@aws-cdk/aws-cloudfront

  • Version 1.204.0
  • Published
  • 4.59 MB
  • 11 dependencies
  • Apache-2.0 license

Install

npm i @aws-cdk/aws-cloudfront
yarn add @aws-cdk/aws-cloudfront
pnpm add @aws-cdk/aws-cloudfront

Overview

The CDK Construct Library for AWS::CloudFront

Index

Classes

Interfaces

Enums

Namespaces

Classes

class AllowedMethods

class AllowedMethods {}
  • The HTTP methods that the Behavior will accept requests on.

property ALLOW_ALL

static readonly ALLOW_ALL: AllowedMethods;
  • All supported HTTP methods

property ALLOW_GET_HEAD

static readonly ALLOW_GET_HEAD: AllowedMethods;
  • HEAD and GET

property ALLOW_GET_HEAD_OPTIONS

static readonly ALLOW_GET_HEAD_OPTIONS: AllowedMethods;
  • HEAD, GET, and OPTIONS

property methods

readonly methods: string[];
  • HTTP methods supported

class CacheCookieBehavior

class CacheCookieBehavior {}
  • Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin.

property behavior

readonly behavior: string;
  • The behavior of cookies: allow all, none, an allow list, or a deny list.

property cookies

readonly cookies?: string[];
  • The cookies to allow or deny, if the behavior is an allow or deny list.

method all

static all: () => CacheCookieBehavior;
  • All cookies in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

method allowList

static allowList: (...cookies: string[]) => CacheCookieBehavior;
  • Only the provided cookies are included in the cache key and automatically included in requests that CloudFront sends to the origin.

method denyList

static denyList: (...cookies: string[]) => CacheCookieBehavior;
  • All cookies except the provided cookies are included in the cache key and automatically included in requests that CloudFront sends to the origin.

method none

static none: () => CacheCookieBehavior;
  • Cookies in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

class CachedMethods

class CachedMethods {}
  • The HTTP methods that the Behavior will cache requests on.

property CACHE_GET_HEAD

static readonly CACHE_GET_HEAD: CachedMethods;
  • HEAD and GET

property CACHE_GET_HEAD_OPTIONS

static readonly CACHE_GET_HEAD_OPTIONS: CachedMethods;
  • HEAD, GET, and OPTIONS

property methods

readonly methods: string[];
  • HTTP methods supported

class CacheHeaderBehavior

class CacheHeaderBehavior {}
  • Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin.

property behavior

readonly behavior: string;
  • If no headers will be passed, or an allow list of headers.

property headers

readonly headers?: string[];
  • The headers for the allow/deny list, if applicable.

method allowList

static allowList: (...headers: string[]) => CacheHeaderBehavior;
  • Listed headers are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

method none

static none: () => CacheHeaderBehavior;
  • HTTP headers are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

class CachePolicy

class CachePolicy extends Resource implements ICachePolicy {}
  • A Cache Policy configuration.

    AWS::CloudFront::CachePolicy https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html

constructor

constructor(scope: Construct, id: string, props?: CachePolicyProps);

    property AMPLIFY

    static readonly AMPLIFY: ICachePolicy;
    • This policy is designed for use with an origin that is an AWS Amplify web app.

    property cachePolicyId

    readonly cachePolicyId: string;

      property CACHING_DISABLED

      static readonly CACHING_DISABLED: ICachePolicy;
      • Disables caching. This policy is useful for dynamic content and for requests that are not cacheable.

      property CACHING_OPTIMIZED

      static readonly CACHING_OPTIMIZED: ICachePolicy;
      • Optimize cache efficiency by minimizing the values that CloudFront includes in the cache key. Query strings and cookies are not included in the cache key, and only the normalized 'Accept-Encoding' header is included.

      property CACHING_OPTIMIZED_FOR_UNCOMPRESSED_OBJECTS

      static readonly CACHING_OPTIMIZED_FOR_UNCOMPRESSED_OBJECTS: ICachePolicy;
      • Optimize cache efficiency by minimizing the values that CloudFront includes in the cache key. Query strings and cookies are not included in the cache key, and only the normalized 'Accept-Encoding' header is included. Disables cache compression.

      property ELEMENTAL_MEDIA_PACKAGE

      static readonly ELEMENTAL_MEDIA_PACKAGE: ICachePolicy;
      • Designed for use with an origin that is an AWS Elemental MediaPackage endpoint.

      method fromCachePolicyId

      static fromCachePolicyId: (
      scope: Construct,
      id: string,
      cachePolicyId: string
      ) => ICachePolicy;
      • Imports a Cache Policy from its id.

      class CacheQueryStringBehavior

      class CacheQueryStringBehavior {}
      • Determines whether any URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      property behavior

      readonly behavior: string;
      • The behavior of query strings -- allow all, none, only an allow list, or a deny list.

      property queryStrings

      readonly queryStrings?: string[];
      • The query strings to allow or deny, if the behavior is an allow or deny list.

      method all

      static all: () => CacheQueryStringBehavior;
      • All query strings in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

      method allowList

      static allowList: (...queryStrings: string[]) => CacheQueryStringBehavior;
      • Only the provided queryStrings are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      method denyList

      static denyList: (...queryStrings: string[]) => CacheQueryStringBehavior;
      • All query strings except the provided queryStrings are included in the cache key and automatically included in requests that CloudFront sends to the origin.

      method none

      static none: () => CacheQueryStringBehavior;
      • Query strings in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin.

      class CfnCachePolicy

      class CfnCachePolicy extends cdk.CfnResource implements cdk.IInspectable {}
      • A CloudFormation AWS::CloudFront::CachePolicy

        A cache policy.

        When it's attached to a cache behavior, the cache policy determines the following:

        - The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer. - The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.

        The headers, cookies, and query strings that are included in the cache key are also included in requests that CloudFront sends to the origin. CloudFront sends a request when it can't find a valid object in its cache that matches the request's cache key. If you want to send values to the origin but *not* include them in the cache key, use OriginRequestPolicy .

        AWS::CloudFront::CachePolicy external

        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html

      constructor

      constructor(scope: cdk.Construct, id: string, props: CfnCachePolicyProps);
      • Create a new AWS::CloudFront::CachePolicy.

        Parameter scope

        scope in which this resource is defined

        Parameter id

        scoped id of the resource

        Parameter props

        resource properties

      property attrId

      readonly attrId: string;
      • The unique identifier for the cache policy. For example: 2766f7b2-75c5-41c6-8f06-bf4303a2f2f5 . Id

      property attrLastModifiedTime

      readonly attrLastModifiedTime: string;
      • The date and time when the cache policy was last modified. LastModifiedTime

      property cachePolicyConfig

      cachePolicyConfig: any;
      • The cache policy configuration.

        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html#cfn-cloudfront-cachepolicy-cachepolicyconfig

      property CFN_RESOURCE_TYPE_NAME

      static readonly CFN_RESOURCE_TYPE_NAME: string;
      • The CloudFormation resource type name for this resource class.

      property cfnProperties

      readonly cfnProperties: { [key: string]: any };

        method inspect

        inspect: (inspector: cdk.TreeInspector) => void;
        • Examines the CloudFormation resource and discloses attributes.

          Parameter inspector

          tree inspector to collect and process attributes

        method renderProperties

        protected renderProperties: (props: { [key: string]: any }) => {
        [key: string]: any;
        };

          class CfnCloudFrontOriginAccessIdentity

          class CfnCloudFrontOriginAccessIdentity
          extends cdk.CfnResource
          implements cdk.IInspectable {}
          • A CloudFormation AWS::CloudFront::CloudFrontOriginAccessIdentity

            The request to create a new origin access identity (OAI). An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content. For more information, see [Restricting Access to Amazon S3 Content by Using an Origin Access Identity](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html) in the *Amazon CloudFront Developer Guide* .

            AWS::CloudFront::CloudFrontOriginAccessIdentity external

            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html

          constructor

          constructor(
          scope: cdk.Construct,
          id: string,
          props: CfnCloudFrontOriginAccessIdentityProps
          );
          • Create a new AWS::CloudFront::CloudFrontOriginAccessIdentity.

            Parameter scope

            scope in which this resource is defined

            Parameter id

            scoped id of the resource

            Parameter props

            resource properties

          property attrId

          readonly attrId: string;
          • The ID for the origin access identity, for example, E74FTE3AJFJ256A . Id

          property attrS3CanonicalUserId

          readonly attrS3CanonicalUserId: string;
          • The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3. For example: b970b42360b81c8ddbd79d2f5df0069ba9033c8a79655752abe380cd6d63ba8bcf23384d568fcf89fc49700b5e11a0fd . S3CanonicalUserId

          property CFN_RESOURCE_TYPE_NAME

          static readonly CFN_RESOURCE_TYPE_NAME: string;
          • The CloudFormation resource type name for this resource class.

          property cfnProperties

          readonly cfnProperties: { [key: string]: any };

            property cloudFrontOriginAccessIdentityConfig

            cloudFrontOriginAccessIdentityConfig: any;
            • The current configuration information for the identity.

              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html#cfn-cloudfront-cloudfrontoriginaccessidentity-cloudfrontoriginaccessidentityconfig

            method inspect

            inspect: (inspector: cdk.TreeInspector) => void;
            • Examines the CloudFormation resource and discloses attributes.

              Parameter inspector

              tree inspector to collect and process attributes

            method renderProperties

            protected renderProperties: (props: { [key: string]: any }) => {
            [key: string]: any;
            };

              class CfnContinuousDeploymentPolicy

              class CfnContinuousDeploymentPolicy
              extends cdk.CfnResource
              implements cdk.IInspectable {}
              • A CloudFormation AWS::CloudFront::ContinuousDeploymentPolicy

                Creates a continuous deployment policy that routes a subset of production traffic from a primary distribution to a staging distribution.

                After you create and update a staging distribution, you can use a continuous deployment policy to incrementally move traffic to the staging distribution. This enables you to test changes to a distribution's configuration before moving all of your production traffic to the new configuration.

                For more information, see [Using CloudFront continuous deployment to safely test CDN configuration changes](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/continuous-deployment.html) in the *Amazon CloudFront Developer Guide* .

                AWS::CloudFront::ContinuousDeploymentPolicy external

                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-continuousdeploymentpolicy.html

              constructor

              constructor(
              scope: cdk.Construct,
              id: string,
              props: CfnContinuousDeploymentPolicyProps
              );
              • Create a new AWS::CloudFront::ContinuousDeploymentPolicy.

                Parameter scope

                scope in which this resource is defined

                Parameter id

                scoped id of the resource

                Parameter props

                resource properties

              property attrId

              readonly attrId: string;
              • The identifier of the cotinuous deployment policy. Id

              property attrLastModifiedTime

              readonly attrLastModifiedTime: string;
              • The date and time when the continuous deployment policy was last modified. LastModifiedTime

              property CFN_RESOURCE_TYPE_NAME

              static readonly CFN_RESOURCE_TYPE_NAME: string;
              • The CloudFormation resource type name for this resource class.

              property cfnProperties

              readonly cfnProperties: { [key: string]: any };

                property continuousDeploymentPolicyConfig

                continuousDeploymentPolicyConfig: any;
                • Contains the configuration for a continuous deployment policy.

                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-continuousdeploymentpolicy.html#cfn-cloudfront-continuousdeploymentpolicy-continuousdeploymentpolicyconfig

                method inspect

                inspect: (inspector: cdk.TreeInspector) => void;
                • Examines the CloudFormation resource and discloses attributes.

                  Parameter inspector

                  tree inspector to collect and process attributes

                method renderProperties

                protected renderProperties: (props: { [key: string]: any }) => {
                [key: string]: any;
                };

                  class CfnDistribution

                  class CfnDistribution extends cdk.CfnResource implements cdk.IInspectable {}
                  • A CloudFormation AWS::CloudFront::Distribution

                    A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.

                    AWS::CloudFront::Distribution external

                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html

                  constructor

                  constructor(scope: cdk.Construct, id: string, props: CfnDistributionProps);
                  • Create a new AWS::CloudFront::Distribution.

                    Parameter scope

                    scope in which this resource is defined

                    Parameter id

                    scoped id of the resource

                    Parameter props

                    resource properties

                  property attrDomainName

                  readonly attrDomainName: string;
                  • The domain name of the resource, such as d111111abcdef8.cloudfront.net . DomainName

                  property attrId

                  readonly attrId: string;
                  • The identifier for the distribution, for example EDFDVBD632BHDS5 . Id

                  property CFN_RESOURCE_TYPE_NAME

                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                  • The CloudFormation resource type name for this resource class.

                  property cfnProperties

                  readonly cfnProperties: { [key: string]: any };

                    property distributionConfig

                    distributionConfig: any;
                    • The distribution's configuration.

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-distributionconfig

                    property tags

                    readonly tags: cdk.TagManager;
                    • A complex type that contains zero or more Tag elements.

                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-tags

                    method inspect

                    inspect: (inspector: cdk.TreeInspector) => void;
                    • Examines the CloudFormation resource and discloses attributes.

                      Parameter inspector

                      tree inspector to collect and process attributes

                    method renderProperties

                    protected renderProperties: (props: { [key: string]: any }) => {
                    [key: string]: any;
                    };

                      class CfnFunction

                      class CfnFunction extends cdk.CfnResource implements cdk.IInspectable {}
                      • A CloudFormation AWS::CloudFront::Function

                        Creates a CloudFront function.

                        To create a function, you provide the function code and some configuration information about the function. The response contains an Amazon Resource Name (ARN) that uniquely identifies the function, and the function’s stage.

                        By default, when you create a function, it’s in the DEVELOPMENT stage. In this stage, you can [test the function](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/test-function.html) in the CloudFront console (or with TestFunction in the CloudFront API).

                        When you’re ready to use your function with a CloudFront distribution, publish the function to the LIVE stage. You can do this in the CloudFront console, with PublishFunction in the CloudFront API, or by updating the AWS::CloudFront::Function resource with the AutoPublish property set to true . When the function is published to the LIVE stage, you can attach it to a distribution’s cache behavior, using the function’s ARN.

                        To automatically publish the function to the LIVE stage when it’s created, set the AutoPublish property to true .

                        AWS::CloudFront::Function external

                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html

                      constructor

                      constructor(scope: cdk.Construct, id: string, props: CfnFunctionProps);
                      • Create a new AWS::CloudFront::Function.

                        Parameter scope

                        scope in which this resource is defined

                        Parameter id

                        scoped id of the resource

                        Parameter props

                        resource properties

                      property attrFunctionArn

                      readonly attrFunctionArn: string;
                      • The ARN of the function. For example:

                        arn:aws:cloudfront::123456789012:function/ExampleFunction .

                        To get the function ARN, use the following syntax:

                        !GetAtt *Function_Logical_ID* .FunctionMetadata.FunctionARN FunctionARN

                      property attrFunctionMetadataFunctionArn

                      readonly attrFunctionMetadataFunctionArn: string;
                      • The Amazon Resource Name (ARN) of the function. The ARN uniquely identifies the function. FunctionMetadata.FunctionARN

                      property attrStage

                      readonly attrStage: string;
                      • Stage

                      property autoPublish

                      autoPublish: any;
                      • A flag that determines whether to automatically publish the function to the LIVE stage when it’s created. To automatically publish to the LIVE stage, set this property to true .

                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-autopublish

                      property CFN_RESOURCE_TYPE_NAME

                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                      • The CloudFormation resource type name for this resource class.

                      property cfnProperties

                      readonly cfnProperties: { [key: string]: any };

                        property functionCode

                        functionCode: string;
                        • The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .

                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functioncode

                        property functionConfig

                        functionConfig: any;
                        • Contains configuration information about a CloudFront function.

                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionconfig

                        property functionMetadata

                        functionMetadata: any;
                        • Contains metadata about a CloudFront function.

                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionmetadata

                        property name

                        name: string;
                        • A name to identify the function.

                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-name

                        method inspect

                        inspect: (inspector: cdk.TreeInspector) => void;
                        • Examines the CloudFormation resource and discloses attributes.

                          Parameter inspector

                          tree inspector to collect and process attributes

                        method renderProperties

                        protected renderProperties: (props: { [key: string]: any }) => {
                        [key: string]: any;
                        };

                          class CfnKeyGroup

                          class CfnKeyGroup extends cdk.CfnResource implements cdk.IInspectable {}
                          • A CloudFormation AWS::CloudFront::KeyGroup

                            A key group.

                            A key group contains a list of public keys that you can use with [CloudFront signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) .

                            AWS::CloudFront::KeyGroup external

                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html

                          constructor

                          constructor(scope: cdk.Construct, id: string, props: CfnKeyGroupProps);
                          • Create a new AWS::CloudFront::KeyGroup.

                            Parameter scope

                            scope in which this resource is defined

                            Parameter id

                            scoped id of the resource

                            Parameter props

                            resource properties

                          property attrId

                          readonly attrId: string;
                          • The identifier for the key group. Id

                          property attrLastModifiedTime

                          readonly attrLastModifiedTime: string;
                          • The date and time when the key group was last modified. LastModifiedTime

                          property CFN_RESOURCE_TYPE_NAME

                          static readonly CFN_RESOURCE_TYPE_NAME: string;
                          • The CloudFormation resource type name for this resource class.

                          property cfnProperties

                          readonly cfnProperties: { [key: string]: any };

                            property keyGroupConfig

                            keyGroupConfig: any;
                            • The key group configuration.

                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig

                            method inspect

                            inspect: (inspector: cdk.TreeInspector) => void;
                            • Examines the CloudFormation resource and discloses attributes.

                              Parameter inspector

                              tree inspector to collect and process attributes

                            method renderProperties

                            protected renderProperties: (props: { [key: string]: any }) => {
                            [key: string]: any;
                            };

                              class CfnMonitoringSubscription

                              class CfnMonitoringSubscription
                              extends cdk.CfnResource
                              implements cdk.IInspectable {}
                              • A CloudFormation AWS::CloudFront::MonitoringSubscription

                                A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.

                                AWS::CloudFront::MonitoringSubscription external

                                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html

                              constructor

                              constructor(
                              scope: cdk.Construct,
                              id: string,
                              props: CfnMonitoringSubscriptionProps
                              );
                              • Create a new AWS::CloudFront::MonitoringSubscription.

                                Parameter scope

                                scope in which this resource is defined

                                Parameter id

                                scoped id of the resource

                                Parameter props

                                resource properties

                              property CFN_RESOURCE_TYPE_NAME

                              static readonly CFN_RESOURCE_TYPE_NAME: string;
                              • The CloudFormation resource type name for this resource class.

                              property cfnProperties

                              readonly cfnProperties: { [key: string]: any };

                                property distributionId

                                distributionId: string;
                                • The ID of the distribution that you are enabling metrics for.

                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-distributionid

                                property monitoringSubscription

                                monitoringSubscription: any;
                                • A subscription configuration for additional CloudWatch metrics.

                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-monitoringsubscription

                                method inspect

                                inspect: (inspector: cdk.TreeInspector) => void;
                                • Examines the CloudFormation resource and discloses attributes.

                                  Parameter inspector

                                  tree inspector to collect and process attributes

                                method renderProperties

                                protected renderProperties: (props: { [key: string]: any }) => {
                                [key: string]: any;
                                };

                                  class CfnOriginAccessControl

                                  class CfnOriginAccessControl extends cdk.CfnResource implements cdk.IInspectable {}
                                  • A CloudFormation AWS::CloudFront::OriginAccessControl

                                    Creates a new origin access control in CloudFront. After you create an origin access control, you can add it to an origin in a CloudFront distribution so that CloudFront sends authenticated (signed) requests to the origin.

                                    This makes it possible to block public access to the origin, allowing viewers (users) to access the origin's content only through CloudFront.

                                    For more information about using a CloudFront origin access control, see [Restricting access to an AWS origin](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html) in the *Amazon CloudFront Developer Guide* .

                                    AWS::CloudFront::OriginAccessControl external

                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html

                                  constructor

                                  constructor(
                                  scope: cdk.Construct,
                                  id: string,
                                  props: CfnOriginAccessControlProps
                                  );
                                  • Create a new AWS::CloudFront::OriginAccessControl.

                                    Parameter scope

                                    scope in which this resource is defined

                                    Parameter id

                                    scoped id of the resource

                                    Parameter props

                                    resource properties

                                  property attrId

                                  readonly attrId: string;
                                  • The unique identifier of the origin access control. Id

                                  property CFN_RESOURCE_TYPE_NAME

                                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                                  • The CloudFormation resource type name for this resource class.

                                  property cfnProperties

                                  readonly cfnProperties: { [key: string]: any };

                                    property originAccessControlConfig

                                    originAccessControlConfig: any;
                                    • The origin access control.

                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html#cfn-cloudfront-originaccesscontrol-originaccesscontrolconfig

                                    method inspect

                                    inspect: (inspector: cdk.TreeInspector) => void;
                                    • Examines the CloudFormation resource and discloses attributes.

                                      Parameter inspector

                                      tree inspector to collect and process attributes

                                    method renderProperties

                                    protected renderProperties: (props: { [key: string]: any }) => {
                                    [key: string]: any;
                                    };

                                      class CfnOriginRequestPolicy

                                      class CfnOriginRequestPolicy extends cdk.CfnResource implements cdk.IInspectable {}
                                      • A CloudFormation AWS::CloudFront::OriginRequestPolicy

                                        An origin request policy.

                                        When it's attached to a cache behavior, the origin request policy determines the values that CloudFront includes in requests that it sends to the origin. Each request that CloudFront sends to the origin includes the following:

                                        - The request body and the URL path (without the domain name) from the viewer request. - The headers that CloudFront automatically includes in every origin request, including Host , User-Agent , and X-Amz-Cf-Id . - All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the origin request policy. These can include items from the viewer request and, in the case of headers, additional ones that are added by CloudFront.

                                        CloudFront sends a request when it can't find an object in its cache that matches the request. If you want to send values to the origin and also include them in the cache key, use CachePolicy .

                                        AWS::CloudFront::OriginRequestPolicy external

                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html

                                      constructor

                                      constructor(
                                      scope: cdk.Construct,
                                      id: string,
                                      props: CfnOriginRequestPolicyProps
                                      );
                                      • Create a new AWS::CloudFront::OriginRequestPolicy.

                                        Parameter scope

                                        scope in which this resource is defined

                                        Parameter id

                                        scoped id of the resource

                                        Parameter props

                                        resource properties

                                      property attrId

                                      readonly attrId: string;
                                      • The unique identifier for the origin request policy. For example: befd7079-9bbc-4ebf-8ade-498a3694176c . Id

                                      property attrLastModifiedTime

                                      readonly attrLastModifiedTime: string;
                                      • The date and time when the origin request policy was last modified. LastModifiedTime

                                      property CFN_RESOURCE_TYPE_NAME

                                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                                      • The CloudFormation resource type name for this resource class.

                                      property cfnProperties

                                      readonly cfnProperties: { [key: string]: any };

                                        property originRequestPolicyConfig

                                        originRequestPolicyConfig: any;
                                        • The origin request policy configuration.

                                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html#cfn-cloudfront-originrequestpolicy-originrequestpolicyconfig

                                        method inspect

                                        inspect: (inspector: cdk.TreeInspector) => void;
                                        • Examines the CloudFormation resource and discloses attributes.

                                          Parameter inspector

                                          tree inspector to collect and process attributes

                                        method renderProperties

                                        protected renderProperties: (props: { [key: string]: any }) => {
                                        [key: string]: any;
                                        };

                                          class CfnPublicKey

                                          class CfnPublicKey extends cdk.CfnResource implements cdk.IInspectable {}
                                          • A CloudFormation AWS::CloudFront::PublicKey

                                            A public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                            AWS::CloudFront::PublicKey external

                                            http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html

                                          constructor

                                          constructor(scope: cdk.Construct, id: string, props: CfnPublicKeyProps);
                                          • Create a new AWS::CloudFront::PublicKey.

                                            Parameter scope

                                            scope in which this resource is defined

                                            Parameter id

                                            scoped id of the resource

                                            Parameter props

                                            resource properties

                                          property attrCreatedTime

                                          readonly attrCreatedTime: string;
                                          • The date and time when the public key was uploaded. CreatedTime

                                          property attrId

                                          readonly attrId: string;
                                          • The identifier of the public key. Id

                                          property CFN_RESOURCE_TYPE_NAME

                                          static readonly CFN_RESOURCE_TYPE_NAME: string;
                                          • The CloudFormation resource type name for this resource class.

                                          property cfnProperties

                                          readonly cfnProperties: { [key: string]: any };

                                            property publicKeyConfig

                                            publicKeyConfig: any;
                                            • Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                              http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig

                                            method inspect

                                            inspect: (inspector: cdk.TreeInspector) => void;
                                            • Examines the CloudFormation resource and discloses attributes.

                                              Parameter inspector

                                              tree inspector to collect and process attributes

                                            method renderProperties

                                            protected renderProperties: (props: { [key: string]: any }) => {
                                            [key: string]: any;
                                            };

                                              class CfnRealtimeLogConfig

                                              class CfnRealtimeLogConfig extends cdk.CfnResource implements cdk.IInspectable {}
                                              • A CloudFormation AWS::CloudFront::RealtimeLogConfig

                                                A real-time log configuration.

                                                AWS::CloudFront::RealtimeLogConfig external

                                                http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html

                                              constructor

                                              constructor(scope: cdk.Construct, id: string, props: CfnRealtimeLogConfigProps);
                                              • Create a new AWS::CloudFront::RealtimeLogConfig.

                                                Parameter scope

                                                scope in which this resource is defined

                                                Parameter id

                                                scoped id of the resource

                                                Parameter props

                                                resource properties

                                              property attrArn

                                              readonly attrArn: string;
                                              • The Amazon Resource Name (ARN) of the real-time log configuration. For example: arn:aws:cloudfront::111122223333:realtime-log-config/ExampleNameForRealtimeLogConfig . Arn

                                              property CFN_RESOURCE_TYPE_NAME

                                              static readonly CFN_RESOURCE_TYPE_NAME: string;
                                              • The CloudFormation resource type name for this resource class.

                                              property cfnProperties

                                              readonly cfnProperties: { [key: string]: any };

                                                property endPoints

                                                endPoints: any;
                                                • Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.

                                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-endpoints

                                                property fields

                                                fields: string[];
                                                • A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.

                                                  For more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .

                                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-fields

                                                property name

                                                name: string;
                                                • The unique name of this real-time log configuration.

                                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-name

                                                property samplingRate

                                                samplingRate: number;
                                                • The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.

                                                  http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-samplingrate

                                                method inspect

                                                inspect: (inspector: cdk.TreeInspector) => void;
                                                • Examines the CloudFormation resource and discloses attributes.

                                                  Parameter inspector

                                                  tree inspector to collect and process attributes

                                                method renderProperties

                                                protected renderProperties: (props: { [key: string]: any }) => {
                                                [key: string]: any;
                                                };

                                                  class CfnResponseHeadersPolicy

                                                  class CfnResponseHeadersPolicy extends cdk.CfnResource implements cdk.IInspectable {}
                                                  • A CloudFormation AWS::CloudFront::ResponseHeadersPolicy

                                                    A response headers policy.

                                                    A response headers policy contains information about a set of HTTP response headers.

                                                    After you create a response headers policy, you can use its ID to attach it to one or more cache behaviors in a CloudFront distribution. When it's attached to a cache behavior, the response headers policy affects the HTTP headers that CloudFront includes in HTTP responses to requests that match the cache behavior. CloudFront adds or removes response headers according to the configuration of the response headers policy.

                                                    For more information, see [Adding or removing HTTP headers in CloudFront responses](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/modifying-response-headers.html) in the *Amazon CloudFront Developer Guide* .

                                                    AWS::CloudFront::ResponseHeadersPolicy external

                                                    http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html

                                                  constructor

                                                  constructor(
                                                  scope: cdk.Construct,
                                                  id: string,
                                                  props: CfnResponseHeadersPolicyProps
                                                  );
                                                  • Create a new AWS::CloudFront::ResponseHeadersPolicy.

                                                    Parameter scope

                                                    scope in which this resource is defined

                                                    Parameter id

                                                    scoped id of the resource

                                                    Parameter props

                                                    resource properties

                                                  property attrId

                                                  readonly attrId: string;
                                                  • The unique identifier for the response headers policy. For example: 57f99797-3b20-4e1b-a728-27972a74082a . Id

                                                  property attrLastModifiedTime

                                                  readonly attrLastModifiedTime: string;
                                                  • The date and time when the response headers policy was last modified. LastModifiedTime

                                                  property CFN_RESOURCE_TYPE_NAME

                                                  static readonly CFN_RESOURCE_TYPE_NAME: string;
                                                  • The CloudFormation resource type name for this resource class.

                                                  property cfnProperties

                                                  readonly cfnProperties: { [key: string]: any };

                                                    property responseHeadersPolicyConfig

                                                    responseHeadersPolicyConfig: any;
                                                    • A response headers policy configuration.

                                                      http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html#cfn-cloudfront-responseheaderspolicy-responseheaderspolicyconfig

                                                    method inspect

                                                    inspect: (inspector: cdk.TreeInspector) => void;
                                                    • Examines the CloudFormation resource and discloses attributes.

                                                      Parameter inspector

                                                      tree inspector to collect and process attributes

                                                    method renderProperties

                                                    protected renderProperties: (props: { [key: string]: any }) => {
                                                    [key: string]: any;
                                                    };

                                                      class CfnStreamingDistribution

                                                      class CfnStreamingDistribution extends cdk.CfnResource implements cdk.IInspectable {}
                                                      • A CloudFormation AWS::CloudFront::StreamingDistribution

                                                        This resource is deprecated. Amazon CloudFront is deprecating real-time messaging protocol (RTMP) distributions on December 31, 2020. For more information, [read the announcement](https://docs.aws.amazon.com/ann.jspa?annID=7356) on the Amazon CloudFront discussion forum.

                                                        AWS::CloudFront::StreamingDistribution external

                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html

                                                      constructor

                                                      constructor(
                                                      scope: cdk.Construct,
                                                      id: string,
                                                      props: CfnStreamingDistributionProps
                                                      );
                                                      • Create a new AWS::CloudFront::StreamingDistribution.

                                                        Parameter scope

                                                        scope in which this resource is defined

                                                        Parameter id

                                                        scoped id of the resource

                                                        Parameter props

                                                        resource properties

                                                      property attrDomainName

                                                      readonly attrDomainName: string;
                                                      • The domain name of the resource, such as d111111abcdef8.cloudfront.net . DomainName

                                                      property CFN_RESOURCE_TYPE_NAME

                                                      static readonly CFN_RESOURCE_TYPE_NAME: string;
                                                      • The CloudFormation resource type name for this resource class.

                                                      property cfnProperties

                                                      readonly cfnProperties: { [key: string]: any };

                                                        property streamingDistributionConfig

                                                        streamingDistributionConfig: any;
                                                        • The current configuration information for the RTMP distribution.

                                                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-streamingdistributionconfig

                                                        property tags

                                                        readonly tags: cdk.TagManager;
                                                        • A complex type that contains zero or more Tag elements.

                                                          http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-tags

                                                        method inspect

                                                        inspect: (inspector: cdk.TreeInspector) => void;
                                                        • Examines the CloudFormation resource and discloses attributes.

                                                          Parameter inspector

                                                          tree inspector to collect and process attributes

                                                        method renderProperties

                                                        protected renderProperties: (props: { [key: string]: any }) => {
                                                        [key: string]: any;
                                                        };

                                                          class CloudFrontWebDistribution

                                                          class CloudFrontWebDistribution extends cdk.Resource implements IDistribution {}
                                                          • Amazon CloudFront is a global content delivery network (CDN) service that securely delivers data, videos, applications, and APIs to your viewers with low latency and high transfer speeds. CloudFront fronts user provided content and caches it at edge locations across the world.

                                                            Here's how you can use this construct:

                                                            const sourceBucket = new s3.Bucket(this, 'Bucket');
                                                            const distribution = new cloudfront.CloudFrontWebDistribution(this, 'MyDistribution', {
                                                            originConfigs: [
                                                            {
                                                            s3OriginSource: {
                                                            s3BucketSource: sourceBucket,
                                                            },
                                                            behaviors : [ {isDefaultBehavior: true}],
                                                            },
                                                            ],
                                                            });

                                                            This will create a CloudFront distribution that uses your S3Bucket as it's origin.

                                                            You can customize the distribution using additional properties from the CloudFrontWebDistributionProps interface.

                                                            AWS::CloudFront::Distribution

                                                          constructor

                                                          constructor(scope: Construct, id: string, props: CloudFrontWebDistributionProps);

                                                            property distributionDomainName

                                                            readonly distributionDomainName: string;
                                                            • The domain name created by CloudFront for this distribution. If you are using aliases for your distribution, this is the domainName your DNS records should point to. (In Route53, you could create an ALIAS record to this value, for example.)

                                                            property distributionId

                                                            readonly distributionId: string;
                                                            • The distribution ID for this distribution.

                                                            property domainName

                                                            readonly domainName: string;
                                                            • The domain name created by CloudFront for this distribution. If you are using aliases for your distribution, this is the domainName your DNS records should point to. (In Route53, you could create an ALIAS record to this value, for example.)

                                                              Deprecated

                                                              - Use distributionDomainName instead.

                                                            property loggingBucket

                                                            readonly loggingBucket?: s3.IBucket;
                                                            • The logging bucket for this CloudFront distribution. If logging is not enabled for this distribution - this property will be undefined.

                                                            method fromDistributionAttributes

                                                            static fromDistributionAttributes: (
                                                            scope: Construct,
                                                            id: string,
                                                            attrs: CloudFrontWebDistributionAttributes
                                                            ) => IDistribution;
                                                            • Creates a construct that represents an external (imported) distribution.

                                                            class Distribution

                                                            class Distribution extends Resource implements IDistribution {}
                                                            • A CloudFront distribution with associated origin(s) and caching behavior(s).

                                                            constructor

                                                            constructor(scope: Construct, id: string, props: DistributionProps);

                                                              property distributionDomainName

                                                              readonly distributionDomainName: string;

                                                                property distributionId

                                                                readonly distributionId: string;

                                                                  property domainName

                                                                  readonly domainName: string;

                                                                    method addBehavior

                                                                    addBehavior: (
                                                                    pathPattern: string,
                                                                    origin: IOrigin,
                                                                    behaviorOptions?: AddBehaviorOptions
                                                                    ) => void;
                                                                    • Adds a new behavior to this distribution for the given pathPattern.

                                                                      Parameter pathPattern

                                                                      the path pattern (e.g., 'images/*') that specifies which requests to apply the behavior to.

                                                                      Parameter origin

                                                                      the origin to use for this behavior

                                                                      Parameter behaviorOptions

                                                                      the options for the behavior at this path.

                                                                    method fromDistributionAttributes

                                                                    static fromDistributionAttributes: (
                                                                    scope: Construct,
                                                                    id: string,
                                                                    attrs: DistributionAttributes
                                                                    ) => IDistribution;
                                                                    • Creates a Distribution construct that represents an external (imported) distribution.

                                                                    class Function

                                                                    class Function extends Resource implements IFunction {}
                                                                    • A CloudFront Function

                                                                      AWS::CloudFront::Function

                                                                    constructor

                                                                    constructor(scope: Construct, id: string, props: FunctionProps);

                                                                      property functionArn

                                                                      readonly functionArn: string;
                                                                      • the ARN of the CloudFront function

                                                                      property functionName

                                                                      readonly functionName: string;
                                                                      • the name of the CloudFront function

                                                                      property functionStage

                                                                      readonly functionStage: string;
                                                                      • the deployment stage of the CloudFront function

                                                                      method fromFunctionAttributes

                                                                      static fromFunctionAttributes: (
                                                                      scope: Construct,
                                                                      id: string,
                                                                      attrs: FunctionAttributes
                                                                      ) => IFunction;
                                                                      • Imports a function by its name and ARN

                                                                      class FunctionCode

                                                                      abstract class FunctionCode {}
                                                                      • Represents the function's source code

                                                                      method fromFile

                                                                      static fromFile: (options: FileCodeOptions) => FunctionCode;
                                                                      • Code from external file for function

                                                                        Parameter options

                                                                        the options for the external file

                                                                        Returns

                                                                        code object with contents from file.

                                                                      method fromInline

                                                                      static fromInline: (code: string) => FunctionCode;
                                                                      • Inline code for function

                                                                        Parameter code

                                                                        The actual function code

                                                                        Returns

                                                                        code object with inline code.

                                                                      method render

                                                                      abstract render: () => string;
                                                                      • renders the function code

                                                                      class GeoRestriction

                                                                      class GeoRestriction {}
                                                                      • Controls the countries in which content is distributed.

                                                                      property locations

                                                                      readonly locations: string[];

                                                                        property restrictionType

                                                                        readonly restrictionType: 'whitelist' | 'blacklist';

                                                                          method allowlist

                                                                          static allowlist: (...locations: string[]) => GeoRestriction;
                                                                          • Allow specific countries which you want CloudFront to distribute your content.

                                                                            Parameter locations

                                                                            Two-letter, uppercase country code for a country that you want to allow. Include one element for each country. See ISO 3166-1-alpha-2 code on the *International Organization for Standardization* website

                                                                          method blacklist

                                                                          static blacklist: (...locations: string[]) => GeoRestriction;
                                                                          • DEPRECATED

                                                                            Deprecated

                                                                            use denylist

                                                                          method denylist

                                                                          static denylist: (...locations: string[]) => GeoRestriction;
                                                                          • Deny specific countries which you don't want CloudFront to distribute your content.

                                                                            Parameter locations

                                                                            Two-letter, uppercase country code for a country that you want to deny. Include one element for each country. See ISO 3166-1-alpha-2 code on the *International Organization for Standardization* website

                                                                          method whitelist

                                                                          static whitelist: (...locations: string[]) => GeoRestriction;
                                                                          • DEPRECATED

                                                                            Deprecated

                                                                            use allowlist

                                                                          class KeyGroup

                                                                          class KeyGroup extends Resource implements IKeyGroup {}
                                                                          • A Key Group configuration

                                                                            AWS::CloudFront::KeyGroup

                                                                          constructor

                                                                          constructor(scope: Construct, id: string, props: KeyGroupProps);

                                                                            property keyGroupId

                                                                            readonly keyGroupId: string;

                                                                              method fromKeyGroupId

                                                                              static fromKeyGroupId: (
                                                                              scope: Construct,
                                                                              id: string,
                                                                              keyGroupId: string
                                                                              ) => IKeyGroup;
                                                                              • Imports a Key Group from its id.

                                                                              class OriginAccessIdentity

                                                                              class OriginAccessIdentity
                                                                              extends OriginAccessIdentityBase
                                                                              implements IOriginAccessIdentity {}
                                                                              • An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content.

                                                                                AWS::CloudFront::CloudFrontOriginAccessIdentity

                                                                              constructor

                                                                              constructor(scope: Construct, id: string, props?: OriginAccessIdentityProps);

                                                                                property cloudFrontOriginAccessIdentityS3CanonicalUserId

                                                                                readonly cloudFrontOriginAccessIdentityS3CanonicalUserId: string;
                                                                                • The Amazon S3 canonical user ID for the origin access identity, used when giving the origin access identity read permission to an object in Amazon S3.

                                                                                property grantPrincipal

                                                                                readonly grantPrincipal: iam.IPrincipal;
                                                                                • Derived principal value for bucket access

                                                                                property originAccessIdentityName

                                                                                readonly originAccessIdentityName: string;
                                                                                • The Origin Access Identity Name (physical id)

                                                                                method fromOriginAccessIdentityName

                                                                                static fromOriginAccessIdentityName: (
                                                                                scope: Construct,
                                                                                id: string,
                                                                                originAccessIdentityName: string
                                                                                ) => IOriginAccessIdentity;
                                                                                • Creates a OriginAccessIdentity by providing the OriginAccessIdentityName

                                                                                class OriginBase

                                                                                abstract class OriginBase implements IOrigin {}
                                                                                • Represents a distribution origin, that describes the Amazon S3 bucket, HTTP server (for example, a web server), Amazon MediaStore, or other server from which CloudFront gets your files.

                                                                                constructor

                                                                                protected constructor(domainName: string, props?: OriginProps);

                                                                                  method bind

                                                                                  bind: (_scope: Construct, options: OriginBindOptions) => OriginBindConfig;
                                                                                  • Binds the origin to the associated Distribution. Can be used to grant permissions, create dependent resources, etc.

                                                                                  method renderCustomOriginConfig

                                                                                  protected renderCustomOriginConfig: () =>
                                                                                  | CfnDistribution.CustomOriginConfigProperty
                                                                                  | undefined;

                                                                                    method renderS3OriginConfig

                                                                                    protected renderS3OriginConfig: () =>
                                                                                    | CfnDistribution.S3OriginConfigProperty
                                                                                    | undefined;

                                                                                      class OriginRequestCookieBehavior

                                                                                      class OriginRequestCookieBehavior {}
                                                                                      • Determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin.

                                                                                      property behavior

                                                                                      readonly behavior: string;
                                                                                      • The behavior of cookies: allow all, none or an allow list.

                                                                                      property cookies

                                                                                      readonly cookies?: string[];
                                                                                      • The cookies to allow, if the behavior is an allow list.

                                                                                      method all

                                                                                      static all: () => OriginRequestCookieBehavior;
                                                                                      • All cookies in viewer requests are included in requests that CloudFront sends to the origin.

                                                                                      method allowList

                                                                                      static allowList: (...cookies: string[]) => OriginRequestCookieBehavior;
                                                                                      • Only the provided cookies are included in requests that CloudFront sends to the origin.

                                                                                      method none

                                                                                      static none: () => OriginRequestCookieBehavior;
                                                                                      • Cookies in viewer requests are not included in requests that CloudFront sends to the origin. Any cookies that are listed in a CachePolicy are still included in origin requests.

                                                                                      class OriginRequestHeaderBehavior

                                                                                      class OriginRequestHeaderBehavior {}
                                                                                      • Determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin.

                                                                                      property behavior

                                                                                      readonly behavior: string;
                                                                                      • The behavior of headers: allow all, none or an allow list.

                                                                                      property headers

                                                                                      readonly headers?: string[];
                                                                                      • The headers for the allow list or the included CloudFront headers, if applicable.

                                                                                      method all

                                                                                      static all: (...cloudfrontHeaders: string[]) => OriginRequestHeaderBehavior;
                                                                                      • All HTTP headers in viewer requests are included in requests that CloudFront sends to the origin. Additionally, any additional CloudFront headers provided are included; the additional headers are added by CloudFront.

                                                                                        See Also

                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-cloudfront-headers.html

                                                                                      method allowList

                                                                                      static allowList: (...headers: string[]) => OriginRequestHeaderBehavior;
                                                                                      • Listed headers are included in requests that CloudFront sends to the origin.

                                                                                      method none

                                                                                      static none: () => OriginRequestHeaderBehavior;
                                                                                      • HTTP headers are not included in requests that CloudFront sends to the origin. Any headers that are listed in a CachePolicy are still included in origin requests.

                                                                                      class OriginRequestPolicy

                                                                                      class OriginRequestPolicy extends Resource implements IOriginRequestPolicy {}
                                                                                      • A Origin Request Policy configuration.

                                                                                        AWS::CloudFront::OriginRequestPolicy

                                                                                      constructor

                                                                                      constructor(scope: Construct, id: string, props?: OriginRequestPolicyProps);

                                                                                        property ALL_VIEWER

                                                                                        static readonly ALL_VIEWER: IOriginRequestPolicy;
                                                                                        • This policy includes all values (query strings, headers, and cookies) in the viewer request.

                                                                                        property CORS_CUSTOM_ORIGIN

                                                                                        static readonly CORS_CUSTOM_ORIGIN: IOriginRequestPolicy;
                                                                                        • This policy includes the header that enables cross-origin resource sharing (CORS) requests when the origin is a custom origin.

                                                                                        property CORS_S3_ORIGIN

                                                                                        static readonly CORS_S3_ORIGIN: IOriginRequestPolicy;
                                                                                        • This policy includes the headers that enable cross-origin resource sharing (CORS) requests when the origin is an Amazon S3 bucket.

                                                                                        property ELEMENTAL_MEDIA_TAILOR

                                                                                        static readonly ELEMENTAL_MEDIA_TAILOR: IOriginRequestPolicy;
                                                                                        • This policy is designed for use with an origin that is an AWS Elemental MediaTailor endpoint.

                                                                                        property originRequestPolicyId

                                                                                        readonly originRequestPolicyId: string;

                                                                                          property USER_AGENT_REFERER_HEADERS

                                                                                          static readonly USER_AGENT_REFERER_HEADERS: IOriginRequestPolicy;
                                                                                          • This policy includes only the User-Agent and Referer headers. It doesn’t include any query strings or cookies.

                                                                                          method fromOriginRequestPolicyId

                                                                                          static fromOriginRequestPolicyId: (
                                                                                          scope: Construct,
                                                                                          id: string,
                                                                                          originRequestPolicyId: string
                                                                                          ) => IOriginRequestPolicy;
                                                                                          • Imports a Origin Request Policy from its id.

                                                                                          class OriginRequestQueryStringBehavior

                                                                                          class OriginRequestQueryStringBehavior {}
                                                                                          • Determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin.

                                                                                          property behavior

                                                                                          readonly behavior: string;
                                                                                          • The behavior of query strings -- allow all, none, or only an allow list.

                                                                                          property queryStrings

                                                                                          readonly queryStrings?: string[];
                                                                                          • The query strings to allow, if the behavior is an allow list.

                                                                                          method all

                                                                                          static all: () => OriginRequestQueryStringBehavior;
                                                                                          • All query strings in viewer requests are included in requests that CloudFront sends to the origin.

                                                                                          method allowList

                                                                                          static allowList: (
                                                                                          ...queryStrings: string[]
                                                                                          ) => OriginRequestQueryStringBehavior;
                                                                                          • Only the provided queryStrings are included in requests that CloudFront sends to the origin.

                                                                                          method none

                                                                                          static none: () => OriginRequestQueryStringBehavior;
                                                                                          • Query strings in viewer requests are not included in requests that CloudFront sends to the origin. Any query strings that are listed in a CachePolicy are still included in origin requests.

                                                                                          class PublicKey

                                                                                          class PublicKey extends Resource implements IPublicKey {}
                                                                                          • A Public Key Configuration

                                                                                            AWS::CloudFront::PublicKey

                                                                                          constructor

                                                                                          constructor(scope: Construct, id: string, props: PublicKeyProps);

                                                                                            property publicKeyId

                                                                                            readonly publicKeyId: string;

                                                                                              method fromPublicKeyId

                                                                                              static fromPublicKeyId: (
                                                                                              scope: Construct,
                                                                                              id: string,
                                                                                              publicKeyId: string
                                                                                              ) => IPublicKey;
                                                                                              • Imports a Public Key from its id.

                                                                                              class ResponseHeadersPolicy

                                                                                              class ResponseHeadersPolicy extends Resource implements IResponseHeadersPolicy {}
                                                                                              • A Response Headers Policy configuration

                                                                                                AWS::CloudFront::ResponseHeadersPolicy

                                                                                              constructor

                                                                                              constructor(scope: Construct, id: string, props?: ResponseHeadersPolicyProps);

                                                                                                property CORS_ALLOW_ALL_ORIGINS

                                                                                                static readonly CORS_ALLOW_ALL_ORIGINS: IResponseHeadersPolicy;
                                                                                                • Use this managed policy to allow simple CORS requests from any origin.

                                                                                                property CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS

                                                                                                static readonly CORS_ALLOW_ALL_ORIGINS_AND_SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                                • Use this managed policy to allow simple CORS requests from any origin and add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                                property CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT

                                                                                                static readonly CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT: IResponseHeadersPolicy;
                                                                                                • Use this managed policy to allow CORS requests from any origin, including preflight requests.

                                                                                                property CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS

                                                                                                static readonly CORS_ALLOW_ALL_ORIGINS_WITH_PREFLIGHT_AND_SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                                • Use this managed policy to allow CORS requests from any origin, including preflight requests, and add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                                property responseHeadersPolicyId

                                                                                                readonly responseHeadersPolicyId: string;

                                                                                                  property SECURITY_HEADERS

                                                                                                  static readonly SECURITY_HEADERS: IResponseHeadersPolicy;
                                                                                                  • Use this managed policy to add a set of security headers to all responses that CloudFront sends to viewers.

                                                                                                  method fromResponseHeadersPolicyId

                                                                                                  static fromResponseHeadersPolicyId: (
                                                                                                  scope: Construct,
                                                                                                  id: string,
                                                                                                  responseHeadersPolicyId: string
                                                                                                  ) => IResponseHeadersPolicy;
                                                                                                  • Import an existing Response Headers Policy from its ID.

                                                                                                  class ViewerCertificate

                                                                                                  class ViewerCertificate {}
                                                                                                  • Viewer certificate configuration class

                                                                                                  property aliases

                                                                                                  readonly aliases: string[];

                                                                                                    property props

                                                                                                    readonly props: CfnDistribution.ViewerCertificateProperty;

                                                                                                      method fromAcmCertificate

                                                                                                      static fromAcmCertificate: (
                                                                                                      certificate: certificatemanager.ICertificate,
                                                                                                      options?: ViewerCertificateOptions
                                                                                                      ) => ViewerCertificate;
                                                                                                      • Generate an AWS Certificate Manager (ACM) viewer certificate configuration

                                                                                                        Parameter certificate

                                                                                                        AWS Certificate Manager (ACM) certificate. Your certificate must be located in the us-east-1 (US East (N. Virginia)) region to be accessed by CloudFront

                                                                                                        Parameter options

                                                                                                        certificate configuration options

                                                                                                      method fromCloudFrontDefaultCertificate

                                                                                                      static fromCloudFrontDefaultCertificate: (
                                                                                                      ...aliases: string[]
                                                                                                      ) => ViewerCertificate;
                                                                                                      • Generate a viewer certifcate configuration using the CloudFront default certificate (e.g. d111111abcdef8.cloudfront.net) and a SecurityPolicyProtocol.TLS_V1 security policy.

                                                                                                        Parameter aliases

                                                                                                        Alternative CNAME aliases You also must create a CNAME record with your DNS service to route queries

                                                                                                      method fromIamCertificate

                                                                                                      static fromIamCertificate: (
                                                                                                      iamCertificateId: string,
                                                                                                      options?: ViewerCertificateOptions
                                                                                                      ) => ViewerCertificate;
                                                                                                      • Generate an IAM viewer certificate configuration

                                                                                                        Parameter iamCertificateId

                                                                                                        Identifier of the IAM certificate

                                                                                                        Parameter options

                                                                                                        certificate configuration options

                                                                                                      Interfaces

                                                                                                      interface AddBehaviorOptions

                                                                                                      interface AddBehaviorOptions {}
                                                                                                      • Options for adding a new behavior to a Distribution.

                                                                                                      property allowedMethods

                                                                                                      readonly allowedMethods?: AllowedMethods;
                                                                                                      • HTTP methods to allow for this behavior.

                                                                                                        AllowedMethods.ALLOW_GET_HEAD

                                                                                                      property cachedMethods

                                                                                                      readonly cachedMethods?: CachedMethods;
                                                                                                      • HTTP methods to cache for this behavior.

                                                                                                        CachedMethods.CACHE_GET_HEAD

                                                                                                      property cachePolicy

                                                                                                      readonly cachePolicy?: ICachePolicy;
                                                                                                      • The cache policy for this behavior. The cache policy determines what values are included in the cache key, and the time-to-live (TTL) values for the cache.

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html. CachePolicy.CACHING_OPTIMIZED

                                                                                                      property compress

                                                                                                      readonly compress?: boolean;
                                                                                                      • Whether you want CloudFront to automatically compress certain files for this cache behavior. See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html#compressed-content-cloudfront-file-types for file types CloudFront will compress.

                                                                                                        true

                                                                                                      property edgeLambdas

                                                                                                      readonly edgeLambdas?: EdgeLambda[];
                                                                                                      • The Lambda@Edge functions to invoke before serving the contents.

                                                                                                        - no Lambda functions will be invoked

                                                                                                        See Also

                                                                                                        • https://aws.amazon.com/lambda/edge

                                                                                                      property functionAssociations

                                                                                                      readonly functionAssociations?: FunctionAssociation[];
                                                                                                      • The CloudFront functions to invoke before serving the contents.

                                                                                                        - no functions will be invoked

                                                                                                      property originRequestPolicy

                                                                                                      readonly originRequestPolicy?: IOriginRequestPolicy;
                                                                                                      • The origin request policy for this behavior. The origin request policy determines which values (e.g., headers, cookies) are included in requests that CloudFront sends to the origin.

                                                                                                        - none

                                                                                                      property responseHeadersPolicy

                                                                                                      readonly responseHeadersPolicy?: IResponseHeadersPolicy;
                                                                                                      • The response headers policy for this behavior. The response headers policy determines which headers are included in responses

                                                                                                        - none

                                                                                                      property smoothStreaming

                                                                                                      readonly smoothStreaming?: boolean;
                                                                                                      • Set this to true to indicate you want to distribute media files in the Microsoft Smooth Streaming format using this behavior.

                                                                                                        false

                                                                                                      property trustedKeyGroups

                                                                                                      readonly trustedKeyGroups?: IKeyGroup[];
                                                                                                      • A list of Key Groups that CloudFront can use to validate signed URLs or signed cookies.

                                                                                                        - no KeyGroups are associated with cache behavior

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                      property viewerProtocolPolicy

                                                                                                      readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                                      • The protocol that viewers can use to access the files controlled by this behavior.

                                                                                                        ViewerProtocolPolicy.ALLOW_ALL

                                                                                                      interface AliasConfiguration

                                                                                                      interface AliasConfiguration {}

                                                                                                      property acmCertRef

                                                                                                      readonly acmCertRef: string;
                                                                                                      • ARN of an AWS Certificate Manager (ACM) certificate.

                                                                                                      property names

                                                                                                      readonly names: string[];
                                                                                                      • Domain names on the certificate

                                                                                                        Both main domain name and Subject Alternative Names.

                                                                                                      property securityPolicy

                                                                                                      readonly securityPolicy?: SecurityPolicyProtocol;
                                                                                                      • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                                        CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                                        - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

                                                                                                      property sslMethod

                                                                                                      readonly sslMethod?: SSLMethod;
                                                                                                      • How CloudFront should serve HTTPS requests.

                                                                                                        See the notes on SSLMethod if you wish to use other SSL termination types.

                                                                                                        SSLMethod.SNI

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html

                                                                                                      interface Behavior

                                                                                                      interface Behavior {}
                                                                                                      • A CloudFront behavior wrapper.

                                                                                                      property allowedMethods

                                                                                                      readonly allowedMethods?: CloudFrontAllowedMethods;
                                                                                                      • The method this CloudFront distribution responds do.

                                                                                                        GET_HEAD

                                                                                                      property cachedMethods

                                                                                                      readonly cachedMethods?: CloudFrontAllowedCachedMethods;
                                                                                                      • Which methods are cached by CloudFront by default.

                                                                                                        GET_HEAD

                                                                                                      property compress

                                                                                                      readonly compress?: boolean;
                                                                                                      • If CloudFront should automatically compress some content types.

                                                                                                        true

                                                                                                      property defaultTtl

                                                                                                      readonly defaultTtl?: cdk.Duration;
                                                                                                      • The default amount of time CloudFront will cache an object.

                                                                                                        This value applies only when your custom origin does not add HTTP headers, such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. 86400 (1 day)

                                                                                                      property forwardedValues

                                                                                                      readonly forwardedValues?: CfnDistribution.ForwardedValuesProperty;
                                                                                                      • The values CloudFront will forward to the origin when making a request.

                                                                                                        none (no cookies - no headers)

                                                                                                      property functionAssociations

                                                                                                      readonly functionAssociations?: FunctionAssociation[];
                                                                                                      • The CloudFront functions to invoke before serving the contents.

                                                                                                        - no functions will be invoked

                                                                                                      property isDefaultBehavior

                                                                                                      readonly isDefaultBehavior?: boolean;
                                                                                                      • If this behavior is the default behavior for the distribution.

                                                                                                        You must specify exactly one default distribution per CloudFront distribution. The default behavior is allowed to omit the "path" property.

                                                                                                      property lambdaFunctionAssociations

                                                                                                      readonly lambdaFunctionAssociations?: LambdaFunctionAssociation[];
                                                                                                      • Declares associated lambda@edge functions for this distribution behaviour.

                                                                                                        No lambda function associated

                                                                                                      property maxTtl

                                                                                                      readonly maxTtl?: cdk.Duration;
                                                                                                      • The max amount of time you want objects to stay in the cache before CloudFront queries your origin.

                                                                                                        Duration.seconds(31536000) (one year)

                                                                                                      property minTtl

                                                                                                      readonly minTtl?: cdk.Duration;
                                                                                                      • The minimum amount of time that you want objects to stay in the cache before CloudFront queries your origin.

                                                                                                      property pathPattern

                                                                                                      readonly pathPattern?: string;
                                                                                                      • The path this behavior responds to. Required for all non-default behaviors. (The default behavior implicitly has "*" as the path pattern. )

                                                                                                      property trustedKeyGroups

                                                                                                      readonly trustedKeyGroups?: IKeyGroup[];
                                                                                                      • A list of Key Groups that CloudFront can use to validate signed URLs or signed cookies.

                                                                                                        - no KeyGroups are associated with cache behavior

                                                                                                        See Also

                                                                                                        • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                      property trustedSigners

                                                                                                      readonly trustedSigners?: string[];
                                                                                                      • Trusted signers is how CloudFront allows you to serve private content. The signers are the account IDs that are allowed to sign cookies/presigned URLs for this distribution.

                                                                                                        If you pass a non empty value, all requests for this behavior must be signed (no public access will be allowed)

                                                                                                        Deprecated

                                                                                                        - We recommend using trustedKeyGroups instead of trustedSigners.

                                                                                                      property viewerProtocolPolicy

                                                                                                      readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                                      • The viewer policy for this behavior.

                                                                                                        - the distribution wide viewer protocol policy will be used

                                                                                                      interface BehaviorOptions

                                                                                                      interface BehaviorOptions extends AddBehaviorOptions {}
                                                                                                      • Options for creating a new behavior.

                                                                                                      property origin

                                                                                                      readonly origin: IOrigin;
                                                                                                      • The origin that you want CloudFront to route requests to when they match this behavior.

                                                                                                      interface CachePolicyProps

                                                                                                      interface CachePolicyProps {}
                                                                                                      • Properties for creating a Cache Policy

                                                                                                      property cachePolicyName

                                                                                                      readonly cachePolicyName?: string;
                                                                                                      • A unique name to identify the cache policy. The name must only include '-', '_', or alphanumeric characters. - generated from the id

                                                                                                      property comment

                                                                                                      readonly comment?: string;
                                                                                                      • A comment to describe the cache policy. - no comment

                                                                                                      property cookieBehavior

                                                                                                      readonly cookieBehavior?: CacheCookieBehavior;
                                                                                                      • Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheCookieBehavior.none()

                                                                                                      property defaultTtl

                                                                                                      readonly defaultTtl?: Duration;
                                                                                                      • The default amount of time for objects to stay in the CloudFront cache. Only used when the origin does not send Cache-Control or Expires headers with the object. - The greater of 1 day and ``minTtl``

                                                                                                      property enableAcceptEncodingBrotli

                                                                                                      readonly enableAcceptEncodingBrotli?: boolean;
                                                                                                      • Whether to normalize and include the Accept-Encoding header in the cache key when the Accept-Encoding header is 'br'. false

                                                                                                      property enableAcceptEncodingGzip

                                                                                                      readonly enableAcceptEncodingGzip?: boolean;
                                                                                                      • Whether to normalize and include the Accept-Encoding header in the cache key when the Accept-Encoding header is 'gzip'. false

                                                                                                      property headerBehavior

                                                                                                      readonly headerBehavior?: CacheHeaderBehavior;
                                                                                                      • Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheHeaderBehavior.none()

                                                                                                      property maxTtl

                                                                                                      readonly maxTtl?: Duration;
                                                                                                      • The maximum amount of time for objects to stay in the CloudFront cache. CloudFront uses this value only when the origin sends Cache-Control or Expires headers with the object. - The greater of 1 year and ``defaultTtl``

                                                                                                      property minTtl

                                                                                                      readonly minTtl?: Duration;
                                                                                                      • The minimum amount of time for objects to stay in the CloudFront cache. Duration.seconds(0)

                                                                                                      property queryStringBehavior

                                                                                                      readonly queryStringBehavior?: CacheQueryStringBehavior;
                                                                                                      • Determines whether any query strings are included in the cache key and automatically included in requests that CloudFront sends to the origin. CacheQueryStringBehavior.none()

                                                                                                      interface CfnCachePolicyProps

                                                                                                      interface CfnCachePolicyProps {}
                                                                                                      • Properties for defining a CfnCachePolicy

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html

                                                                                                      property cachePolicyConfig

                                                                                                      readonly cachePolicyConfig:
                                                                                                      | CfnCachePolicy.CachePolicyConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • The cache policy configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cachepolicy.html#cfn-cloudfront-cachepolicy-cachepolicyconfig

                                                                                                      interface CfnCloudFrontOriginAccessIdentityProps

                                                                                                      interface CfnCloudFrontOriginAccessIdentityProps {}
                                                                                                      • Properties for defining a CfnCloudFrontOriginAccessIdentity

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html

                                                                                                      property cloudFrontOriginAccessIdentityConfig

                                                                                                      readonly cloudFrontOriginAccessIdentityConfig:
                                                                                                      | CfnCloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • The current configuration information for the identity.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-cloudfrontoriginaccessidentity.html#cfn-cloudfront-cloudfrontoriginaccessidentity-cloudfrontoriginaccessidentityconfig

                                                                                                      interface CfnContinuousDeploymentPolicyProps

                                                                                                      interface CfnContinuousDeploymentPolicyProps {}
                                                                                                      • Properties for defining a CfnContinuousDeploymentPolicy

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-continuousdeploymentpolicy.html

                                                                                                      property continuousDeploymentPolicyConfig

                                                                                                      readonly continuousDeploymentPolicyConfig:
                                                                                                      | CfnContinuousDeploymentPolicy.ContinuousDeploymentPolicyConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • Contains the configuration for a continuous deployment policy.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-continuousdeploymentpolicy.html#cfn-cloudfront-continuousdeploymentpolicy-continuousdeploymentpolicyconfig

                                                                                                      interface CfnDistributionProps

                                                                                                      interface CfnDistributionProps {}
                                                                                                      • Properties for defining a CfnDistribution

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html

                                                                                                      property distributionConfig

                                                                                                      readonly distributionConfig:
                                                                                                      | CfnDistribution.DistributionConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • The distribution's configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-distributionconfig

                                                                                                      property tags

                                                                                                      readonly tags?: cdk.CfnTag[];
                                                                                                      • A complex type that contains zero or more Tag elements.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-distribution.html#cfn-cloudfront-distribution-tags

                                                                                                      interface CfnFunctionProps

                                                                                                      interface CfnFunctionProps {}
                                                                                                      • Properties for defining a CfnFunction

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html

                                                                                                      property autoPublish

                                                                                                      readonly autoPublish?: boolean | cdk.IResolvable;
                                                                                                      • A flag that determines whether to automatically publish the function to the LIVE stage when it’s created. To automatically publish to the LIVE stage, set this property to true .

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-autopublish

                                                                                                      property functionCode

                                                                                                      readonly functionCode: string;
                                                                                                      • The function code. For more information about writing a CloudFront function, see [Writing function code for CloudFront Functions](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html) in the *Amazon CloudFront Developer Guide* .

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functioncode

                                                                                                      property functionConfig

                                                                                                      readonly functionConfig: CfnFunction.FunctionConfigProperty | cdk.IResolvable;
                                                                                                      • Contains configuration information about a CloudFront function.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionconfig

                                                                                                      property functionMetadata

                                                                                                      readonly functionMetadata?:
                                                                                                      | CfnFunction.FunctionMetadataProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • Contains metadata about a CloudFront function.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-functionmetadata

                                                                                                      property name

                                                                                                      readonly name: string;
                                                                                                      • A name to identify the function.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-function.html#cfn-cloudfront-function-name

                                                                                                      interface CfnKeyGroupProps

                                                                                                      interface CfnKeyGroupProps {}
                                                                                                      • Properties for defining a CfnKeyGroup

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html

                                                                                                      property keyGroupConfig

                                                                                                      readonly keyGroupConfig: CfnKeyGroup.KeyGroupConfigProperty | cdk.IResolvable;
                                                                                                      • The key group configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-keygroup.html#cfn-cloudfront-keygroup-keygroupconfig

                                                                                                      interface CfnMonitoringSubscriptionProps

                                                                                                      interface CfnMonitoringSubscriptionProps {}
                                                                                                      • Properties for defining a CfnMonitoringSubscription

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html

                                                                                                      property distributionId

                                                                                                      readonly distributionId: string;
                                                                                                      • The ID of the distribution that you are enabling metrics for.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-distributionid

                                                                                                      property monitoringSubscription

                                                                                                      readonly monitoringSubscription:
                                                                                                      | CfnMonitoringSubscription.MonitoringSubscriptionProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • A subscription configuration for additional CloudWatch metrics.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-monitoringsubscription.html#cfn-cloudfront-monitoringsubscription-monitoringsubscription

                                                                                                      interface CfnOriginAccessControlProps

                                                                                                      interface CfnOriginAccessControlProps {}
                                                                                                      • Properties for defining a CfnOriginAccessControl

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html

                                                                                                      property originAccessControlConfig

                                                                                                      readonly originAccessControlConfig:
                                                                                                      | CfnOriginAccessControl.OriginAccessControlConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • The origin access control.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originaccesscontrol.html#cfn-cloudfront-originaccesscontrol-originaccesscontrolconfig

                                                                                                      interface CfnOriginRequestPolicyProps

                                                                                                      interface CfnOriginRequestPolicyProps {}
                                                                                                      • Properties for defining a CfnOriginRequestPolicy

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html

                                                                                                      property originRequestPolicyConfig

                                                                                                      readonly originRequestPolicyConfig:
                                                                                                      | CfnOriginRequestPolicy.OriginRequestPolicyConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • The origin request policy configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-originrequestpolicy.html#cfn-cloudfront-originrequestpolicy-originrequestpolicyconfig

                                                                                                      interface CfnPublicKeyProps

                                                                                                      interface CfnPublicKeyProps {}
                                                                                                      • Properties for defining a CfnPublicKey

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html

                                                                                                      property publicKeyConfig

                                                                                                      readonly publicKeyConfig: CfnPublicKey.PublicKeyConfigProperty | cdk.IResolvable;
                                                                                                      • Configuration information about a public key that you can use with [signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html) , or with [field-level encryption](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) .

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-publickey.html#cfn-cloudfront-publickey-publickeyconfig

                                                                                                      interface CfnRealtimeLogConfigProps

                                                                                                      interface CfnRealtimeLogConfigProps {}
                                                                                                      • Properties for defining a CfnRealtimeLogConfig

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html

                                                                                                      property endPoints

                                                                                                      readonly endPoints:
                                                                                                      | Array<CfnRealtimeLogConfig.EndPointProperty | cdk.IResolvable>
                                                                                                      | cdk.IResolvable;
                                                                                                      • Contains information about the Amazon Kinesis data stream where you are sending real-time log data for this real-time log configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-endpoints

                                                                                                      property fields

                                                                                                      readonly fields: string[];
                                                                                                      • A list of fields that are included in each real-time log record. In an API response, the fields are provided in the same order in which they are sent to the Amazon Kinesis data stream.

                                                                                                        For more information about fields, see [Real-time log configuration fields](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-fields) in the *Amazon CloudFront Developer Guide* .

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-fields

                                                                                                      property name

                                                                                                      readonly name: string;
                                                                                                      • The unique name of this real-time log configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-name

                                                                                                      property samplingRate

                                                                                                      readonly samplingRate: number;
                                                                                                      • The sampling rate for this real-time log configuration. The sampling rate determines the percentage of viewer requests that are represented in the real-time log data. The sampling rate is an integer between 1 and 100, inclusive.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-realtimelogconfig.html#cfn-cloudfront-realtimelogconfig-samplingrate

                                                                                                      interface CfnResponseHeadersPolicyProps

                                                                                                      interface CfnResponseHeadersPolicyProps {}
                                                                                                      • Properties for defining a CfnResponseHeadersPolicy

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html

                                                                                                      property responseHeadersPolicyConfig

                                                                                                      readonly responseHeadersPolicyConfig:
                                                                                                      | CfnResponseHeadersPolicy.ResponseHeadersPolicyConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • A response headers policy configuration.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-responseheaderspolicy.html#cfn-cloudfront-responseheaderspolicy-responseheaderspolicyconfig

                                                                                                      interface CfnStreamingDistributionProps

                                                                                                      interface CfnStreamingDistributionProps {}
                                                                                                      • Properties for defining a CfnStreamingDistribution

                                                                                                        external

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html

                                                                                                      property streamingDistributionConfig

                                                                                                      readonly streamingDistributionConfig:
                                                                                                      | CfnStreamingDistribution.StreamingDistributionConfigProperty
                                                                                                      | cdk.IResolvable;
                                                                                                      • The current configuration information for the RTMP distribution.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-streamingdistributionconfig

                                                                                                      property tags

                                                                                                      readonly tags: cdk.CfnTag[];
                                                                                                      • A complex type that contains zero or more Tag elements.

                                                                                                        http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-cloudfront-streamingdistribution.html#cfn-cloudfront-streamingdistribution-tags

                                                                                                      interface CloudFrontWebDistributionAttributes

                                                                                                      interface CloudFrontWebDistributionAttributes {}
                                                                                                      • Attributes used to import a Distribution.

                                                                                                      property distributionId

                                                                                                      readonly distributionId: string;
                                                                                                      • The distribution ID for this distribution.

                                                                                                      property domainName

                                                                                                      readonly domainName: string;
                                                                                                      • The generated domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                      interface CloudFrontWebDistributionProps

                                                                                                      interface CloudFrontWebDistributionProps {}

                                                                                                        property aliasConfiguration

                                                                                                        readonly aliasConfiguration?: AliasConfiguration;

                                                                                                        property comment

                                                                                                        readonly comment?: string;
                                                                                                        • A comment for this distribution in the CloudFront console.

                                                                                                          - No comment is added to distribution.

                                                                                                        property defaultRootObject

                                                                                                        readonly defaultRootObject?: string;
                                                                                                        • The default object to serve.

                                                                                                          - "index.html" is served.

                                                                                                        property enabled

                                                                                                        readonly enabled?: boolean;
                                                                                                        • Enable or disable the distribution.

                                                                                                          true

                                                                                                        property enableIpV6

                                                                                                        readonly enableIpV6?: boolean;
                                                                                                        • If your distribution should have IPv6 enabled.

                                                                                                          true

                                                                                                        property errorConfigurations

                                                                                                        readonly errorConfigurations?: CfnDistribution.CustomErrorResponseProperty[];
                                                                                                        • How CloudFront should handle requests that are not successful (eg PageNotFound)

                                                                                                          By default, CloudFront does not replace HTTP status codes in the 4xx and 5xx range with custom error messages. CloudFront does not cache HTTP status codes.

                                                                                                          - No custom error configuration.

                                                                                                        property geoRestriction

                                                                                                        readonly geoRestriction?: GeoRestriction;
                                                                                                        • Controls the countries in which your content is distributed.

                                                                                                          No geo restriction

                                                                                                        property httpVersion

                                                                                                        readonly httpVersion?: HttpVersion;
                                                                                                        • The max supported HTTP Versions.

                                                                                                          HttpVersion.HTTP2

                                                                                                        property loggingConfig

                                                                                                        readonly loggingConfig?: LoggingConfiguration;
                                                                                                        • Optional - if we should enable logging. You can pass an empty object ({}) to have us auto create a bucket for logging. Omission of this property indicates no logging is to be enabled.

                                                                                                          - no logging is enabled by default.

                                                                                                        property originConfigs

                                                                                                        readonly originConfigs: SourceConfiguration[];
                                                                                                        • The origin configurations for this distribution. Behaviors are a part of the origin.

                                                                                                        property priceClass

                                                                                                        readonly priceClass?: PriceClass;
                                                                                                        • The price class for the distribution (this impacts how many locations CloudFront uses for your distribution, and billing)

                                                                                                          PriceClass.PRICE_CLASS_100 the cheapest option for CloudFront is picked by default.

                                                                                                        property viewerCertificate

                                                                                                        readonly viewerCertificate?: ViewerCertificate;
                                                                                                        • Specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.

                                                                                                          ViewerCertificate.fromCloudFrontDefaultCertificate()

                                                                                                          See Also

                                                                                                          • https://aws.amazon.com/premiumsupport/knowledge-center/custom-ssl-certificate-cloudfront/

                                                                                                        property viewerProtocolPolicy

                                                                                                        readonly viewerProtocolPolicy?: ViewerProtocolPolicy;
                                                                                                        • The default viewer policy for incoming clients.

                                                                                                          RedirectToHTTPs

                                                                                                        property webACLId

                                                                                                        readonly webACLId?: string;
                                                                                                        • Unique identifier that specifies the AWS WAF web ACL to associate with this CloudFront distribution.

                                                                                                          To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                                          To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                                          See Also

                                                                                                          • https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

                                                                                                          • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html#API_CreateDistribution_RequestParameters.

                                                                                                            - No AWS Web Application Firewall web access control list (web ACL).

                                                                                                        interface CustomOriginConfig

                                                                                                        interface CustomOriginConfig {}
                                                                                                        • A custom origin configuration

                                                                                                        property allowedOriginSSLVersions

                                                                                                        readonly allowedOriginSSLVersions?: OriginSslPolicy[];
                                                                                                        • The SSL versions to use when interacting with the origin.

                                                                                                          OriginSslPolicy.TLS_V1_2

                                                                                                        property domainName

                                                                                                        readonly domainName: string;
                                                                                                        • The domain name of the custom origin. Should not include the path - that should be in the parent SourceConfiguration

                                                                                                        property httpPort

                                                                                                        readonly httpPort?: number;
                                                                                                        • The origin HTTP port

                                                                                                          80

                                                                                                        property httpsPort

                                                                                                        readonly httpsPort?: number;
                                                                                                        • The origin HTTPS port

                                                                                                          443

                                                                                                        property originHeaders

                                                                                                        readonly originHeaders?: {
                                                                                                        [key: string]: string;
                                                                                                        };
                                                                                                        • Any additional headers to pass to the origin

                                                                                                          - No additional headers are passed.

                                                                                                        property originKeepaliveTimeout

                                                                                                        readonly originKeepaliveTimeout?: cdk.Duration;
                                                                                                        • The keep alive timeout when making calls in seconds.

                                                                                                          Duration.seconds(5)

                                                                                                        property originPath

                                                                                                        readonly originPath?: string;
                                                                                                        • The relative path to the origin root to use for sources.

                                                                                                          /

                                                                                                        property originProtocolPolicy

                                                                                                        readonly originProtocolPolicy?: OriginProtocolPolicy;
                                                                                                        • The protocol (http or https) policy to use when interacting with the origin.

                                                                                                          OriginProtocolPolicy.HttpsOnly

                                                                                                        property originReadTimeout

                                                                                                        readonly originReadTimeout?: cdk.Duration;
                                                                                                        • The read timeout when calling the origin in seconds

                                                                                                          Duration.seconds(30)

                                                                                                        property originShieldRegion

                                                                                                        readonly originShieldRegion?: string;
                                                                                                        • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                          - origin shield not enabled

                                                                                                        interface DistributionAttributes

                                                                                                        interface DistributionAttributes {}
                                                                                                        • Attributes used to import a Distribution.

                                                                                                        property distributionId

                                                                                                        readonly distributionId: string;
                                                                                                        • The distribution ID for this distribution.

                                                                                                        property domainName

                                                                                                        readonly domainName: string;
                                                                                                        • The generated domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                        interface DistributionProps

                                                                                                        interface DistributionProps {}
                                                                                                        • Properties for a Distribution

                                                                                                        property additionalBehaviors

                                                                                                        readonly additionalBehaviors?: Record<string, BehaviorOptions>;
                                                                                                        • Additional behaviors for the distribution, mapped by the pathPattern that specifies which requests to apply the behavior to.

                                                                                                          - no additional behaviors are added.

                                                                                                        property certificate

                                                                                                        readonly certificate?: acm.ICertificate;
                                                                                                        • A certificate to associate with the distribution. The certificate must be located in N. Virginia (us-east-1).

                                                                                                          - the CloudFront wildcard certificate (*.cloudfront.net) will be used.

                                                                                                        property comment

                                                                                                        readonly comment?: string;
                                                                                                        • Any comments you want to include about the distribution.

                                                                                                          - no comment

                                                                                                        property defaultBehavior

                                                                                                        readonly defaultBehavior: BehaviorOptions;
                                                                                                        • The default behavior for the distribution.

                                                                                                        property defaultRootObject

                                                                                                        readonly defaultRootObject?: string;
                                                                                                        • The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution. If no default object is set, the request goes to the origin's root (e.g., example.com/).

                                                                                                          - no default root object

                                                                                                        property domainNames

                                                                                                        readonly domainNames?: string[];
                                                                                                        • Alternative domain names for this distribution.

                                                                                                          If you want to use your own domain name, such as www.example.com, instead of the cloudfront.net domain name, you can add an alternate domain name to your distribution. If you attach a certificate to the distribution, you must add (at least one of) the domain names of the certificate to this list.

                                                                                                          - The distribution will only support the default generated name (e.g., d111111abcdef8.cloudfront.net)

                                                                                                        property enabled

                                                                                                        readonly enabled?: boolean;
                                                                                                        • Enable or disable the distribution.

                                                                                                          true

                                                                                                        property enableIpv6

                                                                                                        readonly enableIpv6?: boolean;
                                                                                                        • Whether CloudFront will respond to IPv6 DNS requests with an IPv6 address.

                                                                                                          If you specify false, CloudFront responds to IPv6 DNS requests with the DNS response code NOERROR and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.

                                                                                                          true

                                                                                                        property enableLogging

                                                                                                        readonly enableLogging?: boolean;
                                                                                                        • Enable access logging for the distribution.

                                                                                                          - false, unless logBucket is specified.

                                                                                                        property errorResponses

                                                                                                        readonly errorResponses?: ErrorResponse[];
                                                                                                        • How CloudFront should handle requests that are not successful (e.g., PageNotFound).

                                                                                                          - No custom error responses.

                                                                                                        property geoRestriction

                                                                                                        readonly geoRestriction?: GeoRestriction;
                                                                                                        • Controls the countries in which your content is distributed.

                                                                                                          - No geographic restrictions

                                                                                                        property httpVersion

                                                                                                        readonly httpVersion?: HttpVersion;
                                                                                                        • Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront.

                                                                                                          For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must support server name identification (SNI).

                                                                                                          HttpVersion.HTTP2

                                                                                                        property logBucket

                                                                                                        readonly logBucket?: s3.IBucket;
                                                                                                        • The Amazon S3 bucket to store the access logs in.

                                                                                                          - A bucket is created if enableLogging is true

                                                                                                        property logFilePrefix

                                                                                                        readonly logFilePrefix?: string;
                                                                                                        • An optional string that you want CloudFront to prefix to the access log filenames for this distribution.

                                                                                                          - no prefix

                                                                                                        property logIncludesCookies

                                                                                                        readonly logIncludesCookies?: boolean;
                                                                                                        • Specifies whether you want CloudFront to include cookies in access logs

                                                                                                          false

                                                                                                        property minimumProtocolVersion

                                                                                                        readonly minimumProtocolVersion?: SecurityPolicyProtocol;
                                                                                                        • The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

                                                                                                          CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

                                                                                                          - SecurityPolicyProtocol.TLS_V1_2_2021 if the '@aws-cdk/aws-cloudfront:defaultSecurityPolicyTLSv1.2_2021' feature flag is set; otherwise, SecurityPolicyProtocol.TLS_V1_2_2019.

                                                                                                        property priceClass

                                                                                                        readonly priceClass?: PriceClass;
                                                                                                        • The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify PriceClass_All, CloudFront responds to requests for your objects from all CloudFront edge locations. If you specify a price class other than PriceClass_All, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class.

                                                                                                          PriceClass.PRICE_CLASS_ALL

                                                                                                        property sslSupportMethod

                                                                                                        readonly sslSupportMethod?: SSLMethod;
                                                                                                        • The SSL method CloudFront will use for your distribution.

                                                                                                          Server Name Indication (SNI) - is an extension to the TLS computer networking protocol by which a client indicates which hostname it is attempting to connect to at the start of the handshaking process. This allows a server to present multiple certificates on the same IP address and TCP port number and hence allows multiple secure (HTTPS) websites (or any other service over TLS) to be served by the same IP address without requiring all those sites to use the same certificate.

                                                                                                          CloudFront can use SNI to host multiple distributions on the same IP - which a large majority of clients will support.

                                                                                                          If your clients cannot support SNI however - CloudFront can use dedicated IPs for your distribution - but there is a prorated monthly charge for using this feature. By default, we use SNI - but you can optionally enable dedicated IPs (VIP).

                                                                                                          See the CloudFront SSL for more details about pricing : https://aws.amazon.com/cloudfront/custom-ssl-domains/

                                                                                                          SSLMethod.SNI

                                                                                                        property webAclId

                                                                                                        readonly webAclId?: string;
                                                                                                        • Unique identifier that specifies the AWS WAF web ACL to associate with this CloudFront distribution.

                                                                                                          To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

                                                                                                          See Also

                                                                                                          • https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

                                                                                                          • https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html#API_CreateDistribution_RequestParameters.

                                                                                                            - No AWS Web Application Firewall web access control list (web ACL).

                                                                                                        interface EdgeLambda

                                                                                                        interface EdgeLambda {}

                                                                                                        property eventType

                                                                                                        readonly eventType: LambdaEdgeEventType;
                                                                                                        • The type of event in response to which should the function be invoked.

                                                                                                        property functionVersion

                                                                                                        readonly functionVersion: lambda.IVersion;
                                                                                                        • The version of the Lambda function that will be invoked.

                                                                                                          **Note**: it's not possible to use the '$LATEST' function version for Lambda@Edge!

                                                                                                        property includeBody

                                                                                                        readonly includeBody?: boolean;
                                                                                                        • Allows a Lambda function to have read access to the body content. Only valid for "request" event types (ORIGIN_REQUEST or VIEWER_REQUEST). See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html

                                                                                                          false

                                                                                                        interface ErrorResponse

                                                                                                        interface ErrorResponse {}
                                                                                                        • Options for configuring custom error responses.

                                                                                                        property httpStatus

                                                                                                        readonly httpStatus: number;
                                                                                                        • The HTTP status code for which you want to specify a custom error page and/or a caching duration.

                                                                                                        property responseHttpStatus

                                                                                                        readonly responseHttpStatus?: number;
                                                                                                        • The HTTP status code that you want CloudFront to return to the viewer along with the custom error page.

                                                                                                          If you specify a value for responseHttpStatus, you must also specify a value for responsePagePath.

                                                                                                          - the error code will be returned as the response code.

                                                                                                        property responsePagePath

                                                                                                        readonly responsePagePath?: string;
                                                                                                        • The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the httpStatus, for example, /4xx-errors/403-forbidden.html

                                                                                                          - the default CloudFront response is shown.

                                                                                                        property ttl

                                                                                                        readonly ttl?: Duration;
                                                                                                        • The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ErrorCode.

                                                                                                          - the default caching TTL behavior applies

                                                                                                        interface FileCodeOptions

                                                                                                        interface FileCodeOptions {}
                                                                                                        • Options when reading the function's code from an external file

                                                                                                        property filePath

                                                                                                        readonly filePath: string;
                                                                                                        • The path of the file to read the code from

                                                                                                        interface FunctionAssociation

                                                                                                        interface FunctionAssociation {}

                                                                                                        property eventType

                                                                                                        readonly eventType: FunctionEventType;
                                                                                                        • The type of event which should invoke the function.

                                                                                                        property function

                                                                                                        readonly function: IFunction;
                                                                                                        • The CloudFront function that will be invoked.

                                                                                                        interface FunctionAttributes

                                                                                                        interface FunctionAttributes {}
                                                                                                        • Attributes of an existing CloudFront Function to import it

                                                                                                        property functionArn

                                                                                                        readonly functionArn: string;
                                                                                                        • The ARN of the function.

                                                                                                        property functionName

                                                                                                        readonly functionName: string;
                                                                                                        • The name of the function.

                                                                                                        interface FunctionProps

                                                                                                        interface FunctionProps {}
                                                                                                        • Properties for creating a CloudFront Function

                                                                                                        property code

                                                                                                        readonly code: FunctionCode;
                                                                                                        • The source code of the function.

                                                                                                        property comment

                                                                                                        readonly comment?: string;
                                                                                                        • A comment to describe the function. - same as functionName

                                                                                                        property functionName

                                                                                                        readonly functionName?: string;
                                                                                                        • A name to identify the function. - generated from the id

                                                                                                        interface ICachePolicy

                                                                                                        interface ICachePolicy {}
                                                                                                        • Represents a Cache Policy

                                                                                                        property cachePolicyId

                                                                                                        readonly cachePolicyId: string;
                                                                                                        • The ID of the cache policy

                                                                                                        interface IDistribution

                                                                                                        interface IDistribution extends IResource {}
                                                                                                        • Interface for CloudFront distributions

                                                                                                        property distributionDomainName

                                                                                                        readonly distributionDomainName: string;
                                                                                                        • The domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                        property distributionId

                                                                                                        readonly distributionId: string;
                                                                                                        • The distribution ID for this distribution.

                                                                                                        property domainName

                                                                                                        readonly domainName: string;
                                                                                                        • The domain name of the Distribution, such as d111111abcdef8.cloudfront.net.

                                                                                                          Deprecated

                                                                                                          - Use distributionDomainName instead.

                                                                                                        interface IFunction

                                                                                                        interface IFunction extends IResource {}
                                                                                                        • Represents a CloudFront Function

                                                                                                        property functionArn

                                                                                                        readonly functionArn: string;
                                                                                                        • The ARN of the function.

                                                                                                        property functionName

                                                                                                        readonly functionName: string;
                                                                                                        • The name of the function.

                                                                                                        interface IKeyGroup

                                                                                                        interface IKeyGroup extends IResource {}
                                                                                                        • Represents a Key Group

                                                                                                        property keyGroupId

                                                                                                        readonly keyGroupId: string;
                                                                                                        • The ID of the key group.

                                                                                                        interface IOrigin

                                                                                                        interface IOrigin {}
                                                                                                        • Represents the concept of a CloudFront Origin. You provide one or more origins when creating a Distribution.

                                                                                                        method bind

                                                                                                        bind: (scope: Construct, options: OriginBindOptions) => OriginBindConfig;
                                                                                                        • The method called when a given Origin is added (for the first time) to a Distribution.

                                                                                                        interface IOriginAccessIdentity

                                                                                                        interface IOriginAccessIdentity extends cdk.IResource, iam.IGrantable {}
                                                                                                        • Interface for CloudFront OriginAccessIdentity

                                                                                                        property originAccessIdentityName

                                                                                                        readonly originAccessIdentityName: string;
                                                                                                        • The Origin Access Identity Name

                                                                                                        interface IOriginRequestPolicy

                                                                                                        interface IOriginRequestPolicy {}
                                                                                                        • Represents a Origin Request Policy

                                                                                                        property originRequestPolicyId

                                                                                                        readonly originRequestPolicyId: string;
                                                                                                        • The ID of the origin request policy

                                                                                                        interface IPublicKey

                                                                                                        interface IPublicKey extends IResource {}
                                                                                                        • Represents a Public Key

                                                                                                        property publicKeyId

                                                                                                        readonly publicKeyId: string;
                                                                                                        • The ID of the key group.

                                                                                                        interface IResponseHeadersPolicy

                                                                                                        interface IResponseHeadersPolicy {}
                                                                                                        • Represents a response headers policy.

                                                                                                        property responseHeadersPolicyId

                                                                                                        readonly responseHeadersPolicyId: string;
                                                                                                        • The ID of the response headers policy

                                                                                                        interface KeyGroupProps

                                                                                                        interface KeyGroupProps {}
                                                                                                        • Properties for creating a Public Key

                                                                                                        property comment

                                                                                                        readonly comment?: string;
                                                                                                        • A comment to describe the key group. - no comment

                                                                                                        property items

                                                                                                        readonly items: IPublicKey[];
                                                                                                        • A list of public keys to add to the key group.

                                                                                                        property keyGroupName

                                                                                                        readonly keyGroupName?: string;
                                                                                                        • A name to identify the key group. - generated from the id

                                                                                                        interface LambdaFunctionAssociation

                                                                                                        interface LambdaFunctionAssociation {}

                                                                                                          property eventType

                                                                                                          readonly eventType: LambdaEdgeEventType;
                                                                                                          • The lambda event type defines at which event the lambda is called during the request lifecycle

                                                                                                          property includeBody

                                                                                                          readonly includeBody?: boolean;
                                                                                                          • Allows a Lambda function to have read access to the body content. Only valid for "request" event types (ORIGIN_REQUEST or VIEWER_REQUEST). See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/lambda-include-body-access.html

                                                                                                            false

                                                                                                          property lambdaFunction

                                                                                                          readonly lambdaFunction: lambda.IVersion;
                                                                                                          • A version of the lambda to associate

                                                                                                          interface LoggingConfiguration

                                                                                                          interface LoggingConfiguration {}
                                                                                                          • Logging configuration for incoming requests

                                                                                                          property bucket

                                                                                                          readonly bucket?: s3.IBucket;
                                                                                                          • Bucket to log requests to

                                                                                                            - A logging bucket is automatically created.

                                                                                                          property includeCookies

                                                                                                          readonly includeCookies?: boolean;
                                                                                                          • Whether to include the cookies in the logs

                                                                                                            false

                                                                                                          property prefix

                                                                                                          readonly prefix?: string;
                                                                                                          • Where in the bucket to store logs

                                                                                                            - No prefix.

                                                                                                          interface OriginAccessIdentityProps

                                                                                                          interface OriginAccessIdentityProps {}
                                                                                                          • Properties of CloudFront OriginAccessIdentity

                                                                                                          property comment

                                                                                                          readonly comment?: string;
                                                                                                          • Any comments you want to include about the origin access identity.

                                                                                                            "Allows CloudFront to reach the bucket"

                                                                                                          interface OriginBindConfig

                                                                                                          interface OriginBindConfig {}

                                                                                                          property failoverConfig

                                                                                                          readonly failoverConfig?: OriginFailoverConfig;
                                                                                                          • The failover configuration for this Origin.

                                                                                                            - nothing is returned

                                                                                                          property originProperty

                                                                                                          readonly originProperty?: CfnDistribution.OriginProperty;
                                                                                                          • The CloudFormation OriginProperty configuration for this Origin.

                                                                                                            - nothing is returned

                                                                                                          interface OriginBindOptions

                                                                                                          interface OriginBindOptions {}
                                                                                                          • Options passed to Origin.bind().

                                                                                                          property originId

                                                                                                          readonly originId: string;
                                                                                                          • The identifier of this Origin, as assigned by the Distribution this Origin has been used added to.

                                                                                                          interface OriginFailoverConfig

                                                                                                          interface OriginFailoverConfig {}

                                                                                                          property failoverOrigin

                                                                                                          readonly failoverOrigin: IOrigin;
                                                                                                          • The origin to use as the fallback origin.

                                                                                                          property statusCodes

                                                                                                          readonly statusCodes?: number[];
                                                                                                          • The HTTP status codes of the response that trigger querying the failover Origin.

                                                                                                            - 500, 502, 503 and 504

                                                                                                          interface OriginOptions

                                                                                                          interface OriginOptions {}
                                                                                                          • Options to define an Origin.

                                                                                                          property connectionAttempts

                                                                                                          readonly connectionAttempts?: number;
                                                                                                          • The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts.

                                                                                                            3

                                                                                                          property connectionTimeout

                                                                                                          readonly connectionTimeout?: Duration;
                                                                                                          • The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive.

                                                                                                            Duration.seconds(10)

                                                                                                          property customHeaders

                                                                                                          readonly customHeaders?: Record<string, string>;
                                                                                                          • A list of HTTP header names and values that CloudFront adds to requests it sends to the origin.

                                                                                                            {}

                                                                                                          property originShieldRegion

                                                                                                          readonly originShieldRegion?: string;
                                                                                                          • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                            See Also

                                                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html

                                                                                                              - origin shield not enabled

                                                                                                          interface OriginProps

                                                                                                          interface OriginProps extends OriginOptions {}
                                                                                                          • Properties to define an Origin.

                                                                                                          property originPath

                                                                                                          readonly originPath?: string;
                                                                                                          • An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with '/' (e.g., '/production/images').

                                                                                                            '/'

                                                                                                          interface OriginRequestPolicyProps

                                                                                                          interface OriginRequestPolicyProps {}
                                                                                                          • Properties for creating a Origin Request Policy

                                                                                                          property comment

                                                                                                          readonly comment?: string;
                                                                                                          • A comment to describe the origin request policy. - no comment

                                                                                                          property cookieBehavior

                                                                                                          readonly cookieBehavior?: OriginRequestCookieBehavior;
                                                                                                          • The cookies from viewer requests to include in origin requests. OriginRequestCookieBehavior.none()

                                                                                                          property headerBehavior

                                                                                                          readonly headerBehavior?: OriginRequestHeaderBehavior;
                                                                                                          • The HTTP headers to include in origin requests. These can include headers from viewer requests and additional headers added by CloudFront. OriginRequestHeaderBehavior.none()

                                                                                                          property originRequestPolicyName

                                                                                                          readonly originRequestPolicyName?: string;
                                                                                                          • A unique name to identify the origin request policy. The name must only include '-', '_', or alphanumeric characters. - generated from the id

                                                                                                          property queryStringBehavior

                                                                                                          readonly queryStringBehavior?: OriginRequestQueryStringBehavior;
                                                                                                          • The URL query strings from viewer requests to include in origin requests. OriginRequestQueryStringBehavior.none()

                                                                                                          interface PublicKeyProps

                                                                                                          interface PublicKeyProps {}
                                                                                                          • Properties for creating a Public Key

                                                                                                          property comment

                                                                                                          readonly comment?: string;
                                                                                                          • A comment to describe the public key. - no comment

                                                                                                          property encodedKey

                                                                                                          readonly encodedKey: string;
                                                                                                          • The public key that you can use with signed URLs and signed cookies, or with field-level encryption. The encodedKey parameter must include -----BEGIN PUBLIC KEY----- and -----END PUBLIC KEY----- lines.

                                                                                                            See Also

                                                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

                                                                                                            • https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html

                                                                                                          property publicKeyName

                                                                                                          readonly publicKeyName?: string;
                                                                                                          • A name to identify the public key. - generated from the id

                                                                                                          interface ResponseCustomHeader

                                                                                                          interface ResponseCustomHeader {}
                                                                                                          • An HTTP response header name and its value. CloudFront includes this header in HTTP responses that it sends for requests that match a cache behavior that’s associated with this response headers policy.

                                                                                                          property header

                                                                                                          readonly header: string;
                                                                                                          • The HTTP response header name.

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides a response header with the same name received from the origin with the header specified here.

                                                                                                          property value

                                                                                                          readonly value: string;
                                                                                                          • The value for the HTTP response header.

                                                                                                          interface ResponseCustomHeadersBehavior

                                                                                                          interface ResponseCustomHeadersBehavior {}
                                                                                                          • Configuration for a set of HTTP response headers that are sent for requests that match a cache behavior that’s associated with this response headers policy.

                                                                                                          property customHeaders

                                                                                                          readonly customHeaders: ResponseCustomHeader[];
                                                                                                          • The list of HTTP response headers and their values.

                                                                                                          interface ResponseHeadersContentSecurityPolicy

                                                                                                          interface ResponseHeadersContentSecurityPolicy {}
                                                                                                          • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                          property contentSecurityPolicy

                                                                                                          readonly contentSecurityPolicy: string;
                                                                                                          • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides the Content-Security-Policy HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                          interface ResponseHeadersContentTypeOptions

                                                                                                          interface ResponseHeadersContentTypeOptions {}
                                                                                                          • Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides the X-Content-Type-Options HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                          interface ResponseHeadersCorsBehavior

                                                                                                          interface ResponseHeadersCorsBehavior {}
                                                                                                          • Configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.

                                                                                                          property accessControlAllowCredentials

                                                                                                          readonly accessControlAllowCredentials: boolean;
                                                                                                          • A Boolean that CloudFront uses as the value for the Access-Control-Allow-Credentials HTTP response header.

                                                                                                          property accessControlAllowHeaders

                                                                                                          readonly accessControlAllowHeaders: string[];
                                                                                                          • A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header. You can specify ['*'] to allow all headers.

                                                                                                          property accessControlAllowMethods

                                                                                                          readonly accessControlAllowMethods: string[];
                                                                                                          • A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.

                                                                                                          property accessControlAllowOrigins

                                                                                                          readonly accessControlAllowOrigins: string[];
                                                                                                          • A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header. You can specify ['*'] to allow all origins.

                                                                                                          property accessControlExposeHeaders

                                                                                                          readonly accessControlExposeHeaders?: string[];
                                                                                                          • A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header. You can specify ['*'] to expose all headers.

                                                                                                            - no headers exposed

                                                                                                          property accessControlMaxAge

                                                                                                          readonly accessControlMaxAge?: Duration;
                                                                                                          • A number that CloudFront uses as the value for the Access-Control-Max-Age HTTP response header.

                                                                                                            - no max age

                                                                                                          property originOverride

                                                                                                          readonly originOverride: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides HTTP response headers received from the origin with the ones specified in this response headers policy.

                                                                                                          interface ResponseHeadersFrameOptions

                                                                                                          interface ResponseHeadersFrameOptions {}
                                                                                                          • Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.

                                                                                                          property frameOption

                                                                                                          readonly frameOption: HeadersFrameOption;
                                                                                                          • The value of the X-Frame-Options HTTP response header.

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides the X-Frame-Options HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                          interface ResponseHeadersPolicyProps

                                                                                                          interface ResponseHeadersPolicyProps {}
                                                                                                          • Properties for creating a Response Headers Policy

                                                                                                          property comment

                                                                                                          readonly comment?: string;
                                                                                                          • A comment to describe the response headers policy.

                                                                                                            - no comment

                                                                                                          property corsBehavior

                                                                                                          readonly corsBehavior?: ResponseHeadersCorsBehavior;
                                                                                                          • A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS).

                                                                                                            - no cors behavior

                                                                                                          property customHeadersBehavior

                                                                                                          readonly customHeadersBehavior?: ResponseCustomHeadersBehavior;
                                                                                                          • A configuration for a set of custom HTTP response headers.

                                                                                                            - no custom headers behavior

                                                                                                          property responseHeadersPolicyName

                                                                                                          readonly responseHeadersPolicyName?: string;
                                                                                                          • A unique name to identify the response headers policy.

                                                                                                            - generated from the id

                                                                                                          property securityHeadersBehavior

                                                                                                          readonly securityHeadersBehavior?: ResponseSecurityHeadersBehavior;
                                                                                                          • A configuration for a set of security-related HTTP response headers.

                                                                                                            - no security headers behavior

                                                                                                          interface ResponseHeadersReferrerPolicy

                                                                                                          interface ResponseHeadersReferrerPolicy {}
                                                                                                          • Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides the Referrer-Policy HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                          property referrerPolicy

                                                                                                          readonly referrerPolicy: HeadersReferrerPolicy;
                                                                                                          • The value of the Referrer-Policy HTTP response header.

                                                                                                          interface ResponseHeadersStrictTransportSecurity

                                                                                                          interface ResponseHeadersStrictTransportSecurity {}
                                                                                                          • Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.

                                                                                                          property accessControlMaxAge

                                                                                                          readonly accessControlMaxAge: Duration;
                                                                                                          • A number that CloudFront uses as the value for the max-age directive in the Strict-Transport-Security HTTP response header.

                                                                                                          property includeSubdomains

                                                                                                          readonly includeSubdomains?: boolean;
                                                                                                          • A Boolean that determines whether CloudFront includes the includeSubDomains directive in the Strict-Transport-Security HTTP response header.

                                                                                                            false

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides the Strict-Transport-Security HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                          property preload

                                                                                                          readonly preload?: boolean;
                                                                                                          • A Boolean that determines whether CloudFront includes the preload directive in the Strict-Transport-Security HTTP response header.

                                                                                                            false

                                                                                                          interface ResponseHeadersXSSProtection

                                                                                                          interface ResponseHeadersXSSProtection {}
                                                                                                          • Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.

                                                                                                          property modeBlock

                                                                                                          readonly modeBlock?: boolean;
                                                                                                          • A Boolean that determines whether CloudFront includes the mode=block directive in the X-XSS-Protection header.

                                                                                                            false

                                                                                                          property override

                                                                                                          readonly override: boolean;
                                                                                                          • A Boolean that determines whether CloudFront overrides the X-XSS-Protection HTTP response header received from the origin with the one specified in this response headers policy.

                                                                                                          property protection

                                                                                                          readonly protection: boolean;
                                                                                                          • A Boolean that determines the value of the X-XSS-Protection HTTP response header. When this setting is true, the value of the X-XSS-Protection header is 1. When this setting is false, the value of the X-XSS-Protection header is 0.

                                                                                                          property reportUri

                                                                                                          readonly reportUri?: string;
                                                                                                          • A reporting URI, which CloudFront uses as the value of the report directive in the X-XSS-Protection header. You cannot specify a ReportUri when ModeBlock is true.

                                                                                                            - no report uri

                                                                                                          interface ResponseSecurityHeadersBehavior

                                                                                                          interface ResponseSecurityHeadersBehavior {}
                                                                                                          • Configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.

                                                                                                          property contentSecurityPolicy

                                                                                                          readonly contentSecurityPolicy?: ResponseHeadersContentSecurityPolicy;
                                                                                                          • The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.

                                                                                                            - no content security policy

                                                                                                          property contentTypeOptions

                                                                                                          readonly contentTypeOptions?: ResponseHeadersContentTypeOptions;
                                                                                                          • Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.

                                                                                                            - no content type options

                                                                                                          property frameOptions

                                                                                                          readonly frameOptions?: ResponseHeadersFrameOptions;
                                                                                                          • Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header’s value.

                                                                                                            - no frame options

                                                                                                          property referrerPolicy

                                                                                                          readonly referrerPolicy?: ResponseHeadersReferrerPolicy;
                                                                                                          • Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header’s value.

                                                                                                            - no referrer policy

                                                                                                          property strictTransportSecurity

                                                                                                          readonly strictTransportSecurity?: ResponseHeadersStrictTransportSecurity;
                                                                                                          • Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header’s value.

                                                                                                            - no strict transport security

                                                                                                          property xssProtection

                                                                                                          readonly xssProtection?: ResponseHeadersXSSProtection;
                                                                                                          • Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header’s value.

                                                                                                            - no xss protection

                                                                                                          interface S3OriginConfig

                                                                                                          interface S3OriginConfig {}
                                                                                                          • S3 origin configuration for CloudFront

                                                                                                          property originAccessIdentity

                                                                                                          readonly originAccessIdentity?: IOriginAccessIdentity;
                                                                                                          • The optional Origin Access Identity of the origin identity cloudfront will use when calling your s3 bucket.

                                                                                                            No Origin Access Identity which requires the S3 bucket to be public accessible

                                                                                                          property originHeaders

                                                                                                          readonly originHeaders?: {
                                                                                                          [key: string]: string;
                                                                                                          };
                                                                                                          • Any additional headers to pass to the origin

                                                                                                            - No additional headers are passed.

                                                                                                          property originPath

                                                                                                          readonly originPath?: string;
                                                                                                          • The relative path to the origin root to use for sources.

                                                                                                            /

                                                                                                          property originShieldRegion

                                                                                                          readonly originShieldRegion?: string;
                                                                                                          • When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance

                                                                                                            - origin shield not enabled

                                                                                                          property