@aws-cdk/aws-cloudfront

  • Version 1.157.0
  • Published
  • 4.3 MB
  • 11 dependencies
  • Apache-2.0 license

Install

npm i @aws-cdk/aws-cloudfront
yarn add @aws-cdk/aws-cloudfront
pnpm add @aws-cdk/aws-cloudfront

Overview

The CDK Construct Library for AWS::CloudFront

Index

Classes

Interfaces

Enums

Namespaces

Classes

class AllowedMethods

class AllowedMethods {}
  • The HTTP methods that the Behavior will accept requests on.

property ALLOW_ALL

static readonly ALLOW_ALL: AllowedMethods;
  • All supported HTTP methods

property ALLOW_GET_HEAD

static readonly ALLOW_GET_HEAD: AllowedMethods;
  • HEAD and GET

property ALLOW_GET_HEAD_OPTIONS

static readonly ALLOW_GET_HEAD_OPTIONS: AllowedMethods;
  • HEAD, GET, and OPTIONS

property methods

readonly methods: string[];
  • HTTP methods supported

class CacheCookieBehavior

class CacheCookieBehavior {}
  • Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin.

property behavior

readonly behavior: string;
  • The behavior of cookies: allow all, none, an allow list, or a deny list.

property cookies

readonly cookies?: string[];
  • The cookies to allow or deny, if the behavior is an allow or deny list.

method all

static all: () => CacheCookieBehavior;
  • All cookies in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

method allowList

static allowList: (...cookies: string[]) => CacheCookieBehavior;
  • Only the provided cookies are included in the cache key and automatically included in requests that CloudFront sends to the origin.

method denyList

static denyList: (...cookies: string[]) => CacheCookieBehavior;
  • All cookies except the provided cookies are included in the cache key and automatically included in requests that CloudFront sends to the origin.

method none

static none: () => CacheCookieBehavior;
  • Cookies in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

class CachedMethods

class CachedMethods {}
  • The HTTP methods that the Behavior will cache requests on.

property CACHE_GET_HEAD

static readonly CACHE_GET_HEAD: CachedMethods;
  • HEAD and GET

property CACHE_GET_HEAD_OPTIONS

static readonly CACHE_GET_HEAD_OPTIONS: CachedMethods;
  • HEAD, GET, and OPTIONS

property methods

readonly methods: string[];
  • HTTP methods supported

class CacheHeaderBehavior

class CacheHeaderBehavior {}
  • Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin.

property behavior

readonly behavior: string;
  • If no headers will be passed, or an allow list of headers.

property headers

readonly headers?: string[];
  • The headers for the allow/deny list, if applicable.

method allowList

static allowList: (...headers: string[]) => CacheHeaderBehavior;
  • Listed headers are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

method none

static none: () => CacheHeaderBehavior;
  • HTTP headers are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

class CachePolicy

class CachePolicy extends Resource implements ICachePolicy {}
  • A Cache Policy configuration.

    AWS::CloudFront::CachePolicy https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html

constructor

constructor(scope: Construct, id: string, props?: CachePolicyProps);

    property AMPLIFY

    static readonly AMPLIFY: ICachePolicy;
    • This policy is designed for use with an origin that is an AWS Amplify web app.

    property cachePolicyId

    readonly cachePolicyId: string;

      property CACHING_DISABLED

      static readonly CACHING_DISABLED: ICachePolicy;
      • Disables caching. This policy is useful for dynamic content and for requests that are not cacheable.

      property CACHING_OPTIMIZED

      static readonly CACHING_OPTIMIZED: ICachePolicy;
      • Optimize cache efficiency by minimizing the values that CloudFront includes in the cache key. Query strings and cookies are not included in the cache key, and only the normalized 'Accept-Encoding' header is included.

      property CACHING_OPTIMIZED_FOR_UNCOMPRESSED_OBJECTS

      static readonly CACHING_OPTIMIZED_FOR_UNCOMPRESSED_OBJECTS: ICachePolicy;
      • Optimize cache efficiency by minimizing the values that CloudFront includes in the cache key. Query strings and cookies are not included in the cache key, and only the normalized 'Accept-Encoding' header is included. Disables cache compression.

      property ELEMENTAL_MEDIA_PACKAGE

      static readonly ELEMENTAL_MEDIA_PACKAGE: ICachePolicy;
      • Designed for use with an origin that is an AWS Elemental MediaPackage endpoint.

      method fromCachePolicyId

      static fromCachePolicyId: (
      scope: Construct,
      id: string,
      cachePolicyId: string
      ) => ICachePolicy;
      • Imports a Cache Policy from its id.

      class CacheQueryStringBehavior

      class CacheQueryStringBehavior {}
      • Determines whether any URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      property behavior

      readonly behavior: string;
      • The behavior of query strings -- allow all, none, only an allow list, or a deny list.

      property queryStrings

      readonly queryStrings?: string[];
      • The query strings to allow or deny, if the behavior is an allow or deny list.

      method all

      static all: () => CacheQueryStringBehavior;
      • All query strings in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

      method allowList

      static allowList: (...queryStrings: string[]) => CacheQueryStringBehavior;
      • Only the provided queryStrings are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      method denyList

      static denyList: (...queryStrings: string[]) => CacheQueryStringBehavior;
      • All query strings except the provided queryStrings are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      method none

      static none: () => CacheQueryStringBehavior;
      • Query strings in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

      class CfnCachePolicy

      class CfnCachePolicy extends cdk.CfnResource implements cdk.IInspectable {}
      • A CloudFormation AWS::CloudFront::CachePolicy

        A cache policy.

        When it’s attached to a cache behavior, the cache policy determines the following:

        - The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. - The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.

        The headers, cookies, and query strings that are included in the cache key are automatically included in requests that CloudFront sends to the origin. CloudFront sends a request when it can’t find a valid object in its cache that matches the request’s cache key. If you want to send values to the origin but *not* include them in the cache key, use OriginRequestPolicy .

        AWS::CloudFront::CachePolicy external

        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html

      constructor

      constructor(scope: cdk.Construct, id: string, props: CfnCachePolicyProps);
      • Create a new AWS::CloudFront::CachePolicy.

        Parameter scope

        scope in which this resource is defined

        Parameter id

        scoped id of the resource

        Parameter props

        resource properties

      property attrId

      readonly attrId: string;
      • The unique identifier for the cache policy. For example: 2766f7b2-75c5-41c6-8f06-bf4303a2f2f5 . Id

      property attrLastModifiedTime

      readonly attrLastModifiedTime: string;
      • The date and time when the cache policy was last modified. LastModifiedTime

      property cachePolicyConfig

      cachePolicyConfig: any;
      • The cache policy configuration.

        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html#cfn-cloudfront-cachepolicy-cachepolicyconfig

      property CFN_RESOURCE_TYPE_NAME

      static readonly CFN_RESOURCE_TYPE_NAME: string;
      • The CloudFormation resource type name for this resource class.

      property cfnProperties

      readonly cfnProperties: { [key: string]: any };

        method inspect

        inspect: (inspector: cdk.TreeInspector) => void;
        • Examines the CloudFormation resource and discloses attributes.

          Parameter inspector

          tree inspector to collect and process attributes

        method renderProperties

        protected renderProperties: (props: { [key: string]: any }) => {
        [key: string]: any;
        };

          class CfnCloudFrontOriginAccessIdentity

          class CfnCloudFrontOriginAccessIdentity
          extends cdk.CfnResource
          implements cdk.IInspectable {}
          • A CloudFormation AWS::CloudFront::CloudFrontOriginAccessIdentity

            The request to create a new origin access identity (OAI). An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content. For more information, see [Restricting Access to Amazon S3 Content by Using an Origin Access Identity](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .

            AWS::CloudFront::CloudFrontOriginAccessIdentity external

            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html

          constructor

          constructor(
          scope: cdk.Construct,
          id: string,
          props: CfnCloudFrontOriginAccessIdentityProps
          );
          • Create a new AWS::CloudFront::CloudFrontOriginAccessIdentity.

            Parameter scope

            scope in which this resource is defined

            Parameter id

            scoped id of the resource

            Parameter props

            resource properties

          property attrId

          readonly attrId: string;
          • Id

          property attrS3CanonicalUserId

          readonly attrS3CanonicalUserId: string;
          • The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3. For example: b970b42360b81c8ddbd79d2f5df0069ba9033c8a79655752abe380cd6d63ba8bcf23384d568fcf89fc49700b5e11a0fd . S3CanonicalUserId

          property CFN_RESOURCE_TYPE_NAME

          static readonly CFN_RESOURCE_TYPE_NAME: string;
          • The CloudFormation resource type name for this resource class.

          property cfnProperties

          readonly cfnProperties: { [key: string]: any };

            property cloudFrontOriginAccessIdentityConfig

            cloudFrontOriginAccessIdentityConfig: any;
            • The current configuration information for the identity.

              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html#cfn-cloudfront-cloudfrontoriginaccessidentity-cloudfrontoriginaccessidentityconfig

            method inspect

            inspect: (inspector: cdk.TreeInspector) => void;
            • Examines the CloudFormation resource and discloses attributes.

              Parameter inspector

              tree inspector to collect and process attributes

            method renderProperties

            protected renderProperties: (props: { [key: string]: any }) => {
            [key: string]: any;
            };

              class CfnDistribution

              class CfnDistribution extends cdk.CfnResource implements cdk.IInspectable {}
              • A CloudFormation AWS::CloudFront::Distribution

                A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.

                AWS::CloudFront::Distribution external

                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html

              constructor

              constructor(scope: cdk.Construct, id: string, props: CfnDistributionProps);
              • Create a new AWS::CloudFront::Distribution.

                Parameter scope

                scope in which this resource is defined

                Parameter id

                scoped id of the resource

                Parameter props

                resource properties

              property attrDomainName

              readonly attrDomainName: string;
              • The domain name of the resource, such as d111111abcdef8.cloudfront.net . DomainName

              property attrId

              readonly attrId: string;
              • Id

              property CFN_RESOURCE_TYPE_NAME

              static readonly CFN_RESOURCE_TYPE_NAME: string;
              • The CloudFormation resource type name for this resource class.

              property cfnProperties

              readonly cfnProperties: { [key: string]: any };

                property distributionConfig

                distributionConfig: any;
                • The current configuration information for the distribution. Send a GET request to the / *CloudFront API version* /distribution ID/config resource.

                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-distributionconfig

                property tags

                readonly tags: cdk.TagManager;
                • A complex type that contains zero or more Tag elements.

                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-tags

                method inspect

                inspect: (inspector: cdk.TreeInspector) => void;
                • Examines the CloudFormation resource and discloses attributes.

                  Parameter inspector

                  tree inspector to collect and process attributes

                method renderProperties

                protected renderProperties: (props: { [key: string]: any }) => {
                [key: string]: any;
                };

                  class CfnFunction

                  class CfnFunction extends cdk.CfnResource implements cdk.IInspectable {}
                  • A CloudFormation AWS::CloudFront::Function

                    Creates a CloudFront function.

                    To create a function, you provide the function code and some configuration information about the function. The response contains an Amazon Resource Name (ARN) that uniquely identifies the function, and the function’s stage.

                    By default, when you create a function, it’s in the DEVELOPMENT stage. In this stage, you can [test the function](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/test-function.html) in the CloudFront console (or with TestFunction in the CloudFront API).

                    When you’re ready to use your function with a CloudFront distribution, publish the function to the LIVE stage. You can do this in the CloudFront console, with PublishFunction in the CloudFront API, or by updating the AWS::CloudFront::Function resource with the AutoPublish property set to true . When the function is published to the LIVE stage, you can attach it to a distribution’s cache behavior, using the function’s ARN.

                    To automatically publish the function to the LIVE stage when it’s created, set the AutoPublish property to true .

                    AWS::CloudFront::Function external

                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html

                  constructor

                  constructor(scope: cdk.Construct, id: string, props: CfnFunctionProps);
                  • Create a new AWS::CloudFront::Function.

                    Parameter scope

                    scope in which this resource is defined

                    Parameter id

                    scoped id of the resource

                    Parameter props

                    resource properties

                  property attrFunctionArn

                  readonly attrFunctionArn: string;
                  • The ARN of the function. For example:

                    arn:aws:cloudfront::123456789012:function/ExampleFunction .

                    To get the function ARN, use the following syntax:

                    !GetAtt *Function_Logical_ID* .FunctionMetadata.FunctionARN FunctionARN

                  property attrFunctionMetadataFunctionArn

                  readonly attrFunctionMetadataFunctionArn: string;
                  • FunctionMetadata.FunctionARN

                  property attrStage

                  readonly attrStage: string;
                  • Stage

                  property autoPublish

                  autoPublish: any;
                  • A flag that determines whether to automatically publish the function to the LIVE stage when it’s created. To automatically publish to the LIVE stage, set this property to true .

                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-autopublish

                  property CFN_RESOURCE_TYPE_NAME

                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                  • The CloudFormation resource type name for this resource class.

                  property cfnProperties

                  readonly cfnProperties: { [key: string]: any };

                    property functionCode

                    functionCode: string;
                    • The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functioncode

                    property functionConfig

                    functionConfig: any;
                    • Contains configuration information about a CloudFront function.

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionconfig

                    property name

                    name: string;
                    • A name to identify the function.

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-name

                    method inspect

                    inspect: (inspector: cdk.TreeInspector) => void;
                    • Examines the CloudFormation resource and discloses attributes.

                      Parameter inspector

                      tree inspector to collect and process attributes

                    method renderProperties

                    protected renderProperties: (props: { [key: string]: any }) => {
                    [key: string]: any;
                    };

                      class CfnKeyGroup

                      class CfnKeyGroup extends cdk.CfnResource implements cdk.IInspectable {}
                      • A CloudFormation AWS::CloudFront::KeyGroup

                        A key group.

                        A key group contains a list of public keys that you can use with [CloudFront signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) .

                        AWS::CloudFront::KeyGroup external

                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html

                      constructor

                      constructor(scope: cdk.Construct, id: string, props: CfnKeyGroupProps);
                      • Create a new AWS::CloudFront::KeyGroup.

                        Parameter scope

                        scope in which this resource is defined

                        Parameter id

                        scoped id of the resource

                        Parameter props

                        resource properties

                      property attrId

                      readonly attrId: string;
                      • The identifier for the key group. Id

                      property attrLastModifiedTime

                      readonly attrLastModifiedTime: string;
                      • The date and time when the key group was last modified. LastModifiedTime

                      property CFN_RESOURCE_TYPE_NAME

                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                      • The CloudFormation resource type name for this resource class.

                      property cfnProperties

                      readonly cfnProperties: { [key: string]: any };

                        property keyGroupConfig

                        keyGroupConfig: any;
                        • The key group configuration.

                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig

                        method inspect

                        inspect: (inspector: cdk.TreeInspector) => void;
                        • Examines the CloudFormation resource and discloses attributes.

                          Parameter inspector

                          tree inspector to collect and process attributes

                        method renderProperties

                        protected renderProperties: (props: { [key: string]: any }) => {
                        [key: string]: any;
                        };

                          class CfnOriginRequestPolicy

                          class CfnOriginRequestPolicy extends cdk.CfnResource implements cdk.IInspectable {}
                          • A CloudFormation AWS::CloudFront::OriginRequestPolicy

                            An origin request policy.

                            When it’s attached to a cache behavior, the origin request policy determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:

                            - The request body and the URL path (without the domain name) from the viewer request. - The headers that CloudFront automatically includes in every origin request, including Host , User-Agent , and X-Amz-Cf-Id . - All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.

                            CloudFront sends a request when it can’t find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use CachePolicy .

                            AWS::CloudFront::OriginRequestPolicy external

                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html

                          constructor

                          constructor(
                          scope: cdk.Construct,
                          id: string,
                          props: CfnOriginRequestPolicyProps
                          );
                          • Create a new AWS::CloudFront::OriginRequestPolicy.

                            Parameter scope

                            scope in which this resource is defined

                            Parameter id

                            scoped id of the resource

                            Parameter props

                            resource properties

                          property attrId

                          readonly attrId: string;
                          • The unique identifier for the origin request policy. For example: befd7079-9bbc-4ebf-8ade-498a3694176c . Id

                          property attrLastModifiedTime

                          readonly attrLastModifiedTime: string;
                          • The date and time when the origin request policy was last modified. LastModifiedTime

                          property CFN_RESOURCE_TYPE_NAME

                          static readonly CFN_RESOURCE_TYPE_NAME: string;
                          • The CloudFormation resource type name for this resource class.

                          property cfnProperties

                          readonly cfnProperties: { [key: string]: any };

                            property originRequestPolicyConfig

                            originRequestPolicyConfig: any;
                            • The origin request policy configuration.

                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html#cfn-cloudfront-originrequestpolicy-originrequestpolicyconfig

                            method inspect

                            inspect: (inspector: cdk.TreeInspector) => void;
                            • Examines the CloudFormation resource and discloses attributes.

                              Parameter inspector

                              tree inspector to collect and process attributes

                            method renderProperties

                            protected renderProperties: (props: { [key: string]: any }) => {
                            [key: string]: any;
                            };

                              class CfnPublicKey

                              class CfnPublicKey extends cdk.CfnResource implements cdk.IInspectable {}
                              • A CloudFormation AWS::CloudFront::PublicKey

                                A public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                AWS::CloudFront::PublicKey external

                                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html

                              constructor

                              constructor(scope: cdk.Construct, id: string, props: CfnPublicKeyProps);
                              • Create a new AWS::CloudFront::PublicKey.

                                Parameter scope

                                scope in which this resource is defined

                                Parameter id

                                scoped id of the resource

                                Parameter props

                                resource properties

                              property attrCreatedTime

                              readonly attrCreatedTime: string;
                              • The date and time when the public key was uploaded. CreatedTime

                              property attrId

                              readonly attrId: string;
                              • The identifier of the public key. Id

                              property CFN_RESOURCE_TYPE_NAME

                              static readonly CFN_RESOURCE_TYPE_NAME: string;
                              • The CloudFormation resource type name for this resource class.

                              property cfnProperties

                              readonly cfnProperties: { [key: string]: any };

                                property publicKeyConfig

                                publicKeyConfig: any;
                                • Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig

                                method inspect

                                inspect: (inspector: cdk.TreeInspector) => void;
                                • Examines the CloudFormation resource and discloses attributes.

                                  Parameter inspector

                                  tree inspector to collect and process attributes

                                method renderProperties

                                protected renderProperties: (props: { [key: string]: any }) => {
                                [key: string]: any;
                                };

                                  class CfnRealtimeLogConfig

                                  class CfnRealtimeLogConfig extends cdk.CfnResource implements cdk.IInspectable {}
                                  • A CloudFormation AWS::CloudFront::RealtimeLogConfig

                                    A real-time log configuration.

                                    AWS::CloudFront::RealtimeLogConfig external

                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html

                                  constructor

                                  constructor(scope: cdk.Construct, id: string, props: CfnRealtimeLogConfigProps);
                                  • Create a new AWS::CloudFront::RealtimeLogConfig.

                                    Parameter scope

                                    scope in which this resource is defined

                                    Parameter id

                                    scoped id of the resource

                                    Parameter props

                                    resource properties

                                  property attrArn

                                  readonly attrArn: string;
                                  • The Amazon Resource Name (ARN) of the real-time log configuration. For example: arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig . Arn

                                  property CFN_RESOURCE_TYPE_NAME

                                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                                  • The CloudFormation resource type name for this resource class.

                                  property cfnProperties

                                  readonly cfnProperties: { [key: string]: any };

                                    property endPoints

                                    endPoints: any;
                                    • Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.

                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-endpoints

                                    property fields

                                    fields: string[];
                                    • A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.

                                      For more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .

                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-fields

                                    property name

                                    name: string;
                                    • The unique name of this real-time log configuration.

                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-name

                                    property samplingRate

                                    samplingRate: number;
                                    • The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.

                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-samplingrate

                                    method inspect

                                    inspect: (inspector: cdk.TreeInspector) => void;
                                    • Examines the CloudFormation resource and discloses attributes.

                                      Parameter inspector

                                      tree inspector to collect and process attributes

                                    method renderProperties

                                    protected renderProperties: (props: { [key: string]: any }) => {
                                    [key: string]: any;
                                    };

                                      class CfnResponseHeadersPolicy

                                      class CfnResponseHeadersPolicy extends cdk.CfnResource implements cdk.IInspectable {}
                                      • A CloudFormation AWS::CloudFront::ResponseHeadersPolicy

                                        A response headers policy.

                                        A response headers policy contains information about a set of HTTP response headers and their values.

                                        After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it’s attached to a cache behavior, CloudFront adds the headers in the policy to HTTP responses that it sends for requests that match the cache behavior.

                                        For more information, see [Adding HTTP headers to CloudFront responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/adding-response-headers.html) in the *Amazon CloudFront Developer Guide* .

                                        AWS::CloudFront::ResponseHeadersPolicy external

                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html

                                      constructor

                                      constructor(
                                      scope: cdk.Construct,
                                      id: string,
                                      props: CfnResponseHeadersPolicyProps
                                      );
                                      • Create a new AWS::CloudFront::ResponseHeadersPolicy.

                                        Parameter scope

                                        scope in which this resource is defined

                                        Parameter id

                                        scoped id of the resource

                                        Parameter props

                                        resource properties

                                      property attrId

                                      readonly attrId: string;
                                      • The unique identifier for the cache policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a . Id

                                      property attrLastModifiedTime

                                      readonly attrLastModifiedTime: string;
                                      • The date and time when the response headers policy was last modified. LastModifiedTime

                                      property CFN_RESOURCE_TYPE_NAME

                                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                                      • The CloudFormation resource type name for this resource class.

                                      property cfnProperties

                                      readonly cfnProperties: { [key: string]: any };

                                        property responseHeadersPolicyConfig

                                        responseHeadersPolicyConfig: any;
                                        • A response headers policy configuration.

                                          A response headers policy contains information about a set of HTTP response headers and their values. CloudFront adds the headers in the policy to HTTP responses that it sends for requests that match a cache behavior that’s associated with the policy.

                                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html#cfn-cloudfront-responseheaderspolicy-responseheaderspolicyconfig

                                        method inspect

                                        inspect: (inspector: cdk.TreeInspector) => void;
                                        • Examines the CloudFormation resource and discloses attributes.

                                          Parameter inspector

                                          tree inspector to collect and process attributes

                                        method renderProperties

                                        protected renderProperties: (props: { [key: string]: any }) => {
                                        [key: string]: any;
                                        };

                                          class CfnStreamingDistribution

                                          class CfnStreamingDistribution extends cdk.CfnResource implements cdk.IInspectable {}
                                          • A CloudFormation AWS::CloudFront::StreamingDistribution

                                            This resource is deprecated. Amazon CloudFront is deprecating real-time messaging protocol (RTMP) distributions on December 31, 2020. For more information, [read the announcement](https://docs.aws.amazon.com/ann.jspa?annID=7356) on the Amazon CloudFront discussion forum.

                                            AWS::CloudFront::StreamingDistribution external

                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html

                                          constructor

                                          constructor(
                                          scope: cdk.Construct,
                                          id: string,
                                          props: CfnStreamingDistributionProps
                                          );
                                          • Create a new AWS::CloudFront::StreamingDistribution.

                                            Parameter scope

                                            scope in which this resource is defined

                                            Parameter id

                                            scoped id of the resource

                                            Parameter props

                                            resource properties

                                          property attrDomainName

                                          readonly attrDomainName: string;
                                          • The domain name of the resource, such as d111111abcdef8.cloudfront.net . DomainName

                                          property CFN_RESOURCE_TYPE_NAME

                                          static readonly CFN_RESOURCE_TYPE_NAME: string;
                                          • The CloudFormation resource type name for this resource class.

                                          property cfnProperties

                                          readonly cfnProperties: { [key: string]: any };

                                            property streamingDistributionConfig

                                            streamingDistributionConfig: any;
                                            • The current configuration information for the RTMP distribution.

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-streamingdistributionconfig

                                            property tags

                                            readonly tags: cdk.TagManager;
                                            • A complex type that contains zero or more Tag elements.

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-tags

                                            method inspect

                                            inspect: (inspector: cdk.TreeInspector) => void;
                                            • Examines the CloudFormation resource and discloses attributes.

                                              Parameter inspector

                                              tree inspector to collect and process attributes

                                            method renderProperties

                                            protected renderProperties: (props: { [key: string]: any }) => {
                                            [key: string]: any;
                                            };

                                              class CloudFrontWebDistribution

                                              class CloudFrontWebDistribution extends cdk.Resource implements IDistribution {}
                                              • Amazon CloudFront is a global content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to your viewers with low latency and high transfer speeds. CloudFront fronts user provided content and caches it at edge locations across the world.

                                                Here's how you can use this construct:

                                                const sourceBucket = new s3.Bucket(this, 'Bucket');
                                                const distribution = new cloudfront.CloudFrontWebDistribution(this, 'MyDistribution', {
                                                originConfigs: [
                                                {
                                                s3OriginSource: {
                                                s3BucketSource: sourceBucket,
                                                },
                                                behaviors : [ {isDefaultBehavior: true}],
                                                },
                                                ],
                                                });

                                                This will create a CloudFront distribution that uses your S3Bucket as it's origin.

                                                You can customize the distribution using additional properties from the CloudFrontWebDistributionProps interface.

                                                AWS::CloudFront::Distribution

                                              constructor

                                              constructor(scope: Construct, id: string, props: CloudFrontWebDistributionProps);

                                                property distributionDomainName

                                                readonly distributionDomainName: string;
                                                • The domain name created by CloudFront for this distribution. If you are using aliases for your distribution, this is the domainName your DNS records should point to. (In Route53, you could create an ALIAS record to this value, for example.)

                                                property distributionId

                                                readonly distributionId: string;
                                                • The distribution ID for this distribution.

                                                property domainName

                                                readonly domainName: string;
                                                • The domain name created by CloudFront for this distribution. If you are using aliases for your distribution, this is the domainName your DNS records should point to. (In Route53, you could create an ALIAS record to this value, for example.)

                                                  Deprecated

                                                  - Use distributionDomainName instead.

                                                property loggingBucket

                                                readonly loggingBucket?: s3.IBucket;
                                                • The logging bucket for this CloudFront distribution. If logging is not enabled for this distribution - this property will be undefined.

                                                method fromDistributionAttributes

                                                static fromDistributionAttributes: (
                                                scope: Construct,
                                                id: string,
                                                attrs: CloudFrontWebDistributionAttributes
                                                ) => IDistribution;
                                                • Creates a construct that represents an external (imported) distribution.

                                                class Distribution

                                                class Distribution extends Resource implements IDistribution {}
                                                • A CloudFront distribution with associated origin(s) and caching behavior(s).

                                                constructor

                                                constructor(scope: Construct, id: string, props: DistributionProps);

                                                  property distributionDomainName

                                                  readonly distributionDomainName: string;

                                                    property distributionId

                                                    readonly distributionId: string;

                                                      property domainName

                                                      readonly domainName: string;

                                                        method addBehavior

                                                        addBehavior: (
                                                        pathPattern: string,
                                                        origin: IOrigin,
                                                        behaviorOptions?: AddBehaviorOptions
                                                        ) => void;
                                                        • Adds a new behavior to this distribution for the given pathPattern.

                                                          Parameter pathPattern

                                                          the path pattern (e.g., 'images/*') that specifies which requests to apply the behavior to.

                                                          Parameter origin

                                                          the origin to use for this behavior

                                                          Parameter behaviorOptions

                                                          the options for the behavior at this path.

                                                        method fromDistributionAttributes

                                                        static fromDistributionAttributes: (
                                                        scope: Construct,
                                                        id: string,
                                                        attrs: DistributionAttributes
                                                        ) => IDistribution;
                                                        • Creates a Distribution construct that represents an external (imported) distribution.

                                                        class Function

                                                        class Function extends Resource implements IFunction {}
                                                        • A CloudFront Function

                                                          AWS::CloudFront::Function

                                                        constructor

                                                        constructor(scope: Construct, id: string, props: FunctionProps);

                                                          property functionArn

                                                          readonly functionArn: string;
                                                          • the ARN of the CloudFront function

                                                          property functionName

                                                          readonly functionName: string;
                                                          • the name of the CloudFront function

                                                          property functionStage

                                                          readonly functionStage: string;
                                                          • the deployment stage of the CloudFront function

                                                          method fromFunctionAttributes

                                                          static fromFunctionAttributes: (
                                                          scope: Construct,
                                                          id: string,
                                                          attrs: FunctionAttributes
                                                          ) => IFunction;
                                                          • Imports a function by its name and ARN

                                                          class FunctionCode

                                                          abstract class FunctionCode {}
                                                          • Represents the function's source code

                                                          method fromFile

                                                          static fromFile: (options: FileCodeOptions) => FunctionCode;
                                                          • Code from external file for function

                                                            Parameter options

                                                            the options for the external file

                                                            Returns

                                                            code object with contents from file.

                                                          method fromInline

                                                          static fromInline: (code: string) => FunctionCode;
                                                          • Inline code for function

                                                            Parameter code

                                                            The actual function code

                                                            Returns

                                                            code object with inline code.

                                                          method render

                                                          abstract render: () => string;
                                                          • renders the function code

                                                          class GeoRestriction

                                                          class GeoRestriction {}
                                                          • Controls the countries in which content is distributed.

                                                          property locations

                                                          readonly locations: string[];

                                                            property restrictionType

                                                            readonly restrictionType: 'whitelist' | 'blacklist';

                                                              method allowlist

                                                              static allowlist: (...locations: string[]) => GeoRestriction;
                                                              • Allow specific countries which you want CloudFront to distribute your content.

                                                                Parameter locations

                                                                Two-letter, uppercase country code for a country that you want to allow. Include one element for each country. See ISO 3166-1-alpha-2 code on the *International Organization for Standardization* website

                                                              method blacklist

                                                              static blacklist: (...locations: string[]) => GeoRestriction;
                                                              • DEPRECATED

                                                                Deprecated

                                                                use denylist

                                                              method denylist

                                                              static denylist: (...locations: string[]) => GeoRestriction;
                                                              • Deny specific countries which you don't want CloudFront to distribute your content.

                                                                Parameter locations

                                                                Two-letter, uppercase country code for a country that you want to deny. Include one element for each country. See ISO 3166-1-alpha-2 code on the *International Organization for Standardization* website

                                                              method whitelist

                                                              static whitelist: (...locations: string[]) => GeoRestriction;
                                                              • DEPRECATED

                                                                Deprecated

                                                                use allowlist

                                                              class KeyGroup

                                                              class KeyGroup extends Resource implements IKeyGroup {}
                                                              • A Key Group configuration

                                                                AWS::CloudFront::KeyGroup

                                                              constructor

                                                              constructor(scope: Construct, id: string, props: KeyGroupProps);

                                                                property keyGroupId

                                                                readonly keyGroupId: string;

                                                                  method fromKeyGroupId

                                                                  static fromKeyGroupId: (
                                                                  scope: Construct,
                                                                  id: string,
                                                                  keyGroupId: string
                                                                  ) => IKeyGroup;
                                                                  • Imports a Key Group from its id.

                                                                  class OriginAccessIdentity

                                                                  class OriginAccessIdentity
                                                                  extends OriginAccessIdentityBase
                                                                  implements IOriginAccessIdentity {}
                                                                  • An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content.

                                                                    AWS::CloudFront::CloudFrontOriginAccessIdentity

                                                                  constructor

                                                                  constructor(scope: Construct, id: string, props?: OriginAccessIdentityProps);

                                                                    property cloudFrontOriginAccessIdentityS3CanonicalUserId

                                                                    readonly cloudFrontOriginAccessIdentityS3CanonicalUserId: string;
                                                                    • The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3.

                                                                    property grantPrincipal

                                                                    readonly grantPrincipal: iam.IPrincipal;
                                                                    • Derived principal value for bucket access

                                                                    property originAccessIdentityName

                                                                    readonly originAccessIdentityName: string;
                                                                    • The Origin Access Identity Name (physical id)

                                                                    method fromOriginAccessIdentityName

                                                                    static fromOriginAccessIdentityName: (
                                                                    scope: Construct,
                                                                    id: string,
                                                                    originAccessIdentityName: string
                                                                    ) => IOriginAccessIdentity;
                                                                    • Creates a OriginAccessIdentity by providing the OriginAccessIdentityName

                                                                    class OriginBase

                                                                    abstract class OriginBase implements IOrigin {}
                                                                    • Represents a distribution origin, that describes the Amazon S3 bucket, HTTP server (for example, a web server), Amazon MediaStore, or other server from which CloudFront gets your files.

                                                                    constructor

                                                                    protected constructor(domainName: string, props?: OriginProps);

                                                                      method bind

                                                                      bind: (_scope: Construct, options: OriginBindOptions) => OriginBindConfig;
                                                                      • Binds the origin to the associated Distribution. Can be used to grant permissions, create dependent resources, etc.

                                                                      method renderCustomOriginConfig

                                                                      protected renderCustomOriginConfig: () =>
                                                                      | CfnDistribution.CustomOriginConfigProperty
                                                                      | undefined;

                                                                        method renderS3OriginConfig

                                                                        protected renderS3OriginConfig: () =>
                                                                        | CfnDistribution.S3OriginConfigProperty
                                                                        | undefined;

                                                                          class OriginRequestCookieBehavior

                                                                          class OriginRequestCookieBehavior {}
                                                                          • Determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin.

                                                                          property behavior

                                                                          readonly behavior: string;
                                                                          • The behavior of cookies: allow all, none or an allow list.

                                                                          property cookies

                                                                          readonly cookies?: string[];
                                                                          • The cookies to allow, if the behavior is an allow list.

                                                                          method all

                                                                          static all: () => OriginRequestCookieBehavior;
                                                                          • All cookies in viewer requests are included in requests that CloudFront sends to the origin.

                                                                          method allowList

                                                                          static allowList: (...cookies: string[]) => OriginRequestCookieBehavior;
                                                                          • Only the provided cookies are included in requests that CloudFront sends to the origin.

                                                                          method none

                                                                          static none: () => OriginRequestCookieBehavior;
                                                                          • Cookies in viewer requests are not included in requests that CloudFront sends to the origin. Any cookies that are listed in a CachePolicy are still included in origin requests.

                                                                          class OriginRequestHeaderBehavior

                                                                          class OriginRequestHeaderBehavior {}
                                                                          • Determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin.

                                                                          property behavior

                                                                          readonly behavior: string;
                                                                          • The behavior of headers: allow all, none or an allow list.

                                                                          property headers

                                                                          readonly headers?: string[];
                                                                          • The headers for the allow list or the included CloudFront headers, if applicable.

                                                                          method all

                                                                          static all: (...cloudfrontHeaders: string[]) => OriginRequestHeaderBehavior;
                                                                          • All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Additionally, any additional CloudFront headers provided are included; the additional headers are added by CloudFront.

                                                                            See Also

                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-cloudfront-headers.html

                                                                          method allowList

                                                                          static allowList: (...headers: string[]) => OriginRequestHeaderBehavior;
                                                                          • Listed headers are included in requests that CloudFront sends to the origin.

                                                                          method none

                                                                          static none: () => OriginRequestHeaderBehavior;
                                                                          • HTTP headers are not included in requests that CloudFront sends to the origin. Any headers that are listed in a CachePolicy are still included in origin requests.

                                                                          class OriginRequestPolicy

                                                                          class OriginRequestPolicy extends Resource implements IOriginRequestPolicy {}
                                                                          • A Origin Request Policy configuration.

                                                                            AWS::CloudFront::OriginRequestPolicy

                                                                          constructor

                                                                          constructor(scope: Construct, id: string, props?: OriginRequestPolicyProps);

                                                                            property ALL_VIEWER

                                                                            static readonly ALL_VIEWER: IOriginRequestPolicy;
                                                                            • This policy includes all values (query strings, headers, and cookies) in the viewer request.

                                                                            property CORS_CUSTOM_ORIGIN

                                                                            static readonly CORS_CUSTOM_ORIGIN: IOriginRequestPolicy;
                                                                            • This policy includes the header that enables cross-origin resource sharing (CORS) requests when the origin is a custom origin.

                                                                            property CORS_S3_ORIGIN

                                                                            static readonly CORS_S3_ORIGIN: IOriginRequestPolicy;
                                                                            • This policy includes the headers that enable cross-origin resource sharing (CORS) requests when the origin is an Amazon S3 bucket.

                                                                            property ELEMENTAL_MEDIA_TAILOR

                                                                            static readonly ELEMENTAL_MEDIA_TAILOR: IOriginRequestPolicy;
                                                                            • This policy is designed for use with an origin that is an AWS Elemental MediaTailor endpoint.

                                                                            property originRequestPolicyId

                                                                            readonly originRequestPolicyId: string;

                                                                              property USER_AGENT_REFERER_HEADERS

                                                                              static readonly USER_AGENT_REFERER_HEADERS: IOriginRequestPolicy;
                                                                              • This policy includes only the User-Agent and Referer headers. It doesn’t include any query strings or cookies.

                                                                              method fromOriginRequestPolicyId

                                                                              static fromOriginRequestPolicyId: (
                                                                              scope: Construct,
                                                                              id: string,
                                                                              originRequestPolicyId: string
                                                                              ) => IOriginRequestPolicy;
                                                                              • Imports a Origin Request Policy from its id.

                                                                              class OriginRequestQueryStringBehavior

                                                                              class OriginRequestQueryStringBehavior {}
                                                                              • Determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin.

                                                                              property behavior

                                                                              readonly behavior: string;
                                                                              • The behavior of query strings -- allow all, none, or only an allow list.

                                                                              property queryStrings

                                                                              readonly queryStrings?: string[];
                                                                              • The query strings to allow, if the behavior is an allow list.

                                                                              method all

                                                                              static all: () => OriginRequestQueryStringBehavior;
                                                                              • All query strings in viewer requests are included in requests that CloudFront sends to the origin.

                                                                              method allowList

                                                                              static allowList: (
                                                                              ...queryStrings: string[]
                                                                              ) => OriginRequestQueryStringBehavior;
                                                                              • Only the provided queryStrings are included in requests that CloudFront sends to the origin.

                                                                              method none

                                                                              static none: () => OriginRequestQueryStringBehavior;
                                                                              • Query strings in viewer requests are not included in requests that CloudFront sends to the origin. Any query strings that are listed in a CachePolicy are still included in origin requests.

                                                                              class PublicKey

                                                                              class PublicKey extends Resource implements IPublicKey {}
                                                                              • A Public Key Configuration

                                                                                AWS::CloudFront::PublicKey

                                                                              constructor

                                                                              constructor(scope: Construct, id: string, props: PublicKeyProps);

                                                                                property publicKeyId

                                                                                readonly publicKeyId: string;

                                                                                  method fromPublicKeyId

                                                                                  static fromPublicKeyId: (
                                                                                  scope: Construct,
                                                                                  id: string,
                                                                                  publicKeyId: string
                                                                                  ) => IPublicKey;
                                                                                  • Imports a Public Key from its id.

                                                                                  class ResponseHeadersPolicy

                                                                                  class ResponseHeadersPolicy extends Resource implements IResponseHeadersPolicy {}
                                                                                  • A Response Headers Policy configuration

                                                                                    AWS::CloudFront::ResponseHeadersPolicy

                                                                                  constructor

                                                                                  constructor(scope: Construct, id: string, props?: ResponseHeadersPolicyProps);

                                                                                    property CORS_ALLOW_ALL_ORIGINS

                                                                                    static readonly CORS_ALLOW_ALL_ORIGINS: IResponseHeadersPolicy;
                                                                                    • Use this managed policy to allow simple CORS requests from any origin.

                                                                                    property CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS

                                                                                    static readonly CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                    • Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                    property CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT

                                                                                    static readonly CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT: IResponseHeadersPolicy;
                                                                                    • Use this managed policy to allow CORS requests from any origin, including preflight requests.

                                                                                    property CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS

                                                                                    static readonly CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                    • Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                    property responseHeadersPolicyId

                                                                                    readonly responseHeadersPolicyId: string;

                                                                                      property SECURITY_HEADERS

                                                                                      static readonly SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                      • Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                      method fromResponseHeadersPolicyId

                                                                                      static fromResponseHeadersPolicyId: (
                                                                                      scope: Construct,
                                                                                      id: string,
                                                                                      responseHeadersPolicyId: string
                                                                                      ) => IResponseHeadersPolicy;
                                                                                      • Import an existing Response Headers Policy from its ID.

                                                                                      class ViewerCertificate

                                                                                      class ViewerCertificate {}
                                                                                      • Viewer certificate configuration class

                                                                                      property aliases

                                                                                      readonly aliases: string[];

                                                                                        property props

                                                                                        readonly props: CfnDistribution.ViewerCertificateProperty;

                                                                                          method fromAcmCertificate

                                                                                          static fromAcmCertificate: (
                                                                                          certificate: certificatemanager.ICertificate,
                                                                                          options?: ViewerCertificateOptions
                                                                                          ) => ViewerCertificate;
                                                                                          • Generate an AWS Certificate Manager (ACM) viewer certificate configuration

                                                                                            Parameter certificate

                                                                                            AWS Certificate Manager (ACM) certificate. Your certificate must be located in the us-east-1 (US East (N. Virginia)) region to be accessed by CloudFront

                                                                                            Parameter options

                                                                                            certificate configuration options

                                                                                          method fromCloudFrontDefaultCertificate

                                                                                          static fromCloudFrontDefaultCertificate: (
                                                                                          ...aliases: string[]
                                                                                          ) => ViewerCertificate;
                                                                                          • Generate a viewer certifcate configuration using the CloudFront default certificate (e.g. d111111abcdef8.cloudfront.net) and a SecurityPolicyProtocol.TLS_V1 security policy.

                                                                                            Parameter aliases

                                                                                            Alternative CNAME aliases You also must create a CNAME record with your DNS service to route queries

                                                                                          method fromIamCertificate

                                                                                          static fromIamCertificate: (
                                                                                          iamCertificateId: string,
                                                                                          options?: ViewerCertificateOptions
                                                                                          ) => ViewerCertificate;
                                                                                          • Generate an IAM viewer certificate configuration

                                                                                            Parameter iamCertificateId

                                                                                            Identifier of the IAM certificate

                                                                                            Parameter options

                                                                                            certificate configuration options

                                                                                          Interfaces

                                                                                          interface AddBehaviorOptions

                                                                                          interface AddBehaviorOptions {}
                                                                                          • Options for adding a new behavior to a Distribution.

                                                                                          property allowedMethods

                                                                                          readonly allowedMethods?: AllowedMethods;
                                                                                          • HTTP methods to allow for this behavior.

                                                                                            AllowedMethods.ALLOW_GET_HEAD

                                                                                          property cachedMethods

                                                                                          readonly cachedMethods?: CachedMethods;
                                                                                          • HTTP methods to cache for this behavior.

                                                                                            CachedMethods.CACHE_GET_HEAD

                                                                                          property cachePolicy

                                                                                          readonly cachePolicy?: ICachePolicy;
                                                                                          • The cache policy for this behavior. The cache policy determines what values are included in the cache key, and the time-to-live (TTL) values for the cache.

                                                                                            See Also

                                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html. CachePolicy.CACHING_OPTIMIZED

                                                                                          property compress

                                                                                          readonly compress?: boolean;
                                                                                          • Whether you want CloudFront to automatically compress certain files for this cache behavior. See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html#compressed-content-cloudfront-file-types for file types CloudFront will compress.

                                                                                            true

                                                                                          property edgeLambdas

                                                                                          readonly edgeLambdas?: EdgeLambda[];
                                                                                          • The Lambda@Edge functions to invoke before serving the contents.

                                                                                            - no Lambda functions will be invoked

                                                                                            See Also

                                                                                            • https://aws.amazon.com/lambda/edge

                                                                                          property functionAssociations

                                                                                          readonly functionAssociations?: FunctionAssociation[];
                                                                                          • The CloudFront functions to invoke before serving the contents.

                                                                                            - no functions will be invoked

                                                                                          property originRequestPolicy

                                                                                          readonly originRequestPolicy?: IOriginRequestPolicy;
                                                                                          • The origin request policy for this behavior. The origin request policy determines which values (e.g., headers, cookies) are included in requests that CloudFront sends to the origin.

                                                                                            - none

                                                                                          property responseHeadersPolicy

                                                                                          readonly responseHeadersPolicy?: IResponseHeadersPolicy;
                                                                                          • The response headers policy for this behavior. The response headers policy determines which headers are included in responses

                                                                                            - none

                                                                                          property smoothStreaming

                                                                                          readonly smoothStreaming?: boolean;
                                                                                          • Set this to true to indicate you want to distribute media files in the Microsoft Smooth Streaming format using this behavior.

                                                                                            false

                                                                                          property trustedKeyGroups

                                                                                          readonly trustedKeyGroups?: IKeyGroup[];
                                                                                          • A list of Key Groups that CloudFront can use to validate signed URLs or signed cookies.

                                                                                            - no KeyGroups are associated with cache behavior

                                                                                            See Also

                                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                          property viewerProtocolPolicy

                                                                                          readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                          • The protocol that viewers can use to access the files controlled by this behavior.

                                                                                            ViewerProtocolPolicy.ALLOW_ALL

                                                                                          interface AliasConfiguration

                                                                                          interface AliasConfiguration {}

                                                                                          property acmCertRef

                                                                                          readonly acmCertRef: string;
                                                                                          • ARN of an AWS Certificate Manager (ACM) certificate.

                                                                                          property names

                                                                                          readonly names: string[];
                                                                                          • Domain names on the certificate

                                                                                            Both main domain name and Subject Alternative Names.

                                                                                          property securityPolicy

                                                                                          readonly securityPolicy?: SecurityPolicyProtocol;
                                                                                          • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                            CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                            - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

                                                                                          property sslMethod

                                                                                          readonly sslMethod?: SSLMethod;
                                                                                          • How CloudFront should serve HTTPS requests.

                                                                                            See the notes on SSLMethod if you wish to use other SSL termination types.

                                                                                            SSLMethod.SNI

                                                                                            See Also

                                                                                            • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html

                                                                                          interface Behavior

                                                                                          interface Behavior {}
                                                                                          • A CloudFront behavior wrapper.

                                                                                          property allowedMethods

                                                                                          readonly allowedMethods?: CloudFrontAllowedMethods;
                                                                                          • The method this CloudFront distribution responds do.

                                                                                            GET_HEAD

                                                                                          property cachedMethods

                                                                                          readonly cachedMethods?: CloudFrontAllowedCachedMethods;
                                                                                          • Which methods are cached by CloudFront by default.

                                                                                            GET_HEAD

                                                                                          property compress

                                                                                          readonly compress?: boolean;
                                                                                          • If CloudFront should automatically compress some content types.

                                                                                            true

                                                                                          property defaultTtl

                                                                                          readonly defaultTtl?: cdk.Duration;
                                                                                          • The default amount of time CloudFront will cache an object.

                                                                                            This value applies only when your custom origin does not add HTTP headers, such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. 86400 (1 day)

                                                                                          property forwardedValues

                                                                                          readonly forwardedValues?: CfnDistribution.ForwardedValuesProperty;
                                                                                          • The values CloudFront will forward to the origin when making a request.

                                                                                            none (no cookies - no headers)

                                                                                          property functionAssociations

                                                                                          readonly functionAssociations?: FunctionAssociation[];
                                                                                          • The CloudFront functions to invoke before serving the contents.

                                                                                            - no functions will be invoked

                                                                                          property isDefaultBehavior

                                                                                          readonly isDefaultBehavior?: boolean;
                                                                                          • If this behavior is the default behavior for the distribution.

                                                                                            You must specify exactly one default distribution per CloudFront distribution. The default behavior is allowed to omit the "path" property.

                                                                                          property lambdaFunctionAssociations

                                                                                          readonly lambdaFunctionAssociations?: LambdaFunctionAssociation[];
                                                                                          • Declares associated lambda@edge functions for this distribution behaviour.

                                                                                            No lambda function associated

                                                                                          property maxTtl

                                                                                          readonly maxTtl?: cdk.Duration;
                                                                                          • The max amount of time you want objects to stay in the cache before CloudFront queries your origin.

                                                                                            Duration.seconds(31536000) (one year)

                                                                                          property minTtl

                                                                                          readonly minTtl?: cdk.Duration;
                                                                                          • The minimum amount of time that you want objects to stay in the cache before CloudFront queries your origin.

                                                                                          property pathPattern

                                                                                          readonly pathPattern?: string;
                                                                                          • The path this behavior responds to. Required for all non-default behaviors. (The default behavior implicitly has "*" as the path pattern. )

                                                                                          property trustedKeyGroups

                                                                                          readonly trustedKeyGroups?: IKeyGroup[];
                                                                                          • A list of Key Groups that CloudFront can use to validate signed URLs or signed cookies.

                                                                                            - no KeyGroups are associated with cache behavior

                                                                                            See Also

                                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                          property trustedSigners

                                                                                          readonly trustedSigners?: string[];
                                                                                          • Trusted signers is how CloudFront allows you to serve private content. The signers are the account IDs that are allowed to sign cookies/presigned URLs for this distribution.

                                                                                            If you pass a non empty value, all requests for this behavior must be signed (no public access will be allowed)

                                                                                            Deprecated

                                                                                            - We recommend using trustedKeyGroups instead of trustedSigners.

                                                                                          property viewerProtocolPolicy

                                                                                          readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                          • The viewer policy for this behavior.

                                                                                            - the distribution wide viewer protocol policy will be used

                                                                                          interface BehaviorOptions

                                                                                          interface BehaviorOptions extends AddBehaviorOptions {}
                                                                                          • Options for creating a new behavior.

                                                                                          property origin

                                                                                          readonly origin: IOrigin;
                                                                                          • The origin that you want CloudFront to route requests to when they match this behavior.

                                                                                          interface CachePolicyProps

                                                                                          interface CachePolicyProps {}
                                                                                          • Properties for creating a Cache Policy

                                                                                          property cachePolicyName

                                                                                          readonly cachePolicyName?: string;
                                                                                          • A unique name to identify the cache policy. The name must only include '-', '_', or alphanumeric characters. - generated from the id

                                                                                          property comment

                                                                                          readonly comment?: string;
                                                                                          • A comment to describe the cache policy. - no comment

                                                                                          property cookieBehavior

                                                                                          readonly cookieBehavior?: CacheCookieBehavior;
                                                                                          • Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheCookieBehavior.none()

                                                                                          property defaultTtl

                                                                                          readonly defaultTtl?: Duration;
                                                                                          • The default amount of time for objects to stay in the CloudFront cache. Only used when the origin does not send Cache-Control or Expires headers with the object. - The greater of 1 day and ``minTtl``

                                                                                          property enableAcceptEncodingBrotli

                                                                                          readonly enableAcceptEncodingBrotli?: boolean;
                                                                                          • Whether to normalize and include the Accept-Encoding header in the cache key when the Accept-Encoding header is 'br'. false

                                                                                          property enableAcceptEncodingGzip

                                                                                          readonly enableAcceptEncodingGzip?: boolean;
                                                                                          • Whether to normalize and include the Accept-Encoding header in the cache key when the Accept-Encoding header is 'gzip'. false

                                                                                          property headerBehavior

                                                                                          readonly headerBehavior?: CacheHeaderBehavior;
                                                                                          • Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheHeaderBehavior.none()

                                                                                          property maxTtl

                                                                                          readonly maxTtl?: Duration;
                                                                                          • The maximum amount of time for objects to stay in the CloudFront cache. CloudFront uses this value only when the origin sends Cache-Control or Expires headers with the object. - The greater of 1 year and ``defaultTtl``

                                                                                          property minTtl

                                                                                          readonly minTtl?: Duration;
                                                                                          • The minimum amount of time for objects to stay in the CloudFront cache. Duration.seconds(0)

                                                                                          property queryStringBehavior

                                                                                          readonly queryStringBehavior?: CacheQueryStringBehavior;
                                                                                          • Determines whether any query strings are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheQueryStringBehavior.none()

                                                                                          interface CfnCachePolicyProps

                                                                                          interface CfnCachePolicyProps {}
                                                                                          • Properties for defining a CfnCachePolicy

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html

                                                                                          property cachePolicyConfig

                                                                                          readonly cachePolicyConfig:
                                                                                          | CfnCachePolicy.CachePolicyConfigProperty
                                                                                          | cdk.IResolvable;
                                                                                          • The cache policy configuration.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html#cfn-cloudfront-cachepolicy-cachepolicyconfig

                                                                                          interface CfnCloudFrontOriginAccessIdentityProps

                                                                                          interface CfnCloudFrontOriginAccessIdentityProps {}
                                                                                          • Properties for defining a CfnCloudFrontOriginAccessIdentity

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html

                                                                                          property cloudFrontOriginAccessIdentityConfig

                                                                                          readonly cloudFrontOriginAccessIdentityConfig:
                                                                                          | CfnCloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfigProperty
                                                                                          | cdk.IResolvable;
                                                                                          • The current configuration information for the identity.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html#cfn-cloudfront-cloudfrontoriginaccessidentity-cloudfrontoriginaccessidentityconfig

                                                                                          interface CfnDistributionProps

                                                                                          interface CfnDistributionProps {}
                                                                                          • Properties for defining a CfnDistribution

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html

                                                                                          property distributionConfig

                                                                                          readonly distributionConfig:
                                                                                          | CfnDistribution.DistributionConfigProperty
                                                                                          | cdk.IResolvable;
                                                                                          • The current configuration information for the distribution. Send a GET request to the / *CloudFront API version* /distribution ID/config resource.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-distributionconfig

                                                                                          property tags

                                                                                          readonly tags?: cdk.CfnTag[];
                                                                                          • A complex type that contains zero or more Tag elements.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-tags

                                                                                          interface CfnFunctionProps

                                                                                          interface CfnFunctionProps {}
                                                                                          • Properties for defining a CfnFunction

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html

                                                                                          property autoPublish

                                                                                          readonly autoPublish?: boolean | cdk.IResolvable;
                                                                                          • A flag that determines whether to automatically publish the function to the LIVE stage when it’s created. To automatically publish to the LIVE stage, set this property to true .

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-autopublish

                                                                                          property functionCode

                                                                                          readonly functionCode?: string;
                                                                                          • The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functioncode

                                                                                          property functionConfig

                                                                                          readonly functionConfig?: CfnFunction.FunctionConfigProperty | cdk.IResolvable;
                                                                                          • Contains configuration information about a CloudFront function.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionconfig

                                                                                          property name

                                                                                          readonly name: string;
                                                                                          • A name to identify the function.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-name

                                                                                          interface CfnKeyGroupProps

                                                                                          interface CfnKeyGroupProps {}
                                                                                          • Properties for defining a CfnKeyGroup

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html

                                                                                          property keyGroupConfig

                                                                                          readonly keyGroupConfig: CfnKeyGroup.KeyGroupConfigProperty | cdk.IResolvable;
                                                                                          • The key group configuration.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig

                                                                                          interface CfnOriginRequestPolicyProps

                                                                                          interface CfnOriginRequestPolicyProps {}
                                                                                          • Properties for defining a CfnOriginRequestPolicy

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html

                                                                                          property originRequestPolicyConfig

                                                                                          readonly originRequestPolicyConfig:
                                                                                          | CfnOriginRequestPolicy.OriginRequestPolicyConfigProperty
                                                                                          | cdk.IResolvable;
                                                                                          • The origin request policy configuration.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html#cfn-cloudfront-originrequestpolicy-originrequestpolicyconfig

                                                                                          interface CfnPublicKeyProps

                                                                                          interface CfnPublicKeyProps {}
                                                                                          • Properties for defining a CfnPublicKey

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html

                                                                                          property publicKeyConfig

                                                                                          readonly publicKeyConfig: CfnPublicKey.PublicKeyConfigProperty | cdk.IResolvable;
                                                                                          • Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig

                                                                                          interface CfnRealtimeLogConfigProps

                                                                                          interface CfnRealtimeLogConfigProps {}
                                                                                          • Properties for defining a CfnRealtimeLogConfig

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html

                                                                                          property endPoints

                                                                                          readonly endPoints:
                                                                                          | Array<CfnRealtimeLogConfig.EndPointProperty | cdk.IResolvable>
                                                                                          | cdk.IResolvable;
                                                                                          • Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-endpoints

                                                                                          property fields

                                                                                          readonly fields: string[];
                                                                                          • A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.

                                                                                            For more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-fields

                                                                                          property name

                                                                                          readonly name: string;
                                                                                          • The unique name of this real-time log configuration.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-name

                                                                                          property samplingRate

                                                                                          readonly samplingRate: number;
                                                                                          • The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-samplingrate

                                                                                          interface CfnResponseHeadersPolicyProps

                                                                                          interface CfnResponseHeadersPolicyProps {}
                                                                                          • Properties for defining a CfnResponseHeadersPolicy

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html

                                                                                          property responseHeadersPolicyConfig

                                                                                          readonly responseHeadersPolicyConfig:
                                                                                          | CfnResponseHeadersPolicy.ResponseHeadersPolicyConfigProperty
                                                                                          | cdk.IResolvable;
                                                                                          • A response headers policy configuration.

                                                                                            A response headers policy contains information about a set of HTTP response headers and their values. CloudFront adds the headers in the policy to HTTP responses that it sends for requests that match a cache behavior that’s associated with the policy.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html#cfn-cloudfront-responseheaderspolicy-responseheaderspolicyconfig

                                                                                          interface CfnStreamingDistributionProps

                                                                                          interface CfnStreamingDistributionProps {}
                                                                                          • Properties for defining a CfnStreamingDistribution

                                                                                            external

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html

                                                                                          property streamingDistributionConfig

                                                                                          readonly streamingDistributionConfig:
                                                                                          | CfnStreamingDistribution.StreamingDistributionConfigProperty
                                                                                          | cdk.IResolvable;
                                                                                          • The current configuration information for the RTMP distribution.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-streamingdistributionconfig

                                                                                          property tags

                                                                                          readonly tags: cdk.CfnTag[];
                                                                                          • A complex type that contains zero or more Tag elements.

                                                                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-tags

                                                                                          interface CloudFrontWebDistributionAttributes

                                                                                          interface CloudFrontWebDistributionAttributes {}
                                                                                          • Attributes used to import a Distribution.

                                                                                          property distributionId

                                                                                          readonly distributionId: string;
                                                                                          • The distribution ID for this distribution.

                                                                                          property domainName

                                                                                          readonly domainName: string;
                                                                                          • The generated domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                          interface CloudFrontWebDistributionProps

                                                                                          interface CloudFrontWebDistributionProps {}

                                                                                            property aliasConfiguration

                                                                                            readonly aliasConfiguration?: AliasConfiguration;

                                                                                            property comment

                                                                                            readonly comment?: string;
                                                                                            • A comment for this distribution in the CloudFront console.

                                                                                              - No comment is added to distribution.

                                                                                            property defaultRootObject

                                                                                            readonly defaultRootObject?: string;
                                                                                            • The default object to serve.

                                                                                              - "index.html" is served.

                                                                                            property enabled

                                                                                            readonly enabled?: boolean;
                                                                                            • Enable or disable the distribution.

                                                                                              true

                                                                                            property enableIpV6

                                                                                            readonly enableIpV6?: boolean;
                                                                                            • If your distribution should have IPv6 enabled.

                                                                                              true

                                                                                            property errorConfigurations

                                                                                            readonly errorConfigurations?: CfnDistribution.CustomErrorResponseProperty[];
                                                                                            • How CloudFront should handle requests that are not successful (eg PageNotFound)

                                                                                              By default, CloudFront does not replace HTTP status codes in the 4xx and 5xx range with custom error messages. CloudFront does not cache HTTP status codes.

                                                                                              - No custom error configuration.

                                                                                            property geoRestriction

                                                                                            readonly geoRestriction?: GeoRestriction;
                                                                                            • Controls the countries in which your content is distributed.

                                                                                              No geo restriction

                                                                                            property httpVersion

                                                                                            readonly httpVersion?: HttpVersion;
                                                                                            • The max supported HTTP Versions.

                                                                                              HttpVersion.HTTP2

                                                                                            property loggingConfig

                                                                                            readonly loggingConfig?: LoggingConfiguration;
                                                                                            • Optional - if we should enable logging. You can pass an empty object ({}) to have us auto create a bucket for logging. Omission of this property indicates no logging is to be enabled.

                                                                                              - no logging is enabled by default.

                                                                                            property originConfigs

                                                                                            readonly originConfigs: SourceConfiguration[];
                                                                                            • The origin configurations for this distribution. Behaviors are a part of the origin.

                                                                                            property priceClass

                                                                                            readonly priceClass?: PriceClass;
                                                                                            • The price class for the distribution (this impacts how many locations CloudFront uses for your distribution, and billing)

                                                                                              PriceClass.PRICE_CLASS_100 the cheapest option for CloudFront is picked by default.

                                                                                            property viewerCertificate

                                                                                            readonly viewerCertificate?: ViewerCertificate;
                                                                                            • Specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.

                                                                                              ViewerCertificate.fromCloudFrontDefaultCertificate()

                                                                                              See Also

                                                                                              • https://aws.amazon.com/premiumsupport/knowledge-center/custom-ssl-certificate-cloudfront/

                                                                                            property viewerProtocolPolicy

                                                                                            readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                            • The default viewer policy for incoming clients.

                                                                                              RedirectToHTTPs

                                                                                            property webACLId

                                                                                            readonly webACLId?: string;
                                                                                            • Unique identifier that specifies the AWS WAF web ACL to associate with this CloudFront distribution.

                                                                                              To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                              To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                              See Also

                                                                                              • https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

                                                                                              • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html#API_CreateDistribution_RequestParameters.

                                                                                                - No AWS Web Application Firewall web access control list (web ACL).

                                                                                            interface CustomOriginConfig

                                                                                            interface CustomOriginConfig {}
                                                                                            • A custom origin configuration

                                                                                            property allowedOriginSSLVersions

                                                                                            readonly allowedOriginSSLVersions?: OriginSslPolicy[];
                                                                                            • The SSL versions to use when interacting with the origin.

                                                                                              OriginSslPolicy.TLS_V1_2

                                                                                            property domainName

                                                                                            readonly domainName: string;
                                                                                            • The domain name of the custom origin. Should not include the path - that should be in the parent SourceConfiguration

                                                                                            property httpPort

                                                                                            readonly httpPort?: number;
                                                                                            • The origin HTTP port

                                                                                              80

                                                                                            property httpsPort

                                                                                            readonly httpsPort?: number;
                                                                                            • The origin HTTPS port

                                                                                              443

                                                                                            property originHeaders

                                                                                            readonly originHeaders?: {
                                                                                            [key: string]: string;
                                                                                            };
                                                                                            • Any additional headers to pass to the origin

                                                                                              - No additional headers are passed.

                                                                                            property originKeepaliveTimeout

                                                                                            readonly originKeepaliveTimeout?: cdk.Duration;
                                                                                            • The keep alive timeout when making calls in seconds.

                                                                                              Duration.seconds(5)

                                                                                            property originPath

                                                                                            readonly originPath?: string;
                                                                                            • The relative path to the origin root to use for sources.

                                                                                              /

                                                                                            property originProtocolPolicy

                                                                                            readonly originProtocolPolicy?: OriginProtocolPolicy;
                                                                                            • The protocol (http or https) policy to use when interacting with the origin.

                                                                                              OriginProtocolPolicy.HttpsOnly

                                                                                            property originReadTimeout

                                                                                            readonly originReadTimeout?: cdk.Duration;
                                                                                            • The read timeout when calling the origin in seconds

                                                                                              Duration.seconds(30)

                                                                                            property originShieldRegion

                                                                                            readonly originShieldRegion?: string;
                                                                                            • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                              - origin shield not enabled

                                                                                            interface DistributionAttributes

                                                                                            interface DistributionAttributes {}
                                                                                            • Attributes used to import a Distribution.

                                                                                            property distributionId

                                                                                            readonly distributionId: string;
                                                                                            • The distribution ID for this distribution.

                                                                                            property domainName

                                                                                            readonly domainName: string;
                                                                                            • The generated domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                            interface DistributionProps

                                                                                            interface DistributionProps {}
                                                                                            • Properties for a Distribution

                                                                                            property additionalBehaviors

                                                                                            readonly additionalBehaviors?: Record<string, BehaviorOptions>;
                                                                                            • Additional behaviors for the distribution, mapped by the pathPattern that specifies which requests to apply the behavior to.

                                                                                              - no additional behaviors are added.

                                                                                            property certificate

                                                                                            readonly certificate?: acm.ICertificate;
                                                                                            • A certificate to associate with the distribution. The certificate must be located in N. Virginia (us-east-1).

                                                                                              - the CloudFront wildcard certificate (*.cloudfront.net) will be used.

                                                                                            property comment

                                                                                            readonly comment?: string;
                                                                                            • Any comments you want to include about the distribution.

                                                                                              - no comment

                                                                                            property defaultBehavior

                                                                                            readonly defaultBehavior: BehaviorOptions;
                                                                                            • The default behavior for the distribution.

                                                                                            property defaultRootObject

                                                                                            readonly defaultRootObject?: string;
                                                                                            • The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution. If no default object is set, the request goes to the origin's root (e.g., example.com/).

                                                                                              - no default root object

                                                                                            property domainNames

                                                                                            readonly domainNames?: string[];
                                                                                            • Alternative domain names for this distribution.

                                                                                              If you want to use your own domain name, such as www.example.com, instead of the cloudfront.net domain name, you can add an alternate domain name to your distribution. If you attach a certificate to the distribution, you must add (at least one of) the domain names of the certificate to this list.

                                                                                              - The distribution will only support the default generated name (e.g., d111111abcdef8.cloudfront.net)

                                                                                            property enabled

                                                                                            readonly enabled?: boolean;
                                                                                            • Enable or disable the distribution.

                                                                                              true

                                                                                            property enableIpv6

                                                                                            readonly enableIpv6?: boolean;
                                                                                            • Whether CloudFront will respond to IPv6 DNS requests with an IPv6 address.

                                                                                              If you specify false, CloudFront responds to IPv6 DNS requests with the DNS response code NOERROR and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.

                                                                                              true

                                                                                            property enableLogging

                                                                                            readonly enableLogging?: boolean;
                                                                                            • Enable access logging for the distribution.

                                                                                              - false, unless logBucket is specified.

                                                                                            property errorResponses

                                                                                            readonly errorResponses?: ErrorResponse[];
                                                                                            • How CloudFront should handle requests that are not successful (e.g., PageNotFound).

                                                                                              - No custom error responses.

                                                                                            property geoRestriction

                                                                                            readonly geoRestriction?: GeoRestriction;
                                                                                            • Controls the countries in which your content is distributed.

                                                                                              - No geographic restrictions

                                                                                            property httpVersion

                                                                                            readonly httpVersion?: HttpVersion;
                                                                                            • Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront.

                                                                                              For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must support server name identification (SNI).

                                                                                              HttpVersion.HTTP2

                                                                                            property logBucket

                                                                                            readonly logBucket?: s3.IBucket;
                                                                                            • The Amazon S3 bucket to store the access logs in.

                                                                                              - A bucket is created if enableLogging is true

                                                                                            property logFilePrefix

                                                                                            readonly logFilePrefix?: string;
                                                                                            • An optional string that you want CloudFront to prefix to the access log filenames for this distribution.

                                                                                              - no prefix

                                                                                            property logIncludesCookies

                                                                                            readonly logIncludesCookies?: boolean;
                                                                                            • Specifies whether you want CloudFront to include cookies in access logs

                                                                                              false

                                                                                            property minimumProtocolVersion

                                                                                            readonly minimumProtocolVersion?: SecurityPolicyProtocol;
                                                                                            • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                              CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                              - SecurityPolicyProtocol.TLS_V1_2_2021 if the '@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021' feature flag is set; otherwise, SecurityPolicyProtocol.TLS_V1_2_2019.

                                                                                            property priceClass

                                                                                            readonly priceClass?: PriceClass;
                                                                                            • The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify PriceClass_All, CloudFront responds to requests for your objects from all CloudFront edge locations. If you specify a price class other than PriceClass_All, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class.

                                                                                              PriceClass.PRICE_CLASS_ALL

                                                                                            property sslSupportMethod

                                                                                            readonly sslSupportMethod?: SSLMethod;
                                                                                            • The SSL method CloudFront will use for your distribution.

                                                                                              Server Name Indication (SNI) - is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate.

                                                                                              CloudFront can use SNI to host multiple distributions on the same IP - which a large majority of clients will support.

                                                                                              If your clients cannot support SNI however - CloudFront can use dedicated IPs for your distribution - but there is a prorated monthly charge for using this feature. By default, we use SNI - but you can optionally enable dedicated IPs (VIP).

                                                                                              See the CloudFront SSL for more details about pricing : https://aws.amazon.com/cloudfront/custom-ssl-domains/

                                                                                              SSLMethod.SNI

                                                                                            property webAclId

                                                                                            readonly webAclId?: string;
                                                                                            • Unique identifier that specifies the AWS WAF web ACL to associate with this CloudFront distribution.

                                                                                              To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                              See Also

                                                                                              • https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

                                                                                              • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html#API_CreateDistribution_RequestParameters.

                                                                                                - No AWS Web Application Firewall web access control list (web ACL).

                                                                                            interface EdgeLambda

                                                                                            interface EdgeLambda {}

                                                                                            property eventType

                                                                                            readonly eventType: LambdaEdgeEventType;
                                                                                            • The type of event in response to which should the function be invoked.

                                                                                            property functionVersion

                                                                                            readonly functionVersion: lambda.IVersion;
                                                                                            • The version of the Lambda function that will be invoked.

                                                                                              **Note**: it's not possible to use the '$LATEST' function version for Lambda@Edge!

                                                                                            property includeBody

                                                                                            readonly includeBody?: boolean;
                                                                                            • Allows a Lambda function to have read access to the body content. Only valid for "request" event types (ORIGIN_REQUEST or VIEWER_REQUEST). See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html

                                                                                              false

                                                                                            interface ErrorResponse

                                                                                            interface ErrorResponse {}
                                                                                            • Options for configuring custom error responses.

                                                                                            property httpStatus

                                                                                            readonly httpStatus: number;
                                                                                            • The HTTP status code for which you want to specify a custom error page and/or a caching duration.

                                                                                            property responseHttpStatus

                                                                                            readonly responseHttpStatus?: number;
                                                                                            • The HTTP status code that you want CloudFront to return to the viewer along with the custom error page.

                                                                                              If you specify a value for responseHttpStatus, you must also specify a value for responsePagePath.

                                                                                              - the error code will be returned as the response code.

                                                                                            property responsePagePath

                                                                                            readonly responsePagePath?: string;
                                                                                            • The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the httpStatus, for example, /4xx-errors/403-forbidden.html

                                                                                              - the default CloudFront response is shown.

                                                                                            property ttl

                                                                                            readonly ttl?: Duration;
                                                                                            • The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ErrorCode.

                                                                                              - the default caching TTL behavior applies

                                                                                            interface FileCodeOptions

                                                                                            interface FileCodeOptions {}
                                                                                            • Options when reading the function's code from an external file

                                                                                            property filePath

                                                                                            readonly filePath: string;
                                                                                            • The path of the file to read the code from

                                                                                            interface FunctionAssociation

                                                                                            interface FunctionAssociation {}

                                                                                            property eventType

                                                                                            readonly eventType: FunctionEventType;
                                                                                            • The type of event which should invoke the function.

                                                                                            property function

                                                                                            readonly function: IFunction;
                                                                                            • The CloudFront function that will be invoked.

                                                                                            interface FunctionAttributes

                                                                                            interface FunctionAttributes {}
                                                                                            • Attributes of an existing CloudFront Function to import it

                                                                                            property functionArn

                                                                                            readonly functionArn: string;
                                                                                            • The ARN of the function.

                                                                                            property functionName

                                                                                            readonly functionName: string;
                                                                                            • The name of the function.

                                                                                            interface FunctionProps

                                                                                            interface FunctionProps {}
                                                                                            • Properties for creating a CloudFront Function

                                                                                            property code

                                                                                            readonly code: FunctionCode;
                                                                                            • The source code of the function.

                                                                                            property comment

                                                                                            readonly comment?: string;
                                                                                            • A comment to describe the function. - same as functionName

                                                                                            property functionName

                                                                                            readonly functionName?: string;
                                                                                            • A name to identify the function. - generated from the id

                                                                                            interface ICachePolicy

                                                                                            interface ICachePolicy {}
                                                                                            • Represents a Cache Policy

                                                                                            property cachePolicyId

                                                                                            readonly cachePolicyId: string;
                                                                                            • The ID of the cache policy

                                                                                            interface IDistribution

                                                                                            interface IDistribution extends IResource {}
                                                                                            • Interface for CloudFront distributions

                                                                                            property distributionDomainName

                                                                                            readonly distributionDomainName: string;
                                                                                            • The domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                            property distributionId

                                                                                            readonly distributionId: string;
                                                                                            • The distribution ID for this distribution.

                                                                                            property domainName

                                                                                            readonly domainName: string;
                                                                                            • The domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                              Deprecated

                                                                                              - Use distributionDomainName instead.

                                                                                            interface IFunction

                                                                                            interface IFunction extends IResource {}
                                                                                            • Represents a CloudFront Function

                                                                                            property functionArn

                                                                                            readonly functionArn: string;
                                                                                            • The ARN of the function.

                                                                                            property functionName

                                                                                            readonly functionName: string;
                                                                                            • The name of the function.

                                                                                            interface IKeyGroup

                                                                                            interface IKeyGroup extends IResource {}
                                                                                            • Represents a Key Group

                                                                                            property keyGroupId

                                                                                            readonly keyGroupId: string;
                                                                                            • The ID of the key group.

                                                                                            interface IOrigin

                                                                                            interface IOrigin {}
                                                                                            • Represents the concept of a CloudFront Origin. You provide one or more origins when creating a Distribution.

                                                                                            method bind

                                                                                            bind: (scope: Construct, options: OriginBindOptions) => OriginBindConfig;
                                                                                            • The method called when a given Origin is added (for the first time) to a Distribution.

                                                                                            interface IOriginAccessIdentity

                                                                                            interface IOriginAccessIdentity extends cdk.IResource, iam.IGrantable {}
                                                                                            • Interface for CloudFront OriginAccessIdentity

                                                                                            property originAccessIdentityName

                                                                                            readonly originAccessIdentityName: string;
                                                                                            • The Origin Access Identity Name

                                                                                            interface IOriginRequestPolicy

                                                                                            interface IOriginRequestPolicy {}
                                                                                            • Represents a Origin Request Policy

                                                                                            property originRequestPolicyId

                                                                                            readonly originRequestPolicyId: string;
                                                                                            • The ID of the origin request policy

                                                                                            interface IPublicKey

                                                                                            interface IPublicKey extends IResource {}
                                                                                            • Represents a Public Key

                                                                                            property publicKeyId

                                                                                            readonly publicKeyId: string;
                                                                                            • The ID of the key group.

                                                                                            interface IResponseHeadersPolicy

                                                                                            interface IResponseHeadersPolicy {}
                                                                                            • Represents a response headers policy.

                                                                                            property responseHeadersPolicyId

                                                                                            readonly responseHeadersPolicyId: string;
                                                                                            • The ID of the response headers policy

                                                                                            interface KeyGroupProps

                                                                                            interface KeyGroupProps {}
                                                                                            • Properties for creating a Public Key

                                                                                            property comment

                                                                                            readonly comment?: string;
                                                                                            • A comment to describe the key group. - no comment

                                                                                            property items

                                                                                            readonly items: IPublicKey[];
                                                                                            • A list of public keys to add to the key group.

                                                                                            property keyGroupName

                                                                                            readonly keyGroupName?: string;
                                                                                            • A name to identify the key group. - generated from the id

                                                                                            interface LambdaFunctionAssociation

                                                                                            interface LambdaFunctionAssociation {}

                                                                                              property eventType

                                                                                              readonly eventType: LambdaEdgeEventType;
                                                                                              • The lambda event type defines at which event the lambda is called during the request lifecycle

                                                                                              property includeBody

                                                                                              readonly includeBody?: boolean;
                                                                                              • Allows a Lambda function to have read access to the body content. Only valid for "request" event types (ORIGIN_REQUEST or VIEWER_REQUEST). See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html

                                                                                                false

                                                                                              property lambdaFunction

                                                                                              readonly lambdaFunction: lambda.IVersion;
                                                                                              • A version of the lambda to associate

                                                                                              interface LoggingConfiguration

                                                                                              interface LoggingConfiguration {}
                                                                                              • Logging configuration for incoming requests

                                                                                              property bucket

                                                                                              readonly bucket?: s3.IBucket;
                                                                                              • Bucket to log requests to

                                                                                                - A logging bucket is automatically created.

                                                                                              property includeCookies

                                                                                              readonly includeCookies?: boolean;
                                                                                              • Whether to include the cookies in the logs

                                                                                                false

                                                                                              property prefix

                                                                                              readonly prefix?: string;
                                                                                              • Where in the bucket to store logs

                                                                                                - No prefix.

                                                                                              interface OriginAccessIdentityProps

                                                                                              interface OriginAccessIdentityProps {}
                                                                                              • Properties of CloudFront OriginAccessIdentity

                                                                                              property comment

                                                                                              readonly comment?: string;
                                                                                              • Any comments you want to include about the origin access identity.

                                                                                                "Allows CloudFront to reach the bucket"

                                                                                              interface OriginBindConfig

                                                                                              interface OriginBindConfig {}

                                                                                              property failoverConfig

                                                                                              readonly failoverConfig?: OriginFailoverConfig;
                                                                                              • The failover configuration for this Origin.

                                                                                                - nothing is returned

                                                                                              property originProperty

                                                                                              readonly originProperty?: CfnDistribution.OriginProperty;
                                                                                              • The CloudFormation OriginProperty configuration for this Origin.

                                                                                                - nothing is returned

                                                                                              interface OriginBindOptions

                                                                                              interface OriginBindOptions {}
                                                                                              • Options passed to Origin.bind().

                                                                                              property originId

                                                                                              readonly originId: string;
                                                                                              • The identifier of this Origin, as assigned by the Distribution this Origin has been used added to.

                                                                                              interface OriginFailoverConfig

                                                                                              interface OriginFailoverConfig {}

                                                                                              property failoverOrigin

                                                                                              readonly failoverOrigin: IOrigin;
                                                                                              • The origin to use as the fallback origin.

                                                                                              property statusCodes

                                                                                              readonly statusCodes?: number[];
                                                                                              • The HTTP status codes of the response that trigger querying the failover Origin.

                                                                                                - 500, 502, 503 and 504

                                                                                              interface OriginOptions

                                                                                              interface OriginOptions {}
                                                                                              • Options to define an Origin.

                                                                                              property connectionAttempts

                                                                                              readonly connectionAttempts?: number;
                                                                                              • The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts.

                                                                                                3

                                                                                              property connectionTimeout

                                                                                              readonly connectionTimeout?: Duration;
                                                                                              • The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive.

                                                                                                Duration.seconds(10)

                                                                                              property customHeaders

                                                                                              readonly customHeaders?: Record<string, string>;
                                                                                              • A list of HTTP header names and values that CloudFront adds to requests it sends to the origin.

                                                                                                {}

                                                                                              property originShieldRegion

                                                                                              readonly originShieldRegion?: string;
                                                                                              • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                See Also

                                                                                                • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html

                                                                                                  - origin shield not enabled

                                                                                              interface OriginProps

                                                                                              interface OriginProps extends OriginOptions {}
                                                                                              • Properties to define an Origin.

                                                                                              property originPath

                                                                                              readonly originPath?: string;
                                                                                              • An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with '/' (e.g., '/production/images').

                                                                                                '/'

                                                                                              interface OriginRequestPolicyProps

                                                                                              interface OriginRequestPolicyProps {}
                                                                                              • Properties for creating a Origin Request Policy

                                                                                              property comment

                                                                                              readonly comment?: string;
                                                                                              • A comment to describe the origin request policy. - no comment

                                                                                              property cookieBehavior

                                                                                              readonly cookieBehavior?: OriginRequestCookieBehavior;
                                                                                              • The cookies from viewer requests to include in origin requests. OriginRequestCookieBehavior.none()

                                                                                              property headerBehavior

                                                                                              readonly headerBehavior?: OriginRequestHeaderBehavior;
                                                                                              • The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront. OriginRequestHeaderBehavior.none()

                                                                                              property originRequestPolicyName

                                                                                              readonly originRequestPolicyName?: string;
                                                                                              • A unique name to identify the origin request policy. The name must only include '-', '_', or alphanumeric characters. - generated from the id

                                                                                              property queryStringBehavior

                                                                                              readonly queryStringBehavior?: OriginRequestQueryStringBehavior;
                                                                                              • The URL query strings from viewer requests to include in origin requests. OriginRequestQueryStringBehavior.none()

                                                                                              interface PublicKeyProps

                                                                                              interface PublicKeyProps {}
                                                                                              • Properties for creating a Public Key

                                                                                              property comment

                                                                                              readonly comment?: string;
                                                                                              • A comment to describe the public key. - no comment

                                                                                              property encodedKey

                                                                                              readonly encodedKey: string;
                                                                                              • The public key that you can use with signed URLs and signed cookies, or with field-level encryption. The encodedKey parameter must include -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- lines.

                                                                                                See Also

                                                                                                • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html

                                                                                              property publicKeyName

                                                                                              readonly publicKeyName?: string;
                                                                                              • A name to identify the public key. - generated from the id

                                                                                              interface ResponseCustomHeader

                                                                                              interface ResponseCustomHeader {}
                                                                                              • An HTTP response header name and its value. CloudFront includes this header in HTTP responses that it sends for requests that match a cache behavior that’s associated with this response headers policy.

                                                                                              property header

                                                                                              readonly header: string;
                                                                                              • The HTTP response header name.

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.

                                                                                              property value

                                                                                              readonly value: string;
                                                                                              • The value for the HTTP response header.

                                                                                              interface ResponseCustomHeadersBehavior

                                                                                              interface ResponseCustomHeadersBehavior {}
                                                                                              • Configuration for a set of HTTP response headers that are sent for requests that match a cache behavior that’s associated with this response headers policy.

                                                                                              property customHeaders

                                                                                              readonly customHeaders: ResponseCustomHeader[];
                                                                                              • The list of HTTP response headers and their values.

                                                                                              interface ResponseHeadersContentSecurityPolicy

                                                                                              interface ResponseHeadersContentSecurityPolicy {}
                                                                                              • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                              property contentSecurityPolicy

                                                                                              readonly contentSecurityPolicy: string;
                                                                                              • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                              interface ResponseHeadersContentTypeOptions

                                                                                              interface ResponseHeadersContentTypeOptions {}
                                                                                              • Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                              interface ResponseHeadersCorsBehavior

                                                                                              interface ResponseHeadersCorsBehavior {}
                                                                                              • Configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.

                                                                                              property accessControlAllowCredentials

                                                                                              readonly accessControlAllowCredentials: boolean;
                                                                                              • A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

                                                                                              property accessControlAllowHeaders

                                                                                              readonly accessControlAllowHeaders: string[];
                                                                                              • A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. You can specify ['*'] to allow all headers.

                                                                                              property accessControlAllowMethods

                                                                                              readonly accessControlAllowMethods: string[];
                                                                                              • A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

                                                                                              property accessControlAllowOrigins

                                                                                              readonly accessControlAllowOrigins: string[];
                                                                                              • A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. You can specify ['*'] to allow all origins.

                                                                                              property accessControlExposeHeaders

                                                                                              readonly accessControlExposeHeaders?: string[];
                                                                                              • A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. You can specify ['*'] to expose all headers.

                                                                                                - no headers exposed

                                                                                              property accessControlMaxAge

                                                                                              readonly accessControlMaxAge?: Duration;
                                                                                              • A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

                                                                                                - no max age

                                                                                              property originOverride

                                                                                              readonly originOverride: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.

                                                                                              interface ResponseHeadersFrameOptions

                                                                                              interface ResponseHeadersFrameOptions {}
                                                                                              • Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.

                                                                                              property frameOption

                                                                                              readonly frameOption: HeadersFrameOption;
                                                                                              • The value of the X-Frame-Options HTTP response header.

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                              interface ResponseHeadersPolicyProps

                                                                                              interface ResponseHeadersPolicyProps {}
                                                                                              • Properties for creating a Response Headers Policy

                                                                                              property comment

                                                                                              readonly comment?: string;
                                                                                              • A comment to describe the response headers policy.

                                                                                                - no comment

                                                                                              property corsBehavior

                                                                                              readonly corsBehavior?: ResponseHeadersCorsBehavior;
                                                                                              • A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).

                                                                                                - no cors behavior

                                                                                              property customHeadersBehavior

                                                                                              readonly customHeadersBehavior?: ResponseCustomHeadersBehavior;
                                                                                              • A configuration for a set of custom HTTP response headers.

                                                                                                - no custom headers behavior

                                                                                              property responseHeadersPolicyName

                                                                                              readonly responseHeadersPolicyName?: string;
                                                                                              • A unique name to identify the response headers policy.

                                                                                                - generated from the id

                                                                                              property securityHeadersBehavior

                                                                                              readonly securityHeadersBehavior?: ResponseSecurityHeadersBehavior;
                                                                                              • A configuration for a set of security-related HTTP response headers.

                                                                                                - no security headers behavior

                                                                                              interface ResponseHeadersReferrerPolicy

                                                                                              interface ResponseHeadersReferrerPolicy {}
                                                                                              • Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                              property referrerPolicy

                                                                                              readonly referrerPolicy: HeadersReferrerPolicy;
                                                                                              • The value of the Referrer-Policy HTTP response header.

                                                                                              interface ResponseHeadersStrictTransportSecurity

                                                                                              interface ResponseHeadersStrictTransportSecurity {}
                                                                                              • Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.

                                                                                              property accessControlMaxAge

                                                                                              readonly accessControlMaxAge: Duration;
                                                                                              • A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

                                                                                              property includeSubdomains

                                                                                              readonly includeSubdomains?: boolean;
                                                                                              • A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

                                                                                                false

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                              property preload

                                                                                              readonly preload?: boolean;
                                                                                              • A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

                                                                                                false

                                                                                              interface ResponseHeadersXSSProtection

                                                                                              interface ResponseHeadersXSSProtection {}
                                                                                              • Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.

                                                                                              property modeBlock

                                                                                              readonly modeBlock?: boolean;
                                                                                              • A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

                                                                                                false

                                                                                              property override

                                                                                              readonly override: boolean;
                                                                                              • A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                              property protection

                                                                                              readonly protection: boolean;
                                                                                              • A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

                                                                                              property reportUri

                                                                                              readonly reportUri?: string;
                                                                                              • A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a ReportUri when ModeBlock is true.

                                                                                                - no report uri

                                                                                              interface ResponseSecurityHeadersBehavior

                                                                                              interface ResponseSecurityHeadersBehavior {}
                                                                                              • Configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.

                                                                                              property contentSecurityPolicy

                                                                                              readonly contentSecurityPolicy?: ResponseHeadersContentSecurityPolicy;
                                                                                              • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                - no content security policy

                                                                                              property contentTypeOptions

                                                                                              readonly contentTypeOptions?: ResponseHeadersContentTypeOptions;
                                                                                              • Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

                                                                                                - no content type options

                                                                                              property frameOptions

                                                                                              readonly frameOptions?: ResponseHeadersFrameOptions;
                                                                                              • Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.

                                                                                                - no frame options

                                                                                              property referrerPolicy

                                                                                              readonly referrerPolicy?: ResponseHeadersReferrerPolicy;
                                                                                              • Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.

                                                                                                - no referrer policy

                                                                                              property strictTransportSecurity

                                                                                              readonly strictTransportSecurity?: ResponseHeadersStrictTransportSecurity;
                                                                                              • Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.

                                                                                                - no strict transport security

                                                                                              property xssProtection

                                                                                              readonly xssProtection?: ResponseHeadersXSSProtection;
                                                                                              • Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.

                                                                                                - no xss protection

                                                                                              interface S3OriginConfig

                                                                                              interface S3OriginConfig {}
                                                                                              • S3 origin configuration for CloudFront

                                                                                              property originAccessIdentity

                                                                                              readonly originAccessIdentity?: IOriginAccessIdentity;
                                                                                              • The optional Origin Access Identity of the origin identity cloudfront will use when calling your s3 bucket.

                                                                                                No Origin Access Identity which requires the S3 bucket to be public accessible

                                                                                              property originHeaders

                                                                                              readonly originHeaders?: {
                                                                                              [key: string]: string;
                                                                                              };
                                                                                              • Any additional headers to pass to the origin

                                                                                                - No additional headers are passed.

                                                                                              property originPath

                                                                                              readonly originPath?: string;
                                                                                              • The relative path to the origin root to use for sources.

                                                                                                /

                                                                                              property originShieldRegion

                                                                                              readonly originShieldRegion?: string;
                                                                                              • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                - origin shield not enabled

                                                                                              property s3BucketSource

                                                                                              readonly s3BucketSource: s3.IBucket;
                                                                                              • The source bucket to serve content from

                                                                                              interface SourceConfiguration

                                                                                              interface SourceConfiguration {}
                                                                                              • A source configuration is a wrapper for CloudFront origins and behaviors. An origin is what CloudFront will "be in front of" - that is, CloudFront will pull it's assets from an origin.

                                                                                                If you're using s3 as a source - pass the s3Origin property, otherwise, pass the customOriginSource property.

                                                                                                One or the other must be passed, and it is invalid to pass both in the same SourceConfiguration.

                                                                                              property behaviors

                                                                                              readonly behaviors: Behavior[];
                                                                                              • The behaviors associated with this source. At least one (default) behavior must be included.

                                                                                              property connectionAttempts

                                                                                              readonly connectionAttempts?: number;
                                                                                              • The number of times that CloudFront attempts to connect to the origin. You can specify 1, 2, or 3 as the number of attempts.

                                                                                                3

                                                                                              property connectionTimeout

                                                                                              readonly connectionTimeout?: cdk.Duration;
                                                                                              • The number of seconds that CloudFront waits when trying to establish a connection to the origin. You can specify a number of seconds between 1 and 10 (inclusive).

                                                                                                cdk.Duration.seconds(10)

                                                                                              property customOriginSource

                                                                                              readonly customOriginSource?: CustomOriginConfig;
                                                                                              • A custom origin source - for all non-s3 sources.

                                                                                              property failoverCriteriaStatusCodes

                                                                                              readonly failoverCriteriaStatusCodes?: FailoverStatusCode[];
                                                                                              • HTTP status code to failover to second origin

                                                                                                [500, 502, 503, 504]

                                                                                              property failoverCustomOriginSource

                                                                                              readonly failoverCustomOriginSource?: CustomOriginConfig;
                                                                                              • A custom origin source for failover in case the s3OriginSource returns invalid status code

                                                                                                - no failover configuration

                                                                                              property failoverS3OriginSource

                                                                                              readonly failoverS3OriginSource?: S3OriginConfig;
                                                                                              • An s3 origin source for failover in case the s3OriginSource returns invalid status code

                                                                                                - no failover configuration

                                                                                              property originHeaders

                                                                                              readonly originHeaders?: {
                                                                                              [key: string]: string;
                                                                                              };
                                                                                              • Any additional headers to pass to the origin

                                                                                                - No additional headers are passed.

                                                                                                Deprecated

                                                                                                Use originHeaders on s3OriginSource or customOriginSource

                                                                                              property originPath

                                                                                              readonly originPath?: string;
                                                                                              • The relative path to the origin root to use for sources.

                                                                                                /

                                                                                                Deprecated

                                                                                                Use originPath on s3OriginSource or customOriginSource

                                                                                              property originShieldRegion

                                                                                              readonly originShieldRegion?: string;
                                                                                              • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                See Also

                                                                                                • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html

                                                                                                  - origin shield not enabled

                                                                                              property s3OriginSource

                                                                                              readonly s3OriginSource?: S3OriginConfig;
                                                                                              • An s3 origin source - if you're using s3 for your assets

                                                                                              interface ViewerCertificateOptions

                                                                                              interface ViewerCertificateOptions {}

                                                                                                property aliases

                                                                                                readonly aliases?: string[];
                                                                                                • Domain names on the certificate (both main domain name and Subject Alternative names)

                                                                                                property securityPolicy

                                                                                                readonly securityPolicy?: SecurityPolicyProtocol;
                                                                                                • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                                  CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                                  - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

                                                                                                property sslMethod

                                                                                                readonly sslMethod?: SSLMethod;
                                                                                                • How CloudFront should serve HTTPS requests.

                                                                                                  See the notes on SSLMethod if you wish to use other SSL termination types.

                                                                                                  SSLMethod.SNI

                                                                                                  See Also

                                                                                                  • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html

                                                                                                Enums

                                                                                                enum CloudFrontAllowedCachedMethods

                                                                                                enum CloudFrontAllowedCachedMethods {
                                                                                                GET_HEAD = 'GH',
                                                                                                GET_HEAD_OPTIONS = 'GHO',
                                                                                                }
                                                                                                • Enums for the methods CloudFront can cache.

                                                                                                member GET_HEAD

                                                                                                GET_HEAD = 'GH'

                                                                                                  member GET_HEAD_OPTIONS

                                                                                                  GET_HEAD_OPTIONS = 'GHO'

                                                                                                    enum CloudFrontAllowedMethods

                                                                                                    enum CloudFrontAllowedMethods {
                                                                                                    GET_HEAD = 'GH',
                                                                                                    GET_HEAD_OPTIONS = 'GHO',
                                                                                                    ALL = 'ALL',
                                                                                                    }
                                                                                                    • An enum for the supported methods to a CloudFront distribution.

                                                                                                    member ALL

                                                                                                    ALL = 'ALL'

                                                                                                      member GET_HEAD

                                                                                                      GET_HEAD = 'GH'

                                                                                                        member GET_HEAD_OPTIONS

                                                                                                        GET_HEAD_OPTIONS = 'GHO'

                                                                                                          enum FailoverStatusCode

                                                                                                          enum FailoverStatusCode {
                                                                                                          FORBIDDEN = 403,
                                                                                                          NOT_FOUND = 404,
                                                                                                          INTERNAL_SERVER_ERROR = 500,
                                                                                                          BAD_GATEWAY = 502,
                                                                                                          SERVICE_UNAVAILABLE = 503,
                                                                                                          GATEWAY_TIMEOUT = 504,
                                                                                                          }
                                                                                                          • HTTP status code to failover to second origin

                                                                                                          member BAD_GATEWAY

                                                                                                          BAD_GATEWAY = 502
                                                                                                          • Bad Gateway (502)

                                                                                                          member FORBIDDEN

                                                                                                          FORBIDDEN = 403
                                                                                                          • Forbidden (403)

                                                                                                          member GATEWAY_TIMEOUT

                                                                                                          GATEWAY_TIMEOUT = 504
                                                                                                          • Gateway Timeout (504)

                                                                                                          member INTERNAL_SERVER_ERROR

                                                                                                          INTERNAL_SERVER_ERROR = 500
                                                                                                          • Internal Server Error (500)

                                                                                                          member NOT_FOUND

                                                                                                          NOT_FOUND = 404
                                                                                                          • Not found (404)

                                                                                                          member SERVICE_UNAVAILABLE

                                                                                                          SERVICE_UNAVAILABLE = 503
                                                                                                          • Service Unavailable (503)

                                                                                                          enum FunctionEventType

                                                                                                          enum FunctionEventType {
                                                                                                          VIEWER_REQUEST = 'viewer-request',
                                                                                                          VIEWER_RESPONSE = 'viewer-response',
                                                                                                          }
                                                                                                          • The type of events that a CloudFront function can be invoked in response to.

                                                                                                          member VIEWER_REQUEST

                                                                                                          VIEWER_REQUEST = 'viewer-request'
                                                                                                          • The viewer-request specifies the incoming request

                                                                                                          member VIEWER_RESPONSE

                                                                                                          VIEWER_RESPONSE = 'viewer-response'
                                                                                                          • The viewer-response specifies the outgoing response

                                                                                                          enum HeadersFrameOption

                                                                                                          enum HeadersFrameOption {
                                                                                                          DENY = 'DENY',
                                                                                                          SAMEORIGIN = 'SAMEORIGIN',
                                                                                                          }
                                                                                                          • Enum representing possible values of the X-Frame-Options HTTP response header.

                                                                                                          member DENY

                                                                                                          DENY = 'DENY'
                                                                                                          • The page can only be displayed in a frame on the same origin as the page itself.

                                                                                                          member SAMEORIGIN

                                                                                                          SAMEORIGIN = 'SAMEORIGIN'
                                                                                                          • The page can only be displayed in a frame on the specified origin.

                                                                                                          enum