAccessControlConfig

                                originAccessControlConfig: any;
                                • AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig

                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html#cfn-cloudfront-originaccesscontrol-originaccesscontrolconfig

                                method inspect

                                inspect: (inspector: cdk.TreeInspector) => void;
                                • Examines the CloudFormation resource and discloses attributes.

                                  Parameter inspector

                                  tree inspector to collect and process attributes

                                method renderProperties

                                protected renderProperties: (props: { [key: string]: any }) => {
                                [key: string]: any;
                                };

                                  class CfnOriginRequestPolicy

                                  class CfnOriginRequestPolicy extends cdk.CfnResource implements cdk.IInspectable {}
                                  • A CloudFormation AWS::CloudFront::OriginRequestPolicy

                                    An origin request policy.

                                    When it’s attached to a cache behavior, the origin request policy determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:

                                    - The request body and the URL path (without the domain name) from the viewer request. - The headers that CloudFront automatically includes in every origin request, including Host , User-Agent , and X-Amz-Cf-Id . - All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.

                                    CloudFront sends a request when it can’t find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use CachePolicy .

                                    AWS::CloudFront::OriginRequestPolicy external

                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html

                                  constructor

                                  constructor(
                                  scope: cdk.Construct,
                                  id: string,
                                  props: CfnOriginRequestPolicyProps
                                  );
                                  • Create a new AWS::CloudFront::OriginRequestPolicy.

                                    Parameter scope

                                    scope in which this resource is defined

                                    Parameter id

                                    scoped id of the resource

                                    Parameter props

                                    resource properties

                                  property attrId

                                  readonly attrId: string;
                                  • The unique identifier for the origin request policy. For example: befd7079-9bbc-4ebf-8ade-498a3694176c . Id

                                  property attrLastModifiedTime

                                  readonly attrLastModifiedTime: string;
                                  • The date and time when the origin request policy was last modified. LastModifiedTime

                                  property CFN_RESOURCE_TYPE_NAME

                                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                                  • The CloudFormation resource type name for this resource class.

                                  property cfnProperties

                                  readonly cfnProperties: { [key: string]: any };

                                    property originRequestPolicyConfig

                                    originRequestPolicyConfig: any;
                                    • The origin request policy configuration.

                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html#cfn-cloudfront-originrequestpolicy-originrequestpolicyconfig

                                    method inspect

                                    inspect: (inspector: cdk.TreeInspector) => void;
                                    • Examines the CloudFormation resource and discloses attributes.

                                      Parameter inspector

                                      tree inspector to collect and process attributes

                                    method renderProperties

                                    protected renderProperties: (props: { [key: string]: any }) => {
                                    [key: string]: any;
                                    };

                                      class CfnPublicKey

                                      class CfnPublicKey extends cdk.CfnResource implements cdk.IInspectable {}
                                      • A CloudFormation AWS::CloudFront::PublicKey

                                        A public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                        AWS::CloudFront::PublicKey external

                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html

                                      constructor

                                      constructor(scope: cdk.Construct, id: string, props: CfnPublicKeyProps);
                                      • Create a new AWS::CloudFront::PublicKey.

                                        Parameter scope

                                        scope in which this resource is defined

                                        Parameter id

                                        scoped id of the resource

                                        Parameter props

                                        resource properties

                                      property attrCreatedTime

                                      readonly attrCreatedTime: string;
                                      • The date and time when the public key was uploaded. CreatedTime

                                      property attrId

                                      readonly attrId: string;
                                      • The identifier of the public key. Id

                                      property CFN_RESOURCE_TYPE_NAME

                                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                                      • The CloudFormation resource type name for this resource class.

                                      property cfnProperties

                                      readonly cfnProperties: { [key: string]: any };

                                        property publicKeyConfig

                                        publicKeyConfig: any;
                                        • Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig

                                        method inspect

                                        inspect: (inspector: cdk.TreeInspector) => void;
                                        • Examines the CloudFormation resource and discloses attributes.

                                          Parameter inspector

                                          tree inspector to collect and process attributes

                                        method renderProperties

                                        protected renderProperties: (props: { [key: string]: any }) => {
                                        [key: string]: any;
                                        };

                                          class CfnRealtimeLogConfig

                                          class CfnRealtimeLogConfig extends cdk.CfnResource implements cdk.IInspectable {}
                                          • A CloudFormation AWS::CloudFront::RealtimeLogConfig

                                            A real-time log configuration.

                                            AWS::CloudFront::RealtimeLogConfig external

                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html

                                          constructor

                                          constructor(scope: cdk.Construct, id: string, props: CfnRealtimeLogConfigProps);
                                          • Create a new AWS::CloudFront::RealtimeLogConfig.

                                            Parameter scope

                                            scope in which this resource is defined

                                            Parameter id

                                            scoped id of the resource

                                            Parameter props

                                            resource properties

                                          property attrArn

                                          readonly attrArn: string;
                                          • The Amazon Resource Name (ARN) of the real-time log configuration. For example: arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig . Arn

                                          property CFN_RESOURCE_TYPE_NAME

                                          static readonly CFN_RESOURCE_TYPE_NAME: string;
                                          • The CloudFormation resource type name for this resource class.

                                          property cfnProperties

                                          readonly cfnProperties: { [key: string]: any };

                                            property endPoints

                                            endPoints: any;
                                            • Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-endpoints

                                            property fields

                                            fields: string[];
                                            • A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.

                                              For more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-fields

                                            property name

                                            name: string;
                                            • The unique name of this real-time log configuration.

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-name

                                            property samplingRate

                                            samplingRate: number;
                                            • The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-samplingrate

                                            method inspect

                                            inspect: (inspector: cdk.TreeInspector) => void;
                                            • Examines the CloudFormation resource and discloses attributes.

                                              Parameter inspector

                                              tree inspector to collect and process attributes

                                            method renderProperties

                                            protected renderProperties: (props: { [key: string]: any }) => {
                                            [key: string]: any;
                                            };

                                              class CfnResponseHeadersPolicy

                                              class CfnResponseHeadersPolicy extends cdk.CfnResource implements cdk.IInspectable {}
                                              • A CloudFormation AWS::CloudFront::ResponseHeadersPolicy

                                                A response headers policy.

                                                A response headers policy contains information about a set of HTTP response headers and their values.

                                                After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it’s attached to a cache behavior, CloudFront adds the headers in the policy to HTTP responses that it sends for requests that match the cache behavior.

                                                For more information, see [Adding HTTP headers to CloudFront responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/adding-response-headers.html) in the *Amazon CloudFront Developer Guide* .

                                                AWS::CloudFront::ResponseHeadersPolicy external

                                                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html

                                              constructor

                                              constructor(
                                              scope: cdk.Construct,
                                              id: string,
                                              props: CfnResponseHeadersPolicyProps
                                              );
                                              • Create a new AWS::CloudFront::ResponseHeadersPolicy.

                                                Parameter scope

                                                scope in which this resource is defined

                                                Parameter id

                                                scoped id of the resource

                                                Parameter props

                                                resource properties

                                              property attrId

                                              readonly attrId: string;
                                              • The unique identifier for the cache policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a . Id

                                              property attrLastModifiedTime

                                              readonly attrLastModifiedTime: string;
                                              • The date and time when the response headers policy was last modified. LastModifiedTime

                                              property CFN_RESOURCE_TYPE_NAME

                                              static readonly CFN_RESOURCE_TYPE_NAME: string;
                                              • The CloudFormation resource type name for this resource class.

                                              property cfnProperties

                                              readonly cfnProperties: { [key: string]: any };

                                                property responseHeadersPolicyConfig

                                                responseHeadersPolicyConfig: any;
                                                • A response headers policy configuration.

                                                  A response headers policy contains information about a set of HTTP response headers and their values. CloudFront adds the headers in the policy to HTTP responses that it sends for requests that match a cache behavior that’s associated with the policy.

                                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html#cfn-cloudfront-responseheaderspolicy-responseheaderspolicyconfig

                                                method inspect

                                                inspect: (inspector: cdk.TreeInspector) => void;
                                                • Examines the CloudFormation resource and discloses attributes.

                                                  Parameter inspector

                                                  tree inspector to collect and process attributes

                                                method renderProperties

                                                protected renderProperties: (props: { [key: string]: any }) => {
                                                [key: string]: any;
                                                };

                                                  class CfnStreamingDistribution

                                                  class CfnStreamingDistribution extends cdk.CfnResource implements cdk.IInspectable {}
                                                  • A CloudFormation AWS::CloudFront::StreamingDistribution

                                                    This resource is deprecated. Amazon CloudFront is deprecating real-time messaging protocol (RTMP) distributions on December 31, 2020. For more information, [read the announcement](https://docs.aws.amazon.com/ann.jspa?annID=7356) on the Amazon CloudFront discussion forum.

                                                    AWS::CloudFront::StreamingDistribution external

                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html

                                                  constructor

                                                  constructor(
                                                  scope: cdk.Construct,
                                                  id: string,
                                                  props: CfnStreamingDistributionProps
                                                  );
                                                  • Create a new AWS::CloudFront::StreamingDistribution.

                                                    Parameter scope

                                                    scope in which this resource is defined

                                                    Parameter id

                                                    scoped id of the resource

                                                    Parameter props

                                                    resource properties

                                                  property attrDomainName

                                                  readonly attrDomainName: string;
                                                  • The domain name of the resource, such as d111111abcdef8.cloudfront.net . DomainName

                                                  property CFN_RESOURCE_TYPE_NAME

                                                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                                                  • The CloudFormation resource type name for this resource class.

                                                  property cfnProperties

                                                  readonly cfnProperties: { [key: string]: any };

                                                    property streamingDistributionConfig

                                                    streamingDistributionConfig: any;
                                                    • The current configuration information for the RTMP distribution.

                                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-streamingdistributionconfig

                                                    property tags

                                                    readonly tags: cdk.TagManager;
                                                    • A complex type that contains zero or more Tag elements.

                                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-tags

                                                    method inspect

                                                    inspect: (inspector: cdk.TreeInspector) => void;
                                                    • Examines the CloudFormation resource and discloses attributes.

                                                      Parameter inspector

                                                      tree inspector to collect and process attributes

                                                    method renderProperties

                                                    protected renderProperties: (props: { [key: string]: any }) => {
                                                    [key: string]: any;
                                                    };

                                                      class CloudFrontWebDistribution

                                                      class CloudFrontWebDistribution extends cdk.Resource implements IDistribution {}
                                                      • Amazon CloudFront is a global content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to your viewers with low latency and high transfer speeds. CloudFront fronts user provided content and caches it at edge locations across the world.

                                                        Here's how you can use this construct:

                                                        const sourceBucket = new s3.Bucket(this, 'Bucket');
                                                        const distribution = new cloudfront.CloudFrontWebDistribution(this, 'MyDistribution', {
                                                        originConfigs: [
                                                        {
                                                        s3OriginSource: {
                                                        s3BucketSource: sourceBucket,
                                                        },
                                                        behaviors : [ {isDefaultBehavior: true}],
                                                        },
                                                        ],
                                                        });

                                                        This will create a CloudFront distribution that uses your S3Bucket as it's origin.

                                                        You can customize the distribution using additional properties from the CloudFrontWebDistributionProps interface.

                                                        AWS::CloudFront::Distribution

                                                      constructor

                                                      constructor(scope: Construct, id: string, props: CloudFrontWebDistributionProps);

                                                        property distributionDomainName

                                                        readonly distributionDomainName: string;
                                                        • The domain name created by CloudFront for this distribution. If you are using aliases for your distribution, this is the domainName your DNS records should point to. (In Route53, you could create an ALIAS record to this value, for example.)

                                                        property distributionId

                                                        readonly distributionId: string;
                                                        • The distribution ID for this distribution.

                                                        property domainName

                                                        readonly domainName: string;
                                                        • The domain name created by CloudFront for this distribution. If you are using aliases for your distribution, this is the domainName your DNS records should point to. (In Route53, you could create an ALIAS record to this value, for example.)

                                                          Deprecated

                                                          - Use distributionDomainName instead.

                                                        property loggingBucket

                                                        readonly loggingBucket?: s3.IBucket;
                                                        • The logging bucket for this CloudFront distribution. If logging is not enabled for this distribution - this property will be undefined.

                                                        method fromDistributionAttributes

                                                        static fromDistributionAttributes: (
                                                        scope: Construct,
                                                        id: string,
                                                        attrs: CloudFrontWebDistributionAttributes
                                                        ) => IDistribution;
                                                        • Creates a construct that represents an external (imported) distribution.

                                                        class Distribution

                                                        class Distribution extends Resource implements IDistribution {}
                                                        • A CloudFront distribution with associated origin(s) and caching behavior(s).

                                                        constructor

                                                        constructor(scope: Construct, id: string, props: DistributionProps);

                                                          property distributionDomainName

                                                          readonly distributionDomainName: string;

                                                            property distributionId

                                                            readonly distributionId: string;

                                                              property domainName

                                                              readonly domainName: string;

                                                                method addBehavior

                                                                addBehavior: (
                                                                pathPattern: string,
                                                                origin: IOrigin,
                                                                behaviorOptions?: AddBehaviorOptions
                                                                ) => void;
                                                                • Adds a new behavior to this distribution for the given pathPattern.

                                                                  Parameter pathPattern

                                                                  the path pattern (e.g., 'images/*') that specifies which requests to apply the behavior to.

                                                                  Parameter origin

                                                                  the origin to use for this behavior

                                                                  Parameter behaviorOptions

                                                                  the options for the behavior at this path.

                                                                method fromDistributionAttributes

                                                                static fromDistributionAttributes: (
                                                                scope: Construct,
                                                                id: string,
                                                                attrs: DistributionAttributes
                                                                ) => IDistribution;
                                                                • Creates a Distribution construct that represents an external (imported) distribution.

                                                                class Function

                                                                class Function extends Resource implements IFunction {}
                                                                • A CloudFront Function

                                                                  AWS::CloudFront::Function

                                                                constructor

                                                                constructor(scope: Construct, id: string, props: FunctionProps);

                                                                  property functionArn

                                                                  readonly functionArn: string;
                                                                  • the ARN of the CloudFront function

                                                                  property functionName

                                                                  readonly functionName: string;
                                                                  • the name of the CloudFront function

                                                                  property functionStage

                                                                  readonly functionStage: string;
                                                                  • the deployment stage of the CloudFront function

                                                                  method fromFunctionAttributes

                                                                  static fromFunctionAttributes: (
                                                                  scope: Construct,
                                                                  id: string,
                                                                  attrs: FunctionAttributes
                                                                  ) => IFunction;
                                                                  • Imports a function by its name and ARN

                                                                  class FunctionCode

                                                                  abstract class FunctionCode {}
                                                                  • Represents the function's source code

                                                                  method fromFile

                                                                  static fromFile: (options: FileCodeOptions) => FunctionCode;
                                                                  • Code from external file for function

                                                                    Parameter options

                                                                    the options for the external file

                                                                    Returns

                                                                    code object with contents from file.

                                                                  method fromInline

                                                                  static fromInline: (code: string) => FunctionCode;
                                                                  • Inline code for function

                                                                    Parameter code

                                                                    The actual function code

                                                                    Returns

                                                                    code object with inline code.

                                                                  method render

                                                                  abstract render: () => string;
                                                                  • renders the function code

                                                                  class GeoRestriction

                                                                  class GeoRestriction {}
                                                                  • Controls the countries in which content is distributed.

                                                                  property locations

                                                                  readonly locations: string[];

                                                                    property restrictionType

                                                                    readonly restrictionType: 'whitelist' | 'blacklist';

                                                                      method allowlist

                                                                      static allowlist: (...locations: string[]) => GeoRestriction;
                                                                      • Allow specific countries which you want CloudFront to distribute your content.

                                                                        Parameter locations

                                                                        Two-letter, uppercase country code for a country that you want to allow. Include one element for each country. See ISO 3166-1-alpha-2 code on the *International Organization for Standardization* website

                                                                      method blacklist

                                                                      static blacklist: (...locations: string[]) => GeoRestriction;
                                                                      • DEPRECATED

                                                                        Deprecated

                                                                        use denylist

                                                                      method denylist

                                                                      static denylist: (...locations: string[]) => GeoRestriction;
                                                                      • Deny specific countries which you don't want CloudFront to distribute your content.

                                                                        Parameter locations

                                                                        Two-letter, uppercase country code for a country that you want to deny. Include one element for each country. See ISO 3166-1-alpha-2 code on the *International Organization for Standardization* website

                                                                      method whitelist

                                                                      static whitelist: (...locations: string[]) => GeoRestriction;
                                                                      • DEPRECATED

                                                                        Deprecated

                                                                        use allowlist

                                                                      class KeyGroup

                                                                      class KeyGroup extends Resource implements IKeyGroup {}
                                                                      • A Key Group configuration

                                                                        AWS::CloudFront::KeyGroup

                                                                      constructor

                                                                      constructor(scope: Construct, id: string, props: KeyGroupProps);

                                                                        property keyGroupId

                                                                        readonly keyGroupId: string;

                                                                          method fromKeyGroupId

                                                                          static fromKeyGroupId: (
                                                                          scope: Construct,
                                                                          id: string,
                                                                          keyGroupId: string
                                                                          ) => IKeyGroup;
                                                                          • Imports a Key Group from its id.

                                                                          class OriginAccessIdentity

                                                                          class OriginAccessIdentity
                                                                          extends OriginAccessIdentityBase
                                                                          implements IOriginAccessIdentity {}
                                                                          • An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content.

                                                                            AWS::CloudFront::CloudFrontOriginAccessIdentity

                                                                          constructor

                                                                          constructor(scope: Construct, id: string, props?: OriginAccessIdentityProps);

                                                                            property cloudFrontOriginAccessIdentityS3CanonicalUserId

                                                                            readonly cloudFrontOriginAccessIdentityS3CanonicalUserId: string;
                                                                            • The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3.

                                                                            property grantPrincipal

                                                                            readonly grantPrincipal: iam.IPrincipal;
                                                                            • Derived principal value for bucket access

                                                                            property originAccessIdentityName

                                                                            readonly originAccessIdentityName: string;
                                                                            • The Origin Access Identity Name (physical id)

                                                                            method fromOriginAccessIdentityName

                                                                            static fromOriginAccessIdentityName: (
                                                                            scope: Construct,
                                                                            id: string,
                                                                            originAccessIdentityName: string
                                                                            ) => IOriginAccessIdentity;
                                                                            • Creates a OriginAccessIdentity by providing the OriginAccessIdentityName

                                                                            class OriginBase

                                                                            abstract class OriginBase implements IOrigin {}
                                                                            • Represents a distribution origin, that describes the Amazon S3 bucket, HTTP server (for example, a web server), Amazon MediaStore, or other server from which CloudFront gets your files.

                                                                            constructor

                                                                            protected constructor(domainName: string, props?: OriginProps);

                                                                              method bind

                                                                              bind: (_scope: Construct, options: OriginBindOptions) => OriginBindConfig;
                                                                              • Binds the origin to the associated Distribution. Can be used to grant permissions, create dependent resources, etc.

                                                                              method renderCustomOriginConfig

                                                                              protected renderCustomOriginConfig: () =>
                                                                              | CfnDistribution.CustomOriginConfigProperty
                                                                              | undefined;

                                                                                method renderS3OriginConfig

                                                                                protected renderS3OriginConfig: () =>
                                                                                | CfnDistribution.S3OriginConfigProperty
                                                                                | undefined;

                                                                                  class OriginRequestCookieBehavior

                                                                                  class OriginRequestCookieBehavior {}
                                                                                  • Determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin.

                                                                                  property behavior

                                                                                  readonly behavior: string;
                                                                                  • The behavior of cookies: allow all, none or an allow list.

                                                                                  property cookies

                                                                                  readonly cookies?: string[];
                                                                                  • The cookies to allow, if the behavior is an allow list.

                                                                                  method all

                                                                                  static all: () => OriginRequestCookieBehavior;
                                                                                  • All cookies in viewer requests are included in requests that CloudFront sends to the origin.

                                                                                  method allowList

                                                                                  static allowList: (...cookies: string[]) => OriginRequestCookieBehavior;
                                                                                  • Only the provided cookies are included in requests that CloudFront sends to the origin.

                                                                                  method none

                                                                                  static none: () => OriginRequestCookieBehavior;
                                                                                  • Cookies in viewer requests are not included in requests that CloudFront sends to the origin. Any cookies that are listed in a CachePolicy are still included in origin requests.

                                                                                  class OriginRequestHeaderBehavior

                                                                                  class OriginRequestHeaderBehavior {}
                                                                                  • Determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin.

                                                                                  property behavior

                                                                                  readonly behavior: string;
                                                                                  • The behavior of headers: allow all, none or an allow list.

                                                                                  property headers

                                                                                  readonly headers?: string[];
                                                                                  • The headers for the allow list or the included CloudFront headers, if applicable.

                                                                                  method all

                                                                                  static all: (...cloudfrontHeaders: string[]) => OriginRequestHeaderBehavior;
                                                                                  • All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Additionally, any additional CloudFront headers provided are included; the additional headers are added by CloudFront.

                                                                                    See Also

                                                                                    • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-cloudfront-headers.html

                                                                                  method allowList

                                                                                  static allowList: (...headers: string[]) => OriginRequestHeaderBehavior;
                                                                                  • Listed headers are included in requests that CloudFront sends to the origin.

                                                                                  method none

                                                                                  static none: () => OriginRequestHeaderBehavior;
                                                                                  • HTTP headers are not included in requests that CloudFront sends to the origin. Any headers that are listed in a CachePolicy are still included in origin requests.

                                                                                  class OriginRequestPolicy

                                                                                  class OriginRequestPolicy extends Resource implements IOriginRequestPolicy {}
                                                                                  • A Origin Request Policy configuration.

                                                                                    AWS::CloudFront::OriginRequestPolicy

                                                                                  constructor

                                                                                  constructor(scope: Construct, id: string, props?: OriginRequestPolicyProps);

                                                                                    property ALL_VIEWER

                                                                                    static readonly ALL_VIEWER: IOriginRequestPolicy;
                                                                                    • This policy includes all values (query strings, headers, and cookies) in the viewer request.

                                                                                    property CORS_CUSTOM_ORIGIN

                                                                                    static readonly CORS_CUSTOM_ORIGIN: IOriginRequestPolicy;
                                                                                    • This policy includes the header that enables cross-origin resource sharing (CORS) requests when the origin is a custom origin.

                                                                                    property CORS_S3_ORIGIN

                                                                                    static readonly CORS_S3_ORIGIN: IOriginRequestPolicy;
                                                                                    • This policy includes the headers that enable cross-origin resource sharing (CORS) requests when the origin is an Amazon S3 bucket.

                                                                                    property ELEMENTAL_MEDIA_TAILOR

                                                                                    static readonly ELEMENTAL_MEDIA_TAILOR: IOriginRequestPolicy;
                                                                                    • This policy is designed for use with an origin that is an AWS Elemental MediaTailor endpoint.

                                                                                    property originRequestPolicyId

                                                                                    readonly originRequestPolicyId: string;

                                                                                      property USER_AGENT_REFERER_HEADERS

                                                                                      static readonly USER_AGENT_REFERER_HEADERS: IOriginRequestPolicy;
                                                                                      • This policy includes only the User-Agent and Referer headers. It doesn’t include any query strings or cookies.

                                                                                      method fromOriginRequestPolicyId

                                                                                      static fromOriginRequestPolicyId: (
                                                                                      scope: Construct,
                                                                                      id: string,
                                                                                      originRequestPolicyId: string
                                                                                      ) => IOriginRequestPolicy;
                                                                                      • Imports a Origin Request Policy from its id.

                                                                                      class OriginRequestQueryStringBehavior

                                                                                      class OriginRequestQueryStringBehavior {}
                                                                                      • Determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin.

                                                                                      property behavior

                                                                                      readonly behavior: string;
                                                                                      • The behavior of query strings -- allow all, none, or only an allow list.

                                                                                      property queryStrings

                                                                                      readonly queryStrings?: string[];
                                                                                      • The query strings to allow, if the behavior is an allow list.

                                                                                      method all

                                                                                      static all: () => OriginRequestQueryStringBehavior;
                                                                                      • All query strings in viewer requests are included in requests that CloudFront sends to the origin.

                                                                                      method allowList

                                                                                      static allowList: (
                                                                                      ...queryStrings: string[]
                                                                                      ) => OriginRequestQueryStringBehavior;
                                                                                      • Only the provided queryStrings are included in requests that CloudFront sends to the origin.

                                                                                      method none

                                                                                      static none: () => OriginRequestQueryStringBehavior;
                                                                                      • Query strings in viewer requests are not included in requests that CloudFront sends to the origin. Any query strings that are listed in a CachePolicy are still included in origin requests.

                                                                                      class PublicKey

                                                                                      class PublicKey extends Resource implements IPublicKey {}
                                                                                      • A Public Key Configuration

                                                                                        AWS::CloudFront::PublicKey

                                                                                      constructor

                                                                                      constructor(scope: Construct, id: string, props: PublicKeyProps);

                                                                                        property publicKeyId

                                                                                        readonly publicKeyId: string;

                                                                                          method fromPublicKeyId

                                                                                          static fromPublicKeyId: (
                                                                                          scope: Construct,
                                                                                          id: string,
                                                                                          publicKeyId: string
                                                                                          ) => IPublicKey;
                                                                                          • Imports a Public Key from its id.

                                                                                          class ResponseHeadersPolicy

                                                                                          class ResponseHeadersPolicy extends Resource implements IResponseHeadersPolicy {}
                                                                                          • A Response Headers Policy configuration

                                                                                            AWS::CloudFront::ResponseHeadersPolicy

                                                                                          constructor

                                                                                          constructor(scope: Construct, id: string, props?: ResponseHeadersPolicyProps);

                                                                                            property CORS_ALLOW_ALL_ORIGINS

                                                                                            static readonly CORS_ALLOW_ALL_ORIGINS: IResponseHeadersPolicy;
                                                                                            • Use this managed policy to allow simple CORS requests from any origin.

                                                                                            property CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS

                                                                                            static readonly CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                            • Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                            property CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT

                                                                                            static readonly CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT: IResponseHeadersPolicy;
                                                                                            • Use this managed policy to allow CORS requests from any origin, including preflight requests.

                                                                                            property CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS

                                                                                            static readonly CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                            • Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                            property responseHeadersPolicyId

                                                                                            readonly responseHeadersPolicyId: string;

                                                                                              property SECURITY_HEADERS

                                                                                              static readonly SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                              • Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                              method fromResponseHeadersPolicyId

                                                                                              static fromResponseHeadersPolicyId: (
                                                                                              scope: Construct,
                                                                                              id: string,
                                                                                              responseHeadersPolicyId: string
                                                                                              ) => IResponseHeadersPolicy;
                                                                                              • Import an existing Response Headers Policy from its ID.

                                                                                              class ViewerCertificate

                                                                                              class ViewerCertificate {}
                                                                                              • Viewer certificate configuration class

                                                                                              property aliases

                                                                                              readonly aliases: string[];

                                                                                                property props

                                                                                                readonly props: CfnDistribution.ViewerCertificateProperty;

                                                                                                  method fromAcmCertificate

                                                                                                  static fromAcmCertificate: (
                                                                                                  certificate: certificatemanager.ICertificate,
                                                                                                  options?: ViewerCertificateOptions
                                                                                                  ) => ViewerCertificate;
                                                                                                  • Generate an AWS Certificate Manager (ACM) viewer certificate configuration

                                                                                                    Parameter certificate

                                                                                                    AWS Certificate Manager (ACM) certificate. Your certificate must be located in the us-east-1 (US East (N. Virginia)) region to be accessed by CloudFront

                                                                                                    Parameter options

                                                                                                    certificate configuration options

                                                                                                  method fromCloudFrontDefaultCertificate

                                                                                                  static fromCloudFrontDefaultCertificate: (
                                                                                                  ...aliases: string[]
                                                                                                  ) => ViewerCertificate;
                                                                                                  • Generate a viewer certifcate configuration using the CloudFront default certificate (e.g. d111111abcdef8.cloudfront.net) and a SecurityPolicyProtocol.TLS_V1 security policy.

                                                                                                    Parameter aliases

                                                                                                    Alternative CNAME aliases You also must create a CNAME record with your DNS service to route queries

                                                                                                  method fromIamCertificate

                                                                                                  static fromIamCertificate: (
                                                                                                  iamCertificateId: string,
                                                                                                  options?: ViewerCertificateOptions
                                                                                                  ) => ViewerCertificate;
                                                                                                  • Generate an IAM viewer certificate configuration

                                                                                                    Parameter iamCertificateId

                                                                                                    Identifier of the IAM certificate

                                                                                                    Parameter options

                                                                                                    certificate configuration options

                                                                                                  Interfaces

                                                                                                  interface AddBehaviorOptions

                                                                                                  interface AddBehaviorOptions {}
                                                                                                  • Options for adding a new behavior to a Distribution.

                                                                                                  property allowedMethods

                                                                                                  readonly allowedMethods?: AllowedMethods;
                                                                                                  • HTTP methods to allow for this behavior.

                                                                                                    AllowedMethods.ALLOW_GET_HEAD

                                                                                                  property cachedMethods

                                                                                                  readonly cachedMethods?: CachedMethods;
                                                                                                  • HTTP methods to cache for this behavior.

                                                                                                    CachedMethods.CACHE_GET_HEAD

                                                                                                  property cachePolicy

                                                                                                  readonly cachePolicy?: ICachePolicy;
                                                                                                  • The cache policy for this behavior. The cache policy determines what values are included in the cache key, and the time-to-live (TTL) values for the cache.

                                                                                                    See Also

                                                                                                    • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html. CachePolicy.CACHING_OPTIMIZED

                                                                                                  property compress

                                                                                                  readonly compress?: boolean;
                                                                                                  • Whether you want CloudFront to automatically compress certain files for this cache behavior. See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html#compressed-content-cloudfront-file-types for file types CloudFront will compress.

                                                                                                    true

                                                                                                  property edgeLambdas

                                                                                                  readonly edgeLambdas?: EdgeLambda[];
                                                                                                  • The Lambda@Edge functions to invoke before serving the contents.

                                                                                                    - no Lambda functions will be invoked

                                                                                                    See Also

                                                                                                    • https://aws.amazon.com/lambda/edge

                                                                                                  property functionAssociations

                                                                                                  readonly functionAssociations?: FunctionAssociation[];
                                                                                                  • The CloudFront functions to invoke before serving the contents.

                                                                                                    - no functions will be invoked

                                                                                                  property originRequestPolicy

                                                                                                  readonly originRequestPolicy?: IOriginRequestPolicy;
                                                                                                  • The origin request policy for this behavior. The origin request policy determines which values (e.g., headers, cookies) are included in requests that CloudFront sends to the origin.

                                                                                                    - none

                                                                                                  property responseHeadersPolicy

                                                                                                  readonly responseHeadersPolicy?: IResponseHeadersPolicy;
                                                                                                  • The response headers policy for this behavior. The response headers policy determines which headers are included in responses

                                                                                                    - none

                                                                                                  property smoothStreaming

                                                                                                  readonly smoothStreaming?: boolean;
                                                                                                  • Set this to true to indicate you want to distribute media files in the Microsoft Smooth Streaming format using this behavior.

                                                                                                    false

                                                                                                  property trustedKeyGroups

                                                                                                  readonly trustedKeyGroups?: IKeyGroup[];
                                                                                                  • A list of Key Groups that CloudFront can use to validate signed URLs or signed cookies.

                                                                                                    - no KeyGroups are associated with cache behavior

                                                                                                    See Also

                                                                                                    • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                  property viewerProtocolPolicy

                                                                                                  readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                                  • The protocol that viewers can use to access the files controlled by this behavior.

                                                                                                    ViewerProtocolPolicy.ALLOW_ALL

                                                                                                  interface AliasConfiguration

                                                                                                  interface AliasConfiguration {}

                                                                                                  property acmCertRef

                                                                                                  readonly acmCertRef: string;
                                                                                                  • ARN of an AWS Certificate Manager (ACM) certificate.

                                                                                                  property names

                                                                                                  readonly names: string[];
                                                                                                  • Domain names on the certificate

                                                                                                    Both main domain name and Subject Alternative Names.

                                                                                                  property securityPolicy

                                                                                                  readonly securityPolicy?: SecurityPolicyProtocol;
                                                                                                  • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                                    CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                                    - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

                                                                                                  property sslMethod

                                                                                                  readonly sslMethod?: SSLMethod;
                                                                                                  • How CloudFront should serve HTTPS requests.

                                                                                                    See the notes on SSLMethod if you wish to use other SSL termination types.

                                                                                                    SSLMethod.SNI

                                                                                                    See Also

                                                                                                    • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html

                                                                                                  interface Behavior

                                                                                                  interface Behavior {}
                                                                                                  • A CloudFront behavior wrapper.

                                                                                                  property allowedMethods

                                                                                                  readonly allowedMethods?: CloudFrontAllowedMethods;
                                                                                                  • The method this CloudFront distribution responds do.

                                                                                                    GET_HEAD

                                                                                                  property cachedMethods

                                                                                                  readonly cachedMethods?: CloudFrontAllowedCachedMethods;
                                                                                                  • Which methods are cached by CloudFront by default.

                                                                                                    GET_HEAD

                                                                                                  property compress

                                                                                                  readonly compress?: boolean;
                                                                                                  • If CloudFront should automatically compress some content types.

                                                                                                    true

                                                                                                  property defaultTtl

                                                                                                  readonly defaultTtl?: cdk.Duration;
                                                                                                  • The default amount of time CloudFront will cache an object.

                                                                                                    This value applies only when your custom origin does not add HTTP headers, such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. 86400 (1 day)

                                                                                                  property forwardedValues

                                                                                                  readonly forwardedValues?: CfnDistribution.ForwardedValuesProperty;
                                                                                                  • The values CloudFront will forward to the origin when making a request.

                                                                                                    none (no cookies - no headers)

                                                                                                  property functionAssociations

                                                                                                  readonly functionAssociations?: FunctionAssociation[];
                                                                                                  • The CloudFront functions to invoke before serving the contents.

                                                                                                    - no functions will be invoked

                                                                                                  property isDefaultBehavior

                                                                                                  readonly isDefaultBehavior?: boolean;
                                                                                                  • If this behavior is the default behavior for the distribution.

                                                                                                    You must specify exactly one default distribution per CloudFront distribution. The default behavior is allowed to omit the "path" property.

                                                                                                  property lambdaFunctionAssociations

                                                                                                  readonly lambdaFunctionAssociations?: LambdaFunctionAssociation[];
                                                                                                  • Declares associated lambda@edge functions for this distribution behaviour.

                                                                                                    No lambda function associated

                                                                                                  property maxTtl

                                                                                                  readonly maxTtl?: cdk.Duration;
                                                                                                  • The max amount of time you want objects to stay in the cache before CloudFront queries your origin.

                                                                                                    Duration.seconds(31536000) (one year)

                                                                                                  property minTtl

                                                                                                  readonly minTtl?: cdk.Duration;
                                                                                                  • The minimum amount of time that you want objects to stay in the cache before CloudFront queries your origin.

                                                                                                  property pathPattern

                                                                                                  readonly pathPattern?: string;
                                                                                                  • The path this behavior responds to. Required for all non-default behaviors. (The default behavior implicitly has "*" as the path pattern. )

                                                                                                  property trustedKeyGroups

                                                                                                  readonly trustedKeyGroups?: IKeyGroup[];
                                                                                                  • A list of Key Groups that CloudFront can use to validate signed URLs or signed cookies.

                                                                                                    - no KeyGroups are associated with cache behavior

                                                                                                    See Also

                                                                                                    • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                  property trustedSigners

                                                                                                  readonly trustedSigners?: string[];
                                                                                                  • Trusted signers is how CloudFront allows you to serve private content. The signers are the account IDs that are allowed to sign cookies/presigned URLs for this distribution.

                                                                                                    If you pass a non empty value, all requests for this behavior must be signed (no public access will be allowed)

                                                                                                    Deprecated

                                                                                                    - We recommend using trustedKeyGroups instead of trustedSigners.

                                                                                                  property viewerProtocolPolicy

                                                                                                  readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                                  • The viewer policy for this behavior.

                                                                                                    - the distribution wide viewer protocol policy will be used

                                                                                                  interface BehaviorOptions

                                                                                                  interface BehaviorOptions extends AddBehaviorOptions {}
                                                                                                  • Options for creating a new behavior.

                                                                                                  property origin

                                                                                                  readonly origin: IOrigin;
                                                                                                  • The origin that you want CloudFront to route requests to when they match this behavior.

                                                                                                  interface CachePolicyProps

                                                                                                  interface CachePolicyProps {}
                                                                                                  • Properties for creating a Cache Policy

                                                                                                  property cachePolicyName

                                                                                                  readonly cachePolicyName?: string;
                                                                                                  • A unique name to identify the cache policy. The name must only include '-', '_', or alphanumeric characters. - generated from the id

                                                                                                  property comment

                                                                                                  readonly comment?: string;
                                                                                                  • A comment to describe the cache policy. - no comment

                                                                                                  property cookieBehavior

                                                                                                  readonly cookieBehavior?: CacheCookieBehavior;
                                                                                                  • Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheCookieBehavior.none()

                                                                                                  property defaultTtl

                                                                                                  readonly defaultTtl?: Duration;
                                                                                                  • The default amount of time for objects to stay in the CloudFront cache. Only used when the origin does not send Cache-Control or Expires headers with the object. - The greater of 1 day and ``minTtl``

                                                                                                  property enableAcceptEncodingBrotli

                                                                                                  readonly enableAcceptEncodingBrotli?: boolean;
                                                                                                  • Whether to normalize and include the Accept-Encoding header in the cache key when the Accept-Encoding header is 'br'. false

                                                                                                  property enableAcceptEncodingGzip

                                                                                                  readonly enableAcceptEncodingGzip?: boolean;
                                                                                                  • Whether to normalize and include the Accept-Encoding header in the cache key when the Accept-Encoding header is 'gzip'. false

                                                                                                  property headerBehavior

                                                                                                  readonly headerBehavior?: CacheHeaderBehavior;
                                                                                                  • Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheHeaderBehavior.none()

                                                                                                  property maxTtl

                                                                                                  readonly maxTtl?: Duration;
                                                                                                  • The maximum amount of time for objects to stay in the CloudFront cache. CloudFront uses this value only when the origin sends Cache-Control or Expires headers with the object. - The greater of 1 year and ``defaultTtl``

                                                                                                  property minTtl

                                                                                                  readonly minTtl?: Duration;
                                                                                                  • The minimum amount of time for objects to stay in the CloudFront cache. Duration.seconds(0)

                                                                                                  property queryStringBehavior

                                                                                                  readonly queryStringBehavior?: CacheQueryStringBehavior;
                                                                                                  • Determines whether any query strings are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheQueryStringBehavior.none()

                                                                                                  interface CfnCachePolicyProps

                                                                                                  interface CfnCachePolicyProps {}
                                                                                                  • Properties for defining a CfnCachePolicy

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html

                                                                                                  property cachePolicyConfig

                                                                                                  readonly cachePolicyConfig:
                                                                                                  | CfnCachePolicy.CachePolicyConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • The cache policy configuration.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html#cfn-cloudfront-cachepolicy-cachepolicyconfig

                                                                                                  interface CfnCloudFrontOriginAccessIdentityProps

                                                                                                  interface CfnCloudFrontOriginAccessIdentityProps {}
                                                                                                  • Properties for defining a CfnCloudFrontOriginAccessIdentity

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html

                                                                                                  property cloudFrontOriginAccessIdentityConfig

                                                                                                  readonly cloudFrontOriginAccessIdentityConfig:
                                                                                                  | CfnCloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • The current configuration information for the identity.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html#cfn-cloudfront-cloudfrontoriginaccessidentity-cloudfrontoriginaccessidentityconfig

                                                                                                  interface CfnDistributionProps

                                                                                                  interface CfnDistributionProps {}
                                                                                                  • Properties for defining a CfnDistribution

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html

                                                                                                  property distributionConfig

                                                                                                  readonly distributionConfig:
                                                                                                  | CfnDistribution.DistributionConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • The current configuration information for the distribution. Send a GET request to the / *CloudFront API version* /distribution ID/config resource.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-distributionconfig

                                                                                                  property tags

                                                                                                  readonly tags?: cdk.CfnTag[];
                                                                                                  • A complex type that contains zero or more Tag elements.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-tags

                                                                                                  interface CfnFunctionProps

                                                                                                  interface CfnFunctionProps {}
                                                                                                  • Properties for defining a CfnFunction

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html

                                                                                                  property autoPublish

                                                                                                  readonly autoPublish?: boolean | cdk.IResolvable;
                                                                                                  • A flag that determines whether to automatically publish the function to the LIVE stage when it’s created. To automatically publish to the LIVE stage, set this property to true .

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-autopublish

                                                                                                  property functionCode

                                                                                                  readonly functionCode?: string;
                                                                                                  • The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functioncode

                                                                                                  property functionConfig

                                                                                                  readonly functionConfig?: CfnFunction.FunctionConfigProperty | cdk.IResolvable;
                                                                                                  • Contains configuration information about a CloudFront function.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionconfig

                                                                                                  property name

                                                                                                  readonly name: string;
                                                                                                  • A name to identify the function.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-name

                                                                                                  interface CfnKeyGroupProps

                                                                                                  interface CfnKeyGroupProps {}
                                                                                                  • Properties for defining a CfnKeyGroup

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html

                                                                                                  property keyGroupConfig

                                                                                                  readonly keyGroupConfig: CfnKeyGroup.KeyGroupConfigProperty | cdk.IResolvable;
                                                                                                  • The key group configuration.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig

                                                                                                  interface CfnMonitoringSubscriptionProps

                                                                                                  interface CfnMonitoringSubscriptionProps {}
                                                                                                  • Properties for defining a CfnMonitoringSubscription

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html

                                                                                                  property distributionId

                                                                                                  readonly distributionId: string;
                                                                                                  • AWS::CloudFront::MonitoringSubscription.DistributionId

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-distributionid

                                                                                                  property monitoringSubscription

                                                                                                  readonly monitoringSubscription:
                                                                                                  | CfnMonitoringSubscription.MonitoringSubscriptionProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • AWS::CloudFront::MonitoringSubscription.MonitoringSubscription

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-monitoringsubscription

                                                                                                  interface CfnOriginAccessControlProps

                                                                                                  interface CfnOriginAccessControlProps {}
                                                                                                  • Properties for defining a CfnOriginAccessControl

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html

                                                                                                  property originAccessControlConfig

                                                                                                  readonly originAccessControlConfig:
                                                                                                  | CfnOriginAccessControl.OriginAccessControlConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • AWS::CloudFront::OriginAccessControl.OriginAccessControlConfig

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html#cfn-cloudfront-originaccesscontrol-originaccesscontrolconfig

                                                                                                  interface CfnOriginRequestPolicyProps

                                                                                                  interface CfnOriginRequestPolicyProps {}
                                                                                                  • Properties for defining a CfnOriginRequestPolicy

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html

                                                                                                  property originRequestPolicyConfig

                                                                                                  readonly originRequestPolicyConfig:
                                                                                                  | CfnOriginRequestPolicy.OriginRequestPolicyConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • The origin request policy configuration.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html#cfn-cloudfront-originrequestpolicy-originrequestpolicyconfig

                                                                                                  interface CfnPublicKeyProps

                                                                                                  interface CfnPublicKeyProps {}
                                                                                                  • Properties for defining a CfnPublicKey

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html

                                                                                                  property publicKeyConfig

                                                                                                  readonly publicKeyConfig: CfnPublicKey.PublicKeyConfigProperty | cdk.IResolvable;
                                                                                                  • Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig

                                                                                                  interface CfnRealtimeLogConfigProps

                                                                                                  interface CfnRealtimeLogConfigProps {}
                                                                                                  • Properties for defining a CfnRealtimeLogConfig

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html

                                                                                                  property endPoints

                                                                                                  readonly endPoints:
                                                                                                  | Array<CfnRealtimeLogConfig.EndPointProperty | cdk.IResolvable>
                                                                                                  | cdk.IResolvable;
                                                                                                  • Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-endpoints

                                                                                                  property fields

                                                                                                  readonly fields: string[];
                                                                                                  • A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.

                                                                                                    For more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-fields

                                                                                                  property name

                                                                                                  readonly name: string;
                                                                                                  • The unique name of this real-time log configuration.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-name

                                                                                                  property samplingRate

                                                                                                  readonly samplingRate: number;
                                                                                                  • The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-samplingrate

                                                                                                  interface CfnResponseHeadersPolicyProps

                                                                                                  interface CfnResponseHeadersPolicyProps {}
                                                                                                  • Properties for defining a CfnResponseHeadersPolicy

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html

                                                                                                  property responseHeadersPolicyConfig

                                                                                                  readonly responseHeadersPolicyConfig:
                                                                                                  | CfnResponseHeadersPolicy.ResponseHeadersPolicyConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • A response headers policy configuration.

                                                                                                    A response headers policy contains information about a set of HTTP response headers and their values. CloudFront adds the headers in the policy to HTTP responses that it sends for requests that match a cache behavior that’s associated with the policy.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html#cfn-cloudfront-responseheaderspolicy-responseheaderspolicyconfig

                                                                                                  interface CfnStreamingDistributionProps

                                                                                                  interface CfnStreamingDistributionProps {}
                                                                                                  • Properties for defining a CfnStreamingDistribution

                                                                                                    external

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html

                                                                                                  property streamingDistributionConfig

                                                                                                  readonly streamingDistributionConfig:
                                                                                                  | CfnStreamingDistribution.StreamingDistributionConfigProperty
                                                                                                  | cdk.IResolvable;
                                                                                                  • The current configuration information for the RTMP distribution.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-streamingdistributionconfig

                                                                                                  property tags

                                                                                                  readonly tags: cdk.CfnTag[];
                                                                                                  • A complex type that contains zero or more Tag elements.

                                                                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-tags

                                                                                                  interface CloudFrontWebDistributionAttributes

                                                                                                  interface CloudFrontWebDistributionAttributes {}
                                                                                                  • Attributes used to import a Distribution.

                                                                                                  property distributionId

                                                                                                  readonly distributionId: string;
                                                                                                  • The distribution ID for this distribution.

                                                                                                  property domainName

                                                                                                  readonly domainName: string;
                                                                                                  • The generated domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                  interface CloudFrontWebDistributionProps

                                                                                                  interface CloudFrontWebDistributionProps {}

                                                                                                    property aliasConfiguration

                                                                                                    readonly aliasConfiguration?: AliasConfiguration;

                                                                                                    property comment

                                                                                                    readonly comment?: string;
                                                                                                    • A comment for this distribution in the CloudFront console.

                                                                                                      - No comment is added to distribution.

                                                                                                    property defaultRootObject

                                                                                                    readonly defaultRootObject?: string;
                                                                                                    • The default object to serve.

                                                                                                      - "index.html" is served.

                                                                                                    property enabled

                                                                                                    readonly enabled?: boolean;
                                                                                                    • Enable or disable the distribution.

                                                                                                      true

                                                                                                    property enableIpV6

                                                                                                    readonly enableIpV6?: boolean;
                                                                                                    • If your distribution should have IPv6 enabled.

                                                                                                      true

                                                                                                    property errorConfigurations

                                                                                                    readonly errorConfigurations?: CfnDistribution.CustomErrorResponseProperty[];
                                                                                                    • How CloudFront should handle requests that are not successful (eg PageNotFound)

                                                                                                      By default, CloudFront does not replace HTTP status codes in the 4xx and 5xx range with custom error messages. CloudFront does not cache HTTP status codes.

                                                                                                      - No custom error configuration.

                                                                                                    property geoRestriction

                                                                                                    readonly geoRestriction?: GeoRestriction;
                                                                                                    • Controls the countries in which your content is distributed.

                                                                                                      No geo restriction

                                                                                                    property httpVersion

                                                                                                    readonly httpVersion?: HttpVersion;
                                                                                                    • The max supported HTTP Versions.

                                                                                                      HttpVersion.HTTP2

                                                                                                    property loggingConfig

                                                                                                    readonly loggingConfig?: LoggingConfiguration;
                                                                                                    • Optional - if we should enable logging. You can pass an empty object ({}) to have us auto create a bucket for logging. Omission of this property indicates no logging is to be enabled.

                                                                                                      - no logging is enabled by default.

                                                                                                    property originConfigs

                                                                                                    readonly originConfigs: SourceConfiguration[];
                                                                                                    • The origin configurations for this distribution. Behaviors are a part of the origin.

                                                                                                    property priceClass

                                                                                                    readonly priceClass?: PriceClass;
                                                                                                    • The price class for the distribution (this impacts how many locations CloudFront uses for your distribution, and billing)

                                                                                                      PriceClass.PRICE_CLASS_100 the cheapest option for CloudFront is picked by default.

                                                                                                    property viewerCertificate

                                                                                                    readonly viewerCertificate?: ViewerCertificate;
                                                                                                    • Specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.

                                                                                                      ViewerCertificate.fromCloudFrontDefaultCertificate()

                                                                                                      See Also

                                                                                                      • https://aws.amazon.com/premiumsupport/knowledge-center/custom-ssl-certificate-cloudfront/

                                                                                                    property viewerProtocolPolicy

                                                                                                    readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                                    • The default viewer policy for incoming clients.

                                                                                                      RedirectToHTTPs

                                                                                                    property webACLId

                                                                                                    readonly webACLId?: string;
                                                                                                    • Unique identifier that specifies the AWS WAF web ACL to associate with this CloudFront distribution.

                                                                                                      To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                                      To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                                      See Also

                                                                                                      • https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

                                                                                                      • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html#API_CreateDistribution_RequestParameters.

                                                                                                        - No AWS Web Application Firewall web access control list (web ACL).

                                                                                                    interface CustomOriginConfig

                                                                                                    interface CustomOriginConfig {}
                                                                                                    • A custom origin configuration

                                                                                                    property allowedOriginSSLVersions

                                                                                                    readonly allowedOriginSSLVersions?: OriginSslPolicy[];
                                                                                                    • The SSL versions to use when interacting with the origin.

                                                                                                      OriginSslPolicy.TLS_V1_2

                                                                                                    property domainName

                                                                                                    readonly domainName: string;
                                                                                                    • The domain name of the custom origin. Should not include the path - that should be in the parent SourceConfiguration

                                                                                                    property httpPort

                                                                                                    readonly httpPort?: number;
                                                                                                    • The origin HTTP port

                                                                                                      80

                                                                                                    property httpsPort

                                                                                                    readonly httpsPort?: number;
                                                                                                    • The origin HTTPS port

                                                                                                      443

                                                                                                    property originHeaders

                                                                                                    readonly originHeaders?: {
                                                                                                    [key: string]: string;
                                                                                                    };
                                                                                                    • Any additional headers to pass to the origin

                                                                                                      - No additional headers are passed.

                                                                                                    property originKeepaliveTimeout

                                                                                                    readonly originKeepaliveTimeout?: cdk.Duration;
                                                                                                    • The keep alive timeout when making calls in seconds.

                                                                                                      Duration.seconds(5)

                                                                                                    property originPath

                                                                                                    readonly originPath?: string;
                                                                                                    • The relative path to the origin root to use for sources.

                                                                                                      /

                                                                                                    property originProtocolPolicy

                                                                                                    readonly originProtocolPolicy?: OriginProtocolPolicy;
                                                                                                    • The protocol (http or https) policy to use when interacting with the origin.

                                                                                                      OriginProtocolPolicy.HttpsOnly

                                                                                                    property originReadTimeout

                                                                                                    readonly originReadTimeout?: cdk.Duration;
                                                                                                    • The read timeout when calling the origin in seconds

                                                                                                      Duration.seconds(30)

                                                                                                    property originShieldRegion

                                                                                                    readonly originShieldRegion?: string;
                                                                                                    • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                      - origin shield not enabled

                                                                                                    interface DistributionAttributes

                                                                                                    interface DistributionAttributes {}
                                                                                                    • Attributes used to import a Distribution.

                                                                                                    property distributionId

                                                                                                    readonly distributionId: string;
                                                                                                    • The distribution ID for this distribution.

                                                                                                    property domainName

                                                                                                    readonly domainName: string;
                                                                                                    • The generated domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                    interface DistributionProps

                                                                                                    interface DistributionProps {}
                                                                                                    • Properties for a Distribution

                                                                                                    property additionalBehaviors

                                                                                                    readonly additionalBehaviors?: Record<string, BehaviorOptions>;
                                                                                                    • Additional behaviors for the distribution, mapped by the pathPattern that specifies which requests to apply the behavior to.

                                                                                                      - no additional behaviors are added.

                                                                                                    property certificate

                                                                                                    readonly certificate?: acm.ICertificate;
                                                                                                    • A certificate to associate with the distribution. The certificate must be located in N. Virginia (us-east-1).

                                                                                                      - the CloudFront wildcard certificate (*.cloudfront.net) will be used.

                                                                                                    property comment

                                                                                                    readonly comment?: string;
                                                                                                    • Any comments you want to include about the distribution.

                                                                                                      - no comment

                                                                                                    property defaultBehavior

                                                                                                    readonly defaultBehavior: BehaviorOptions;
                                                                                                    • The default behavior for the distribution.

                                                                                                    property defaultRootObject

                                                                                                    readonly defaultRootObject?: string;
                                                                                                    • The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution. If no default object is set, the request goes to the origin's root (e.g., example.com/).

                                                                                                      - no default root object

                                                                                                    property domainNames

                                                                                                    readonly domainNames?: string[];
                                                                                                    • Alternative domain names for this distribution.

                                                                                                      If you want to use your own domain name, such as www.example.com, instead of the cloudfront.net domain name, you can add an alternate domain name to your distribution. If you attach a certificate to the distribution, you must add (at least one of) the domain names of the certificate to this list.

                                                                                                      - The distribution will only support the default generated name (e.g., d111111abcdef8.cloudfront.net)

                                                                                                    property enabled

                                                                                                    readonly enabled?: boolean;
                                                                                                    • Enable or disable the distribution.

                                                                                                      true

                                                                                                    property enableIpv6

                                                                                                    readonly enableIpv6?: boolean;
                                                                                                    • Whether CloudFront will respond to IPv6 DNS requests with an IPv6 address.

                                                                                                      If you specify false, CloudFront responds to IPv6 DNS requests with the DNS response code NOERROR and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.

                                                                                                      true

                                                                                                    property enableLogging

                                                                                                    readonly enableLogging?: boolean;
                                                                                                    • Enable access logging for the distribution.

                                                                                                      - false, unless logBucket is specified.

                                                                                                    property errorResponses

                                                                                                    readonly errorResponses?: ErrorResponse[];
                                                                                                    • How CloudFront should handle requests that are not successful (e.g., PageNotFound).

                                                                                                      - No custom error responses.

                                                                                                    property geoRestriction

                                                                                                    readonly geoRestriction?: GeoRestriction;
                                                                                                    • Controls the countries in which your content is distributed.

                                                                                                      - No geographic restrictions

                                                                                                    property httpVersion

                                                                                                    readonly httpVersion?: HttpVersion;
                                                                                                    • Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront.

                                                                                                      For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must support server name identification (SNI).

                                                                                                      HttpVersion.HTTP2

                                                                                                    property logBucket

                                                                                                    readonly logBucket?: s3.IBucket;
                                                                                                    • The Amazon S3 bucket to store the access logs in.

                                                                                                      - A bucket is created if enableLogging is true

                                                                                                    property logFilePrefix

                                                                                                    readonly logFilePrefix?: string;
                                                                                                    • An optional string that you want CloudFront to prefix to the access log filenames for this distribution.

                                                                                                      - no prefix

                                                                                                    property logIncludesCookies

                                                                                                    readonly logIncludesCookies?: boolean;
                                                                                                    • Specifies whether you want CloudFront to include cookies in access logs

                                                                                                      false

                                                                                                    property minimumProtocolVersion

                                                                                                    readonly minimumProtocolVersion?: SecurityPolicyProtocol;
                                                                                                    • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                                      CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                                      - SecurityPolicyProtocol.TLS_V1_2_2021 if the '@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021' feature flag is set; otherwise, SecurityPolicyProtocol.TLS_V1_2_2019.

                                                                                                    property priceClass

                                                                                                    readonly priceClass?: PriceClass;
                                                                                                    • The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify PriceClass_All, CloudFront responds to requests for your objects from all CloudFront edge locations. If you specify a price class other than PriceClass_All, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class.

                                                                                                      PriceClass.PRICE_CLASS_ALL

                                                                                                    property sslSupportMethod

                                                                                                    readonly sslSupportMethod?: SSLMethod;
                                                                                                    • The SSL method CloudFront will use for your distribution.

                                                                                                      Server Name Indication (SNI) - is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate.

                                                                                                      CloudFront can use SNI to host multiple distributions on the same IP - which a large majority of clients will support.

                                                                                                      If your clients cannot support SNI however - CloudFront can use dedicated IPs for your distribution - but there is a prorated monthly charge for using this feature. By default, we use SNI - but you can optionally enable dedicated IPs (VIP).

                                                                                                      See the CloudFront SSL for more details about pricing : https://aws.amazon.com/cloudfront/custom-ssl-domains/

                                                                                                      SSLMethod.SNI

                                                                                                    property webAclId

                                                                                                    readonly webAclId?: string;
                                                                                                    • Unique identifier that specifies the AWS WAF web ACL to associate with this CloudFront distribution.

                                                                                                      To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                                      See Also

                                                                                                      • https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

                                                                                                      • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html#API_CreateDistribution_RequestParameters.

                                                                                                        - No AWS Web Application Firewall web access control list (web ACL).

                                                                                                    interface EdgeLambda

                                                                                                    interface EdgeLambda {}

                                                                                                    property eventType

                                                                                                    readonly eventType: LambdaEdgeEventType;
                                                                                                    • The type of event in response to which should the function be invoked.

                                                                                                    property functionVersion

                                                                                                    readonly functionVersion: lambda.IVersion;
                                                                                                    • The version of the Lambda function that will be invoked.

                                                                                                      **Note**: it's not possible to use the '$LATEST' function version for Lambda@Edge!

                                                                                                    property includeBody

                                                                                                    readonly includeBody?: boolean;
                                                                                                    • Allows a Lambda function to have read access to the body content. Only valid for "request" event types (ORIGIN_REQUEST or VIEWER_REQUEST). See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html

                                                                                                      false

                                                                                                    interface ErrorResponse

                                                                                                    interface ErrorResponse {}
                                                                                                    • Options for configuring custom error responses.

                                                                                                    property httpStatus

                                                                                                    readonly httpStatus: number;
                                                                                                    • The HTTP status code for which you want to specify a custom error page and/or a caching duration.

                                                                                                    property responseHttpStatus

                                                                                                    readonly responseHttpStatus?: number;
                                                                                                    • The HTTP status code that you want CloudFront to return to the viewer along with the custom error page.

                                                                                                      If you specify a value for responseHttpStatus, you must also specify a value for responsePagePath.

                                                                                                      - the error code will be returned as the response code.

                                                                                                    property responsePagePath

                                                                                                    readonly responsePagePath?: string;
                                                                                                    • The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the httpStatus, for example, /4xx-errors/403-forbidden.html

                                                                                                      - the default CloudFront response is shown.

                                                                                                    property ttl

                                                                                                    readonly ttl?: Duration;
                                                                                                    • The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ErrorCode.

                                                                                                      - the default caching TTL behavior applies

                                                                                                    interface FileCodeOptions

                                                                                                    interface FileCodeOptions {}
                                                                                                    • Options when reading the function's code from an external file

                                                                                                    property filePath

                                                                                                    readonly filePath: string;
                                                                                                    • The path of the file to read the code from

                                                                                                    interface FunctionAssociation

                                                                                                    interface FunctionAssociation {}

                                                                                                    property eventType

                                                                                                    readonly eventType: FunctionEventType;
                                                                                                    • The type of event which should invoke the function.

                                                                                                    property function

                                                                                                    readonly function: IFunction;
                                                                                                    • The CloudFront function that will be invoked.

                                                                                                    interface FunctionAttributes

                                                                                                    interface FunctionAttributes {}
                                                                                                    • Attributes of an existing CloudFront Function to import it

                                                                                                    property functionArn

                                                                                                    readonly functionArn: string;
                                                                                                    • The ARN of the function.

                                                                                                    property functionName

                                                                                                    readonly functionName: string;
                                                                                                    • The name of the function.

                                                                                                    interface FunctionProps

                                                                                                    interface FunctionProps {}
                                                                                                    • Properties for creating a CloudFront Function

                                                                                                    property code

                                                                                                    readonly code: FunctionCode;
                                                                                                    • The source code of the function.

                                                                                                    property comment

                                                                                                    readonly comment?: string;
                                                                                                    • A comment to describe the function. - same as functionName

                                                                                                    property functionName

                                                                                                    readonly functionName?: string;
                                                                                                    • A name to identify the function. - generated from the id

                                                                                                    interface ICachePolicy

                                                                                                    interface ICachePolicy {}
                                                                                                    • Represents a Cache Policy

                                                                                                    property cachePolicyId

                                                                                                    readonly cachePolicyId: string;
                                                                                                    • The ID of the cache policy

                                                                                                    interface IDistribution

                                                                                                    interface IDistribution extends IResource {}
                                                                                                    • Interface for CloudFront distributions

                                                                                                    property distributionDomainName

                                                                                                    readonly distributionDomainName: string;
                                                                                                    • The domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                    property distributionId

                                                                                                    readonly distributionId: string;
                                                                                                    • The distribution ID for this distribution.

                                                                                                    property domainName

                                                                                                    readonly domainName: string;
                                                                                                    • The domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                      Deprecated

                                                                                                      - Use distributionDomainName instead.

                                                                                                    interface IFunction

                                                                                                    interface IFunction extends IResource {}
                                                                                                    • Represents a CloudFront Function

                                                                                                    property functionArn

                                                                                                    readonly functionArn: string;
                                                                                                    • The ARN of the function.

                                                                                                    property functionName

                                                                                                    readonly functionName: string;
                                                                                                    • The name of the function.

                                                                                                    interface IKeyGroup

                                                                                                    interface IKeyGroup extends IResource {}
                                                                                                    • Represents a Key Group

                                                                                                    property keyGroupId

                                                                                                    readonly keyGroupId: string;
                                                                                                    • The ID of the key group.

                                                                                                    interface IOrigin

                                                                                                    interface IOrigin {}
                                                                                                    • Represents the concept of a CloudFront Origin. You provide one or more origins when creating a Distribution.

                                                                                                    method bind

                                                                                                    bind: (scope: Construct, options: OriginBindOptions) => OriginBindConfig;
                                                                                                    • The method called when a given Origin is added (for the first time) to a Distribution.

                                                                                                    interface IOriginAccessIdentity

                                                                                                    interface IOriginAccessIdentity extends cdk.IResource, iam.IGrantable {}
                                                                                                    • Interface for CloudFront OriginAccessIdentity

                                                                                                    property originAccessIdentityName

                                                                                                    readonly originAccessIdentityName: string;
                                                                                                    • The Origin Access Identity Name

                                                                                                    interface IOriginRequestPolicy

                                                                                                    interface IOriginRequestPolicy {}
                                                                                                    • Represents a Origin Request Policy

                                                                                                    property originRequestPolicyId

                                                                                                    readonly originRequestPolicyId: string;
                                                                                                    • The ID of the origin request policy

                                                                                                    interface IPublicKey

                                                                                                    interface IPublicKey extends IResource {}
                                                                                                    • Represents a Public Key

                                                                                                    property publicKeyId

                                                                                                    readonly publicKeyId: string;
                                                                                                    • The ID of the key group.

                                                                                                    interface IResponseHeadersPolicy

                                                                                                    interface IResponseHeadersPolicy {}
                                                                                                    • Represents a response headers policy.

                                                                                                    property responseHeadersPolicyId

                                                                                                    readonly responseHeadersPolicyId: string;
                                                                                                    • The ID of the response headers policy

                                                                                                    interface KeyGroupProps

                                                                                                    interface KeyGroupProps {}
                                                                                                    • Properties for creating a Public Key

                                                                                                    property comment

                                                                                                    readonly comment?: string;
                                                                                                    • A comment to describe the key group. - no comment

                                                                                                    property items

                                                                                                    readonly items: IPublicKey[];
                                                                                                    • A list of public keys to add to the key group.

                                                                                                    property keyGroupName

                                                                                                    readonly keyGroupName?: string;
                                                                                                    • A name to identify the key group. - generated from the id

                                                                                                    interface LambdaFunctionAssociation

                                                                                                    interface LambdaFunctionAssociation {}

                                                                                                      property eventType

                                                                                                      readonly eventType: LambdaEdgeEventType;
                                                                                                      • The lambda event type defines at which event the lambda is called during the request lifecycle

                                                                                                      property includeBody

                                                                                                      readonly includeBody?: boolean;
                                                                                                      • Allows a Lambda function to have read access to the body content. Only valid for "request" event types (ORIGIN_REQUEST or VIEWER_REQUEST). See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html

                                                                                                        false

                                                                                                      property lambdaFunction

                                                                                                      readonly lambdaFunction: lambda.IVersion;
                                                                                                      • A version of the lambda to associate

                                                                                                      interface LoggingConfiguration

                                                                                                      interface LoggingConfiguration {}
                                                                                                      • Logging configuration for incoming requests

                                                                                                      property bucket

                                                                                                      readonly bucket?: s3.IBucket;
                                                                                                      • Bucket to log requests to

                                                                                                        - A logging bucket is automatically created.

                                                                                                      property includeCookies

                                                                                                      readonly includeCookies?: boolean;
                                                                                                      • Whether to include the cookies in the logs

                                                                                                        false

                                                                                                      property prefix

                                                                                                      readonly prefix?: string;
                                                                                                      • Where in the bucket to store logs

                                                                                                        - No prefix.

                                                                                                      interface OriginAccessIdentityProps

                                                                                                      interface OriginAccessIdentityProps {}
                                                                                                      • Properties of CloudFront OriginAccessIdentity

                                                                                                      property comment

                                                                                                      readonly comment?: string;
                                                                                                      • Any comments you want to include about the origin access identity.

                                                                                                        "Allows CloudFront to reach the bucket"

                                                                                                      interface OriginBindConfig

                                                                                                      interface OriginBindConfig {}

                                                                                                      property failoverConfig

                                                                                                      readonly failoverConfig?: OriginFailoverConfig;
                                                                                                      • The failover configuration for this Origin.

                                                                                                        - nothing is returned

                                                                                                      property originProperty

                                                                                                      readonly originProperty?: CfnDistribution.OriginProperty;
                                                                                                      • The CloudFormation OriginProperty configuration for this Origin.

                                                                                                        - nothing is returned

                                                                                                      interface OriginBindOptions

                                                                                                      interface OriginBindOptions {}
                                                                                                      • Options passed to Origin.bind().

                                                                                                      property originId

                                                                                                      readonly originId: string;
                                                                                                      • The identifier of this Origin, as assigned by the Distribution this Origin has been used added to.

                                                                                                      interface OriginFailoverConfig

                                                                                                      interface OriginFailoverConfig {}

                                                                                                      property failoverOrigin

                                                                                                      readonly failoverOrigin: IOrigin;
                                                                                                      • The origin to use as the fallback origin.

                                                                                                      property statusCodes

                                                                                                      readonly statusCodes?: number[];
                                                                                                      • The HTTP status codes of the response that trigger querying the failover Origin.

                                                                                                        - 500, 502, 503 and 504

                                                                                                      interface OriginOptions

                                                                                                      interface OriginOptions {}
                                                                                                      • Options to define an Origin.

                                                                                                      property connectionAttempts

                                                                                                      readonly connectionAttempts?: number;
                                                                                                      • The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts.

                                                                                                        3

                                                                                                      property connectionTimeout

                                                                                                      readonly connectionTimeout?: Duration;
                                                                                                      • The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive.

                                                                                                        Duration.seconds(10)

                                                                                                      property customHeaders

                                                                                                      readonly customHeaders?: Record<string, string>;
                                                                                                      • A list of HTTP header names and values that CloudFront adds to requests it sends to the origin.

                                                                                                        {}

                                                                                                      property originShieldRegion

                                                                                                      readonly originShieldRegion?: string;
                                                                                                      • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html

                                                                                                          - origin shield not enabled

                                                                                                      interface OriginProps

                                                                                                      interface OriginProps extends OriginOptions {}
                                                                                                      • Properties to define an Origin.

                                                                                                      property originPath

                                                                                                      readonly originPath?: string;
                                                                                                      • An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with '/' (e.g., '/production/images').

                                                                                                        '/'

                                                                                                      interface OriginRequestPolicyProps

                                                                                                      interface OriginRequestPolicyProps {}
                                                                                                      • Properties for creating a Origin Request Policy

                                                                                                      property comment

                                                                                                      readonly comment?: string;
                                                                                                      • A comment to describe the origin request policy. - no comment

                                                                                                      property cookieBehavior

                                                                                                      readonly cookieBehavior?: OriginRequestCookieBehavior;
                                                                                                      • The cookies from viewer requests to include in origin requests. OriginRequestCookieBehavior.none()

                                                                                                      property headerBehavior

                                                                                                      readonly headerBehavior?: OriginRequestHeaderBehavior;
                                                                                                      • The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront. OriginRequestHeaderBehavior.none()

                                                                                                      property originRequestPolicyName

                                                                                                      readonly originRequestPolicyName?: string;
                                                                                                      • A unique name to identify the origin request policy. The name must only include '-', '_', or alphanumeric characters. - generated from the id

                                                                                                      property queryStringBehavior

                                                                                                      readonly queryStringBehavior?: OriginRequestQueryStringBehavior;
                                                                                                      • The URL query strings from viewer requests to include in origin requests. OriginRequestQueryStringBehavior.none()

                                                                                                      interface PublicKeyProps

                                                                                                      interface PublicKeyProps {}
                                                                                                      • Properties for creating a Public Key

                                                                                                      property comment

                                                                                                      readonly comment?: string;
                                                                                                      • A comment to describe the public key. - no comment

                                                                                                      property encodedKey

                                                                                                      readonly encodedKey: string;
                                                                                                      • The public key that you can use with signed URLs and signed cookies, or with field-level encryption. The encodedKey parameter must include -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- lines.

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html

                                                                                                      property publicKeyName

                                                                                                      readonly publicKeyName?: string;
                                                                                                      • A name to identify the public key. - generated from the id

                                                                                                      interface ResponseCustomHeader

                                                                                                      interface ResponseCustomHeader {}
                                                                                                      • An HTTP response header name and its value. CloudFront includes this header in HTTP responses that it sends for requests that match a cache behavior that’s associated with this response headers policy.

                                                                                                      property header

                                                                                                      readonly header: string;
                                                                                                      • The HTTP response header name.

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.

                                                                                                      property value

                                                                                                      readonly value: string;
                                                                                                      • The value for the HTTP response header.

                                                                                                      interface ResponseCustomHeadersBehavior

                                                                                                      interface ResponseCustomHeadersBehavior {}
                                                                                                      • Configuration for a set of HTTP response headers that are sent for requests that match a cache behavior that’s associated with this response headers policy.

                                                                                                      property customHeaders

                                                                                                      readonly customHeaders: ResponseCustomHeader[];
                                                                                                      • The list of HTTP response headers and their values.

                                                                                                      interface ResponseHeadersContentSecurityPolicy

                                                                                                      interface ResponseHeadersContentSecurityPolicy {}
                                                                                                      • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                      property contentSecurityPolicy

                                                                                                      readonly contentSecurityPolicy: string;
                                                                                                      • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                      interface ResponseHeadersContentTypeOptions

                                                                                                      interface ResponseHeadersContentTypeOptions {}
                                                                                                      • Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                      interface ResponseHeadersCorsBehavior

                                                                                                      interface ResponseHeadersCorsBehavior {}
                                                                                                      • Configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.

                                                                                                      property accessControlAllowCredentials

                                                                                                      readonly accessControlAllowCredentials: boolean;
                                                                                                      • A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

                                                                                                      property accessControlAllowHeaders

                                                                                                      readonly accessControlAllowHeaders: string[];
                                                                                                      • A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. You can specify ['*'] to allow all headers.

                                                                                                      property accessControlAllowMethods

                                                                                                      readonly accessControlAllowMethods: string[];
                                                                                                      • A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

                                                                                                      property accessControlAllowOrigins

                                                                                                      readonly accessControlAllowOrigins: string[];
                                                                                                      • A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. You can specify ['*'] to allow all origins.

                                                                                                      property accessControlExposeHeaders

                                                                                                      readonly accessControlExposeHeaders?: string[];
                                                                                                      • A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. You can specify ['*'] to expose all headers.

                                                                                                        - no headers exposed

                                                                                                      property accessControlMaxAge

                                                                                                      readonly accessControlMaxAge?: Duration;
                                                                                                      • A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

                                                                                                        - no max age

                                                                                                      property originOverride

                                                                                                      readonly originOverride: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.

                                                                                                      interface ResponseHeadersFrameOptions

                                                                                                      interface ResponseHeadersFrameOptions {}
                                                                                                      • Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.

                                                                                                      property frameOption

                                                                                                      readonly frameOption: HeadersFrameOption;
                                                                                                      • The value of the X-Frame-Options HTTP response header.

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                      interface ResponseHeadersPolicyProps

                                                                                                      interface ResponseHeadersPolicyProps {}
                                                                                                      • Properties for creating a Response Headers Policy

                                                                                                      property comment

                                                                                                      readonly comment?: string;
                                                                                                      • A comment to describe the response headers policy.

                                                                                                        - no comment

                                                                                                      property corsBehavior

                                                                                                      readonly corsBehavior?: ResponseHeadersCorsBehavior;
                                                                                                      • A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).

                                                                                                        - no cors behavior

                                                                                                      property customHeadersBehavior

                                                                                                      readonly customHeadersBehavior?: ResponseCustomHeadersBehavior;
                                                                                                      • A configuration for a set of custom HTTP response headers.

                                                                                                        - no custom headers behavior

                                                                                                      property responseHeadersPolicyName

                                                                                                      readonly responseHeadersPolicyName?: string;
                                                                                                      • A unique name to identify the response headers policy.

                                                                                                        - generated from the id

                                                                                                      property securityHeadersBehavior

                                                                                                      readonly securityHeadersBehavior?: ResponseSecurityHeadersBehavior;
                                                                                                      • A configuration for a set of security-related HTTP response headers.

                                                                                                        - no security headers behavior

                                                                                                      interface ResponseHeadersReferrerPolicy

                                                                                                      interface ResponseHeadersReferrerPolicy {}
                                                                                                      • Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                      property referrerPolicy

                                                                                                      readonly referrerPolicy: HeadersReferrerPolicy;
                                                                                                      • The value of the Referrer-Policy HTTP response header.

                                                                                                      interface ResponseHeadersStrictTransportSecurity

                                                                                                      interface ResponseHeadersStrictTransportSecurity {}
                                                                                                      • Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.

                                                                                                      property accessControlMaxAge

                                                                                                      readonly accessControlMaxAge: Duration;
                                                                                                      • A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

                                                                                                      property includeSubdomains

                                                                                                      readonly includeSubdomains?: boolean;
                                                                                                      • A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

                                                                                                        false

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                      property preload

                                                                                                      readonly preload?: boolean;
                                                                                                      • A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

                                                                                                        false

                                                                                                      interface ResponseHeadersXSSProtection

                                                                                                      interface ResponseHeadersXSSProtection {}
                                                                                                      • Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.

                                                                                                      property modeBlock

                                                                                                      readonly modeBlock?: boolean;
                                                                                                      • A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

                                                                                                        false

                                                                                                      property override

                                                                                                      readonly override: boolean;
                                                                                                      • A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                      property protection

                                                                                                      readonly protection: boolean;
                                                                                                      • A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

                                                                                                      property reportUri

                                                                                                      readonly reportUri?: string;
                                                                                                      • A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a ReportUri when ModeBlock is true.

                                                                                                        - no report uri

                                                                                                      interface ResponseSecurityHeadersBehavior

                                                                                                      interface ResponseSecurityHeadersBehavior {}
                                                                                                      • Configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.

                                                                                                      property contentSecurityPolicy

                                                                                                      readonly contentSecurityPolicy?: ResponseHeadersContentSecurityPolicy;
                                                                                                      • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                        - no content security policy

                                                                                                      property contentTypeOptions

                                                                                                      readonly contentTypeOptions?: ResponseHeadersContentTypeOptions;
                                                                                                      • Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

                                                                                                        - no content type options

                                                                                                      property frameOptions

                                                                                                      readonly frameOptions?: ResponseHeadersFrameOptions;
                                                                                                      • Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.

                                                                                                        - no frame options

                                                                                                      property referrerPolicy

                                                                                                      readonly referrerPolicy?: ResponseHeadersReferrerPolicy;
                                                                                                      • Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.

                                                                                                        - no referrer policy

                                                                                                      property strictTransportSecurity

                                                                                                      readonly strictTransportSecurity?: ResponseHeadersStrictTransportSecurity;
                                                                                                      • Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.

                                                                                                        - no strict transport security

                                                                                                      property xssProtection

                                                                                                      readonly xssProtection?: ResponseHeadersXSSProtection;
                                                                                                      • Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.

                                                                                                        - no xss protection

                                                                                                      interface S3OriginConfig

                                                                                                      interface S3OriginConfig {}
                                                                                                      • S3 origin configuration for CloudFront

                                                                                                      property originAccessIdentity

                                                                                                      readonly originAccessIdentity?: IOriginAccessIdentity;
                                                                                                      • The optional Origin Access Identity of the origin identity cloudfront will use when calling your s3 bucket.

                                                                                                        No Origin Access Identity which requires the S3 bucket to be public accessible

                                                                                                      property originHeaders

                                                                                                      readonly originHeaders?: {
                                                                                                      [key: string]: string;
                                                                                                      };
                                                                                                      • Any additional headers to pass to the origin

                                                                                                        - No additional headers are passed.

                                                                                                      property originPath

                                                                                                      readonly originPath?: string;
                                                                                                      • The relative path to the origin root to use for sources.

                                                                                                        /

                                                                                                      property originShieldRegion

                                                                                                      readonly originShieldRegion?: string;
                                                                                                      • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                        - origin shield not enabled

                                                                                                      property s3BucketSource

                                                                                                      readonly s3BucketSource: s3.IBucket;
                                                                                                      • The source bucket to serve content from

                                                                                                      interface SourceConfiguration

                                                                                                      interface SourceConfiguration {}
                                                                                                      • A source configuration is a wrapper for CloudFront origins and behaviors. An origin is what CloudFront will "be in front of" - that is, CloudFront will pull it's assets from an origin.

                                                                                                        If you're using s3 as a source - pass the s3Origin property, otherwise, pass the customOriginSource property.

                                                                                                        One or the other must be passed, and it is invalid to pass both in the same SourceConfiguration.

                                                                                                      property behaviors

                                                                                                      readonly behaviors: Behavior[];
                                                                                                      • The behaviors associated with this source. At least one (default) behavior must be included.

                                                                                                      property connectionAttempts

                                                                                                      readonly connectionAttempts?: number;
                                                                                                      • The number of times that CloudFront attempts to connect to the origin. You can specify 1, 2, or 3 as the number of attempts.

                                                                                                        3

                                                                                                      property connectionTimeout

                                                                                                      readonly connectionTimeout?: cdk.Duration;
                                                                                                      • The number of seconds that CloudFront waits when trying to establish a connection to the origin. You can specify a number of seconds between 1 and 10 (inclusive).

                                                                                                        cdk.Duration.seconds(10)

                                                                                                      property customOriginSource

                                                                                                      readonly customOriginSource?: CustomOriginConfig;
                                                                                                      • A custom origin source - for all non-s3 sources.

                                                                                                      property failoverCriteriaStatusCodes

                                                                                                      readonly failoverCriteriaStatusCodes?: FailoverStatusCode[];
                                                                                                      • HTTP status code to failover to second origin

                                                                                                        [500, 502, 503, 504]

                                                                                                      property failoverCustomOriginSource

                                                                                                      readonly failoverCustomOriginSource?: CustomOriginConfig;
                                                                                                      • A custom origin source for failover in case the s3OriginSource returns invalid status code

                                                                                                        - no failover configuration

                                                                                                      property failoverS3OriginSource

                                                                                                      readonly failoverS3OriginSource?: S3OriginConfig;
                                                                                                      • An s3 origin source for failover in case the s3OriginSource returns invalid status code

                                                                                                        - no failover configuration

                                                                                                      property originHeaders

                                                                                                      readonly originHeaders?: {
                                                                                                      [key: string]: string;
                                                                                                      };
                                                                                                      • Any additional headers to pass to the origin

                                                                                                        - No additional headers are passed.

                                                                                                        Deprecated

                                                                                                        Use originHeaders on s3OriginSource or customOriginSource

                                                                                                      property originPath

                                                                                                      readonly originPath?: string;
                                                                                                      • The relative path to the origin root to use for sources.

                                                                                                        /

                                                                                                        Deprecated

                                                                                                        Use originPath on s3OriginSource or customOriginSource

                                                                                                      property originShieldRegion

                                                                                                      readonly originShieldRegion?: string;
                                                                                                      • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html

                                                                                                          - origin shield not enabled

                                                                                                      property s3OriginSource

                                                                                                      readonly s3OriginSource?: S3OriginConfig;
                                                                                                      • An s3 origin source - if you're using s3 for your assets

                                                                                                      interface ViewerCertificateOptions

                                                                                                      interface ViewerCertificateOptions {}

                                                                                                        property aliases

                                                                                                        readonly aliases?: string[];
                                                                                                        • Domain names on the certificate (both main domain name and Subject Alternative names)

                                                                                                        property securityPolicy

                                                                                                        readonly securityPolicy?: SecurityPolicyProtocol;
                                                                                                        • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                                          CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                                          - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

                                                                                                        property sslMethod

                                                                                                        readonly sslMethod?: SSLMethod;
                                                                                                        • How CloudFront should serve HTTPS requests.

                                                                                                          See the notes on SSLMethod if you wish to use other SSL termination types.

                                                                                                          SSLMethod.SNI

                                                                                                          See Also

                                                                                                          • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html

                                                                                                        Enums

                                                                                                        enum CloudFrontAllowedCachedMethods

                                                                                                        enum CloudFrontAllowedCachedMethods {
                                                                                                        GET_HEAD = 'GH',
                                                                                                        GET_HEAD_OPTIONS = 'GHO',
                                                                                                        }
                                                                                                        • Enums for the methods CloudFront can cache.