class Aws::CloudFront::Types::DistributionConfig

A distribution configuration.

@note When making an API call, you may pass DistributionConfig

data as a hash:

    {
      caller_reference: "string", # required
      aliases: {
        quantity: 1, # required
        items: ["string"],
      },
      default_root_object: "string",
      origins: { # required
        quantity: 1, # required
        items: [ # required
          {
            id: "string", # required
            domain_name: "string", # required
            origin_path: "string",
            custom_headers: {
              quantity: 1, # required
              items: [
                {
                  header_name: "string", # required
                  header_value: "string", # required
                },
              ],
            },
            s3_origin_config: {
              origin_access_identity: "string", # required
            },
            custom_origin_config: {
              http_port: 1, # required
              https_port: 1, # required
              origin_protocol_policy: "http-only", # required, accepts http-only, match-viewer, https-only
              origin_ssl_protocols: {
                quantity: 1, # required
                items: ["SSLv3"], # required, accepts SSLv3, TLSv1, TLSv1.1, TLSv1.2
              },
              origin_read_timeout: 1,
              origin_keepalive_timeout: 1,
            },
            connection_attempts: 1,
            connection_timeout: 1,
            origin_shield: {
              enabled: false, # required
              origin_shield_region: "OriginShieldRegion",
            },
          },
        ],
      },
      origin_groups: {
        quantity: 1, # required
        items: [
          {
            id: "string", # required
            failover_criteria: { # required
              status_codes: { # required
                quantity: 1, # required
                items: [1], # required
              },
            },
            members: { # required
              quantity: 1, # required
              items: [ # required
                {
                  origin_id: "string", # required
                },
              ],
            },
          },
        ],
      },
      default_cache_behavior: { # required
        target_origin_id: "string", # required
        trusted_signers: {
          enabled: false, # required
          quantity: 1, # required
          items: ["string"],
        },
        trusted_key_groups: {
          enabled: false, # required
          quantity: 1, # required
          items: ["string"],
        },
        viewer_protocol_policy: "allow-all", # required, accepts allow-all, https-only, redirect-to-https
        allowed_methods: {
          quantity: 1, # required
          items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
          cached_methods: {
            quantity: 1, # required
            items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
          },
        },
        smooth_streaming: false,
        compress: false,
        lambda_function_associations: {
          quantity: 1, # required
          items: [
            {
              lambda_function_arn: "LambdaFunctionARN", # required
              event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
              include_body: false,
            },
          ],
        },
        function_associations: {
          quantity: 1, # required
          items: [
            {
              function_arn: "FunctionARN", # required
              event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
            },
          ],
        },
        field_level_encryption_id: "string",
        realtime_log_config_arn: "string",
        cache_policy_id: "string",
        origin_request_policy_id: "string",
        forwarded_values: {
          query_string: false, # required
          cookies: { # required
            forward: "none", # required, accepts none, whitelist, all
            whitelisted_names: {
              quantity: 1, # required
              items: ["string"],
            },
          },
          headers: {
            quantity: 1, # required
            items: ["string"],
          },
          query_string_cache_keys: {
            quantity: 1, # required
            items: ["string"],
          },
        },
        min_ttl: 1,
        default_ttl: 1,
        max_ttl: 1,
      },
      cache_behaviors: {
        quantity: 1, # required
        items: [
          {
            path_pattern: "string", # required
            target_origin_id: "string", # required
            trusted_signers: {
              enabled: false, # required
              quantity: 1, # required
              items: ["string"],
            },
            trusted_key_groups: {
              enabled: false, # required
              quantity: 1, # required
              items: ["string"],
            },
            viewer_protocol_policy: "allow-all", # required, accepts allow-all, https-only, redirect-to-https
            allowed_methods: {
              quantity: 1, # required
              items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
              cached_methods: {
                quantity: 1, # required
                items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
              },
            },
            smooth_streaming: false,
            compress: false,
            lambda_function_associations: {
              quantity: 1, # required
              items: [
                {
                  lambda_function_arn: "LambdaFunctionARN", # required
                  event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
                  include_body: false,
                },
              ],
            },
            function_associations: {
              quantity: 1, # required
              items: [
                {
                  function_arn: "FunctionARN", # required
                  event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
                },
              ],
            },
            field_level_encryption_id: "string",
            realtime_log_config_arn: "string",
            cache_policy_id: "string",
            origin_request_policy_id: "string",
            forwarded_values: {
              query_string: false, # required
              cookies: { # required
                forward: "none", # required, accepts none, whitelist, all
                whitelisted_names: {
                  quantity: 1, # required
                  items: ["string"],
                },
              },
              headers: {
                quantity: 1, # required
                items: ["string"],
              },
              query_string_cache_keys: {
                quantity: 1, # required
                items: ["string"],
              },
            },
            min_ttl: 1,
            default_ttl: 1,
            max_ttl: 1,
          },
        ],
      },
      custom_error_responses: {
        quantity: 1, # required
        items: [
          {
            error_code: 1, # required
            response_page_path: "string",
            response_code: "string",
            error_caching_min_ttl: 1,
          },
        ],
      },
      comment: "CommentType", # required
      logging: {
        enabled: false, # required
        include_cookies: false, # required
        bucket: "string", # required
        prefix: "string", # required
      },
      price_class: "PriceClass_100", # accepts PriceClass_100, PriceClass_200, PriceClass_All
      enabled: false, # required
      viewer_certificate: {
        cloud_front_default_certificate: false,
        iam_certificate_id: "string",
        acm_certificate_arn: "string",
        ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
        minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
        certificate: "string",
        certificate_source: "cloudfront", # accepts cloudfront, iam, acm
      },
      restrictions: {
        geo_restriction: { # required
          restriction_type: "blacklist", # required, accepts blacklist, whitelist, none
          quantity: 1, # required
          items: ["string"],
        },
      },
      web_acl_id: "string",
      http_version: "http1.1", # accepts http1.1, http2
      is_ipv6_enabled: false,
    }

@!attribute [rw] caller_reference

A unique value (for example, a date-time stamp) that ensures that
the request can't be replayed.

If the value of `CallerReference` is new (regardless of the content
of the `DistributionConfig` object), CloudFront creates a new
distribution.

If `CallerReference` is a value that you already sent in a previous
request to create a distribution, CloudFront returns a
`DistributionAlreadyExists` error.
@return [String]

@!attribute [rw] aliases

A complex type that contains information about CNAMEs (alternate
domain names), if any, for this distribution.
@return [Types::Aliases]

@!attribute [rw] default_root_object

The object that you want CloudFront to request from your origin (for
example, `index.html`) when a viewer requests the root URL for your
distribution (`http://www.example.com`) instead of an object in your
distribution (`http://www.example.com/product-description.html`).
Specifying a default root object avoids exposing the contents of
your distribution.

Specify only the object name, for example, `index.html`. Don't add
a `/` before the object name.

If you don't want to specify a default root object when you create
a distribution, include an empty `DefaultRootObject` element.

To delete the default root object from an existing distribution,
update the distribution configuration and include an empty
`DefaultRootObject` element.

To replace the default root object, update the distribution
configuration and specify the new object.

For more information about the default root object, see [Creating a
Default Root Object][1] in the *Amazon CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html
@return [String]

@!attribute [rw] origins

A complex type that contains information about origins for this
distribution.
@return [Types::Origins]

@!attribute [rw] origin_groups

A complex type that contains information about origin groups for
this distribution.
@return [Types::OriginGroups]

@!attribute [rw] default_cache_behavior

A complex type that describes the default cache behavior if you
don't specify a `CacheBehavior` element or if files don't match
any of the values of `PathPattern` in `CacheBehavior` elements. You
must create exactly one default cache behavior.
@return [Types::DefaultCacheBehavior]

@!attribute [rw] cache_behaviors

A complex type that contains zero or more `CacheBehavior` elements.
@return [Types::CacheBehaviors]

@!attribute [rw] custom_error_responses

A complex type that controls the following:

* Whether CloudFront replaces HTTP status codes in the 4xx and 5xx
  range with custom error messages before returning the response to
  the viewer.

* How long CloudFront caches HTTP status codes in the 4xx and 5xx
  range.

For more information about custom error pages, see [Customizing
Error Responses][1] in the *Amazon CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html
@return [Types::CustomErrorResponses]

@!attribute [rw] comment

An optional comment to describe the distribution. The comment cannot
be longer than 128 characters.
@return [String]

@!attribute [rw] logging

A complex type that controls whether access logs are written for the
distribution.

For more information about logging, see [Access Logs][1] in the
*Amazon CloudFront Developer Guide*.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html
@return [Types::LoggingConfig]

@!attribute [rw] price_class

The price class that corresponds with the maximum price that you
want to pay for CloudFront service. If you specify `PriceClass_All`,
CloudFront responds to requests for your objects from all CloudFront
edge locations.

If you specify a price class other than `PriceClass_All`, CloudFront
serves your objects from the CloudFront edge location that has the
lowest latency among the edge locations in your price class. Viewers
who are in or near regions that are excluded from your specified
price class may encounter slower performance.

For more information about price classes, see [Choosing the Price
Class for a CloudFront Distribution][1] in the *Amazon CloudFront
Developer Guide*. For information about CloudFront pricing,
including how price classes (such as Price Class 100) map to
CloudFront regions, see [Amazon CloudFront Pricing][2].

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html
[2]: http://aws.amazon.com/cloudfront/pricing/
@return [String]

@!attribute [rw] enabled

From this field, you can enable or disable the selected
distribution.
@return [Boolean]

@!attribute [rw] viewer_certificate

A complex type that determines the distribution’s SSL/TLS
configuration for communicating with viewers.
@return [Types::ViewerCertificate]

@!attribute [rw] restrictions

A complex type that identifies ways in which you want to restrict
distribution of your content.
@return [Types::Restrictions]

@!attribute [rw] web_acl_id

A unique identifier that specifies the WAF web ACL, if any, to
associate with this distribution. To specify a web ACL created using
the latest version of WAF, use the ACL ARN, for example
`arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`.
To specify a web ACL created using WAF Classic, use the ACL ID, for
example `473e64fd-f30b-4765-81a0-62ad96dd167a`.

WAF is a web application firewall that lets you monitor the HTTP and
HTTPS requests that are forwarded to CloudFront, and lets you
control access to your content. Based on conditions that you
specify, such as the IP addresses that requests originate from or
the values of query strings, CloudFront responds to requests either
with the requested content or with an HTTP 403 status code
(Forbidden). You can also configure CloudFront to return a custom
error page when a request is blocked. For more information about
WAF, see the [WAF Developer Guide][1].

[1]: https://docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html
@return [String]

@!attribute [rw] http_version

(Optional) Specify the maximum HTTP version that you want viewers to
use to communicate with CloudFront. The default value for new web
distributions is http2. Viewers that don't support HTTP/2
automatically use an earlier HTTP version.

For viewers and CloudFront to use HTTP/2, viewers must support TLS
1.2 or later, and must support Server Name Identification (SNI).

In general, configuring CloudFront to communicate with viewers using
HTTP/2 reduces latency. You can improve performance by optimizing
for HTTP/2. For more information, do an Internet search for "http/2
optimization."
@return [String]

@!attribute [rw] is_ipv6_enabled

If you want CloudFront to respond to IPv6 DNS requests with an IPv6
address for your distribution, specify `true`. If you specify
`false`, CloudFront responds to IPv6 DNS requests with the DNS
response code `NOERROR` and with no IP addresses. This allows
viewers to submit a second request, for an IPv4 address for your
distribution.

In general, you should enable IPv6 if you have users on IPv6
networks who want to access your content. However, if you're using
signed URLs or signed cookies to restrict access to your content,
and if you're using a custom policy that includes the `IpAddress`
parameter to restrict the IP addresses that can access your content,
don't enable IPv6. If you want to restrict access to some content
by IP address and not restrict access to other content (or restrict
access but not by IP address), you can create two distributions. For
more information, see [Creating a Signed URL Using a Custom
Policy][1] in the *Amazon CloudFront Developer Guide*.

If you're using an Route 53 Amazon Web Services Integration alias
resource record set to route traffic to your CloudFront
distribution, you need to create a second alias resource record set
when both of the following are true:

* You enable IPv6 for the distribution

* You're using alternate domain names in the URLs for your objects

For more information, see [Routing Traffic to an Amazon CloudFront
Web Distribution by Using Your Domain Name][2] in the *Route 53
Amazon Web Services Integration Developer Guide*.

If you created a CNAME resource record set, either with Route 53
Amazon Web Services Integration or with another DNS service, you
don't need to make any changes. A CNAME record will route traffic
to your distribution regardless of the IP address format of the
viewer request.

[1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html
[2]: https://docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html
@return [Boolean]

@see docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DistributionConfig AWS API Documentation

Constants

SENSITIVE