class Aws::CloudFront::Types::DefaultCacheBehavior

A complex type that describes the default cache behavior if you don’t specify a `CacheBehavior` element or if request URLs don’t match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.

@note When making an API call, you may pass DefaultCacheBehavior

data as a hash:

    {
      target_origin_id: "string", # required
      trusted_signers: {
        enabled: false, # required
        quantity: 1, # required
        items: ["string"],
      },
      trusted_key_groups: {
        enabled: false, # required
        quantity: 1, # required
        items: ["string"],
      },
      viewer_protocol_policy: "allow-all", # required, accepts allow-all, https-only, redirect-to-https
      allowed_methods: {
        quantity: 1, # required
        items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
        cached_methods: {
          quantity: 1, # required
          items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
        },
      },
      smooth_streaming: false,
      compress: false,
      lambda_function_associations: {
        quantity: 1, # required
        items: [
          {
            lambda_function_arn: "LambdaFunctionARN", # required
            event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
            include_body: false,
          },
        ],
      },
      function_associations: {
        quantity: 1, # required
        items: [
          {
            function_arn: "FunctionARN", # required
            event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
          },
        ],
      },
      field_level_encryption_id: "string",
      realtime_log_config_arn: "string",
      cache_policy_id: "string",
      origin_request_policy_id: "string",
      forwarded_values: {
        query_string: false, # required
        cookies: { # required
          forward: "none", # required, accepts none, whitelist, all
          whitelisted_names: {
            quantity: 1, # required
            items: ["string"],
          },
        },
        headers: {
          quantity: 1, # required
          items: ["string"],
        },
        query_string_cache_keys: {
          quantity: 1, # required
          items: ["string"],
        },
      },
      min_ttl: 1,
      default_ttl: 1,
      max_ttl: 1,
    }

@!attribute [rw] target_origin_id

The value of `ID` for the origin that you want CloudFront to route
requests to when they use the default cache behavior.
@return [String]

@!attribute [rw] trusted_signers

We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.

A list of account IDs whose public keys CloudFront can use to
validate signed URLs or signed cookies.

When a cache behavior contains trusted signers, CloudFront requires
signed URLs or signed cookies for all requests that match the cache
behavior. The URLs or cookies must be signed with the private key of
a CloudFront key pair in a trusted signer’s account. The signed URL
or cookie contains information about which public key CloudFront
should use to verify the signature. For more information, see
[Serving private content][1] in the *Amazon CloudFront Developer
Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
@return [Types::TrustedSigners]

@!attribute [rw] trusted_key_groups

A list of key groups that CloudFront can use to validate signed URLs
or signed cookies.

When a cache behavior contains trusted key groups, CloudFront
requires signed URLs or signed cookies for all requests that match
the cache behavior. The URLs or cookies must be signed with a
private key whose corresponding public key is in the key group. The
signed URL or cookie contains information about which public key
CloudFront should use to verify the signature. For more information,
see [Serving private content][1] in the *Amazon CloudFront Developer
Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
@return [Types::TrustedKeyGroups]

@!attribute [rw] viewer_protocol_policy

The protocol that viewers can use to access the files in the origin
specified by `TargetOriginId` when a request matches the path
pattern in `PathPattern`. You can specify the following options:

* `allow-all`\: Viewers can use HTTP or HTTPS.

* `redirect-to-https`\: If a viewer submits an HTTP request,
  CloudFront returns an HTTP status code of 301 (Moved Permanently)
  to the viewer along with the HTTPS URL. The viewer then resubmits
  the request using the new URL.

* `https-only`\: If a viewer sends an HTTP request, CloudFront
  returns an HTTP status code of 403 (Forbidden).

For more information about requiring the HTTPS protocol, see
[Requiring HTTPS Between Viewers and CloudFront][1] in the *Amazon
CloudFront Developer Guide*.

<note markdown="1"> The only way to guarantee that viewers retrieve an object that was
fetched from the origin using HTTPS is never to use any other
protocol to fetch the object. If you have recently changed from HTTP
to HTTPS, we recommend that you clear your objects’ cache because
cached objects are protocol agnostic. That means that an edge
location will return an object from the cache regardless of whether
the current request protocol matches the protocol used previously.
For more information, see [Managing Cache Expiration][2] in the
*Amazon CloudFront Developer Guide*.

 </note>

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
@return [String]

@!attribute [rw] allowed_methods

A complex type that controls which HTTP methods CloudFront processes
and forwards to your Amazon S3 bucket or your custom origin. There
are three choices:

* CloudFront forwards only `GET` and `HEAD` requests.

* CloudFront forwards only `GET`, `HEAD`, and `OPTIONS` requests.

* CloudFront forwards `GET, HEAD, OPTIONS, PUT, PATCH, POST`, and
  `DELETE` requests.

If you pick the third choice, you may need to restrict access to
your Amazon S3 bucket or to your custom origin so users can't
perform operations that you don't want them to. For example, you
might not want users to have permissions to delete objects from your
origin.
@return [Types::AllowedMethods]

@!attribute [rw] smooth_streaming

Indicates whether you want to distribute media files in the
Microsoft Smooth Streaming format using the origin that is
associated with this cache behavior. If so, specify `true`; if not,
specify `false`. If you specify `true` for `SmoothStreaming`, you
can still distribute other content using this cache behavior if the
content matches the value of `PathPattern`.
@return [Boolean]

@!attribute [rw] compress

Whether you want CloudFront to automatically compress certain files
for this cache behavior. If so, specify `true`; if not, specify
`false`. For more information, see [Serving Compressed Files][1] in
the *Amazon CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html
@return [Boolean]

@!attribute [rw] lambda_function_associations

A complex type that contains zero or more Lambda@Edge function
associations for a cache behavior.
@return [Types::LambdaFunctionAssociations]

@!attribute [rw] function_associations

A list of CloudFront functions that are associated with this cache
behavior. CloudFront functions must be published to the `LIVE` stage
to associate them with a cache behavior.
@return [Types::FunctionAssociations]

@!attribute [rw] field_level_encryption_id

The value of `ID` for the field-level encryption configuration that
you want CloudFront to use for encrypting specific fields of data
for the default cache behavior.
@return [String]

@!attribute [rw] realtime_log_config_arn

The Amazon Resource Name (ARN) of the real-time log configuration
that is attached to this cache behavior. For more information, see
[Real-time logs][1] in the *Amazon CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html
@return [String]

@!attribute [rw] cache_policy_id

The unique identifier of the cache policy that is attached to the
default cache behavior. For more information, see [Creating cache
policies][1] or [Using the managed cache policies][2] in the *Amazon
CloudFront Developer Guide*.

A `DefaultCacheBehavior` must include either a `CachePolicyId` or
`ForwardedValues`. We recommend that you use a `CachePolicyId`.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
@return [String]

@!attribute [rw] origin_request_policy_id

The unique identifier of the origin request policy that is attached
to the default cache behavior. For more information, see [Creating
origin request policies][1] or [Using the managed origin request
policies][2] in the *Amazon CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html
@return [String]

@!attribute [rw] forwarded_values

This field is deprecated. We recommend that you use a cache policy
or an origin request policy instead of this field. For more
information, see [Working with policies][1] in the *Amazon
CloudFront Developer Guide*.

If you want to include values in the cache key, use a cache policy.
For more information, see [Creating cache policies][2] or [Using the
managed cache policies][3] in the *Amazon CloudFront Developer
Guide*.

If you want to send values to the origin but not include them in the
cache key, use an origin request policy. For more information, see
[Creating origin request policies][4] or [Using the managed origin
request policies][5] in the *Amazon CloudFront Developer Guide*.

A `DefaultCacheBehavior` must include either a `CachePolicyId` or
`ForwardedValues`. We recommend that you use a `CachePolicyId`.

A complex type that specifies how CloudFront handles query strings,
cookies, and HTTP headers.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
[3]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
[4]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy
[5]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html
@return [Types::ForwardedValues]

@!attribute [rw] min_ttl

This field is deprecated. We recommend that you use the `MinTTL`
field in a cache policy instead of this field. For more information,
see [Creating cache policies][1] or [Using the managed cache
policies][2] in the *Amazon CloudFront Developer Guide*.

The minimum amount of time that you want objects to stay in
CloudFront caches before CloudFront forwards another request to your
origin to determine whether the object has been updated. For more
information, see [Managing How Long Content Stays in an Edge Cache
(Expiration)][3] in the *Amazon CloudFront Developer Guide*.

You must specify `0` for `MinTTL` if you configure CloudFront to
forward all headers to your origin (under `Headers`, if you specify
`1` for `Quantity` and `*` for `Name`).

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
[3]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
@return [Integer]

@!attribute [rw] default_ttl

This field is deprecated. We recommend that you use the `DefaultTTL`
field in a cache policy instead of this field. For more information,
see [Creating cache policies][1] or [Using the managed cache
policies][2] in the *Amazon CloudFront Developer Guide*.

The default amount of time that you want objects to stay in
CloudFront caches before CloudFront forwards another request to your
origin to determine whether the object has been updated. The value
that you specify applies only when your origin does not add HTTP
headers such as `Cache-Control max-age`, `Cache-Control s-maxage`,
and `Expires` to objects. For more information, see [Managing How
Long Content Stays in an Edge Cache (Expiration)][3] in the *Amazon
CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
[3]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
@return [Integer]

@!attribute [rw] max_ttl

This field is deprecated. We recommend that you use the `MaxTTL`
field in a cache policy instead of this field. For more information,
see [Creating cache policies][1] or [Using the managed cache
policies][2] in the *Amazon CloudFront Developer Guide*.

The maximum amount of time that you want objects to stay in
CloudFront caches before CloudFront forwards another request to your
origin to determine whether the object has been updated. The value
that you specify applies only when your origin adds HTTP headers
such as `Cache-Control max-age`, `Cache-Control s-maxage`, and
`Expires` to objects. For more information, see [Managing How Long
Content Stays in an Edge Cache (Expiration)][3] in the *Amazon
CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
[2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html
[3]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html
@return [Integer]

@see docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DefaultCacheBehavior AWS API Documentation

Constants

SENSITIVE