Amazon CloudFrontAPI Reference
API Version 2020-05-31
Amazon CloudFront API Reference
Amazon CloudFront: API ReferenceCopyright © 2020 Amazon Web Services, Inc. and/or its affiliates. All rights reserved.
Amazon's trademarks and trade dress may not be used in connection with any product or service that is notAmazon's, in any manner that is likely to cause confusion among customers, or in any manner that disparages ordiscredits Amazon. All other trademarks not owned by Amazon are the property of their respective owners, who mayor may not be affiliated with, connected to, or sponsored by Amazon.
Amazon CloudFront API Reference
Table of ContentsWelcome .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 1Actions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 2
CreateCachePolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 4URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 5Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 6Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 7See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 8
CreateCloudFrontOriginAccessIdentity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 9Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 10See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 11
CreateDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 12URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 16Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 20Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 24Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 25See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 30
CreateDistributionWithTags .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 31URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 35Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 40Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 41See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 45
CreateFieldLevelEncryptionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 47Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 48Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 49See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 50
CreateFieldLevelEncryptionProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 51Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 52Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 53See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 54
CreateInvalidation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 55
API Version 2020-05-31iii
Amazon CloudFront API Reference
Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 56See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 57
CreateMonitoringSubscription .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 58Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 59
CreateOriginRequestPolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 60URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 61Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 62Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 63
CreatePublicKey .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 65Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 66See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 67
CreateRealtimeLogConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 68Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 69Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 70
CreateStreamingDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 71URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 72Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 73Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 74Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 75See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 76
CreateStreamingDistributionWithTags .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 77Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 78Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 79Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 80See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 81
DeleteCachePolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82
API Version 2020-05-31iv
Amazon CloudFront API Reference
Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 82See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 83
DeleteCloudFrontOriginAccessIdentity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 84See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 85
DeleteDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 86See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 87
DeleteFieldLevelEncryptionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 88See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 89
DeleteFieldLevelEncryptionProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 90See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 91
DeleteMonitoringSubscription .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 92
DeleteOriginRequestPolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 94See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 95
DeletePublicKey .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96
API Version 2020-05-31v
Amazon CloudFront API Reference
Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 96See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 97
DeleteRealtimeLogConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 98Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 99
DeleteStreamingDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 100Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 101
GetCachePolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 103Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 104See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 105
GetCachePolicyConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 106Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 107Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 108
GetCloudFrontOriginAccessIdentity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 109Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 110
GetCloudFrontOriginAccessIdentityConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 111Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 112
GetDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 113Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 117Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119
API Version 2020-05-31vi
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 119GetDistributionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120
Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 120Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 124Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 127See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 128
GetFieldLevelEncryption .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 129Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 130
GetFieldLevelEncryptionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 132Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 133
GetFieldLevelEncryptionProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 135Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 136
GetFieldLevelEncryptionProfileConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 138Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 139
GetInvalidation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 140Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 141
GetMonitoringSubscription .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 143See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 144
API Version 2020-05-31vii
Amazon CloudFront API Reference
GetOriginRequestPolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 145Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 146See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 147
GetOriginRequestPolicyConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 148Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 149See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 150
GetPublicKey .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 151Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 152
GetPublicKeyConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 153Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 154
GetRealtimeLogConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 155Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 156
GetStreamingDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 158Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 159Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 160
GetStreamingDistributionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 161Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 162Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 163
ListCachePolicies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164
API Version 2020-05-31viii
Amazon CloudFront API Reference
Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 164Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 165Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 166
ListCloudFrontOriginAccessIdentities ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 167Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 168
ListDistributions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 170Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 174Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 175
ListDistributionsByCachePolicyId .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 176Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 177See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 178
ListDistributionsByOriginRequestPolicyId .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 179Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 180See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 181
ListDistributionsByRealtimeLogConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 182Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 183Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 187Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 188
ListDistributionsByWebACLId .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 189Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 193Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 194
ListFieldLevelEncryptionConfigs .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196
API Version 2020-05-31ix
Amazon CloudFront API Reference
URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 196Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 197See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 198
ListFieldLevelEncryptionProfiles .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 199Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 200
ListInvalidations .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 202Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 203See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 204
ListOriginRequestPolicies ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 205Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 206Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 207
ListPublicKeys .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 208Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 209
ListRealtimeLogConfigs .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 210Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 211
ListStreamingDistributions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 213Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 214See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 215
ListTagsForResource .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216
API Version 2020-05-31x
Amazon CloudFront API Reference
Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 216Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 217
TagResource .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 218See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 219
UntagResource .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 220See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 221
UpdateCachePolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 222Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 223Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 224Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 225See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 226
UpdateCloudFrontOriginAccessIdentity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 227Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 228See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 229
UpdateDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 230URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 234Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 238Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 243Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 244See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 248
UpdateFieldLevelEncryptionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 250Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 251Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 252See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 253
UpdateFieldLevelEncryptionProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 254
API Version 2020-05-31xi
Amazon CloudFront API Reference
Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 255Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 256See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 257
UpdateOriginRequestPolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 258Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 259Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 260See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 261
UpdatePublicKey .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 263Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 264See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 265
UpdateRealtimeLogConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 266Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 267Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 268
UpdateStreamingDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269Request Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269URI Request Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269Request Body .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 269Response Syntax .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 271Response Elements .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 272Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 273See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 274
Data Types .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 275ActiveTrustedSigners ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 278
Aliases .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 279
AliasICPRecordal ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 280
AllowedMethods .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 281
CacheBehavior ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 283See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 287
CacheBehaviors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 288
CachedMethods .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289
API Version 2020-05-31xii
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 289CachePolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 290
CachePolicyConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 291See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 292
CachePolicyCookiesConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 293
CachePolicyHeadersConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 294
CachePolicyList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 295
CachePolicyQueryStringsConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 296
CachePolicySummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 297
CloudFrontOriginAccessIdentity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 298
CloudFrontOriginAccessIdentityConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 299
CloudFrontOriginAccessIdentityList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 300See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 301
CloudFrontOriginAccessIdentitySummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 302
ContentTypeProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 303
ContentTypeProfileConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 304
ContentTypeProfiles .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 305
CookieNames .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 306
CookiePreference .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 307See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 308
CustomErrorResponse .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 309See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 310
CustomErrorResponses .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 311
CustomHeaders .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312
API Version 2020-05-31xiii
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 312CustomOriginConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 313See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 314
DefaultCacheBehavior ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 315See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 318
Distribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 319See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 320
DistributionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 321See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 324
DistributionConfigWithTags .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 326
DistributionIdList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 327
DistributionList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 329
DistributionSummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 331See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 333
EncryptionEntities ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 335
EncryptionEntity ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 336
EndPoint ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 337
FieldLevelEncryption .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 338
FieldLevelEncryptionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 339
FieldLevelEncryptionList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 340
FieldLevelEncryptionProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 341
FieldLevelEncryptionProfileConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 342
FieldLevelEncryptionProfileList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 343
FieldLevelEncryptionProfileSummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 344
FieldLevelEncryptionSummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345
API Version 2020-05-31xiv
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 345FieldPatterns .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 346
ForwardedValues .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 347See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 348
GeoRestriction .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 350
Headers .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 352
Invalidation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 353
InvalidationBatch .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 354
InvalidationList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 355
InvalidationSummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 357
KeyPairIds .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 358
KinesisStreamConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 359
LambdaFunctionAssociation .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 360
LambdaFunctionAssociations .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 362
LoggingConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 363
MonitoringSubscription .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 365
Origin .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 366See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 367
OriginCustomHeader .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 368
OriginGroup .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 369
OriginGroupFailoverCriteria ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 370
OriginGroupMember .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371
API Version 2020-05-31xv
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 371OriginGroupMembers .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 372
OriginGroups .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 373
OriginRequestPolicy .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 374
OriginRequestPolicyConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 375See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 376
OriginRequestPolicyCookiesConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 377
OriginRequestPolicyHeadersConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 378
OriginRequestPolicyList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 379
OriginRequestPolicyQueryStringsConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 380
OriginRequestPolicySummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 381
Origins .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 382
OriginSslProtocols ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 383
ParametersInCacheKeyAndForwardedToOrigin .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 384See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 385
Paths .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 386
PublicKey .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 387
PublicKeyConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 388
PublicKeyList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 389
PublicKeySummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 390
QueryArgProfile .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 391
QueryArgProfileConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392
API Version 2020-05-31xvi
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 392QueryArgProfiles .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 393
QueryStringCacheKeys .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 394
QueryStringNames .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 395
RealtimeLogConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 396
RealtimeLogConfigs .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 398
RealtimeMetricsSubscriptionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 399
Restrictions .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 400
S3Origin .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 401
S3OriginConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 402
Signer .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 403
StatusCodes .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 404
StreamingDistribution .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 405See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 406
StreamingDistributionConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 407See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 408
StreamingDistributionConfigWithTags .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 409
StreamingDistributionList ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 410
StreamingDistributionSummary .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 412See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 413
StreamingLoggingConfig .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 414
Tag .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 415
TagKeys .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416
API Version 2020-05-31xvii
Amazon CloudFront API Reference
See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 416Tags .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 417
TrustedSigners ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 418
ViewerCertificate .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419Contents .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 419See Also .... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 422
Common Parameters ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 423Common Errors ... . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . . 425
API Version 2020-05-31xviii
Amazon CloudFront API Reference
WelcomeThis is the Amazon CloudFront API Reference. This guide is for developers who need detailed informationabout CloudFront API actions, data types, and errors. For detailed information about CloudFrontfeatures, see the Amazon CloudFront Developer Guide.
This document was last published on September 21, 2020.
API Version 2020-05-311
Amazon CloudFront API Reference
ActionsThe following actions are supported:
• CreateCachePolicy (p. 4)• CreateCloudFrontOriginAccessIdentity (p. 9)• CreateDistribution (p. 12)• CreateDistributionWithTags (p. 31)• CreateFieldLevelEncryptionConfig (p. 47)• CreateFieldLevelEncryptionProfile (p. 51)• CreateInvalidation (p. 55)• CreateMonitoringSubscription (p. 58)• CreateOriginRequestPolicy (p. 60)• CreatePublicKey (p. 65)• CreateRealtimeLogConfig (p. 68)• CreateStreamingDistribution (p. 71)• CreateStreamingDistributionWithTags (p. 77)• DeleteCachePolicy (p. 82)• DeleteCloudFrontOriginAccessIdentity (p. 84)• DeleteDistribution (p. 86)• DeleteFieldLevelEncryptionConfig (p. 88)• DeleteFieldLevelEncryptionProfile (p. 90)• DeleteMonitoringSubscription (p. 92)• DeleteOriginRequestPolicy (p. 94)• DeletePublicKey (p. 96)• DeleteRealtimeLogConfig (p. 98)• DeleteStreamingDistribution (p. 100)• GetCachePolicy (p. 103)• GetCachePolicyConfig (p. 106)• GetCloudFrontOriginAccessIdentity (p. 109)• GetCloudFrontOriginAccessIdentityConfig (p. 111)• GetDistribution (p. 113)• GetDistributionConfig (p. 120)• GetFieldLevelEncryption (p. 129)• GetFieldLevelEncryptionConfig (p. 132)• GetFieldLevelEncryptionProfile (p. 135)• GetFieldLevelEncryptionProfileConfig (p. 138)• GetInvalidation (p. 140)• GetMonitoringSubscription (p. 143)• GetOriginRequestPolicy (p. 145)• GetOriginRequestPolicyConfig (p. 148)• GetPublicKey (p. 151)• GetPublicKeyConfig (p. 153)• GetRealtimeLogConfig (p. 155)
API Version 2020-05-312
Amazon CloudFront API Reference
• GetStreamingDistribution (p. 158)• GetStreamingDistributionConfig (p. 161)• ListCachePolicies (p. 164)• ListCloudFrontOriginAccessIdentities (p. 167)• ListDistributions (p. 170)• ListDistributionsByCachePolicyId (p. 176)• ListDistributionsByOriginRequestPolicyId (p. 179)• ListDistributionsByRealtimeLogConfig (p. 182)• ListDistributionsByWebACLId (p. 189)• ListFieldLevelEncryptionConfigs (p. 196)• ListFieldLevelEncryptionProfiles (p. 199)• ListInvalidations (p. 202)• ListOriginRequestPolicies (p. 205)• ListPublicKeys (p. 208)• ListRealtimeLogConfigs (p. 210)• ListStreamingDistributions (p. 213)• ListTagsForResource (p. 216)• TagResource (p. 218)• UntagResource (p. 220)• UpdateCachePolicy (p. 222)• UpdateCloudFrontOriginAccessIdentity (p. 227)• UpdateDistribution (p. 230)• UpdateFieldLevelEncryptionConfig (p. 250)• UpdateFieldLevelEncryptionProfile (p. 254)• UpdateOriginRequestPolicy (p. 258)• UpdatePublicKey (p. 263)• UpdateRealtimeLogConfig (p. 266)• UpdateStreamingDistribution (p. 269)
API Version 2020-05-313
Amazon CloudFront API ReferenceCreateCachePolicy
CreateCachePolicyCreates a cache policy.
After you create a cache policy, you can attach it to one or more cache behaviors. When it’s attached to acache behavior, the cache policy determines the following:
• The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies,and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return tothe viewer.
• The default, minimum, and maximum time to live (TTL) values that you want objects to stay in theCloudFront cache.
The headers, cookies, and query strings that are included in the cache key are automatically included inrequests that CloudFront sends to the origin. CloudFront sends a request when it can’t find an object inits cache that matches the request’s cache key. If you want to send values to the origin but not includethem in the cache key, use OriginRequestPolicy.
For more information about cache policies, see Controlling the cache key in the Amazon CloudFrontDeveloper Guide.
Request SyntaxPOST /2020-05-31/cache-policy HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><CachePolicyConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name> <ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity>
API Version 2020-05-314
Amazon CloudFront API ReferenceURI Request Parameters
</QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin></CachePolicyConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
CachePolicyConfig (p. 4)
Root level tag for the CachePolicyConfig parameters.
Required: YesComment (p. 4)
A comment to describe the cache policy.
Type: String
Required: NoDefaultTTL (p. 4)
The default amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated.CloudFront uses this value as the object’s time to live (TTL) only when the origin does not sendCache-Control or Expires headers with the object. For more information, see Managing HowLong Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
The default value for this field is 86400 seconds (one day). If the value of MinTTL is more than86400 seconds, then the default value for this field is the same as the value of MinTTL.
Type: Long
Required: NoMaxTTL (p. 4)
The maximum amount of time, in seconds, that objects stay in the CloudFront cache beforeCloudFront sends another request to the origin to see if the object has been updated. CloudFrontuses this value only when the origin sends Cache-Control or Expires headers with the object.For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
The default value for this field is 31536000 seconds (one year). If the value of MinTTL orDefaultTTL is more than 31536000 seconds, then the default value for this field is the same as thevalue of DefaultTTL.
Type: Long
Required: NoMinTTL (p. 4)
The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated. For
API Version 2020-05-315
Amazon CloudFront API ReferenceResponse Syntax
more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
Type: Long
Required: YesName (p. 4)
A unique name to identify the cache policy.
Type: String
Required: YesParametersInCacheKeyAndForwardedToOrigin (p. 4)
The HTTP headers, cookies, and URL query strings to include in the cache key. The values included inthe cache key are automatically included in requests that CloudFront sends to the origin.
Type: ParametersInCacheKeyAndForwardedToOrigin (p. 384) object
Required: No
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><CachePolicy> <CachePolicyConfig> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name> <ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity>
API Version 2020-05-316
Amazon CloudFront API ReferenceResponse Elements
</QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin> </CachePolicyConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></CachePolicy>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
CachePolicy (p. 6)
Root level tag for the CachePolicy parameters.
Required: YesCachePolicyConfig (p. 6)
The cache policy configuration.
Type: CachePolicyConfig (p. 291) objectId (p. 6)
The unique identifier for the cache policy.
Type: StringLastModifiedTime (p. 6)
The date and time when the cache policy was last modified.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CachePolicyAlreadyExists
A cache policy with this name already exists. You must provide a unique name. To modify an existingcache policy, use UpdateCachePolicy.
HTTP Status Code: 409InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
API Version 2020-05-317
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400TooManyCachePolicies
You have reached the maximum number of cache policies for this AWS account. For moreinformation, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyCookiesInCachePolicy
The number of cookies in the cache policy exceeds the maximum. For more information, see Quotas(formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyHeadersInCachePolicy
The number of headers in the cache policy exceeds the maximum. For more information, see Quotas(formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyQueryStringsInCachePolicy
The number of query strings in the cache policy exceeds the maximum. For more information, seeQuotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-318
Amazon CloudFront API ReferenceCreateCloudFrontOriginAccessIdentity
CreateCloudFrontOriginAccessIdentityCreates a new origin access identity. If you're using Amazon S3 for your origin, you can use an originaccess identity to require users to access your content using a CloudFront URL instead of the AmazonS3 URL. For more information about how to use origin access identities, see Serving Private Contentthrough CloudFront in the Amazon CloudFront Developer Guide.
Request SyntaxPOST /2020-05-31/origin-access-identity/cloudfront HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentityConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment></CloudFrontOriginAccessIdentityConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
CloudFrontOriginAccessIdentityConfig (p. 9)
Root level tag for the CloudFrontOriginAccessIdentityConfig parameters.
Required: YesCallerReference (p. 9)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theCloudFrontOriginAccessIdentityConfig object), a new origin access identity is created.
If the CallerReference is a value already sent in a previous identity request, and the content ofthe CloudFrontOriginAccessIdentityConfig is identical to the original request (ignoringwhite space), the response includes the same information returned to the original request.
If the CallerReference is a value you already sent in a previous request to create an identity, butthe content of the CloudFrontOriginAccessIdentityConfig is different from the originalrequest, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.
Type: String
Required: YesComment (p. 9)
Any comments you want to include about the origin access identity.
Type: String
Required: Yes
API Version 2020-05-319
Amazon CloudFront API ReferenceResponse Syntax
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentity> <CloudFrontOriginAccessIdentityConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> </CloudFrontOriginAccessIdentityConfig> <Id>string</Id> <S3CanonicalUserId>string</S3CanonicalUserId></CloudFrontOriginAccessIdentity>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
CloudFrontOriginAccessIdentity (p. 10)
Root level tag for the CloudFrontOriginAccessIdentity parameters.
Required: YesCloudFrontOriginAccessIdentityConfig (p. 10)
The current configuration information for the identity.
Type: CloudFrontOriginAccessIdentityConfig (p. 299) objectId (p. 10)
The ID for the origin access identity, for example, E74FTE3AJFJ256A.
Type: StringS3CanonicalUserId (p. 10)
The Amazon S3 canonical user ID for the origin access identity, used when giving the origin accessidentity read permission to an object in Amazon S3.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
CloudFrontOriginAccessIdentityAlreadyExists
If the CallerReference is a value you already sent in a previous request to create an identity butthe content of the CloudFrontOriginAccessIdentityConfig is different from the originalrequest, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.
HTTP Status Code: 409InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400
API Version 2020-05-3110
Amazon CloudFront API ReferenceSee Also
InvalidArgument
An argument is invalid.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400TooManyCloudFrontOriginAccessIdentities
Processing your request would cause you to exceed the maximum number of origin access identitiesallowed.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3111
Amazon CloudFront API ReferenceCreateDistribution
CreateDistributionCreates a new web distribution. You create a CloudFront distribution to tell CloudFront where you wantcontent to be delivered from, and the details about how to track and manage content delivery. Send aPOST request to the /CloudFront API version/distribution/distribution ID resource.
ImportantWhen you update a distribution, there are more required fields than when you create adistribution. When you update your distribution by using UpdateDistribution, follow the stepsincluded in the documentation to get the current configuration and then make your updates.This helps to make sure that you include all of the required fields. To view a summary, seeRequired Fields for Create Distribution and Update Distribution in the Amazon CloudFrontDeveloper Guide.
Request SyntaxPOST /2020-05-31/distribution HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys>
API Version 2020-05-3112
Amazon CloudFront API ReferenceRequest Syntax
<Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues>
API Version 2020-05-3113
Amazon CloudFront API ReferenceRequest Syntax
<Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items>
API Version 2020-05-3114
Amazon CloudFront API ReferenceRequest Syntax
<Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate>
API Version 2020-05-3115
Amazon CloudFront API ReferenceURI Request Parameters
<CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId></DistributionConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
DistributionConfig (p. 12)
Root level tag for the DistributionConfig parameters.
Required: YesAliases (p. 12)
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisdistribution.
Type: Aliases (p. 279) object
Required: NoCacheBehaviors (p. 12)
A complex type that contains zero or more CacheBehavior elements.
Type: CacheBehaviors (p. 288) object
Required: NoCallerReference (p. 12)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of the DistributionConfigobject), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Required: YesComment (p. 12)
Any comments you want to include about the distribution.
If you don't want to specify a comment, include an empty Comment element.
To delete an existing comment, update the distribution configuration and include an emptyComment element.
API Version 2020-05-3116
Amazon CloudFront API ReferenceRequest Body
To add or change a comment, update the distribution configuration and specify the new comment.
Type: String
Required: Yes
CustomErrorResponses (p. 12)
A complex type that controls the following:
• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom errormessages before returning the response to the viewer.
• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the AmazonCloudFront Developer Guide.
Type: CustomErrorResponses (p. 311) object
Required: No
DefaultCacheBehavior (p. 12)
A complex type that describes the default cache behavior if you don't specify a CacheBehaviorelement or if files don't match any of the values of PathPattern in CacheBehavior elements. Youmust create exactly one default cache behavior.
Type: DefaultCacheBehavior (p. 315) object
Required: Yes
DefaultRootObject (p. 12)
The object that you want CloudFront to request from your origin (for example, index.html)when a viewer requests the root URL for your distribution (http://www.example.com) insteadof an object in your distribution (http://www.example.com/product-description.html).Specifying a default root object avoids exposing the contents of your distribution.
Specify only the object name, for example, index.html. Don't add a / before the object name.
If you don't want to specify a default root object when you create a distribution, include an emptyDefaultRootObject element.
To delete the default root object from an existing distribution, update the distribution configurationand include an empty DefaultRootObject element.
To replace the default root object, update the distribution configuration and specify the new object.
For more information about the default root object, see Creating a Default Root Object in theAmazon CloudFront Developer Guide.
Type: String
Required: No
Enabled (p. 12)
From this field, you can enable or disable the selected distribution.
Type: Boolean
Required: Yes
API Version 2020-05-3117
Amazon CloudFront API ReferenceRequest Body
HttpVersion (p. 12)
(Optional) Specify the maximum HTTP version that you want viewers to use to communicate withCloudFront. The default value for new web distributions is http2. Viewers that don't support HTTP/2automatically use an earlier HTTP version.
For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must supportServer Name Identification (SNI).
In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. Youcan improve performance by optimizing for HTTP/2. For more information, do an Internet search for"http/2 optimization."
Type: String
Valid Values: http1.1 | http2
Required: No
IsIPV6Enabled (p. 12)
If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution,specify true. If you specify false, CloudFront responds to IPv6 DNS requests with the DNSresponse code NOERROR and with no IP addresses. This allows viewers to submit a second request,for an IPv4 address for your distribution.
In general, you should enable IPv6 if you have users on IPv6 networks who want to access yourcontent. However, if you're using signed URLs or signed cookies to restrict access to your content,and if you're using a custom policy that includes the IpAddress parameter to restrict the IPaddresses that can access your content, don't enable IPv6. If you want to restrict access to somecontent by IP address and not restrict access to other content (or restrict access but not by IPaddress), you can create two distributions. For more information, see Creating a Signed URL Using aCustom Policy in the Amazon CloudFront Developer Guide.
If you're using an Amazon Route 53 alias resource record set to route traffic to your CloudFrontdistribution, you need to create a second alias resource record set when both of the following aretrue:
• You enable IPv6 for the distribution
• You're using alternate domain names in the URLs for your objects
For more information, see Routing Traffic to an Amazon CloudFront Web Distribution by Using YourDomain Name in the Amazon Route 53 Developer Guide.
If you created a CNAME resource record set, either with Amazon Route 53 or with another DNSservice, you don't need to make any changes. A CNAME record will route traffic to your distributionregardless of the IP address format of the viewer request.
Type: Boolean
Required: No
Logging (p. 12)
A complex type that controls whether access logs are written for the distribution.
For more information about logging, see Access Logs in the Amazon CloudFront Developer Guide.
Type: LoggingConfig (p. 363) object
Required: No
API Version 2020-05-3118
Amazon CloudFront API ReferenceRequest Body
OriginGroups (p. 12)
A complex type that contains information about origin groups for this distribution.
Type: OriginGroups (p. 373) object
Required: NoOrigins (p. 12)
A complex type that contains information about origins for this distribution.
Type: Origins (p. 382) object
Required: YesPriceClass (p. 12)
The price class that corresponds with the maximum price that you want to pay for CloudFrontservice. If you specify PriceClass_All, CloudFront responds to requests for your objects from allCloudFront edge locations.
If you specify a price class other than PriceClass_All, CloudFront serves your objects from theCloudFront edge location that has the lowest latency among the edge locations in your price class.Viewers who are in or near regions that are excluded from your specified price class may encounterslower performance.
For more information about price classes, see Choosing the Price Class for a CloudFront Distributionin the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including howprice classes (such as Price Class 100) map to CloudFront regions, see Amazon CloudFront Pricing.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: NoRestrictions (p. 12)
A complex type that identifies ways in which you want to restrict distribution of your content.
Type: Restrictions (p. 400) object
Required: NoViewerCertificate (p. 12)
A complex type that determines the distribution’s SSL/TLS configuration for communicating withviewers.
Type: ViewerCertificate (p. 419) object
Required: NoWebACLId (p. 12)
A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for examplearn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use theACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests thatare forwarded to CloudFront, and lets you control access to your content. Based on conditions thatyou specify, such as the IP addresses that requests originate from or the values of query strings,CloudFront responds to requests either with the requested content or with an HTTP 403 status code
API Version 2020-05-3119
Amazon CloudFront API ReferenceResponse Syntax
(Forbidden). You can also configure CloudFront to return a custom error page when a request isblocked. For more information about AWS WAF, see the AWS WAF Developer Guide.
Type: String
Required: No
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><Distribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus> </AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <DistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward>
API Version 2020-05-3120
Amazon CloudFront API ReferenceResponse Syntax
<WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods>
API Version 2020-05-3121
Amazon CloudFront API ReferenceResponse Syntax
<Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion>
API Version 2020-05-3122
Amazon CloudFront API ReferenceResponse Syntax
<IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items>
API Version 2020-05-3123
Amazon CloudFront API ReferenceResponse Elements
<Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionConfig> <DomainName>string</DomainName> <Id>string</Id> <InProgressInvalidationBatches>integer</InProgressInvalidationBatches> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status></Distribution>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
Distribution (p. 20)
Root level tag for the Distribution parameters.
Required: Yes
ActiveTrustedSigners (p. 20)
CloudFront automatically adds this element to the response only if you've set up the distribution toserve private content with signed URLs. The element lists the key pair IDs that CloudFront is awareof for each trusted signer. The Signer child element lists the AWS account number of the trustedsigner (or an empty Self element if the signer is you). The Signer element also includes the IDsof any active key pairs associated with the trusted signer's AWS account. If no KeyPairId elementappears for a Signer, that signer can't create working signed URLs.
Type: ActiveTrustedSigners (p. 278) object
AliasICPRecordals (p. 20)
AWS services in China customers must file for an Internet Content Provider (ICP) recordal if theywant to serve content publicly on an alternate domain name, also known as a CNAME, that they'veadded to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated withdistributions.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Startedwith AWS services in China.
API Version 2020-05-3124
Amazon CloudFront API ReferenceErrors
Type: Array of AliasICPRecordal (p. 280) objectsARN (p. 20)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDistributionConfig (p. 20)
The current configuration information for the distribution. Send a GET request to the /CloudFrontAPI version/distribution ID/config resource.
Type: DistributionConfig (p. 321) objectDomainName (p. 20)
The domain name corresponding to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: StringId (p. 20)
The identifier for the distribution. For example: EDFDVBD632BHDS5.
Type: StringInProgressInvalidationBatches (p. 20)
The number of invalidation batches currently in progress.
Type: IntegerLastModifiedTime (p. 20)
The date and time the distribution was last modified.
Type: TimestampStatus (p. 20)
This response element indicates the current status of the distribution. When the status is Deployed,the distribution's information is fully propagated to all CloudFront edge locations.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CNAMEAlreadyExists
The CNAME specified is already defined for CloudFront.
HTTP Status Code: 409
API Version 2020-05-3125
Amazon CloudFront API ReferenceErrors
DistributionAlreadyExists
The caller reference you attempted to create the distribution with is associated with anotherdistribution.
HTTP Status Code: 409IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior
The specified configuration for field-level encryption can't be associated with the specified cachebehavior.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidDefaultRootObject
The default root object file name is too big or contains an invalid character.
HTTP Status Code: 400InvalidErrorCode
An invalid error code was specified.
HTTP Status Code: 400InvalidForwardCookies
Your request contains forward cookies option which doesn't match with the expectation for thewhitelisted list of cookie names. Either list of cookie names has been specified when not allowedor list of cookie names is missing when expected.
HTTP Status Code: 400InvalidGeoRestrictionParameter
The specified geo restriction parameter is not valid.
HTTP Status Code: 400InvalidHeadersForS3Origin
The headers specified are not valid for an Amazon S3 origin.
HTTP Status Code: 400InvalidLambdaFunctionAssociation
The specified Lambda function association is invalid.
HTTP Status Code: 400InvalidLocationCode
The location code specified is not valid.
API Version 2020-05-3126
Amazon CloudFront API ReferenceErrors
HTTP Status Code: 400InvalidMinimumProtocolVersion
The minimum protocol version specified is not valid.
HTTP Status Code: 400InvalidOrigin
The Amazon S3 origin server specified does not refer to a valid Amazon S3 bucket.
HTTP Status Code: 400InvalidOriginAccessIdentity
The origin access identity is not valid or doesn't exist.
HTTP Status Code: 400InvalidOriginKeepaliveTimeout
The keep alive timeout specified for the origin is not valid.
HTTP Status Code: 400InvalidOriginReadTimeout
The read timeout specified for the origin is not valid.
HTTP Status Code: 400InvalidProtocolSettings
You cannot specify SSLv3 as the minimum protocol version if you only want to support only clientsthat support Server Name Indication (SNI).
HTTP Status Code: 400InvalidQueryStringParameters
The query string parameters specified are not valid.
HTTP Status Code: 400InvalidRelativePath
The relative path is too big, is not URL-encoded, or does not begin with a slash (/).
HTTP Status Code: 400InvalidRequiredProtocol
This operation requires the HTTPS protocol. Ensure that you specify the HTTPS protocol in yourrequest, or omit the RequiredProtocols element from your distribution configuration.
HTTP Status Code: 400InvalidResponseCode
A response code is not valid.
HTTP Status Code: 400InvalidTTLOrder
The TTL order specified is not valid.
HTTP Status Code: 400
API Version 2020-05-3127
Amazon CloudFront API ReferenceErrors
InvalidViewerCertificate
A viewer certificate specified is not valid.
HTTP Status Code: 400InvalidWebACLId
A web ACL ID specified is not valid. To specify a web ACL created using the latest version of AWSWAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specifya web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
HTTP Status Code: 404NoSuchOrigin
No origin exists with the specified Origin Id.
HTTP Status Code: 404NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404TooManyCacheBehaviors
You cannot create more cache behaviors for the distribution.
HTTP Status Code: 400TooManyCertificates
You cannot create anymore custom SSL/TLS certificates.
HTTP Status Code: 400TooManyCookieNamesInWhiteList
Your request contains more cookie names in the whitelist than are allowed per cache behavior.
HTTP Status Code: 400TooManyDistributionCNAMEs
Your request contains more CNAMEs than are allowed per distribution.
API Version 2020-05-3128
Amazon CloudFront API ReferenceErrors
HTTP Status Code: 400TooManyDistributions
Processing your request would cause you to exceed the maximum number of distributions allowed.
HTTP Status Code: 400TooManyDistributionsAssociatedToCachePolicy
The maximum number of distributions have been associated with the specified cache policy. Formore information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyDistributionsAssociatedToFieldLevelEncryptionConfig
The maximum number of distributions have been associated with the specified configuration forfield-level encryption.
HTTP Status Code: 400TooManyDistributionsAssociatedToOriginRequestPolicy
The maximum number of distributions have been associated with the specified origin request policy.For more information, see Quotas (formerly known as limits) in the Amazon CloudFront DeveloperGuide.
HTTP Status Code: 400TooManyDistributionsWithLambdaAssociations
Processing your request would cause the maximum number of distributions with Lambda functionassociations per owner to be exceeded.
HTTP Status Code: 400TooManyDistributionsWithSingleFunctionARN
The maximum number of distributions have been associated with the specified Lambda function.
HTTP Status Code: 400TooManyHeadersInForwardedValues
Your request contains too many headers in forwarded values.
HTTP Status Code: 400TooManyLambdaFunctionAssociations
Your request contains more Lambda function associations than are allowed per distribution.
HTTP Status Code: 400TooManyOriginCustomHeaders
Your request contains too many origin custom headers.
HTTP Status Code: 400TooManyOriginGroupsPerDistribution
Processing your request would cause you to exceed the maximum number of origin groups allowed.
HTTP Status Code: 400TooManyOrigins
You cannot create more origins for the distribution.
API Version 2020-05-3129
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400TooManyQueryStringParameters
Your request contains too many query string parameters.
HTTP Status Code: 400TooManyTrustedSigners
Your request contains more trusted signers than are allowed per distribution.
HTTP Status Code: 400TrustedSignerDoesNotExist
One or more of your trusted signers don't exist.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3130
Amazon CloudFront API ReferenceCreateDistributionWithTags
CreateDistributionWithTagsCreate a new distribution with tags.
Request SyntaxPOST /2020-05-31/distribution?WithTags HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><DistributionConfigWithTags xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <DistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType>
API Version 2020-05-3131
Amazon CloudFront API ReferenceRequest Syntax
<IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers>
API Version 2020-05-3132
Amazon CloudFront API ReferenceRequest Syntax
<Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items>
API Version 2020-05-3133
Amazon CloudFront API ReferenceRequest Syntax
<Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionConfig> <Tags> <Items>
API Version 2020-05-3134
Amazon CloudFront API ReferenceURI Request Parameters
<Tag> <Key>string</Key> <Value>string</Value> </Tag> </Items> </Tags></DistributionConfigWithTags>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
DistributionConfigWithTags (p. 31)
Root level tag for the DistributionConfigWithTags parameters.
Required: YesDistributionConfig (p. 31)
A distribution configuration.
Type: DistributionConfig (p. 321) object
Required: YesTags (p. 31)
A complex type that contains zero or more Tag elements.
Type: Tags (p. 417) object
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><Distribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus>
API Version 2020-05-3135
Amazon CloudFront API ReferenceResponse Syntax
</AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <DistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId>
API Version 2020-05-3136
Amazon CloudFront API ReferenceResponse Syntax
<PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name>
API Version 2020-05-3137
Amazon CloudFront API ReferenceResponse Syntax
</Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin>
API Version 2020-05-3138
Amazon CloudFront API ReferenceResponse Syntax
<ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionConfig> <DomainName>string</DomainName> <Id>string</Id> <InProgressInvalidationBatches>integer</InProgressInvalidationBatches> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status></Distribution>
API Version 2020-05-3139
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
Distribution (p. 35)
Root level tag for the Distribution parameters.
Required: YesActiveTrustedSigners (p. 35)
CloudFront automatically adds this element to the response only if you've set up the distribution toserve private content with signed URLs. The element lists the key pair IDs that CloudFront is awareof for each trusted signer. The Signer child element lists the AWS account number of the trustedsigner (or an empty Self element if the signer is you). The Signer element also includes the IDsof any active key pairs associated with the trusted signer's AWS account. If no KeyPairId elementappears for a Signer, that signer can't create working signed URLs.
Type: ActiveTrustedSigners (p. 278) objectAliasICPRecordals (p. 35)
AWS services in China customers must file for an Internet Content Provider (ICP) recordal if theywant to serve content publicly on an alternate domain name, also known as a CNAME, that they'veadded to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated withdistributions.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Startedwith AWS services in China.
Type: Array of AliasICPRecordal (p. 280) objectsARN (p. 35)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDistributionConfig (p. 35)
The current configuration information for the distribution. Send a GET request to the /CloudFrontAPI version/distribution ID/config resource.
Type: DistributionConfig (p. 321) objectDomainName (p. 35)
The domain name corresponding to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: StringId (p. 35)
The identifier for the distribution. For example: EDFDVBD632BHDS5.
Type: StringInProgressInvalidationBatches (p. 35)
The number of invalidation batches currently in progress.
API Version 2020-05-3140
Amazon CloudFront API ReferenceErrors
Type: IntegerLastModifiedTime (p. 35)
The date and time the distribution was last modified.
Type: TimestampStatus (p. 35)
This response element indicates the current status of the distribution. When the status is Deployed,the distribution's information is fully propagated to all CloudFront edge locations.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CNAMEAlreadyExists
The CNAME specified is already defined for CloudFront.
HTTP Status Code: 409DistributionAlreadyExists
The caller reference you attempted to create the distribution with is associated with anotherdistribution.
HTTP Status Code: 409IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior
The specified configuration for field-level encryption can't be associated with the specified cachebehavior.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidDefaultRootObject
The default root object file name is too big or contains an invalid character.
HTTP Status Code: 400InvalidErrorCode
An invalid error code was specified.
API Version 2020-05-3141
Amazon CloudFront API ReferenceErrors
HTTP Status Code: 400InvalidForwardCookies
Your request contains forward cookies option which doesn't match with the expectation for thewhitelisted list of cookie names. Either list of cookie names has been specified when not allowedor list of cookie names is missing when expected.
HTTP Status Code: 400InvalidGeoRestrictionParameter
The specified geo restriction parameter is not valid.
HTTP Status Code: 400InvalidHeadersForS3Origin
The headers specified are not valid for an Amazon S3 origin.
HTTP Status Code: 400InvalidLambdaFunctionAssociation
The specified Lambda function association is invalid.
HTTP Status Code: 400InvalidLocationCode
The location code specified is not valid.
HTTP Status Code: 400InvalidMinimumProtocolVersion
The minimum protocol version specified is not valid.
HTTP Status Code: 400InvalidOrigin
The Amazon S3 origin server specified does not refer to a valid Amazon S3 bucket.
HTTP Status Code: 400InvalidOriginAccessIdentity
The origin access identity is not valid or doesn't exist.
HTTP Status Code: 400InvalidOriginKeepaliveTimeout
The keep alive timeout specified for the origin is not valid.
HTTP Status Code: 400InvalidOriginReadTimeout
The read timeout specified for the origin is not valid.
HTTP Status Code: 400InvalidProtocolSettings
You cannot specify SSLv3 as the minimum protocol version if you only want to support only clientsthat support Server Name Indication (SNI).
HTTP Status Code: 400
API Version 2020-05-3142
Amazon CloudFront API ReferenceErrors
InvalidQueryStringParameters
The query string parameters specified are not valid.
HTTP Status Code: 400InvalidRelativePath
The relative path is too big, is not URL-encoded, or does not begin with a slash (/).
HTTP Status Code: 400InvalidRequiredProtocol
This operation requires the HTTPS protocol. Ensure that you specify the HTTPS protocol in yourrequest, or omit the RequiredProtocols element from your distribution configuration.
HTTP Status Code: 400InvalidResponseCode
A response code is not valid.
HTTP Status Code: 400InvalidTagging
The tagging specified is not valid.
HTTP Status Code: 400InvalidTTLOrder
The TTL order specified is not valid.
HTTP Status Code: 400InvalidViewerCertificate
A viewer certificate specified is not valid.
HTTP Status Code: 400InvalidWebACLId
A web ACL ID specified is not valid. To specify a web ACL created using the latest version of AWSWAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specifya web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
API Version 2020-05-3143
Amazon CloudFront API ReferenceErrors
HTTP Status Code: 404NoSuchOrigin
No origin exists with the specified Origin Id.
HTTP Status Code: 404NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404TooManyCacheBehaviors
You cannot create more cache behaviors for the distribution.
HTTP Status Code: 400TooManyCertificates
You cannot create anymore custom SSL/TLS certificates.
HTTP Status Code: 400TooManyCookieNamesInWhiteList
Your request contains more cookie names in the whitelist than are allowed per cache behavior.
HTTP Status Code: 400TooManyDistributionCNAMEs
Your request contains more CNAMEs than are allowed per distribution.
HTTP Status Code: 400TooManyDistributions
Processing your request would cause you to exceed the maximum number of distributions allowed.
HTTP Status Code: 400TooManyDistributionsAssociatedToCachePolicy
The maximum number of distributions have been associated with the specified cache policy. Formore information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyDistributionsAssociatedToFieldLevelEncryptionConfig
The maximum number of distributions have been associated with the specified configuration forfield-level encryption.
HTTP Status Code: 400TooManyDistributionsAssociatedToOriginRequestPolicy
The maximum number of distributions have been associated with the specified origin request policy.For more information, see Quotas (formerly known as limits) in the Amazon CloudFront DeveloperGuide.
HTTP Status Code: 400TooManyDistributionsWithLambdaAssociations
Processing your request would cause the maximum number of distributions with Lambda functionassociations per owner to be exceeded.
API Version 2020-05-3144
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400TooManyDistributionsWithSingleFunctionARN
The maximum number of distributions have been associated with the specified Lambda function.
HTTP Status Code: 400TooManyHeadersInForwardedValues
Your request contains too many headers in forwarded values.
HTTP Status Code: 400TooManyLambdaFunctionAssociations
Your request contains more Lambda function associations than are allowed per distribution.
HTTP Status Code: 400TooManyOriginCustomHeaders
Your request contains too many origin custom headers.
HTTP Status Code: 400TooManyOriginGroupsPerDistribution
Processing your request would cause you to exceed the maximum number of origin groups allowed.
HTTP Status Code: 400TooManyOrigins
You cannot create more origins for the distribution.
HTTP Status Code: 400TooManyQueryStringParameters
Your request contains too many query string parameters.
HTTP Status Code: 400TooManyTrustedSigners
Your request contains more trusted signers than are allowed per distribution.
HTTP Status Code: 400TrustedSignerDoesNotExist
One or more of your trusted signers don't exist.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java
API Version 2020-05-3145
Amazon CloudFront API ReferenceSee Also
• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3146
Amazon CloudFront API ReferenceCreateFieldLevelEncryptionConfig
CreateFieldLevelEncryptionConfigCreate a new field-level encryption configuration.
Request SyntaxPOST /2020-05-31/field-level-encryption HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig></FieldLevelEncryptionConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
FieldLevelEncryptionConfig (p. 47)
Root level tag for the FieldLevelEncryptionConfig parameters.
Required: YesCallerReference (p. 47)
A unique number that ensures the request can't be replayed.
Type: String
Required: Yes
API Version 2020-05-3147
Amazon CloudFront API ReferenceResponse Syntax
Comment (p. 47)
An optional comment about the configuration.
Type: String
Required: NoContentTypeProfileConfig (p. 47)
A complex data type that specifies when to forward content if a content type isn't recognized andprofiles to use as by default in a request if a query argument doesn't specify a profile to use.
Type: ContentTypeProfileConfig (p. 304) object
Required: NoQueryArgProfileConfig (p. 47)
A complex data type that specifies when to forward content if a profile isn't found and the profilethat can be provided as a query argument in a request.
Type: QueryArgProfileConfig (p. 392) object
Required: No
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryption> <FieldLevelEncryptionConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig> </FieldLevelEncryptionConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></FieldLevelEncryption>
API Version 2020-05-3148
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
FieldLevelEncryption (p. 48)
Root level tag for the FieldLevelEncryption parameters.
Required: YesFieldLevelEncryptionConfig (p. 48)
A complex data type that includes the profile configurations specified for field-level encryption.
Type: FieldLevelEncryptionConfig (p. 339) objectId (p. 48)
The configuration ID for a field-level encryption configuration which includes a set of profiles thatspecify certain selected data fields to be encrypted by specific public keys.
Type: StringLastModifiedTime (p. 48)
The last time the field-level encryption configuration was changed.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
FieldLevelEncryptionConfigAlreadyExists
The specified configuration for field-level encryption already exists.
HTTP Status Code: 409InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchFieldLevelEncryptionProfile
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404QueryArgProfileEmpty
No profile specified for the field-level encryption query argument.
HTTP Status Code: 400
API Version 2020-05-3149
Amazon CloudFront API ReferenceSee Also
TooManyFieldLevelEncryptionConfigs
The maximum number of configurations for field-level encryption have been created.
HTTP Status Code: 400TooManyFieldLevelEncryptionContentTypeProfiles
The maximum number of content type profiles for field-level encryption have been created.
HTTP Status Code: 400TooManyFieldLevelEncryptionQueryArgProfiles
The maximum number of query arg profiles for field-level encryption have been created.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3150
Amazon CloudFront API ReferenceCreateFieldLevelEncryptionProfile
CreateFieldLevelEncryptionProfileCreate a field-level encryption profile.
Request SyntaxPOST /2020-05-31/field-level-encryption-profile HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfileConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Name>string</Name></FieldLevelEncryptionProfileConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
FieldLevelEncryptionProfileConfig (p. 51)
Root level tag for the FieldLevelEncryptionProfileConfig parameters.
Required: Yes
CallerReference (p. 51)
A unique number that ensures that the request can't be replayed.
Type: String
Required: Yes
Comment (p. 51)
An optional comment for the field-level encryption profile.
Type: String
Required: No
API Version 2020-05-3151
Amazon CloudFront API ReferenceResponse Syntax
EncryptionEntities (p. 51)
A complex data type of encryption entities for the field-level encryption profile that include thepublic key ID, provider, and field patterns for specifying which fields to encrypt with this key.
Type: EncryptionEntities (p. 335) object
Required: YesName (p. 51)
Profile name for the field-level encryption profile.
Type: String
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfile> <FieldLevelEncryptionProfileConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Name>string</Name> </FieldLevelEncryptionProfileConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></FieldLevelEncryptionProfile>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
FieldLevelEncryptionProfile (p. 52)
Root level tag for the FieldLevelEncryptionProfile parameters.
Required: YesFieldLevelEncryptionProfileConfig (p. 52)
A complex data type that includes the profile name and the encryption entities for the field-levelencryption profile.
API Version 2020-05-3152
Amazon CloudFront API ReferenceErrors
Type: FieldLevelEncryptionProfileConfig (p. 342) objectId (p. 52)
The ID for a field-level encryption profile configuration which includes a set of profiles that specifycertain selected data fields to be encrypted by specific public keys.
Type: StringLastModifiedTime (p. 52)
The last time the field-level encryption profile was updated.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
FieldLevelEncryptionProfileAlreadyExists
The specified profile for field-level encryption already exists.
HTTP Status Code: 409FieldLevelEncryptionProfileSizeExceeded
The maximum size of a profile for field-level encryption was exceeded.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchPublicKey
The specified public key doesn't exist.
HTTP Status Code: 404TooManyFieldLevelEncryptionEncryptionEntities
The maximum number of encryption entities for field-level encryption have been created.
HTTP Status Code: 400TooManyFieldLevelEncryptionFieldPatterns
The maximum number of field patterns for field-level encryption have been created.
HTTP Status Code: 400TooManyFieldLevelEncryptionProfiles
The maximum number of profiles for field-level encryption have been created.
HTTP Status Code: 400
API Version 2020-05-3153
Amazon CloudFront API ReferenceSee Also
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3154
Amazon CloudFront API ReferenceCreateInvalidation
CreateInvalidationCreate a new invalidation.
Request SyntaxPOST /2020-05-31/distribution/DistributionId/invalidation HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><InvalidationBatch xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Paths> <Items> <Path>string</Path> </Items> <Quantity>integer</Quantity> </Paths></InvalidationBatch>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
InvalidationBatch (p. 55)
Root level tag for the InvalidationBatch parameters.
Required: YesCallerReference (p. 55)
A value that you specify to uniquely identify an invalidation request. CloudFront uses the valueto prevent you from accidentally resubmitting an identical request. Whenever you create a newinvalidation request, you must specify a new value for CallerReference and change other valuesin the request as applicable. One way to ensure that the value of CallerReference is unique is touse a timestamp, for example, 20120301090000.
If you make a second invalidation request with the same value for CallerReference, and if therest of the request is the same, CloudFront doesn't create a new invalidation request. Instead,CloudFront returns information about the invalidation request that you previously created with thesame CallerReference.
If CallerReference is a value you already sent in a previous invalidation batch requestbut the content of any Path is different from the original request, CloudFront returns anInvalidationBatchAlreadyExists error.
Type: String
Required: YesPaths (p. 55)
A complex type that contains information about the objects that you want to invalidate. For moreinformation, see Specifying the Objects to Invalidate in the Amazon CloudFront Developer Guide.
Type: Paths (p. 386) object
API Version 2020-05-3155
Amazon CloudFront API ReferenceResponse Syntax
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><Invalidation> <CreateTime>timestamp</CreateTime> <Id>string</Id> <InvalidationBatch> <CallerReference>string</CallerReference> <Paths> <Items> <Path>string</Path> </Items> <Quantity>integer</Quantity> </Paths> </InvalidationBatch> <Status>string</Status></Invalidation>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
Invalidation (p. 56)
Root level tag for the Invalidation parameters.
Required: YesCreateTime (p. 56)
The date and time the invalidation request was first made.
Type: TimestampId (p. 56)
The identifier for the invalidation request. For example: IDFDVBD632BHDS5.
Type: StringInvalidationBatch (p. 56)
The current invalidation information for the batch request.
Type: InvalidationBatch (p. 354) objectStatus (p. 56)
The status of the invalidation request. When the invalidation batch is finished, the status isCompleted.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
API Version 2020-05-3156
Amazon CloudFront API ReferenceSee Also
AccessDenied
Access denied.
HTTP Status Code: 403BatchTooLarge
Invalidation batch specified is too large.
HTTP Status Code: 413InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404TooManyInvalidationsInProgress
You have exceeded the maximum number of allowable InProgress invalidation batch requests, orinvalidation objects.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3157
Amazon CloudFront API ReferenceCreateMonitoringSubscription
CreateMonitoringSubscriptionEnables additional CloudWatch metrics for the specified CloudFront distribution. The additional metricsincur an additional cost.
For more information, see Viewing additional CloudFront distribution metrics in the Amazon CloudFrontDeveloper Guide.
Request SyntaxPOST /2020-05-31/distributions/DistributionId/monitoring-subscription HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><MonitoringSubscription xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <RealtimeMetricsSubscriptionConfig> <RealtimeMetricsSubscriptionStatus>string</RealtimeMetricsSubscriptionStatus> </RealtimeMetricsSubscriptionConfig></MonitoringSubscription>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
MonitoringSubscription (p. 58)
Root level tag for the MonitoringSubscription parameters.
Required: YesRealtimeMetricsSubscriptionConfig (p. 58)
A subscription configuration for additional CloudWatch metrics.
Type: RealtimeMetricsSubscriptionConfig (p. 399) object
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><MonitoringSubscription> <RealtimeMetricsSubscriptionConfig> <RealtimeMetricsSubscriptionStatus>string</RealtimeMetricsSubscriptionStatus> </RealtimeMetricsSubscriptionConfig></MonitoringSubscription>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
API Version 2020-05-3158
Amazon CloudFront API ReferenceErrors
MonitoringSubscription (p. 58)
Root level tag for the MonitoringSubscription parameters.
Required: YesRealtimeMetricsSubscriptionConfig (p. 58)
A subscription configuration for additional CloudWatch metrics.
Type: RealtimeMetricsSubscriptionConfig (p. 399) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3159
Amazon CloudFront API ReferenceCreateOriginRequestPolicy
CreateOriginRequestPolicyCreates an origin request policy.
After you create an origin request policy, you can attach it to one or more cache behaviors. When it’sattached to a cache behavior, the origin request policy determines the values that CloudFront includesin requests that it sends to the origin. Each request that CloudFront sends to the origin includes thefollowing:
• The request body and the URL path (without the domain name) from the viewer request.
• The headers that CloudFront automatically includes in every origin request, including Host, User-Agent, and X-Amz-Cf-Id.
• All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the originrequest policy. These can include items from the viewer request and, in the case of headers, additionalones that are added by CloudFront.
CloudFront sends a request when it can’t find a valid object in its cache that matches the request. If youwant to send values to the origin and also include them in the cache key, use CachePolicy.
For more information about origin request policies, see Controlling origin requests in the AmazonCloudFront Developer Guide.
Request Syntax
POST /2020-05-31/origin-request-policy HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicyConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig></OriginRequestPolicyConfig>
API Version 2020-05-3160
Amazon CloudFront API ReferenceURI Request Parameters
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
OriginRequestPolicyConfig (p. 60)
Root level tag for the OriginRequestPolicyConfig parameters.
Required: YesComment (p. 60)
A comment to describe the origin request policy.
Type: String
Required: NoCookiesConfig (p. 60)
The cookies from viewer requests to include in origin requests.
Type: OriginRequestPolicyCookiesConfig (p. 377) object
Required: YesHeadersConfig (p. 60)
The HTTP headers to include in origin requests. These can include headers from viewer requests andadditional headers added by CloudFront.
Type: OriginRequestPolicyHeadersConfig (p. 378) object
Required: YesName (p. 60)
A unique name to identify the origin request policy.
Type: String
Required: YesQueryStringsConfig (p. 60)
The URL query strings from viewer requests to include in origin requests.
Type: OriginRequestPolicyQueryStringsConfig (p. 380) object
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicy>
API Version 2020-05-3161
Amazon CloudFront API ReferenceResponse Elements
<Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <OriginRequestPolicyConfig> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </OriginRequestPolicyConfig></OriginRequestPolicy>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
OriginRequestPolicy (p. 61)
Root level tag for the OriginRequestPolicy parameters.
Required: YesId (p. 61)
The unique identifier for the origin request policy.
Type: StringLastModifiedTime (p. 61)
The date and time when the origin request policy was last modified.
Type: TimestampOriginRequestPolicyConfig (p. 61)
The origin request policy configuration.
Type: OriginRequestPolicyConfig (p. 375) object
API Version 2020-05-3162
Amazon CloudFront API ReferenceErrors
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400OriginRequestPolicyAlreadyExists
An origin request policy with this name already exists. You must provide a unique name. To modifyan existing origin request policy, use UpdateOriginRequestPolicy.
HTTP Status Code: 409TooManyCookiesInOriginRequestPolicy
The number of cookies in the origin request policy exceeds the maximum. For more information, seeQuotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyHeadersInOriginRequestPolicy
The number of headers in the origin request policy exceeds the maximum. For more information, seeQuotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyOriginRequestPolicies
You have reached the maximum number of origin request policies for this AWS account. For moreinformation, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyQueryStringsInOriginRequestPolicy
The number of query strings in the origin request policy exceeds the maximum. For moreinformation, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET
API Version 2020-05-3163
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3164
Amazon CloudFront API ReferenceCreatePublicKey
CreatePublicKeyAdd a new public key to CloudFront to use, for example, for field-level encryption. You can add amaximum of 10 public keys with one AWS account.
Request SyntaxPOST /2020-05-31/public-key HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><PublicKeyConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncodedKey>string</EncodedKey> <Name>string</Name></PublicKeyConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
PublicKeyConfig (p. 65)
Root level tag for the PublicKeyConfig parameters.
Required: Yes
CallerReference (p. 65)
A unique number that ensures that the request can't be replayed.
Type: String
Required: Yes
Comment (p. 65)
An optional comment about a public key.
Type: String
Required: No
EncodedKey (p. 65)
The encoded public key that you want to add to CloudFront to use with features like field-levelencryption.
Type: String
Required: Yes
Name (p. 65)
The name for a public key you add to CloudFront to use with features like field-level encryption.
API Version 2020-05-3165
Amazon CloudFront API ReferenceResponse Syntax
Type: String
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><PublicKey> <CreatedTime>timestamp</CreatedTime> <Id>string</Id> <PublicKeyConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncodedKey>string</EncodedKey> <Name>string</Name> </PublicKeyConfig></PublicKey>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
PublicKey (p. 66)
Root level tag for the PublicKey parameters.
Required: YesCreatedTime (p. 66)
A time you added a public key to CloudFront.
Type: TimestampId (p. 66)
A unique ID assigned to a public key you've added to CloudFront.
Type: StringPublicKeyConfig (p. 66)
A complex data type for a public key you add to CloudFront to use with features like field-levelencryption.
Type: PublicKeyConfig (p. 388) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
API Version 2020-05-3166
Amazon CloudFront API ReferenceSee Also
PublicKeyAlreadyExists
The specified public key already exists.
HTTP Status Code: 409TooManyPublicKeys
The maximum number of public keys for field-level encryption have been created. To create a newpublic key, delete one of the existing keys.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3167
Amazon CloudFront API ReferenceCreateRealtimeLogConfig
CreateRealtimeLogConfigCreates a real-time log configuration.
After you create a real-time log configuration, you can attach it to one or more cache behaviors to sendreal-time log data to the specified Amazon Kinesis data stream.
For more information about real-time log configurations, see Real-time logs in the Amazon CloudFrontDeveloper Guide.
Request SyntaxPOST /2020-05-31/realtime-log-config HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><CreateRealtimeLogConfigRequest xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <EndPoints> <EndPoint> <KinesisStreamConfig> <RoleARN>string</RoleARN> <StreamARN>string</StreamARN> </KinesisStreamConfig> <StreamType>string</StreamType> </EndPoint> </EndPoints> <Fields> <Field>string</Field> </Fields> <Name>string</Name> <SamplingRate>long</SamplingRate></CreateRealtimeLogConfigRequest>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
CreateRealtimeLogConfigRequest (p. 68)
Root level tag for the CreateRealtimeLogConfigRequest parameters.
Required: YesEndPoints (p. 68)
Contains information about the Amazon Kinesis data stream where you are sending real-time logdata.
Type: Array of EndPoint (p. 337) objects
Required: YesFields (p. 68)
A list of fields to include in each real-time log record.
For more information about fields, see Real-time log configuration fields in the Amazon CloudFrontDeveloper Guide.
API Version 2020-05-3168
Amazon CloudFront API ReferenceResponse Syntax
Type: Array of strings
Required: YesName (p. 68)
A unique name to identify this real-time log configuration.
Type: String
Required: YesSamplingRate (p. 68)
The sampling rate for this real-time log configuration. The sampling rate determines the percentageof viewer requests that are represented in the real-time log data. You must provide an integerbetween 1 and 100, inclusive.
Type: Long
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><CreateRealtimeLogConfigResult> <RealtimeLogConfig> <ARN>string</ARN> <EndPoints> <EndPoint> <KinesisStreamConfig> <RoleARN>string</RoleARN> <StreamARN>string</StreamARN> </KinesisStreamConfig> <StreamType>string</StreamType> </EndPoint> </EndPoints> <Fields> <Field>string</Field> </Fields> <Name>string</Name> <SamplingRate>long</SamplingRate> </RealtimeLogConfig></CreateRealtimeLogConfigResult>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
CreateRealtimeLogConfigResult (p. 69)
Root level tag for the CreateRealtimeLogConfigResult parameters.
Required: YesRealtimeLogConfig (p. 69)
A real-time log configuration.
API Version 2020-05-3169
Amazon CloudFront API ReferenceErrors
Type: RealtimeLogConfig (p. 396) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400RealtimeLogConfigAlreadyExists
A real-time log configuration with this name already exists. You must provide a unique name. Tomodify an existing real-time log configuration, use UpdateRealtimeLogConfig.
HTTP Status Code: 409TooManyRealtimeLogConfigs
You have reached the maximum number of real-time log configurations for this AWS account. Formore information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3170
Amazon CloudFront API ReferenceCreateStreamingDistribution
CreateStreamingDistributionCreates a new RTMP distribution. An RTMP distribution is similar to a web distribution, but an RTMPdistribution streams media files using the Adobe Real-Time Messaging Protocol (RTMP) instead ofserving files using HTTP.
To create a new distribution, submit a POST request to the CloudFront API version/distribution resource.The request body must include a document with a StreamingDistributionConfig element. The responseechoes the StreamingDistributionConfig element and returns other information about the RTMPdistribution.
To get the status of your request, use the GET StreamingDistribution API action. When the value ofEnabled is true and the value of Status is Deployed, your distribution is ready. A distribution usuallydeploys in less than 15 minutes.
For more information about web distributions, see Working with RTMP Distributions in the AmazonCloudFront Developer Guide.
ImportantBeginning with the 2012-05-05 version of the CloudFront API, we made substantial changesto the format of the XML document that you include in the request body when you createor update a web distribution or an RTMP distribution, and when you invalidate objects. Withprevious versions of the API, we discovered that it was too easy to accidentally delete one ormore values for an element that accepts multiple values, for example, CNAMEs and trustedsigners. Our changes for the 2012-05-05 release are intended to prevent these accidentaldeletions and to notify you when there's a mismatch between the number of values you sayyou're specifying in the Quantity element and the number of values specified.
Request SyntaxPOST /2020-05-31/streaming-distribution HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><StreamingDistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners></StreamingDistributionConfig>
API Version 2020-05-3171
Amazon CloudFront API ReferenceURI Request Parameters
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
StreamingDistributionConfig (p. 71)
Root level tag for the StreamingDistributionConfig parameters.
Required: YesAliases (p. 71)
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisstreaming distribution.
Type: Aliases (p. 279) object
Required: NoCallerReference (p. 71)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theStreamingDistributionConfig object), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Required: YesComment (p. 71)
Any comments you want to include about the streaming distribution.
Type: String
Required: YesEnabled (p. 71)
Whether the streaming distribution is enabled to accept user requests for content.
Type: Boolean
Required: YesLogging (p. 71)
A complex type that controls whether access logs are written for the streaming distribution.
Type: StreamingLoggingConfig (p. 414) object
Required: NoPriceClass (p. 71)
A complex type that contains information about price class for this streaming distribution.
API Version 2020-05-3172
Amazon CloudFront API ReferenceResponse Syntax
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: NoS3Origin (p. 71)
A complex type that contains information about the Amazon S3 bucket from which you wantCloudFront to get your media files for distribution.
Type: S3Origin (p. 401) object
Required: YesTrustedSigners (p. 71)
A complex type that specifies any AWS accounts that you want to permit to create signed URLs forprivate content. If you want the distribution to use signed URLs, include this element; if you wantthe distribution to use public URLs, remove this element. For more information, see Serving PrivateContent through CloudFront in the Amazon CloudFront Developer Guide.
Type: TrustedSigners (p. 418) object
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><StreamingDistribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <ARN>string</ARN> <DomainName>string</DomainName> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status> <StreamingDistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket>
API Version 2020-05-3173
Amazon CloudFront API ReferenceResponse Elements
<Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> </StreamingDistributionConfig></StreamingDistribution>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
StreamingDistribution (p. 73)
Root level tag for the StreamingDistribution parameters.
Required: YesActiveTrustedSigners (p. 73)
A complex type that lists the AWS accounts, if any, that you included in the TrustedSignerscomplex type for this distribution. These are the accounts that you want to allow to create signedURLs for private content.
The Signer complex type lists the AWS account number of the trusted signer or self if the signeris the AWS account that created the distribution. The Signer element also includes the IDs ofany active CloudFront key pairs that are associated with the trusted signer's AWS account. If noKeyPairId element appears for a Signer, that signer can't create signed URLs.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
Type: ActiveTrustedSigners (p. 278) objectARN (p. 73)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDomainName (p. 73)
The domain name that corresponds to the streaming distribution, for example,s5c39gqb8ow64r.cloudfront.net.
Type: StringId (p. 73)
The identifier for the RTMP distribution. For example: EGTXBD79EXAMPLE.
API Version 2020-05-3174
Amazon CloudFront API ReferenceErrors
Type: StringLastModifiedTime (p. 73)
The date and time that the distribution was last modified.
Type: TimestampStatus (p. 73)
The current status of the RTMP distribution. When the status is Deployed, the distribution'sinformation is propagated to all CloudFront edge locations.
Type: StringStreamingDistributionConfig (p. 73)
The current configuration information for the RTMP distribution.
Type: StreamingDistributionConfig (p. 407) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CNAMEAlreadyExists
The CNAME specified is already defined for CloudFront.
HTTP Status Code: 409InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidOrigin
The Amazon S3 origin server specified does not refer to a valid Amazon S3 bucket.
HTTP Status Code: 400InvalidOriginAccessIdentity
The origin access identity is not valid or doesn't exist.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
API Version 2020-05-3175
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400StreamingDistributionAlreadyExists
The caller reference you attempted to create the streaming distribution with is associated withanother distribution
HTTP Status Code: 409TooManyStreamingDistributionCNAMEs
Your request contains more CNAMEs than are allowed per distribution.
HTTP Status Code: 400TooManyStreamingDistributions
Processing your request would cause you to exceed the maximum number of streaming distributionsallowed.
HTTP Status Code: 400TooManyTrustedSigners
Your request contains more trusted signers than are allowed per distribution.
HTTP Status Code: 400TrustedSignerDoesNotExist
One or more of your trusted signers don't exist.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3176
Amazon CloudFront API ReferenceCreateStreamingDistributionWithTags
CreateStreamingDistributionWithTagsCreate a new streaming distribution with tags.
Request SyntaxPOST /2020-05-31/streaming-distribution?WithTags HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><StreamingDistributionConfigWithTags xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <StreamingDistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> </StreamingDistributionConfig> <Tags> <Items> <Tag> <Key>string</Key> <Value>string</Value> </Tag> </Items> </Tags></StreamingDistributionConfigWithTags>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
StreamingDistributionConfigWithTags (p. 77)
Root level tag for the StreamingDistributionConfigWithTags parameters.
API Version 2020-05-3177
Amazon CloudFront API ReferenceResponse Syntax
Required: YesStreamingDistributionConfig (p. 77)
A streaming distribution Configuration.
Type: StreamingDistributionConfig (p. 407) object
Required: YesTags (p. 77)
A complex type that contains zero or more Tag elements.
Type: Tags (p. 417) object
Required: Yes
Response SyntaxHTTP/1.1 201<?xml version="1.0" encoding="UTF-8"?><StreamingDistribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <ARN>string</ARN> <DomainName>string</DomainName> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status> <StreamingDistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners>
API Version 2020-05-3178
Amazon CloudFront API ReferenceResponse Elements
<Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> </StreamingDistributionConfig></StreamingDistribution>
Response ElementsIf the action is successful, the service sends back an HTTP 201 response.
The following data is returned in XML format by the service.
StreamingDistribution (p. 78)
Root level tag for the StreamingDistribution parameters.
Required: YesActiveTrustedSigners (p. 78)
A complex type that lists the AWS accounts, if any, that you included in the TrustedSignerscomplex type for this distribution. These are the accounts that you want to allow to create signedURLs for private content.
The Signer complex type lists the AWS account number of the trusted signer or self if the signeris the AWS account that created the distribution. The Signer element also includes the IDs ofany active CloudFront key pairs that are associated with the trusted signer's AWS account. If noKeyPairId element appears for a Signer, that signer can't create signed URLs.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
Type: ActiveTrustedSigners (p. 278) objectARN (p. 78)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDomainName (p. 78)
The domain name that corresponds to the streaming distribution, for example,s5c39gqb8ow64r.cloudfront.net.
Type: StringId (p. 78)
The identifier for the RTMP distribution. For example: EGTXBD79EXAMPLE.
Type: StringLastModifiedTime (p. 78)
The date and time that the distribution was last modified.
Type: Timestamp
API Version 2020-05-3179
Amazon CloudFront API ReferenceErrors
Status (p. 78)
The current status of the RTMP distribution. When the status is Deployed, the distribution'sinformation is propagated to all CloudFront edge locations.
Type: StringStreamingDistributionConfig (p. 78)
The current configuration information for the RTMP distribution.
Type: StreamingDistributionConfig (p. 407) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CNAMEAlreadyExists
The CNAME specified is already defined for CloudFront.
HTTP Status Code: 409InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidOrigin
The Amazon S3 origin server specified does not refer to a valid Amazon S3 bucket.
HTTP Status Code: 400InvalidOriginAccessIdentity
The origin access identity is not valid or doesn't exist.
HTTP Status Code: 400InvalidTagging
The tagging specified is not valid.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400
API Version 2020-05-3180
Amazon CloudFront API ReferenceSee Also
StreamingDistributionAlreadyExists
The caller reference you attempted to create the streaming distribution with is associated withanother distribution
HTTP Status Code: 409TooManyStreamingDistributionCNAMEs
Your request contains more CNAMEs than are allowed per distribution.
HTTP Status Code: 400TooManyStreamingDistributions
Processing your request would cause you to exceed the maximum number of streaming distributionsallowed.
HTTP Status Code: 400TooManyTrustedSigners
Your request contains more trusted signers than are allowed per distribution.
HTTP Status Code: 400TrustedSignerDoesNotExist
One or more of your trusted signers don't exist.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3181
Amazon CloudFront API ReferenceDeleteCachePolicy
DeleteCachePolicyDeletes a cache policy.
You cannot delete a cache policy if it’s attached to a cache behavior. First update your distributions toremove the cache policy from all cache behaviors, then delete the cache policy.
To delete a cache policy, you must provide the policy’s identifier and version. To get these values, you canuse ListCachePolicies or GetCachePolicy.
Request SyntaxDELETE /2020-05-31/cache-policy/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 82)
The unique identifier for the cache policy that you are deleting. To get the identifier, you can useListCachePolicies.
Required: YesIf-Match (p. 82)
The version of the cache policy that you are deleting. The version is the cache policy’s ETag value,which you can get using ListCachePolicies, GetCachePolicy, or GetCachePolicyConfig.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403
API Version 2020-05-3182
Amazon CloudFront API ReferenceSee Also
CachePolicyInUse
Cannot delete the cache policy because it is attached to one or more cache behaviors.
HTTP Status Code: 409IllegalDelete
You cannot delete a managed policy.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3183
Amazon CloudFront API ReferenceDeleteCloudFrontOriginAccessIdentity
DeleteCloudFrontOriginAccessIdentityDelete an origin access identity.
Request SyntaxDELETE /2020-05-31/origin-access-identity/cloudfront/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 84)
The origin access identity's ID.
Required: YesIf-Match (p. 84)
The value of the ETag header you received from a previous GET or PUT request. For example:E2QWRUHAPOMQZL.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CloudFrontOriginAccessIdentityInUse
The Origin Access Identity specified is already in use.
HTTP Status Code: 409InvalidIfMatchVersion
The If-Match version is missing or not valid.
API Version 2020-05-3184
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400NoSuchCloudFrontOriginAccessIdentity
The specified origin access identity does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3185
Amazon CloudFront API ReferenceDeleteDistribution
DeleteDistributionDelete a distribution.
Request SyntaxDELETE /2020-05-31/distribution/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 86)
The distribution ID.
Required: YesIf-Match (p. 86)
The value of the ETag header that you received when you disabled the distribution. For example:E2QWRUHAPOMQZL.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403DistributionNotDisabled
The specified CloudFront distribution is not disabled. You must disable the distribution before youcan delete it.
HTTP Status Code: 409
API Version 2020-05-3186
Amazon CloudFront API ReferenceSee Also
InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3187
Amazon CloudFront API ReferenceDeleteFieldLevelEncryptionConfig
DeleteFieldLevelEncryptionConfigRemove a field-level encryption configuration.
Request SyntaxDELETE /2020-05-31/field-level-encryption/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 88)
The ID of the configuration you want to delete from CloudFront.
Required: YesIf-Match (p. 88)
The value of the ETag header that you received when retrieving the configuration identity to delete.For example: E2QWRUHAPOMQZL.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403FieldLevelEncryptionConfigInUse
The specified configuration for field-level encryption is in use.
HTTP Status Code: 409InvalidIfMatchVersion
The If-Match version is missing or not valid.
API Version 2020-05-3188
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3189
Amazon CloudFront API ReferenceDeleteFieldLevelEncryptionProfile
DeleteFieldLevelEncryptionProfileRemove a field-level encryption profile.
Request SyntaxDELETE /2020-05-31/field-level-encryption-profile/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 90)
Request the ID of the profile you want to delete from CloudFront.
Required: YesIf-Match (p. 90)
The value of the ETag header that you received when retrieving the profile to delete. For example:E2QWRUHAPOMQZL.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403FieldLevelEncryptionProfileInUse
The specified profile for field-level encryption is in use.
HTTP Status Code: 409InvalidIfMatchVersion
The If-Match version is missing or not valid.
API Version 2020-05-3190
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400NoSuchFieldLevelEncryptionProfile
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3191
Amazon CloudFront API ReferenceDeleteMonitoringSubscription
DeleteMonitoringSubscriptionDisables additional CloudWatch metrics for the specified CloudFront distribution.
Request SyntaxDELETE /2020-05-31/distributions/DistributionId/monitoring-subscription HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
DistributionId (p. 92)
The ID of the distribution that you are disabling metrics for.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200
Response ElementsIf the action is successful, the service sends back an HTTP 200 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface
API Version 2020-05-3192
Amazon CloudFront API ReferenceSee Also
• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3193
Amazon CloudFront API ReferenceDeleteOriginRequestPolicy
DeleteOriginRequestPolicyDeletes an origin request policy.
You cannot delete an origin request policy if it’s attached to any cache behaviors. First update yourdistributions to remove the origin request policy from all cache behaviors, then delete the origin requestpolicy.
To delete an origin request policy, you must provide the policy’s identifier and version. To get theidentifier, you can use ListOriginRequestPolicies or GetOriginRequestPolicy.
Request SyntaxDELETE /2020-05-31/origin-request-policy/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 94)
The unique identifier for the origin request policy that you are deleting. To get the identifier, you canuse ListOriginRequestPolicies.
Required: YesIf-Match (p. 94)
The version of the origin request policy that you are deleting. The version is the originrequest policy’s ETag value, which you can get using ListOriginRequestPolicies,GetOriginRequestPolicy, or GetOriginRequestPolicyConfig.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
API Version 2020-05-3194
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 403IllegalDelete
You cannot delete a managed policy.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404OriginRequestPolicyInUse
Cannot delete the origin request policy because it is attached to one or more cache behaviors.
HTTP Status Code: 409PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3195
Amazon CloudFront API ReferenceDeletePublicKey
DeletePublicKeyRemove a public key you previously added to CloudFront.
Request SyntaxDELETE /2020-05-31/public-key/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 96)
The ID of the public key you want to remove from CloudFront.
Required: YesIf-Match (p. 96)
The value of the ETag header that you received when retrieving the public key identity to delete. Forexample: E2QWRUHAPOMQZL.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchPublicKey
The specified public key doesn't exist.
API Version 2020-05-3196
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412PublicKeyInUse
The specified public key is in use.
HTTP Status Code: 409
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3197
Amazon CloudFront API ReferenceDeleteRealtimeLogConfig
DeleteRealtimeLogConfigDeletes a real-time log configuration.
You cannot delete a real-time log configuration if it’s attached to a cache behavior. First update yourdistributions to remove the real-time log configuration from all cache behaviors, then delete the real-time log configuration.
To delete a real-time log configuration, you can provide the configuration’s name or its Amazon ResourceName (ARN). You must provide at least one. If you provide both, CloudFront uses the name to identifythe real-time log configuration to delete.
Request SyntaxPOST /2020-05-31/delete-realtime-log-config/ HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><DeleteRealtimeLogConfigRequest xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <ARN>string</ARN> <Name>string</Name></DeleteRealtimeLogConfigRequest>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
DeleteRealtimeLogConfigRequest (p. 98)
Root level tag for the DeleteRealtimeLogConfigRequest parameters.
Required: YesARN (p. 98)
The Amazon Resource Name (ARN) of the real-time log configuration to delete.
Type: String
Required: NoName (p. 98)
The name of the real-time log configuration to delete.
Type: String
Required: No
Response SyntaxHTTP/1.1 204
API Version 2020-05-3198
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchRealtimeLogConfig
The real-time log configuration does not exist.
HTTP Status Code: 404RealtimeLogConfigInUse
Cannot delete the real-time log configuration because it is attached to one or more cache behaviors.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-3199
Amazon CloudFront API ReferenceDeleteStreamingDistribution
DeleteStreamingDistributionDelete a streaming distribution. To delete an RTMP distribution using the CloudFront API, perform thefollowing steps.
To delete an RTMP distribution using the CloudFront API:
1. Disable the RTMP distribution.2. Submit a GET Streaming Distribution Config request to get the current configuration and the
Etag header for the distribution.3. Update the XML document that was returned in the response to your GET Streaming
Distribution Config request to change the value of Enabled to false.4. Submit a PUT Streaming Distribution Config request to update the configuration for your
distribution. In the request body, include the XML document that you updated in Step 3. Then set thevalue of the HTTP If-Match header to the value of the ETag header that CloudFront returned whenyou submitted the GET Streaming Distribution Config request in Step 2.
5. Review the response to the PUT Streaming Distribution Config request to confirm that thedistribution was successfully disabled.
6. Submit a GET Streaming Distribution Config request to confirm that your changes havepropagated. When propagation is complete, the value of Status is Deployed.
7. Submit a DELETE Streaming Distribution request. Set the value of the HTTP If-Match headerto the value of the ETag header that CloudFront returned when you submitted the GET StreamingDistribution Config request in Step 2.
8. Review the response to your DELETE Streaming Distribution request to confirm that thedistribution was successfully deleted.
For information about deleting a distribution using the CloudFront console, see Deleting a Distribution inthe Amazon CloudFront Developer Guide.
Request SyntaxDELETE /2020-05-31/streaming-distribution/Id HTTP/1.1If-Match: IfMatch
URI Request ParametersThe request uses the following URI parameters.
Id (p. 100)
The distribution ID.
Required: YesIf-Match (p. 100)
The value of the ETag header that you received when you disabled the streaming distribution. Forexample: E2QWRUHAPOMQZL.
Request BodyThe request does not have a request body.
API Version 2020-05-31100
Amazon CloudFront API ReferenceResponse Syntax
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchStreamingDistribution
The specified streaming distribution does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412StreamingDistributionNotDisabled
The specified CloudFront distribution is not disabled. You must disable the distribution before youcan delete it.
HTTP Status Code: 409
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31101
Amazon CloudFront API ReferenceSee Also
API Version 2020-05-31102
Amazon CloudFront API ReferenceGetCachePolicy
GetCachePolicyGets a cache policy, including the following metadata:
• The policy’s identifier.• The date and time when the policy was last modified.
To get a cache policy, you must provide the policy’s identifier. If the cache policy is attached to adistribution’s cache behavior, you can get the policy’s identifier using ListDistributions orGetDistribution. If the cache policy is not attached to a cache behavior, you can get the identifierusing ListCachePolicies.
Request SyntaxGET /2020-05-31/cache-policy/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 103)
The unique identifier for the cache policy. If the cache policy is attached to a distribution’s cachebehavior, you can get the policy’s identifier using ListDistributions or GetDistribution.If the cache policy is not attached to a cache behavior, you can get the identifier usingListCachePolicies.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CachePolicy> <CachePolicyConfig> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name> <ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig>
API Version 2020-05-31103
Amazon CloudFront API ReferenceResponse Elements
<EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin> </CachePolicyConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></CachePolicy>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CachePolicy (p. 103)
Root level tag for the CachePolicy parameters.
Required: YesCachePolicyConfig (p. 103)
The cache policy configuration.
Type: CachePolicyConfig (p. 291) objectId (p. 103)
The unique identifier for the cache policy.
Type: StringLastModifiedTime (p. 103)
The date and time when the cache policy was last modified.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
API Version 2020-05-31104
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 403NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31105
Amazon CloudFront API ReferenceGetCachePolicyConfig
GetCachePolicyConfigGets a cache policy configuration.
To get a cache policy configuration, you must provide the policy’s identifier. If the cachepolicy is attached to a distribution’s cache behavior, you can get the policy’s identifier usingListDistributions or GetDistribution. If the cache policy is not attached to a cache behavior, youcan get the identifier using ListCachePolicies.
Request SyntaxGET /2020-05-31/cache-policy/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 106)
The unique identifier for the cache policy. If the cache policy is attached to a distribution’s cachebehavior, you can get the policy’s identifier using ListDistributions or GetDistribution.If the cache policy is not attached to a cache behavior, you can get the identifier usingListCachePolicies.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CachePolicyConfig> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name> <ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers>
API Version 2020-05-31106
Amazon CloudFront API ReferenceResponse Elements
<Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin></CachePolicyConfig>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CachePolicyConfig (p. 106)
Root level tag for the CachePolicyConfig parameters.
Required: YesComment (p. 106)
A comment to describe the cache policy.
Type: StringDefaultTTL (p. 106)
The default amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated.CloudFront uses this value as the object’s time to live (TTL) only when the origin does not sendCache-Control or Expires headers with the object. For more information, see Managing HowLong Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
The default value for this field is 86400 seconds (one day). If the value of MinTTL is more than86400 seconds, then the default value for this field is the same as the value of MinTTL.
Type: LongMaxTTL (p. 106)
The maximum amount of time, in seconds, that objects stay in the CloudFront cache beforeCloudFront sends another request to the origin to see if the object has been updated. CloudFrontuses this value only when the origin sends Cache-Control or Expires headers with the object.For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
The default value for this field is 31536000 seconds (one year). If the value of MinTTL orDefaultTTL is more than 31536000 seconds, then the default value for this field is the same as thevalue of DefaultTTL.
Type: Long
API Version 2020-05-31107
Amazon CloudFront API ReferenceErrors
MinTTL (p. 106)
The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated. Formore information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
Type: LongName (p. 106)
A unique name to identify the cache policy.
Type: StringParametersInCacheKeyAndForwardedToOrigin (p. 106)
The HTTP headers, cookies, and URL query strings to include in the cache key. The values included inthe cache key are automatically included in requests that CloudFront sends to the origin.
Type: ParametersInCacheKeyAndForwardedToOrigin (p. 384) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31108
Amazon CloudFront API ReferenceGetCloudFrontOriginAccessIdentity
GetCloudFrontOriginAccessIdentityGet the information about an origin access identity.
Request SyntaxGET /2020-05-31/origin-access-identity/cloudfront/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 109)
The identity's ID.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentity> <CloudFrontOriginAccessIdentityConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> </CloudFrontOriginAccessIdentityConfig> <Id>string</Id> <S3CanonicalUserId>string</S3CanonicalUserId></CloudFrontOriginAccessIdentity>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CloudFrontOriginAccessIdentity (p. 109)
Root level tag for the CloudFrontOriginAccessIdentity parameters.
Required: YesCloudFrontOriginAccessIdentityConfig (p. 109)
The current configuration information for the identity.
Type: CloudFrontOriginAccessIdentityConfig (p. 299) objectId (p. 109)
The ID for the origin access identity, for example, E74FTE3AJFJ256A.
API Version 2020-05-31109
Amazon CloudFront API ReferenceErrors
Type: StringS3CanonicalUserId (p. 109)
The Amazon S3 canonical user ID for the origin access identity, used when giving the origin accessidentity read permission to an object in Amazon S3.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchCloudFrontOriginAccessIdentity
The specified origin access identity does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31110
Amazon CloudFront API ReferenceGetCloudFrontOriginAccessIdentityConfig
GetCloudFrontOriginAccessIdentityConfigGet the configuration information about an origin access identity.
Request SyntaxGET /2020-05-31/origin-access-identity/cloudfront/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 111)
The identity's ID.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentityConfig> <CallerReference>string</CallerReference> <Comment>string</Comment></CloudFrontOriginAccessIdentityConfig>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CloudFrontOriginAccessIdentityConfig (p. 111)
Root level tag for the CloudFrontOriginAccessIdentityConfig parameters.
Required: YesCallerReference (p. 111)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theCloudFrontOriginAccessIdentityConfig object), a new origin access identity is created.
If the CallerReference is a value already sent in a previous identity request, and the content ofthe CloudFrontOriginAccessIdentityConfig is identical to the original request (ignoringwhite space), the response includes the same information returned to the original request.
API Version 2020-05-31111
Amazon CloudFront API ReferenceErrors
If the CallerReference is a value you already sent in a previous request to create an identity, butthe content of the CloudFrontOriginAccessIdentityConfig is different from the originalrequest, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.
Type: StringComment (p. 111)
Any comments you want to include about the origin access identity.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchCloudFrontOriginAccessIdentity
The specified origin access identity does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31112
Amazon CloudFront API ReferenceGetDistribution
GetDistributionGet the information about a distribution.
Request SyntaxGET /2020-05-31/distribution/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 113)
The distribution's ID. If the ID is empty, an empty distribution configuration is returned.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><Distribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus> </AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <DistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases>
API Version 2020-05-31113
Amazon CloudFront API ReferenceResponse Syntax
<CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity>
API Version 2020-05-31114
Amazon CloudFront API ReferenceResponse Syntax
</TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN>
API Version 2020-05-31115
Amazon CloudFront API ReferenceResponse Syntax
</LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity>
API Version 2020-05-31116
Amazon CloudFront API ReferenceResponse Elements
</CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionConfig> <DomainName>string</DomainName> <Id>string</Id> <InProgressInvalidationBatches>integer</InProgressInvalidationBatches> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status></Distribution>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
Distribution (p. 113)
Root level tag for the Distribution parameters.
Required: Yes
API Version 2020-05-31117
Amazon CloudFront API ReferenceResponse Elements
ActiveTrustedSigners (p. 113)
CloudFront automatically adds this element to the response only if you've set up the distribution toserve private content with signed URLs. The element lists the key pair IDs that CloudFront is awareof for each trusted signer. The Signer child element lists the AWS account number of the trustedsigner (or an empty Self element if the signer is you). The Signer element also includes the IDsof any active key pairs associated with the trusted signer's AWS account. If no KeyPairId elementappears for a Signer, that signer can't create working signed URLs.
Type: ActiveTrustedSigners (p. 278) objectAliasICPRecordals (p. 113)
AWS services in China customers must file for an Internet Content Provider (ICP) recordal if theywant to serve content publicly on an alternate domain name, also known as a CNAME, that they'veadded to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated withdistributions.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Startedwith AWS services in China.
Type: Array of AliasICPRecordal (p. 280) objectsARN (p. 113)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDistributionConfig (p. 113)
The current configuration information for the distribution. Send a GET request to the /CloudFrontAPI version/distribution ID/config resource.
Type: DistributionConfig (p. 321) objectDomainName (p. 113)
The domain name corresponding to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: StringId (p. 113)
The identifier for the distribution. For example: EDFDVBD632BHDS5.
Type: StringInProgressInvalidationBatches (p. 113)
The number of invalidation batches currently in progress.
Type: IntegerLastModifiedTime (p. 113)
The date and time the distribution was last modified.
Type: TimestampStatus (p. 113)
This response element indicates the current status of the distribution. When the status is Deployed,the distribution's information is fully propagated to all CloudFront edge locations.
API Version 2020-05-31118
Amazon CloudFront API ReferenceErrors
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31119
Amazon CloudFront API ReferenceGetDistributionConfig
GetDistributionConfigGet the configuration information about a distribution.
Request SyntaxGET /2020-05-31/distribution/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 120)
The distribution's ID. If the ID is empty, an empty distribution configuration is returned.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><DistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames>
API Version 2020-05-31120
Amazon CloudFront API ReferenceResponse Syntax
<Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items>
API Version 2020-05-31121
Amazon CloudFront API ReferenceResponse Syntax
<Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled>
API Version 2020-05-31122
Amazon CloudFront API ReferenceResponse Syntax
<Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity>
API Version 2020-05-31123
Amazon CloudFront API ReferenceResponse Elements
</Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId></DistributionConfig>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
DistributionConfig (p. 120)
Root level tag for the DistributionConfig parameters.
Required: Yes
Aliases (p. 120)
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisdistribution.
Type: Aliases (p. 279) object
CacheBehaviors (p. 120)
A complex type that contains zero or more CacheBehavior elements.
Type: CacheBehaviors (p. 288) object
CallerReference (p. 120)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of the DistributionConfigobject), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Comment (p. 120)
Any comments you want to include about the distribution.
API Version 2020-05-31124
Amazon CloudFront API ReferenceResponse Elements
If you don't want to specify a comment, include an empty Comment element.
To delete an existing comment, update the distribution configuration and include an emptyComment element.
To add or change a comment, update the distribution configuration and specify the new comment.
Type: String
CustomErrorResponses (p. 120)
A complex type that controls the following:
• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom errormessages before returning the response to the viewer.
• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the AmazonCloudFront Developer Guide.
Type: CustomErrorResponses (p. 311) object
DefaultCacheBehavior (p. 120)
A complex type that describes the default cache behavior if you don't specify a CacheBehaviorelement or if files don't match any of the values of PathPattern in CacheBehavior elements. Youmust create exactly one default cache behavior.
Type: DefaultCacheBehavior (p. 315) object
DefaultRootObject (p. 120)
The object that you want CloudFront to request from your origin (for example, index.html)when a viewer requests the root URL for your distribution (http://www.example.com) insteadof an object in your distribution (http://www.example.com/product-description.html).Specifying a default root object avoids exposing the contents of your distribution.
Specify only the object name, for example, index.html. Don't add a / before the object name.
If you don't want to specify a default root object when you create a distribution, include an emptyDefaultRootObject element.
To delete the default root object from an existing distribution, update the distribution configurationand include an empty DefaultRootObject element.
To replace the default root object, update the distribution configuration and specify the new object.
For more information about the default root object, see Creating a Default Root Object in theAmazon CloudFront Developer Guide.
Type: String
Enabled (p. 120)
From this field, you can enable or disable the selected distribution.
Type: Boolean
HttpVersion (p. 120)
(Optional) Specify the maximum HTTP version that you want viewers to use to communicate withCloudFront. The default value for new web distributions is http2. Viewers that don't support HTTP/2automatically use an earlier HTTP version.
API Version 2020-05-31125
Amazon CloudFront API ReferenceResponse Elements
For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must supportServer Name Identification (SNI).
In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. Youcan improve performance by optimizing for HTTP/2. For more information, do an Internet search for"http/2 optimization."
Type: String
Valid Values: http1.1 | http2
IsIPV6Enabled (p. 120)
If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution,specify true. If you specify false, CloudFront responds to IPv6 DNS requests with the DNSresponse code NOERROR and with no IP addresses. This allows viewers to submit a second request,for an IPv4 address for your distribution.
In general, you should enable IPv6 if you have users on IPv6 networks who want to access yourcontent. However, if you're using signed URLs or signed cookies to restrict access to your content,and if you're using a custom policy that includes the IpAddress parameter to restrict the IPaddresses that can access your content, don't enable IPv6. If you want to restrict access to somecontent by IP address and not restrict access to other content (or restrict access but not by IPaddress), you can create two distributions. For more information, see Creating a Signed URL Using aCustom Policy in the Amazon CloudFront Developer Guide.
If you're using an Amazon Route 53 alias resource record set to route traffic to your CloudFrontdistribution, you need to create a second alias resource record set when both of the following aretrue:
• You enable IPv6 for the distribution
• You're using alternate domain names in the URLs for your objects
For more information, see Routing Traffic to an Amazon CloudFront Web Distribution by Using YourDomain Name in the Amazon Route 53 Developer Guide.
If you created a CNAME resource record set, either with Amazon Route 53 or with another DNSservice, you don't need to make any changes. A CNAME record will route traffic to your distributionregardless of the IP address format of the viewer request.
Type: Boolean
Logging (p. 120)
A complex type that controls whether access logs are written for the distribution.
For more information about logging, see Access Logs in the Amazon CloudFront Developer Guide.
Type: LoggingConfig (p. 363) object
OriginGroups (p. 120)
A complex type that contains information about origin groups for this distribution.
Type: OriginGroups (p. 373) object
Origins (p. 120)
A complex type that contains information about origins for this distribution.
Type: Origins (p. 382) object
API Version 2020-05-31126
Amazon CloudFront API ReferenceErrors
PriceClass (p. 120)
The price class that corresponds with the maximum price that you want to pay for CloudFrontservice. If you specify PriceClass_All, CloudFront responds to requests for your objects from allCloudFront edge locations.
If you specify a price class other than PriceClass_All, CloudFront serves your objects from theCloudFront edge location that has the lowest latency among the edge locations in your price class.Viewers who are in or near regions that are excluded from your specified price class may encounterslower performance.
For more information about price classes, see Choosing the Price Class for a CloudFront Distributionin the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including howprice classes (such as Price Class 100) map to CloudFront regions, see Amazon CloudFront Pricing.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_AllRestrictions (p. 120)
A complex type that identifies ways in which you want to restrict distribution of your content.
Type: Restrictions (p. 400) objectViewerCertificate (p. 120)
A complex type that determines the distribution’s SSL/TLS configuration for communicating withviewers.
Type: ViewerCertificate (p. 419) objectWebACLId (p. 120)
A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for examplearn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use theACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests thatare forwarded to CloudFront, and lets you control access to your content. Based on conditions thatyou specify, such as the IP addresses that requests originate from or the values of query strings,CloudFront responds to requests either with the requested content or with an HTTP 403 status code(Forbidden). You can also configure CloudFront to return a custom error page when a request isblocked. For more information about AWS WAF, see the AWS WAF Developer Guide.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchDistribution
The specified distribution does not exist.
API Version 2020-05-31127
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31128
Amazon CloudFront API ReferenceGetFieldLevelEncryption
GetFieldLevelEncryptionGet the field-level encryption configuration information.
Request SyntaxGET /2020-05-31/field-level-encryption/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 129)
Request the ID for the field-level encryption configuration information.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryption> <FieldLevelEncryptionConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig> </FieldLevelEncryptionConfig>
API Version 2020-05-31129
Amazon CloudFront API ReferenceResponse Elements
<Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></FieldLevelEncryption>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryption (p. 129)
Root level tag for the FieldLevelEncryption parameters.
Required: YesFieldLevelEncryptionConfig (p. 129)
A complex data type that includes the profile configurations specified for field-level encryption.
Type: FieldLevelEncryptionConfig (p. 339) objectId (p. 129)
The configuration ID for a field-level encryption configuration which includes a set of profiles thatspecify certain selected data fields to be encrypted by specific public keys.
Type: StringLastModifiedTime (p. 129)
The last time the field-level encryption configuration was changed.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go
API Version 2020-05-31130
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31131
Amazon CloudFront API ReferenceGetFieldLevelEncryptionConfig
GetFieldLevelEncryptionConfigGet the field-level encryption configuration information.
Request SyntaxGET /2020-05-31/field-level-encryption/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 132)
Request the ID for the field-level encryption configuration information.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig></FieldLevelEncryptionConfig>
API Version 2020-05-31132
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryptionConfig (p. 132)
Root level tag for the FieldLevelEncryptionConfig parameters.
Required: YesCallerReference (p. 132)
A unique number that ensures the request can't be replayed.
Type: StringComment (p. 132)
An optional comment about the configuration.
Type: StringContentTypeProfileConfig (p. 132)
A complex data type that specifies when to forward content if a content type isn't recognized andprofiles to use as by default in a request if a query argument doesn't specify a profile to use.
Type: ContentTypeProfileConfig (p. 304) objectQueryArgProfileConfig (p. 132)
A complex data type that specifies when to forward content if a profile isn't found and the profilethat can be provided as a query argument in a request.
Type: QueryArgProfileConfig (p. 392) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET
API Version 2020-05-31133
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31134
Amazon CloudFront API ReferenceGetFieldLevelEncryptionProfile
GetFieldLevelEncryptionProfileGet the field-level encryption profile information.
Request SyntaxGET /2020-05-31/field-level-encryption-profile/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 135)
Get the ID for the field-level encryption profile information.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfile> <FieldLevelEncryptionProfileConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Name>string</Name> </FieldLevelEncryptionProfileConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></FieldLevelEncryptionProfile>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
API Version 2020-05-31135
Amazon CloudFront API ReferenceErrors
The following data is returned in XML format by the service.
FieldLevelEncryptionProfile (p. 135)
Root level tag for the FieldLevelEncryptionProfile parameters.
Required: YesFieldLevelEncryptionProfileConfig (p. 135)
A complex data type that includes the profile name and the encryption entities for the field-levelencryption profile.
Type: FieldLevelEncryptionProfileConfig (p. 342) objectId (p. 135)
The ID for a field-level encryption profile configuration which includes a set of profiles that specifycertain selected data fields to be encrypted by specific public keys.
Type: StringLastModifiedTime (p. 135)
The last time the field-level encryption profile was updated.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchFieldLevelEncryptionProfile
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31136
Amazon CloudFront API ReferenceSee Also
API Version 2020-05-31137
Amazon CloudFront API ReferenceGetFieldLevelEncryptionProfileConfig
GetFieldLevelEncryptionProfileConfigGet the field-level encryption profile configuration information.
Request SyntaxGET /2020-05-31/field-level-encryption-profile/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 138)
Get the ID for the field-level encryption profile configuration information.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfileConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Name>string</Name></FieldLevelEncryptionProfileConfig>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryptionProfileConfig (p. 138)
Root level tag for the FieldLevelEncryptionProfileConfig parameters.
API Version 2020-05-31138
Amazon CloudFront API ReferenceErrors
Required: YesCallerReference (p. 138)
A unique number that ensures that the request can't be replayed.
Type: StringComment (p. 138)
An optional comment for the field-level encryption profile.
Type: StringEncryptionEntities (p. 138)
A complex data type of encryption entities for the field-level encryption profile that include thepublic key ID, provider, and field patterns for specifying which fields to encrypt with this key.
Type: EncryptionEntities (p. 335) objectName (p. 138)
Profile name for the field-level encryption profile.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchFieldLevelEncryptionProfile
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31139
Amazon CloudFront API ReferenceGetInvalidation
GetInvalidationGet the information about an invalidation.
Request SyntaxGET /2020-05-31/distribution/DistributionId/invalidation/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
DistributionId (p. 140)
The distribution's ID.
Required: YesId (p. 140)
The identifier for the invalidation request, for example, IDFDVBD632BHDS5.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><Invalidation> <CreateTime>timestamp</CreateTime> <Id>string</Id> <InvalidationBatch> <CallerReference>string</CallerReference> <Paths> <Items> <Path>string</Path> </Items> <Quantity>integer</Quantity> </Paths> </InvalidationBatch> <Status>string</Status></Invalidation>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
Invalidation (p. 140)
Root level tag for the Invalidation parameters.
API Version 2020-05-31140
Amazon CloudFront API ReferenceErrors
Required: YesCreateTime (p. 140)
The date and time the invalidation request was first made.
Type: TimestampId (p. 140)
The identifier for the invalidation request. For example: IDFDVBD632BHDS5.
Type: StringInvalidationBatch (p. 140)
The current invalidation information for the batch request.
Type: InvalidationBatch (p. 354) objectStatus (p. 140)
The status of the invalidation request. When the invalidation batch is finished, the status isCompleted.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404NoSuchInvalidation
The specified invalidation does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3
API Version 2020-05-31141
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31142
Amazon CloudFront API ReferenceGetMonitoringSubscription
GetMonitoringSubscriptionGets information about whether additional CloudWatch metrics are enabled for the specified CloudFrontdistribution.
Request SyntaxGET /2020-05-31/distributions/DistributionId/monitoring-subscription HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
DistributionId (p. 143)
The ID of the distribution that you are getting metrics information for.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><MonitoringSubscription> <RealtimeMetricsSubscriptionConfig> <RealtimeMetricsSubscriptionStatus>string</RealtimeMetricsSubscriptionStatus> </RealtimeMetricsSubscriptionConfig></MonitoringSubscription>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
MonitoringSubscription (p. 143)
Root level tag for the MonitoringSubscription parameters.
Required: YesRealtimeMetricsSubscriptionConfig (p. 143)
A subscription configuration for additional CloudWatch metrics.
Type: RealtimeMetricsSubscriptionConfig (p. 399) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
API Version 2020-05-31143
Amazon CloudFront API ReferenceSee Also
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31144
Amazon CloudFront API ReferenceGetOriginRequestPolicy
GetOriginRequestPolicyGets an origin request policy, including the following metadata:
• The policy’s identifier.• The date and time when the policy was last modified.
To get an origin request policy, you must provide the policy’s identifier. If the origin requestpolicy is attached to a distribution’s cache behavior, you can get the policy’s identifier usingListDistributions or GetDistribution. If the origin request policy is not attached to a cachebehavior, you can get the identifier using ListOriginRequestPolicies.
Request SyntaxGET /2020-05-31/origin-request-policy/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 145)
The unique identifier for the origin request policy. If the origin request policy is attached to adistribution’s cache behavior, you can get the policy’s identifier using ListDistributions orGetDistribution. If the origin request policy is not attached to a cache behavior, you can get theidentifier using ListOriginRequestPolicies.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicy> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <OriginRequestPolicyConfig> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers>
API Version 2020-05-31145
Amazon CloudFront API ReferenceResponse Elements
<Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </OriginRequestPolicyConfig></OriginRequestPolicy>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
OriginRequestPolicy (p. 145)
Root level tag for the OriginRequestPolicy parameters.
Required: YesId (p. 145)
The unique identifier for the origin request policy.
Type: StringLastModifiedTime (p. 145)
The date and time when the origin request policy was last modified.
Type: TimestampOriginRequestPolicyConfig (p. 145)
The origin request policy configuration.
Type: OriginRequestPolicyConfig (p. 375) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchOriginRequestPolicy
The origin request policy does not exist.
API Version 2020-05-31146
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31147
Amazon CloudFront API ReferenceGetOriginRequestPolicyConfig
GetOriginRequestPolicyConfigGets an origin request policy configuration.
To get an origin request policy configuration, you must provide the policy’s identifier. If the originrequest policy is attached to a distribution’s cache behavior, you can get the policy’s identifier usingListDistributions or GetDistribution. If the origin request policy is not attached to a cachebehavior, you can get the identifier using ListOriginRequestPolicies.
Request SyntaxGET /2020-05-31/origin-request-policy/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 148)
The unique identifier for the origin request policy. If the origin request policy is attached to adistribution’s cache behavior, you can get the policy’s identifier using ListDistributions orGetDistribution. If the origin request policy is not attached to a cache behavior, you can get theidentifier using ListOriginRequestPolicies.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicyConfig> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name>
API Version 2020-05-31148
Amazon CloudFront API ReferenceResponse Elements
<QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig></OriginRequestPolicyConfig>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
OriginRequestPolicyConfig (p. 148)
Root level tag for the OriginRequestPolicyConfig parameters.
Required: YesComment (p. 148)
A comment to describe the origin request policy.
Type: StringCookiesConfig (p. 148)
The cookies from viewer requests to include in origin requests.
Type: OriginRequestPolicyCookiesConfig (p. 377) objectHeadersConfig (p. 148)
The HTTP headers to include in origin requests. These can include headers from viewer requests andadditional headers added by CloudFront.
Type: OriginRequestPolicyHeadersConfig (p. 378) objectName (p. 148)
A unique name to identify the origin request policy.
Type: StringQueryStringsConfig (p. 148)
The URL query strings from viewer requests to include in origin requests.
Type: OriginRequestPolicyQueryStringsConfig (p. 380) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403
API Version 2020-05-31149
Amazon CloudFront API ReferenceSee Also
NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31150
Amazon CloudFront API ReferenceGetPublicKey
GetPublicKeyGet the public key information.
Request SyntaxGET /2020-05-31/public-key/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 151)
Request the ID for the public key.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><PublicKey> <CreatedTime>timestamp</CreatedTime> <Id>string</Id> <PublicKeyConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncodedKey>string</EncodedKey> <Name>string</Name> </PublicKeyConfig></PublicKey>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
PublicKey (p. 151)
Root level tag for the PublicKey parameters.
Required: YesCreatedTime (p. 151)
A time you added a public key to CloudFront.
Type: Timestamp
API Version 2020-05-31151
Amazon CloudFront API ReferenceErrors
Id (p. 151)
A unique ID assigned to a public key you've added to CloudFront.
Type: StringPublicKeyConfig (p. 151)
A complex data type for a public key you add to CloudFront to use with features like field-levelencryption.
Type: PublicKeyConfig (p. 388) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchPublicKey
The specified public key doesn't exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31152
Amazon CloudFront API ReferenceGetPublicKeyConfig
GetPublicKeyConfigReturn public key configuration informaation
Request SyntaxGET /2020-05-31/public-key/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 153)
Request the ID for the public key configuration.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><PublicKeyConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncodedKey>string</EncodedKey> <Name>string</Name></PublicKeyConfig>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
PublicKeyConfig (p. 153)
Root level tag for the PublicKeyConfig parameters.
Required: YesCallerReference (p. 153)
A unique number that ensures that the request can't be replayed.
Type: StringComment (p. 153)
An optional comment about a public key.
API Version 2020-05-31153
Amazon CloudFront API ReferenceErrors
Type: StringEncodedKey (p. 153)
The encoded public key that you want to add to CloudFront to use with features like field-levelencryption.
Type: StringName (p. 153)
The name for a public key you add to CloudFront to use with features like field-level encryption.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchPublicKey
The specified public key doesn't exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31154
Amazon CloudFront API ReferenceGetRealtimeLogConfig
GetRealtimeLogConfigGets a real-time log configuration.
To get a real-time log configuration, you can provide the configuration’s name or its Amazon ResourceName (ARN). You must provide at least one. If you provide both, CloudFront uses the name to identifythe real-time log configuration to get.
Request SyntaxPOST /2020-05-31/get-realtime-log-config/ HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><GetRealtimeLogConfigRequest xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <ARN>string</ARN> <Name>string</Name></GetRealtimeLogConfigRequest>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
GetRealtimeLogConfigRequest (p. 155)
Root level tag for the GetRealtimeLogConfigRequest parameters.
Required: YesARN (p. 155)
The Amazon Resource Name (ARN) of the real-time log configuration to get.
Type: String
Required: NoName (p. 155)
The name of the real-time log configuration to get.
Type: String
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><GetRealtimeLogConfigResult> <RealtimeLogConfig> <ARN>string</ARN> <EndPoints> <EndPoint>
API Version 2020-05-31155
Amazon CloudFront API ReferenceResponse Elements
<KinesisStreamConfig> <RoleARN>string</RoleARN> <StreamARN>string</StreamARN> </KinesisStreamConfig> <StreamType>string</StreamType> </EndPoint> </EndPoints> <Fields> <Field>string</Field> </Fields> <Name>string</Name> <SamplingRate>long</SamplingRate> </RealtimeLogConfig></GetRealtimeLogConfigResult>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
GetRealtimeLogConfigResult (p. 155)
Root level tag for the GetRealtimeLogConfigResult parameters.
Required: YesRealtimeLogConfig (p. 155)
A real-time log configuration.
Type: RealtimeLogConfig (p. 396) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchRealtimeLogConfig
The real-time log configuration does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java
API Version 2020-05-31156
Amazon CloudFront API ReferenceSee Also
• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31157
Amazon CloudFront API ReferenceGetStreamingDistribution
GetStreamingDistributionGets information about a specified RTMP distribution, including the distribution configuration.
Request SyntaxGET /2020-05-31/streaming-distribution/Id HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 158)
The streaming distribution's ID.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><StreamingDistribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <ARN>string</ARN> <DomainName>string</DomainName> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status> <StreamingDistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment>
API Version 2020-05-31158
Amazon CloudFront API ReferenceResponse Elements
<Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> </StreamingDistributionConfig></StreamingDistribution>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
StreamingDistribution (p. 158)
Root level tag for the StreamingDistribution parameters.
Required: YesActiveTrustedSigners (p. 158)
A complex type that lists the AWS accounts, if any, that you included in the TrustedSignerscomplex type for this distribution. These are the accounts that you want to allow to create signedURLs for private content.
The Signer complex type lists the AWS account number of the trusted signer or self if the signeris the AWS account that created the distribution. The Signer element also includes the IDs ofany active CloudFront key pairs that are associated with the trusted signer's AWS account. If noKeyPairId element appears for a Signer, that signer can't create signed URLs.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
Type: ActiveTrustedSigners (p. 278) objectARN (p. 158)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDomainName (p. 158)
The domain name that corresponds to the streaming distribution, for example,s5c39gqb8ow64r.cloudfront.net.
Type: String
API Version 2020-05-31159
Amazon CloudFront API ReferenceErrors
Id (p. 158)
The identifier for the RTMP distribution. For example: EGTXBD79EXAMPLE.
Type: StringLastModifiedTime (p. 158)
The date and time that the distribution was last modified.
Type: TimestampStatus (p. 158)
The current status of the RTMP distribution. When the status is Deployed, the distribution'sinformation is propagated to all CloudFront edge locations.
Type: StringStreamingDistributionConfig (p. 158)
The current configuration information for the RTMP distribution.
Type: StreamingDistributionConfig (p. 407) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchStreamingDistribution
The specified streaming distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31160
Amazon CloudFront API ReferenceGetStreamingDistributionConfig
GetStreamingDistributionConfigGet the configuration information about a streaming distribution.
Request Syntax
GET /2020-05-31/streaming-distribution/Id/config HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Id (p. 161)
The streaming distribution's ID.
Required: Yes
Request BodyThe request does not have a request body.
Response Syntax
HTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><StreamingDistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners></StreamingDistributionConfig>
API Version 2020-05-31161
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
StreamingDistributionConfig (p. 161)
Root level tag for the StreamingDistributionConfig parameters.
Required: YesAliases (p. 161)
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisstreaming distribution.
Type: Aliases (p. 279) objectCallerReference (p. 161)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theStreamingDistributionConfig object), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: StringComment (p. 161)
Any comments you want to include about the streaming distribution.
Type: StringEnabled (p. 161)
Whether the streaming distribution is enabled to accept user requests for content.
Type: BooleanLogging (p. 161)
A complex type that controls whether access logs are written for the streaming distribution.
Type: StreamingLoggingConfig (p. 414) objectPriceClass (p. 161)
A complex type that contains information about price class for this streaming distribution.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_AllS3Origin (p. 161)
A complex type that contains information about the Amazon S3 bucket from which you wantCloudFront to get your media files for distribution.
Type: S3Origin (p. 401) objectTrustedSigners (p. 161)
A complex type that specifies any AWS accounts that you want to permit to create signed URLs forprivate content. If you want the distribution to use signed URLs, include this element; if you want
API Version 2020-05-31162
Amazon CloudFront API ReferenceErrors
the distribution to use public URLs, remove this element. For more information, see Serving PrivateContent through CloudFront in the Amazon CloudFront Developer Guide.
Type: TrustedSigners (p. 418) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403NoSuchStreamingDistribution
The specified streaming distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31163
Amazon CloudFront API ReferenceListCachePolicies
ListCachePoliciesGets a list of cache policies.
You can optionally apply a filter to return only the managed policies created by AWS, or only the custompolicies created in your AWS account.
You can optionally specify the maximum number of items to receive in the response. If the total numberof items in the list exceeds the maximum that you specify, or the default maximum, the response ispaginated. To get the next page of items, send a subsequent request that specifies the NextMarkervalue from the current response as the Marker value in the subsequent request.
Request SyntaxGET /2020-05-31/cache-policy?Marker=Marker&MaxItems=MaxItems&Type=Type HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 164)
Use this field when paginating results to indicate where to begin in your list of cache policies. Theresponse includes cache policies in the list that occur after the marker. To get the next page of thelist, set this field’s value to the value of NextMarker from the current page’s response.
MaxItems (p. 164)
The maximum number of cache policies that you want in the response.Type (p. 164)
A filter to return only the specified kinds of cache policies. Valid values are:• managed – Returns only the managed policies created by AWS.• custom – Returns only the custom policies created in your AWS account.
Valid Values: managed | custom
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CachePolicyList> <Items> <CachePolicySummary> <CachePolicy> <CachePolicyConfig> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name>
API Version 2020-05-31164
Amazon CloudFront API ReferenceResponse Elements
<ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin> </CachePolicyConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> </CachePolicy> <Type>string</Type> </CachePolicySummary> </Items> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></CachePolicyList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CachePolicyList (p. 164)
Root level tag for the CachePolicyList parameters.
Required: YesItems (p. 164)
Contains the cache policies in the list.
Type: Array of CachePolicySummary (p. 297) objectsMaxItems (p. 164)
The maximum number of cache policies requested.
API Version 2020-05-31165
Amazon CloudFront API ReferenceErrors
Type: IntegerNextMarker (p. 164)
If there are more items in the list than are in this response, this element is present. It contains thevalue that you should use in the Marker field of a subsequent request to continue listing cachepolicies where you left off.
Type: StringQuantity (p. 164)
The total number of cache policies returned in the response.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31166
Amazon CloudFront API ReferenceListCloudFrontOriginAccessIdentities
ListCloudFrontOriginAccessIdentitiesLists origin access identities.
Request SyntaxGET /2020-05-31/origin-access-identity/cloudfront?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 167)
Use this when paginating results to indicate where to begin in your list of origin access identities.The results include identities in the list that occur after the marker. To get the next page of results,set the Marker to the value of the NextMarker from the current page's response (which is also theID of the last identity on that page).
MaxItems (p. 167)
The maximum number of origin access identities you want in the response body.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentityList> <IsTruncated>boolean</IsTruncated> <Items> <CloudFrontOriginAccessIdentitySummary> <Comment>string</Comment> <Id>string</Id> <S3CanonicalUserId>string</S3CanonicalUserId> </CloudFrontOriginAccessIdentitySummary> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></CloudFrontOriginAccessIdentityList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CloudFrontOriginAccessIdentityList (p. 167)
Root level tag for the CloudFrontOriginAccessIdentityList parameters.
API Version 2020-05-31167
Amazon CloudFront API ReferenceErrors
Required: YesIsTruncated (p. 167)
A flag that indicates whether more origin access identities remain to be listed. If your results weretruncated, you can make a follow-up pagination request using the Marker request parameter toretrieve more items in the list.
Type: BooleanItems (p. 167)
A complex type that contains one CloudFrontOriginAccessIdentitySummary element for eachorigin access identity that was created by the current AWS account.
Type: Array of CloudFrontOriginAccessIdentitySummary (p. 302) objectsMarker (p. 167)
Use this when paginating results to indicate where to begin in your list of origin access identities.The results include identities in the list that occur after the marker. To get the next page of results,set the Marker to the value of the NextMarker from the current page's response (which is also theID of the last identity on that page).
Type: StringMaxItems (p. 167)
The maximum number of origin access identities you want in the response body.
Type: IntegerNextMarker (p. 167)
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your origin access identities where they left off.
Type: StringQuantity (p. 167)
The number of CloudFront origin access identities that were created by the current AWS account.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET
API Version 2020-05-31168
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31169
Amazon CloudFront API ReferenceListDistributions
ListDistributionsList CloudFront distributions.
Request SyntaxGET /2020-05-31/distribution?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 170)
Use this when paginating results to indicate where to begin in your list of distributions. The resultsinclude distributions in the list that occur after the marker. To get the next page of results, set theMarker to the value of the NextMarker from the current page's response (which is also the ID ofthe last distribution on that page).
MaxItems (p. 170)
The maximum number of distributions you want in the response body.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><DistributionList> <IsTruncated>boolean</IsTruncated> <Items> <DistributionSummary> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus> </AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items>
API Version 2020-05-31170
Amazon CloudFront API ReferenceResponse Syntax
<Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <Comment>string</Comment> <CustomErrorResponses>
API Version 2020-05-31171
Amazon CloudFront API ReferenceResponse Syntax
<Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming>
API Version 2020-05-31172
Amazon CloudFront API ReferenceResponse Syntax
<TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DomainName>string</DomainName> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <Id>string</Id> <IsIPV6Enabled>boolean</IsIPV6Enabled> <LastModifiedTime>timestamp</LastModifiedTime> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols>
API Version 2020-05-31173
Amazon CloudFront API ReferenceResponse Elements
</CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <Status>string</Status> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionSummary> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></DistributionList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
DistributionList (p. 170)
Root level tag for the DistributionList parameters.
Required: YesIsTruncated (p. 170)
A flag that indicates whether more distributions remain to be listed. If your results were truncated,you can make a follow-up pagination request using the Marker request parameter to retrieve moredistributions in the list.
Type: BooleanItems (p. 170)
A complex type that contains one DistributionSummary element for each distribution that wascreated by the current AWS account.
API Version 2020-05-31174
Amazon CloudFront API ReferenceErrors
Type: Array of DistributionSummary (p. 331) objectsMarker (p. 170)
The value you provided for the Marker request parameter.
Type: StringMaxItems (p. 170)
The value you provided for the MaxItems request parameter.
Type: IntegerNextMarker (p. 170)
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your distributions where they left off.
Type: StringQuantity (p. 170)
The number of distributions that were created by the current AWS account.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31175
Amazon CloudFront API ReferenceListDistributionsByCachePolicyId
ListDistributionsByCachePolicyIdGets a list of distribution IDs for distributions that have a cache behavior that’s associated with thespecified cache policy.
You can optionally specify the maximum number of items to receive in the response. If the total numberof items in the list exceeds the maximum that you specify, or the default maximum, the response ispaginated. To get the next page of items, send a subsequent request that specifies the NextMarkervalue from the current response as the Marker value in the subsequent request.
Request Syntax
GET /2020-05-31/distributionsByCachePolicyId/CachePolicyId?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
CachePolicyId (p. 176)
The ID of the cache policy whose associated distribution IDs you want to list.
Required: Yes
Marker (p. 176)
Use this field when paginating results to indicate where to begin in your list of distribution IDs. Theresponse includes distribution IDs in the list that occur after the marker. To get the next page of thelist, set this field’s value to the value of NextMarker from the current page’s response.
MaxItems (p. 176)
The maximum number of distribution IDs that you want in the response.
Request BodyThe request does not have a request body.
Response Syntax
HTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><DistributionIdList> <IsTruncated>boolean</IsTruncated> <Items> <DistributionId>string</DistributionId> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></DistributionIdList>
API Version 2020-05-31176
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
DistributionIdList (p. 176)
Root level tag for the DistributionIdList parameters.
Required: YesIsTruncated (p. 176)
A flag that indicates whether more distribution IDs remain to be listed. If your results weretruncated, you can make a subsequent request using the Marker request field to retrieve moredistribution IDs in the list.
Type: BooleanItems (p. 176)
Contains the distribution IDs in the list.
Type: Array of stringsMarker (p. 176)
The value provided in the Marker request field.
Type: StringMaxItems (p. 176)
The maximum number of distribution IDs requested.
Type: IntegerNextMarker (p. 176)
Contains the value that you should use in the Marker field of a subsequent request to continuelisting distribution IDs where you left off.
Type: StringQuantity (p. 176)
The total number of distribution IDs returned in the response.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidArgument
An argument is invalid.
API Version 2020-05-31177
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31178
Amazon CloudFront API ReferenceListDistributionsByOriginRequestPolicyId
ListDistributionsByOriginRequestPolicyIdGets a list of distribution IDs for distributions that have a cache behavior that’s associated with thespecified origin request policy.
You can optionally specify the maximum number of items to receive in the response. If the total numberof items in the list exceeds the maximum that you specify, or the default maximum, the response ispaginated. To get the next page of items, send a subsequent request that specifies the NextMarkervalue from the current response as the Marker value in the subsequent request.
Request Syntax
GET /2020-05-31/distributionsByOriginRequestPolicyId/OriginRequestPolicyId?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 179)
Use this field when paginating results to indicate where to begin in your list of distribution IDs. Theresponse includes distribution IDs in the list that occur after the marker. To get the next page of thelist, set this field’s value to the value of NextMarker from the current page’s response.
MaxItems (p. 179)
The maximum number of distribution IDs that you want in the response.
OriginRequestPolicyId (p. 179)
The ID of the origin request policy whose associated distribution IDs you want to list.
Required: Yes
Request BodyThe request does not have a request body.
Response Syntax
HTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><DistributionIdList> <IsTruncated>boolean</IsTruncated> <Items> <DistributionId>string</DistributionId> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></DistributionIdList>
API Version 2020-05-31179
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
DistributionIdList (p. 179)
Root level tag for the DistributionIdList parameters.
Required: YesIsTruncated (p. 179)
A flag that indicates whether more distribution IDs remain to be listed. If your results weretruncated, you can make a subsequent request using the Marker request field to retrieve moredistribution IDs in the list.
Type: BooleanItems (p. 179)
Contains the distribution IDs in the list.
Type: Array of stringsMarker (p. 179)
The value provided in the Marker request field.
Type: StringMaxItems (p. 179)
The maximum number of distribution IDs requested.
Type: IntegerNextMarker (p. 179)
Contains the value that you should use in the Marker field of a subsequent request to continuelisting distribution IDs where you left off.
Type: StringQuantity (p. 179)
The total number of distribution IDs returned in the response.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidArgument
An argument is invalid.
API Version 2020-05-31180
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31181
Amazon CloudFront API ReferenceListDistributionsByRealtimeLogConfig
ListDistributionsByRealtimeLogConfigGets a list of distributions that have a cache behavior that’s associated with the specified real-time logconfiguration.
You can specify the real-time log configuration by its name or its Amazon Resource Name (ARN). Youmust provide at least one. If you provide both, CloudFront uses the name to identify the real-time logconfiguration to list distributions for.
You can optionally specify the maximum number of items to receive in the response. If the total numberof items in the list exceeds the maximum that you specify, or the default maximum, the response ispaginated. To get the next page of items, send a subsequent request that specifies the NextMarkervalue from the current response as the Marker value in the subsequent request.
Request SyntaxPOST /2020-05-31/distributionsByRealtimeLogConfig/ HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><ListDistributionsByRealtimeLogConfigRequest xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Marker>string</Marker> <MaxItems>string</MaxItems> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <RealtimeLogConfigName>string</RealtimeLogConfigName></ListDistributionsByRealtimeLogConfigRequest>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
ListDistributionsByRealtimeLogConfigRequest (p. 182)
Root level tag for the ListDistributionsByRealtimeLogConfigRequest parameters.
Required: YesMarker (p. 182)
Use this field when paginating results to indicate where to begin in your list of distributions. Theresponse includes distributions in the list that occur after the marker. To get the next page of the list,set this field’s value to the value of NextMarker from the current page’s response.
Type: String
Required: NoMaxItems (p. 182)
The maximum number of distributions that you want in the response.
Type: String
Required: No
API Version 2020-05-31182
Amazon CloudFront API ReferenceResponse Syntax
RealtimeLogConfigArn (p. 182)
The Amazon Resource Name (ARN) of the real-time log configuration whose associated distributionsyou want to list.
Type: String
Required: NoRealtimeLogConfigName (p. 182)
The name of the real-time log configuration whose associated distributions you want to list.
Type: String
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><DistributionList> <IsTruncated>boolean</IsTruncated> <Items> <DistributionSummary> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus> </AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name>
API Version 2020-05-31183
Amazon CloudFront API ReferenceResponse Syntax
</Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity>
API Version 2020-05-31184
Amazon CloudFront API ReferenceResponse Syntax
</CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DomainName>string</DomainName> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <Id>string</Id> <IsIPV6Enabled>boolean</IsIPV6Enabled> <LastModifiedTime>timestamp</LastModifiedTime> <OriginGroups>
API Version 2020-05-31185
Amazon CloudFront API ReferenceResponse Syntax
<Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items>
API Version 2020-05-31186
Amazon CloudFront API ReferenceResponse Elements
<Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <Status>string</Status> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionSummary> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></DistributionList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
DistributionList (p. 183)
Root level tag for the DistributionList parameters.
Required: YesIsTruncated (p. 183)
A flag that indicates whether more distributions remain to be listed. If your results were truncated,you can make a follow-up pagination request using the Marker request parameter to retrieve moredistributions in the list.
Type: BooleanItems (p. 183)
A complex type that contains one DistributionSummary element for each distribution that wascreated by the current AWS account.
Type: Array of DistributionSummary (p. 331) objectsMarker (p. 183)
The value you provided for the Marker request parameter.
Type: StringMaxItems (p. 183)
The value you provided for the MaxItems request parameter.
Type: IntegerNextMarker (p. 183)
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your distributions where they left off.
API Version 2020-05-31187
Amazon CloudFront API ReferenceErrors
Type: StringQuantity (p. 183)
The number of distributions that were created by the current AWS account.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31188
Amazon CloudFront API ReferenceListDistributionsByWebACLId
ListDistributionsByWebACLIdList the distributions that are associated with a specified AWS WAF web ACL.
Request SyntaxGET /2020-05-31/distributionsByWebACLId/WebACLId?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 189)
Use Marker and MaxItems to control pagination of results. If you have more than MaxItemsdistributions that satisfy the request, the response includes a NextMarker element. To get the nextpage of results, submit another request. For the value of Marker, specify the value of NextMarkerfrom the last response. (For the first request, omit Marker.)
MaxItems (p. 189)
The maximum number of distributions that you want CloudFront to return in the response body. Themaximum and default values are both 100.
WebACLId (p. 189)
The ID of the AWS WAF web ACL that you want to list the associated distributions. If you specify"null" for the ID, the request returns a list of the distributions that aren't associated with a web ACL.
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><DistributionList> <IsTruncated>boolean</IsTruncated> <Items> <DistributionSummary> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus> </AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <CacheBehaviors>
API Version 2020-05-31189
Amazon CloudFront API ReferenceResponse Syntax
<Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners>
API Version 2020-05-31190
Amazon CloudFront API ReferenceResponse Syntax
<ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items>
API Version 2020-05-31191
Amazon CloudFront API ReferenceResponse Syntax
<Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DomainName>string</DomainName> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <Id>string</Id> <IsIPV6Enabled>boolean</IsIPV6Enabled> <LastModifiedTime>timestamp</LastModifiedTime> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy>
API Version 2020-05-31192
Amazon CloudFront API ReferenceResponse Elements
<OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <Status>string</Status> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionSummary> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></DistributionList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
DistributionList (p. 189)
Root level tag for the DistributionList parameters.
Required: YesIsTruncated (p. 189)
A flag that indicates whether more distributions remain to be listed. If your results were truncated,you can make a follow-up pagination request using the Marker request parameter to retrieve moredistributions in the list.
API Version 2020-05-31193
Amazon CloudFront API ReferenceErrors
Type: BooleanItems (p. 189)
A complex type that contains one DistributionSummary element for each distribution that wascreated by the current AWS account.
Type: Array of DistributionSummary (p. 331) objectsMarker (p. 189)
The value you provided for the Marker request parameter.
Type: StringMaxItems (p. 189)
The value you provided for the MaxItems request parameter.
Type: IntegerNextMarker (p. 189)
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your distributions where they left off.
Type: StringQuantity (p. 189)
The number of distributions that were created by the current AWS account.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidWebACLId
A web ACL ID specified is not valid. To specify a web ACL created using the latest version of AWSWAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specifya web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++
API Version 2020-05-31194
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31195
Amazon CloudFront API ReferenceListFieldLevelEncryptionConfigs
ListFieldLevelEncryptionConfigsList all field-level encryption configurations that have been created in CloudFront for this account.
Request SyntaxGET /2020-05-31/field-level-encryption?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 196)
Use this when paginating results to indicate where to begin in your list of configurations. The resultsinclude configurations in the list that occur after the marker. To get the next page of results, set theMarker to the value of the NextMarker from the current page's response (which is also the ID ofthe last configuration on that page).
MaxItems (p. 196)
The maximum number of field-level encryption configurations you want in the response body.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionList> <Items> <FieldLevelEncryptionSummary> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile>
API Version 2020-05-31196
Amazon CloudFront API ReferenceResponse Elements
<ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig> </FieldLevelEncryptionSummary> </Items> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></FieldLevelEncryptionList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryptionList (p. 196)
Root level tag for the FieldLevelEncryptionList parameters.
Required: Yes
Items (p. 196)
An array of field-level encryption items.
Type: Array of FieldLevelEncryptionSummary (p. 345) objects
MaxItems (p. 196)
The maximum number of elements you want in the response body.
Type: Integer
NextMarker (p. 196)
If there are more elements to be listed, this element is present and contains the value that you canuse for the Marker request parameter to continue listing your configurations where you left off.
Type: String
Quantity (p. 196)
The number of field-level encryption items.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
API Version 2020-05-31197
Amazon CloudFront API ReferenceSee Also
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31198
Amazon CloudFront API ReferenceListFieldLevelEncryptionProfiles
ListFieldLevelEncryptionProfilesRequest a list of field-level encryption profiles that have been created in CloudFront for this account.
Request SyntaxGET /2020-05-31/field-level-encryption-profile?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 199)
Use this when paginating results to indicate where to begin in your list of profiles. The resultsinclude profiles in the list that occur after the marker. To get the next page of results, set theMarker to the value of the NextMarker from the current page's response (which is also the ID ofthe last profile on that page).
MaxItems (p. 199)
The maximum number of field-level encryption profiles you want in the response body.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfileList> <Items> <FieldLevelEncryptionProfileSummary> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <Name>string</Name> </FieldLevelEncryptionProfileSummary> </Items> <MaxItems>integer</MaxItems>
API Version 2020-05-31199
Amazon CloudFront API ReferenceResponse Elements
<NextMarker>string</NextMarker> <Quantity>integer</Quantity></FieldLevelEncryptionProfileList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryptionProfileList (p. 199)
Root level tag for the FieldLevelEncryptionProfileList parameters.
Required: YesItems (p. 199)
The field-level encryption profile items.
Type: Array of FieldLevelEncryptionProfileSummary (p. 344) objectsMaxItems (p. 199)
The maximum number of field-level encryption profiles you want in the response body.
Type: IntegerNextMarker (p. 199)
If there are more elements to be listed, this element is present and contains the value that you canuse for the Marker request parameter to continue listing your profiles where you left off.
Type: StringQuantity (p. 199)
The number of field-level encryption profiles.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go
API Version 2020-05-31200
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31201
Amazon CloudFront API ReferenceListInvalidations
ListInvalidationsLists invalidation batches.
Request SyntaxGET /2020-05-31/distribution/DistributionId/invalidation?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
DistributionId (p. 202)
The distribution's ID.
Required: YesMarker (p. 202)
Use this parameter when paginating results to indicate where to begin in your list of invalidationbatches. Because the results are returned in decreasing order from most recent to oldest, the mostrecent results are on the first page, the second page will contain earlier results, and so on. To get thenext page of results, set Marker to the value of the NextMarker from the current page's response.This value is the same as the ID of the last invalidation batch on that page.
MaxItems (p. 202)
The maximum number of invalidation batches that you want in the response body.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><InvalidationList> <IsTruncated>boolean</IsTruncated> <Items> <InvalidationSummary> <CreateTime>timestamp</CreateTime> <Id>string</Id> <Status>string</Status> </InvalidationSummary> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></InvalidationList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
API Version 2020-05-31202
Amazon CloudFront API ReferenceErrors
The following data is returned in XML format by the service.
InvalidationList (p. 202)
Root level tag for the InvalidationList parameters.
Required: Yes
IsTruncated (p. 202)
A flag that indicates whether more invalidation batch requests remain to be listed. If your resultswere truncated, you can make a follow-up pagination request using the Marker request parameterto retrieve more invalidation batches in the list.
Type: Boolean
Items (p. 202)
A complex type that contains one InvalidationSummary element for each invalidation batchcreated by the current AWS account.
Type: Array of InvalidationSummary (p. 357) objects
Marker (p. 202)
The value that you provided for the Marker request parameter.
Type: String
MaxItems (p. 202)
The value that you provided for the MaxItems request parameter.
Type: Integer
NextMarker (p. 202)
If IsTruncated is true, this element is present and contains the value that you can use for theMarker request parameter to continue listing your invalidation batches where they left off.
Type: String
Quantity (p. 202)
The number of invalidation batches that were created by the current AWS account.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
API Version 2020-05-31203
Amazon CloudFront API ReferenceSee Also
NoSuchDistribution
The specified distribution does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31204
Amazon CloudFront API ReferenceListOriginRequestPolicies
ListOriginRequestPoliciesGets a list of origin request policies.
You can optionally apply a filter to return only the managed policies created by AWS, or only the custompolicies created in your AWS account.
You can optionally specify the maximum number of items to receive in the response. If the total numberof items in the list exceeds the maximum that you specify, or the default maximum, the response ispaginated. To get the next page of items, send a subsequent request that specifies the NextMarkervalue from the current response as the Marker value in the subsequent request.
Request SyntaxGET /2020-05-31/origin-request-policy?Marker=Marker&MaxItems=MaxItems&Type=Type HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 205)
Use this field when paginating results to indicate where to begin in your list of origin requestpolicies. The response includes origin request policies in the list that occur after the marker. To getthe next page of the list, set this field’s value to the value of NextMarker from the current page’sresponse.
MaxItems (p. 205)
The maximum number of origin request policies that you want in the response.
Type (p. 205)
A filter to return only the specified kinds of origin request policies. Valid values are:
• managed – Returns only the managed policies created by AWS.
• custom – Returns only the custom policies created in your AWS account.
Valid Values: managed | custom
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicyList> <Items> <OriginRequestPolicySummary> <OriginRequestPolicy> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime>
API Version 2020-05-31205
Amazon CloudFront API ReferenceResponse Elements
<OriginRequestPolicyConfig> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </OriginRequestPolicyConfig> </OriginRequestPolicy> <Type>string</Type> </OriginRequestPolicySummary> </Items> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></OriginRequestPolicyList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
OriginRequestPolicyList (p. 205)
Root level tag for the OriginRequestPolicyList parameters.
Required: Yes
Items (p. 205)
Contains the origin request policies in the list.
Type: Array of OriginRequestPolicySummary (p. 381) objects
MaxItems (p. 205)
The maximum number of origin request policies requested.
Type: Integer
API Version 2020-05-31206
Amazon CloudFront API ReferenceErrors
NextMarker (p. 205)
If there are more items in the list than are in this response, this element is present. It contains thevalue that you should use in the Marker field of a subsequent request to continue listing originrequest policies where you left off.
Type: StringQuantity (p. 205)
The total number of origin request policies returned in the response.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31207
Amazon CloudFront API ReferenceListPublicKeys
ListPublicKeysList all public keys that have been added to CloudFront for this account.
Request SyntaxGET /2020-05-31/public-key?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 208)
Use this when paginating results to indicate where to begin in your list of public keys. The resultsinclude public keys in the list that occur after the marker. To get the next page of results, set theMarker to the value of the NextMarker from the current page's response (which is also the ID ofthe last public key on that page).
MaxItems (p. 208)
The maximum number of public keys you want in the response body.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><PublicKeyList> <Items> <PublicKeySummary> <Comment>string</Comment> <CreatedTime>timestamp</CreatedTime> <EncodedKey>string</EncodedKey> <Id>string</Id> <Name>string</Name> </PublicKeySummary> </Items> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></PublicKeyList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
PublicKeyList (p. 208)
Root level tag for the PublicKeyList parameters.
API Version 2020-05-31208
Amazon CloudFront API ReferenceErrors
Required: YesItems (p. 208)
An array of information about a public key you add to CloudFront to use with features like field-levelencryption.
Type: Array of PublicKeySummary (p. 390) objectsMaxItems (p. 208)
The maximum number of public keys you want in the response body.
Type: IntegerNextMarker (p. 208)
If there are more elements to be listed, this element is present and contains the value that you canuse for the Marker request parameter to continue listing your public keys where you left off.
Type: StringQuantity (p. 208)
The number of public keys you added to CloudFront to use with features like field-level encryption.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31209
Amazon CloudFront API ReferenceListRealtimeLogConfigs
ListRealtimeLogConfigsGets a list of real-time log configurations.
You can optionally specify the maximum number of items to receive in the response. If the total numberof items in the list exceeds the maximum that you specify, or the default maximum, the response ispaginated. To get the next page of items, send a subsequent request that specifies the NextMarkervalue from the current response as the Marker value in the subsequent request.
Request SyntaxGET /2020-05-31/realtime-log-config?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 210)
Use this field when paginating results to indicate where to begin in your list of real-time logconfigurations. The response includes real-time log configurations in the list that occur after themarker. To get the next page of the list, set this field’s value to the value of NextMarker from thecurrent page’s response.
MaxItems (p. 210)
The maximum number of real-time log configurations that you want in the response.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><RealtimeLogConfigs> <IsTruncated>boolean</IsTruncated> <Items> <RealtimeLogConfig> <ARN>string</ARN> <EndPoints> <EndPoint> <KinesisStreamConfig> <RoleARN>string</RoleARN> <StreamARN>string</StreamARN> </KinesisStreamConfig> <StreamType>string</StreamType> </EndPoint> </EndPoints> <Fields> <Field>string</Field> </Fields> <Name>string</Name> <SamplingRate>long</SamplingRate> </RealtimeLogConfig>
API Version 2020-05-31210
Amazon CloudFront API ReferenceResponse Elements
</Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker></RealtimeLogConfigs>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
RealtimeLogConfigs (p. 210)
Root level tag for the RealtimeLogConfigs parameters.
Required: YesIsTruncated (p. 210)
A flag that indicates whether there are more real-time log configurations than are contained in thislist.
Type: BooleanItems (p. 210)
Contains the list of real-time log configurations.
Type: Array of RealtimeLogConfig (p. 396) objectsMarker (p. 210)
This parameter indicates where this list of real-time log configurations begins. This list includes real-time log configurations that occur after the marker.
Type: StringMaxItems (p. 210)
The maximum number of real-time log configurations requested.
Type: IntegerNextMarker (p. 210)
If there are more items in the list than are in this response, this element is present. It contains thevalue that you should use in the Marker field of a subsequent request to continue listing real-timelog configurations where you left off.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface
API Version 2020-05-31211
Amazon CloudFront API ReferenceSee Also
• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31212
Amazon CloudFront API ReferenceListStreamingDistributions
ListStreamingDistributionsList streaming distributions.
Request SyntaxGET /2020-05-31/streaming-distribution?Marker=Marker&MaxItems=MaxItems HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Marker (p. 213)
The value that you provided for the Marker request parameter.MaxItems (p. 213)
The value that you provided for the MaxItems request parameter.
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><StreamingDistributionList> <IsTruncated>boolean</IsTruncated> <Items> <StreamingDistributionSummary> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <ARN>string</ARN> <Comment>string</Comment> <DomainName>string</DomainName> <Enabled>boolean</Enabled> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <Status>string</Status> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners>
API Version 2020-05-31213
Amazon CloudFront API ReferenceResponse Elements
</StreamingDistributionSummary> </Items> <Marker>string</Marker> <MaxItems>integer</MaxItems> <NextMarker>string</NextMarker> <Quantity>integer</Quantity></StreamingDistributionList>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
StreamingDistributionList (p. 213)
Root level tag for the StreamingDistributionList parameters.
Required: YesIsTruncated (p. 213)
A flag that indicates whether more streaming distributions remain to be listed. If your results weretruncated, you can make a follow-up pagination request using the Marker request parameter toretrieve more distributions in the list.
Type: BooleanItems (p. 213)
A complex type that contains one StreamingDistributionSummary element for eachdistribution that was created by the current AWS account.
Type: Array of StreamingDistributionSummary (p. 412) objectsMarker (p. 213)
The value you provided for the Marker request parameter.
Type: StringMaxItems (p. 213)
The value you provided for the MaxItems request parameter.
Type: IntegerNextMarker (p. 213)
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your RTMP distributions where they left off.
Type: StringQuantity (p. 213)
The number of streaming distributions that were created by the current AWS account.
Type: Integer
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
API Version 2020-05-31214
Amazon CloudFront API ReferenceSee Also
InvalidArgument
An argument is invalid.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31215
Amazon CloudFront API ReferenceListTagsForResource
ListTagsForResourceList tags for a CloudFront resource.
Request SyntaxGET /2020-05-31/tagging?Resource=Resource HTTP/1.1
URI Request ParametersThe request uses the following URI parameters.
Resource (p. 216)
An ARN of a CloudFront resource.
Pattern: arn:aws(-cn)?:cloudfront::[0-9]+:.*
Required: Yes
Request BodyThe request does not have a request body.
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><Tags> <Items> <Tag> <Key>string</Key> <Value>string</Value> </Tag> </Items></Tags>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
Tags (p. 216)
Root level tag for the Tags parameters.
Required: YesItems (p. 216)
A complex type that contains Tag elements.
Type: Array of Tag (p. 415) objects
API Version 2020-05-31216
Amazon CloudFront API ReferenceErrors
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidTagging
The tagging specified is not valid.
HTTP Status Code: 400NoSuchResource
A resource that was specified is not valid.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31217
Amazon CloudFront API ReferenceTagResource
TagResourceAdd tags to a CloudFront resource.
Request SyntaxPOST /2020-05-31/tagging?Operation=Tag HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><Tags xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Items> <Tag> <Key>string</Key> <Value>string</Value> </Tag> </Items></Tags>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
Tags (p. 218)
Root level tag for the Tags parameters.
Required: YesItems (p. 218)
A complex type that contains Tag elements.
Type: Array of Tag (p. 415) objects
Required: No
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
API Version 2020-05-31218
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 403InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidTagging
The tagging specified is not valid.
HTTP Status Code: 400NoSuchResource
A resource that was specified is not valid.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31219
Amazon CloudFront API ReferenceUntagResource
UntagResourceRemove tags from a CloudFront resource.
Request SyntaxPOST /2020-05-31/tagging?Operation=Untag HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><TagKeys xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Items> <Key>string</Key> </Items></TagKeys>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
TagKeys (p. 220)
Root level tag for the TagKeys parameters.
Required: Yes
Items (p. 220)
A complex type that contains Tag key elements.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$
Required: No
Response SyntaxHTTP/1.1 204
Response ElementsIf the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
API Version 2020-05-31220
Amazon CloudFront API ReferenceSee Also
AccessDenied
Access denied.
HTTP Status Code: 403InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidTagging
The tagging specified is not valid.
HTTP Status Code: 400NoSuchResource
A resource that was specified is not valid.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31221
Amazon CloudFront API ReferenceUpdateCachePolicy
UpdateCachePolicyUpdates a cache policy configuration.
When you update a cache policy configuration, all the fields are updated with the values provided in therequest. You cannot update some fields independent of others. To update a cache policy configuration:
1. Use GetCachePolicyConfig to get the current configuration.2. Locally modify the fields in the cache policy configuration that you want to update.3. Call UpdateCachePolicy by providing the entire cache policy configuration, including the fields that
you modified and those that you didn’t.
Request SyntaxPUT /2020-05-31/cache-policy/Id HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><CachePolicyConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name> <ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin></CachePolicyConfig>
URI Request ParametersThe request does not use any URI parameters.
API Version 2020-05-31222
Amazon CloudFront API ReferenceRequest Body
Request BodyThe request accepts the following data in XML format.
CachePolicyConfig (p. 222)
Root level tag for the CachePolicyConfig parameters.
Required: YesComment (p. 222)
A comment to describe the cache policy.
Type: String
Required: NoDefaultTTL (p. 222)
The default amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated.CloudFront uses this value as the object’s time to live (TTL) only when the origin does not sendCache-Control or Expires headers with the object. For more information, see Managing HowLong Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
The default value for this field is 86400 seconds (one day). If the value of MinTTL is more than86400 seconds, then the default value for this field is the same as the value of MinTTL.
Type: Long
Required: NoMaxTTL (p. 222)
The maximum amount of time, in seconds, that objects stay in the CloudFront cache beforeCloudFront sends another request to the origin to see if the object has been updated. CloudFrontuses this value only when the origin sends Cache-Control or Expires headers with the object.For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
The default value for this field is 31536000 seconds (one year). If the value of MinTTL orDefaultTTL is more than 31536000 seconds, then the default value for this field is the same as thevalue of DefaultTTL.
Type: Long
Required: NoMinTTL (p. 222)
The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated. Formore information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
Type: Long
Required: YesName (p. 222)
A unique name to identify the cache policy.
Type: String
API Version 2020-05-31223
Amazon CloudFront API ReferenceResponse Syntax
Required: YesParametersInCacheKeyAndForwardedToOrigin (p. 222)
The HTTP headers, cookies, and URL query strings to include in the cache key. The values included inthe cache key are automatically included in requests that CloudFront sends to the origin.
Type: ParametersInCacheKeyAndForwardedToOrigin (p. 384) object
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><CachePolicy> <CachePolicyConfig> <Comment>string</Comment> <DefaultTTL>long</DefaultTTL> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <Name>string</Name> <ParametersInCacheKeyAndForwardedToOrigin> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <EnableAcceptEncodingBrotli>boolean</EnableAcceptEncodingBrotli> <EnableAcceptEncodingGzip>boolean</EnableAcceptEncodingGzip> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </ParametersInCacheKeyAndForwardedToOrigin> </CachePolicyConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></CachePolicy>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
API Version 2020-05-31224
Amazon CloudFront API ReferenceErrors
The following data is returned in XML format by the service.
CachePolicy (p. 224)
Root level tag for the CachePolicy parameters.
Required: YesCachePolicyConfig (p. 224)
The cache policy configuration.
Type: CachePolicyConfig (p. 291) objectId (p. 224)
The unique identifier for the cache policy.
Type: StringLastModifiedTime (p. 224)
The date and time when the cache policy was last modified.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CachePolicyAlreadyExists
A cache policy with this name already exists. You must provide a unique name. To modify an existingcache policy, use UpdateCachePolicy.
HTTP Status Code: 409IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400
API Version 2020-05-31225
Amazon CloudFront API ReferenceSee Also
NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412TooManyCookiesInCachePolicy
The number of cookies in the cache policy exceeds the maximum. For more information, see Quotas(formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyHeadersInCachePolicy
The number of headers in the cache policy exceeds the maximum. For more information, see Quotas(formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyQueryStringsInCachePolicy
The number of query strings in the cache policy exceeds the maximum. For more information, seeQuotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31226
Amazon CloudFront API ReferenceUpdateCloudFrontOriginAccessIdentity
UpdateCloudFrontOriginAccessIdentityUpdate an origin access identity.
Request SyntaxPUT /2020-05-31/origin-access-identity/cloudfront/Id/config HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentityConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment></CloudFrontOriginAccessIdentityConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
CloudFrontOriginAccessIdentityConfig (p. 227)
Root level tag for the CloudFrontOriginAccessIdentityConfig parameters.
Required: YesCallerReference (p. 227)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theCloudFrontOriginAccessIdentityConfig object), a new origin access identity is created.
If the CallerReference is a value already sent in a previous identity request, and the content ofthe CloudFrontOriginAccessIdentityConfig is identical to the original request (ignoringwhite space), the response includes the same information returned to the original request.
If the CallerReference is a value you already sent in a previous request to create an identity, butthe content of the CloudFrontOriginAccessIdentityConfig is different from the originalrequest, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.
Type: String
Required: YesComment (p. 227)
Any comments you want to include about the origin access identity.
Type: String
Required: Yes
Response SyntaxHTTP/1.1 200
API Version 2020-05-31227
Amazon CloudFront API ReferenceResponse Elements
<?xml version="1.0" encoding="UTF-8"?><CloudFrontOriginAccessIdentity> <CloudFrontOriginAccessIdentityConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> </CloudFrontOriginAccessIdentityConfig> <Id>string</Id> <S3CanonicalUserId>string</S3CanonicalUserId></CloudFrontOriginAccessIdentity>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
CloudFrontOriginAccessIdentity (p. 227)
Root level tag for the CloudFrontOriginAccessIdentity parameters.
Required: YesCloudFrontOriginAccessIdentityConfig (p. 227)
The current configuration information for the identity.
Type: CloudFrontOriginAccessIdentityConfig (p. 299) objectId (p. 227)
The ID for the origin access identity, for example, E74FTE3AJFJ256A.
Type: StringS3CanonicalUserId (p. 227)
The Amazon S3 canonical user ID for the origin access identity, used when giving the origin accessidentity read permission to an object in Amazon S3.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400
API Version 2020-05-31228
Amazon CloudFront API ReferenceSee Also
InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400NoSuchCloudFrontOriginAccessIdentity
The specified origin access identity does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31229
Amazon CloudFront API ReferenceUpdateDistribution
UpdateDistributionUpdates the configuration for a web distribution.
ImportantWhen you update a distribution, there are more required fields than when you create adistribution. When you update your distribution by using this API action, follow the steps here toget the current configuration and then make your updates, to make sure that you include all ofthe required fields. To view a summary, see Required Fields for Create Distribution and UpdateDistribution in the Amazon CloudFront Developer Guide.
The update process includes getting the current distribution configuration, updating the XML documentthat is returned to make your changes, and then submitting an UpdateDistribution request to makethe updates.
For information about updating a distribution using the CloudFront console instead, see Creating aDistribution in the Amazon CloudFront Developer Guide.
To update a web distribution using the CloudFront API
1. Submit a GetDistributionConfig request to get the current configuration and an Etag header for thedistribution.
NoteIf you update the distribution again, you must get a new Etag header.
2. Update the XML document that was returned in the response to your GetDistributionConfigrequest to include your changes.
ImportantWhen you edit the XML file, be aware of the following:• You must strip out the ETag parameter that is returned.• Additional fields are required when you update a distribution. There may be fields included
in the XML file for features that you haven't configured for your distribution. This isexpected and required to successfully update the distribution.
• You can't change the value of CallerReference. If you try to change this value,CloudFront returns an IllegalUpdate error.
• The new configuration replaces the existing configuration; the values that you specifyin an UpdateDistribution request are not merged into your existing configuration.When you add, delete, or replace values in an element that allows multiple values (forexample, CNAME), you must specify all of the values that you want to appear in the updateddistribution. In addition, you must update the corresponding Quantity element.
3. Submit an UpdateDistribution request to update the configuration for your distribution:• In the request body, include the XML document that you updated in Step 2. The request body must
include an XML document with a DistributionConfig element.• Set the value of the HTTP If-Match header to the value of the ETag header that CloudFront
returned when you submitted the GetDistributionConfig request in Step 1.4. Review the response to the UpdateDistribution request to confirm that the configuration was
successfully updated.5. Optional: Submit a GetDistribution request to confirm that your changes have propagated. When
propagation is complete, the value of Status is Deployed.
Request SyntaxPUT /2020-05-31/distribution/Id/config HTTP/1.1
API Version 2020-05-31230
Amazon CloudFront API ReferenceRequest Syntax
<?xml version="1.0" encoding="UTF-8"?><DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn>
API Version 2020-05-31231
Amazon CloudFront API ReferenceRequest Syntax
<SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity>
API Version 2020-05-31232
Amazon CloudFront API ReferenceRequest Syntax
</QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId> </OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout>
API Version 2020-05-31233
Amazon CloudFront API ReferenceURI Request Parameters
<CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId></DistributionConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
API Version 2020-05-31234
Amazon CloudFront API ReferenceRequest Body
DistributionConfig (p. 230)
Root level tag for the DistributionConfig parameters.
Required: YesAliases (p. 230)
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisdistribution.
Type: Aliases (p. 279) object
Required: NoCacheBehaviors (p. 230)
A complex type that contains zero or more CacheBehavior elements.
Type: CacheBehaviors (p. 288) object
Required: NoCallerReference (p. 230)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of the DistributionConfigobject), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Required: YesComment (p. 230)
Any comments you want to include about the distribution.
If you don't want to specify a comment, include an empty Comment element.
To delete an existing comment, update the distribution configuration and include an emptyComment element.
To add or change a comment, update the distribution configuration and specify the new comment.
Type: String
Required: YesCustomErrorResponses (p. 230)
A complex type that controls the following:• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error
messages before returning the response to the viewer.• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the AmazonCloudFront Developer Guide.
Type: CustomErrorResponses (p. 311) object
Required: No
API Version 2020-05-31235
Amazon CloudFront API ReferenceRequest Body
DefaultCacheBehavior (p. 230)
A complex type that describes the default cache behavior if you don't specify a CacheBehaviorelement or if files don't match any of the values of PathPattern in CacheBehavior elements. Youmust create exactly one default cache behavior.
Type: DefaultCacheBehavior (p. 315) object
Required: YesDefaultRootObject (p. 230)
The object that you want CloudFront to request from your origin (for example, index.html)when a viewer requests the root URL for your distribution (http://www.example.com) insteadof an object in your distribution (http://www.example.com/product-description.html).Specifying a default root object avoids exposing the contents of your distribution.
Specify only the object name, for example, index.html. Don't add a / before the object name.
If you don't want to specify a default root object when you create a distribution, include an emptyDefaultRootObject element.
To delete the default root object from an existing distribution, update the distribution configurationand include an empty DefaultRootObject element.
To replace the default root object, update the distribution configuration and specify the new object.
For more information about the default root object, see Creating a Default Root Object in theAmazon CloudFront Developer Guide.
Type: String
Required: NoEnabled (p. 230)
From this field, you can enable or disable the selected distribution.
Type: Boolean
Required: YesHttpVersion (p. 230)
(Optional) Specify the maximum HTTP version that you want viewers to use to communicate withCloudFront. The default value for new web distributions is http2. Viewers that don't support HTTP/2automatically use an earlier HTTP version.
For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must supportServer Name Identification (SNI).
In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. Youcan improve performance by optimizing for HTTP/2. For more information, do an Internet search for"http/2 optimization."
Type: String
Valid Values: http1.1 | http2
Required: NoIsIPV6Enabled (p. 230)
If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution,specify true. If you specify false, CloudFront responds to IPv6 DNS requests with the DNS
API Version 2020-05-31236
Amazon CloudFront API ReferenceRequest Body
response code NOERROR and with no IP addresses. This allows viewers to submit a second request,for an IPv4 address for your distribution.
In general, you should enable IPv6 if you have users on IPv6 networks who want to access yourcontent. However, if you're using signed URLs or signed cookies to restrict access to your content,and if you're using a custom policy that includes the IpAddress parameter to restrict the IPaddresses that can access your content, don't enable IPv6. If you want to restrict access to somecontent by IP address and not restrict access to other content (or restrict access but not by IPaddress), you can create two distributions. For more information, see Creating a Signed URL Using aCustom Policy in the Amazon CloudFront Developer Guide.
If you're using an Amazon Route 53 alias resource record set to route traffic to your CloudFrontdistribution, you need to create a second alias resource record set when both of the following aretrue:• You enable IPv6 for the distribution• You're using alternate domain names in the URLs for your objects
For more information, see Routing Traffic to an Amazon CloudFront Web Distribution by Using YourDomain Name in the Amazon Route 53 Developer Guide.
If you created a CNAME resource record set, either with Amazon Route 53 or with another DNSservice, you don't need to make any changes. A CNAME record will route traffic to your distributionregardless of the IP address format of the viewer request.
Type: Boolean
Required: NoLogging (p. 230)
A complex type that controls whether access logs are written for the distribution.
For more information about logging, see Access Logs in the Amazon CloudFront Developer Guide.
Type: LoggingConfig (p. 363) object
Required: NoOriginGroups (p. 230)
A complex type that contains information about origin groups for this distribution.
Type: OriginGroups (p. 373) object
Required: NoOrigins (p. 230)
A complex type that contains information about origins for this distribution.
Type: Origins (p. 382) object
Required: YesPriceClass (p. 230)
The price class that corresponds with the maximum price that you want to pay for CloudFrontservice. If you specify PriceClass_All, CloudFront responds to requests for your objects from allCloudFront edge locations.
If you specify a price class other than PriceClass_All, CloudFront serves your objects from theCloudFront edge location that has the lowest latency among the edge locations in your price class.
API Version 2020-05-31237
Amazon CloudFront API ReferenceResponse Syntax
Viewers who are in or near regions that are excluded from your specified price class may encounterslower performance.
For more information about price classes, see Choosing the Price Class for a CloudFront Distributionin the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including howprice classes (such as Price Class 100) map to CloudFront regions, see Amazon CloudFront Pricing.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: NoRestrictions (p. 230)
A complex type that identifies ways in which you want to restrict distribution of your content.
Type: Restrictions (p. 400) object
Required: NoViewerCertificate (p. 230)
A complex type that determines the distribution’s SSL/TLS configuration for communicating withviewers.
Type: ViewerCertificate (p. 419) object
Required: NoWebACLId (p. 230)
A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for examplearn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use theACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests thatare forwarded to CloudFront, and lets you control access to your content. Based on conditions thatyou specify, such as the IP addresses that requests originate from or the values of query strings,CloudFront responds to requests either with the requested content or with an HTTP 403 status code(Forbidden). You can also configure CloudFront to return a custom error page when a request isblocked. For more information about AWS WAF, see the AWS WAF Developer Guide.
Type: String
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><Distribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId>
API Version 2020-05-31238
Amazon CloudFront API ReferenceResponse Syntax
</Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <AliasICPRecordals> <AliasICPRecordal> <CNAME>string</CNAME> <ICPRecordalStatus>string</ICPRecordalStatus> </AliasICPRecordal> </AliasICPRecordals> <ARN>string</ARN> <DistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CacheBehaviors> <Items> <CacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames> </Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items>
API Version 2020-05-31239
Amazon CloudFront API ReferenceResponse Syntax
<LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <PathPattern>string</PathPattern> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </CacheBehavior> </Items> <Quantity>integer</Quantity> </CacheBehaviors> <CallerReference>string</CallerReference> <Comment>string</Comment> <CustomErrorResponses> <Items> <CustomErrorResponse> <ErrorCachingMinTTL>long</ErrorCachingMinTTL> <ErrorCode>integer</ErrorCode> <ResponseCode>string</ResponseCode> <ResponsePagePath>string</ResponsePagePath> </CustomErrorResponse> </Items> <Quantity>integer</Quantity> </CustomErrorResponses> <DefaultCacheBehavior> <AllowedMethods> <CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </CachedMethods> <Items> <Method>string</Method> </Items> <Quantity>integer</Quantity> </AllowedMethods> <CachePolicyId>string</CachePolicyId> <Compress>boolean</Compress> <DefaultTTL>long</DefaultTTL> <FieldLevelEncryptionId>string</FieldLevelEncryptionId> <ForwardedValues> <Cookies> <Forward>string</Forward> <WhitelistedNames> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </WhitelistedNames>
API Version 2020-05-31240
Amazon CloudFront API ReferenceResponse Syntax
</Cookies> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> <QueryString>boolean</QueryString> <QueryStringCacheKeys> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStringCacheKeys> </ForwardedValues> <LambdaFunctionAssociations> <Items> <LambdaFunctionAssociation> <EventType>string</EventType> <IncludeBody>boolean</IncludeBody> <LambdaFunctionARN>string</LambdaFunctionARN> </LambdaFunctionAssociation> </Items> <Quantity>integer</Quantity> </LambdaFunctionAssociations> <MaxTTL>long</MaxTTL> <MinTTL>long</MinTTL> <OriginRequestPolicyId>string</OriginRequestPolicyId> <RealtimeLogConfigArn>string</RealtimeLogConfigArn> <SmoothStreaming>boolean</SmoothStreaming> <TargetOriginId>string</TargetOriginId> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> <ViewerProtocolPolicy>string</ViewerProtocolPolicy> </DefaultCacheBehavior> <DefaultRootObject>string</DefaultRootObject> <Enabled>boolean</Enabled> <HttpVersion>string</HttpVersion> <IsIPV6Enabled>boolean</IsIPV6Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <IncludeCookies>boolean</IncludeCookies> <Prefix>string</Prefix> </Logging> <OriginGroups> <Items> <OriginGroup> <FailoverCriteria> <StatusCodes> <Items> <StatusCode>integer</StatusCode> </Items> <Quantity>integer</Quantity> </StatusCodes> </FailoverCriteria> <Id>string</Id> <Members> <Items> <OriginGroupMember> <OriginId>string</OriginId>
API Version 2020-05-31241
Amazon CloudFront API ReferenceResponse Syntax
</OriginGroupMember> </Items> <Quantity>integer</Quantity> </Members> </OriginGroup> </Items> <Quantity>integer</Quantity> </OriginGroups> <Origins> <Items> <Origin> <ConnectionAttempts>integer</ConnectionAttempts> <ConnectionTimeout>integer</ConnectionTimeout> <CustomHeaders> <Items> <OriginCustomHeader> <HeaderName>string</HeaderName> <HeaderValue>string</HeaderValue> </OriginCustomHeader> </Items> <Quantity>integer</Quantity> </CustomHeaders> <CustomOriginConfig> <HTTPPort>integer</HTTPPort> <HTTPSPort>integer</HTTPSPort> <OriginKeepaliveTimeout>integer</OriginKeepaliveTimeout> <OriginProtocolPolicy>string</OriginProtocolPolicy> <OriginReadTimeout>integer</OriginReadTimeout> <OriginSslProtocols> <Items> <SslProtocol>string</SslProtocol> </Items> <Quantity>integer</Quantity> </OriginSslProtocols> </CustomOriginConfig> <DomainName>string</DomainName> <Id>string</Id> <OriginPath>string</OriginPath> <S3OriginConfig> <OriginAccessIdentity>string</OriginAccessIdentity> </S3OriginConfig> </Origin> </Items> <Quantity>integer</Quantity> </Origins> <PriceClass>string</PriceClass> <Restrictions> <GeoRestriction> <Items> <Location>string</Location> </Items> <Quantity>integer</Quantity> <RestrictionType>string</RestrictionType> </GeoRestriction> </Restrictions> <ViewerCertificate> <ACMCertificateArn>string</ACMCertificateArn> <Certificate>string</Certificate> <CertificateSource>string</CertificateSource> <CloudFrontDefaultCertificate>boolean</CloudFrontDefaultCertificate> <IAMCertificateId>string</IAMCertificateId> <MinimumProtocolVersion>string</MinimumProtocolVersion> <SSLSupportMethod>string</SSLSupportMethod> </ViewerCertificate> <WebACLId>string</WebACLId> </DistributionConfig>
API Version 2020-05-31242
Amazon CloudFront API ReferenceResponse Elements
<DomainName>string</DomainName> <Id>string</Id> <InProgressInvalidationBatches>integer</InProgressInvalidationBatches> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status></Distribution>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
Distribution (p. 238)
Root level tag for the Distribution parameters.
Required: YesActiveTrustedSigners (p. 238)
CloudFront automatically adds this element to the response only if you've set up the distribution toserve private content with signed URLs. The element lists the key pair IDs that CloudFront is awareof for each trusted signer. The Signer child element lists the AWS account number of the trustedsigner (or an empty Self element if the signer is you). The Signer element also includes the IDsof any active key pairs associated with the trusted signer's AWS account. If no KeyPairId elementappears for a Signer, that signer can't create working signed URLs.
Type: ActiveTrustedSigners (p. 278) objectAliasICPRecordals (p. 238)
AWS services in China customers must file for an Internet Content Provider (ICP) recordal if theywant to serve content publicly on an alternate domain name, also known as a CNAME, that they'veadded to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated withdistributions.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Startedwith AWS services in China.
Type: Array of AliasICPRecordal (p. 280) objectsARN (p. 238)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDistributionConfig (p. 238)
The current configuration information for the distribution. Send a GET request to the /CloudFrontAPI version/distribution ID/config resource.
Type: DistributionConfig (p. 321) objectDomainName (p. 238)
The domain name corresponding to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: String
API Version 2020-05-31243
Amazon CloudFront API ReferenceErrors
Id (p. 238)
The identifier for the distribution. For example: EDFDVBD632BHDS5.
Type: StringInProgressInvalidationBatches (p. 238)
The number of invalidation batches currently in progress.
Type: IntegerLastModifiedTime (p. 238)
The date and time the distribution was last modified.
Type: TimestampStatus (p. 238)
This response element indicates the current status of the distribution. When the status is Deployed,the distribution's information is fully propagated to all CloudFront edge locations.
Type: String
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CNAMEAlreadyExists
The CNAME specified is already defined for CloudFront.
HTTP Status Code: 409IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior
The specified configuration for field-level encryption can't be associated with the specified cachebehavior.
HTTP Status Code: 400IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400
API Version 2020-05-31244
Amazon CloudFront API ReferenceErrors
InvalidDefaultRootObject
The default root object file name is too big or contains an invalid character.
HTTP Status Code: 400InvalidErrorCode
An invalid error code was specified.
HTTP Status Code: 400InvalidForwardCookies
Your request contains forward cookies option which doesn't match with the expectation for thewhitelisted list of cookie names. Either list of cookie names has been specified when not allowedor list of cookie names is missing when expected.
HTTP Status Code: 400InvalidGeoRestrictionParameter
The specified geo restriction parameter is not valid.
HTTP Status Code: 400InvalidHeadersForS3Origin
The headers specified are not valid for an Amazon S3 origin.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400InvalidLambdaFunctionAssociation
The specified Lambda function association is invalid.
HTTP Status Code: 400InvalidLocationCode
The location code specified is not valid.
HTTP Status Code: 400InvalidMinimumProtocolVersion
The minimum protocol version specified is not valid.
HTTP Status Code: 400InvalidOriginAccessIdentity
The origin access identity is not valid or doesn't exist.
HTTP Status Code: 400InvalidOriginKeepaliveTimeout
The keep alive timeout specified for the origin is not valid.
HTTP Status Code: 400
API Version 2020-05-31245
Amazon CloudFront API ReferenceErrors
InvalidOriginReadTimeout
The read timeout specified for the origin is not valid.
HTTP Status Code: 400InvalidQueryStringParameters
The query string parameters specified are not valid.
HTTP Status Code: 400InvalidRelativePath
The relative path is too big, is not URL-encoded, or does not begin with a slash (/).
HTTP Status Code: 400InvalidRequiredProtocol
This operation requires the HTTPS protocol. Ensure that you specify the HTTPS protocol in yourrequest, or omit the RequiredProtocols element from your distribution configuration.
HTTP Status Code: 400InvalidResponseCode
A response code is not valid.
HTTP Status Code: 400InvalidTTLOrder
The TTL order specified is not valid.
HTTP Status Code: 400InvalidViewerCertificate
A viewer certificate specified is not valid.
HTTP Status Code: 400InvalidWebACLId
A web ACL ID specified is not valid. To specify a web ACL created using the latest version of AWSWAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specifya web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400NoSuchCachePolicy
The cache policy does not exist.
HTTP Status Code: 404NoSuchDistribution
The specified distribution does not exist.
API Version 2020-05-31246
Amazon CloudFront API ReferenceErrors
HTTP Status Code: 404NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
HTTP Status Code: 404NoSuchOrigin
No origin exists with the specified Origin Id.
HTTP Status Code: 404NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412TooManyCacheBehaviors
You cannot create more cache behaviors for the distribution.
HTTP Status Code: 400TooManyCertificates
You cannot create anymore custom SSL/TLS certificates.
HTTP Status Code: 400TooManyCookieNamesInWhiteList
Your request contains more cookie names in the whitelist than are allowed per cache behavior.
HTTP Status Code: 400TooManyDistributionCNAMEs
Your request contains more CNAMEs than are allowed per distribution.
HTTP Status Code: 400TooManyDistributionsAssociatedToCachePolicy
The maximum number of distributions have been associated with the specified cache policy. Formore information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyDistributionsAssociatedToFieldLevelEncryptionConfig
The maximum number of distributions have been associated with the specified configuration forfield-level encryption.
HTTP Status Code: 400TooManyDistributionsAssociatedToOriginRequestPolicy
The maximum number of distributions have been associated with the specified origin request policy.For more information, see Quotas (formerly known as limits) in the Amazon CloudFront DeveloperGuide.
API Version 2020-05-31247
Amazon CloudFront API ReferenceSee Also
HTTP Status Code: 400TooManyDistributionsWithLambdaAssociations
Processing your request would cause the maximum number of distributions with Lambda functionassociations per owner to be exceeded.
HTTP Status Code: 400TooManyDistributionsWithSingleFunctionARN
The maximum number of distributions have been associated with the specified Lambda function.
HTTP Status Code: 400TooManyHeadersInForwardedValues
Your request contains too many headers in forwarded values.
HTTP Status Code: 400TooManyLambdaFunctionAssociations
Your request contains more Lambda function associations than are allowed per distribution.
HTTP Status Code: 400TooManyOriginCustomHeaders
Your request contains too many origin custom headers.
HTTP Status Code: 400TooManyOriginGroupsPerDistribution
Processing your request would cause you to exceed the maximum number of origin groups allowed.
HTTP Status Code: 400TooManyOrigins
You cannot create more origins for the distribution.
HTTP Status Code: 400TooManyQueryStringParameters
Your request contains too many query string parameters.
HTTP Status Code: 400TooManyTrustedSigners
Your request contains more trusted signers than are allowed per distribution.
HTTP Status Code: 400TrustedSignerDoesNotExist
One or more of your trusted signers don't exist.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
API Version 2020-05-31248
Amazon CloudFront API ReferenceSee Also
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31249
Amazon CloudFront API ReferenceUpdateFieldLevelEncryptionConfig
UpdateFieldLevelEncryptionConfigUpdate a field-level encryption configuration.
Request SyntaxPUT /2020-05-31/field-level-encryption/Id/config HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig></FieldLevelEncryptionConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
FieldLevelEncryptionConfig (p. 250)
Root level tag for the FieldLevelEncryptionConfig parameters.
Required: YesCallerReference (p. 250)
A unique number that ensures the request can't be replayed.
Type: String
Required: Yes
API Version 2020-05-31250
Amazon CloudFront API ReferenceResponse Syntax
Comment (p. 250)
An optional comment about the configuration.
Type: String
Required: NoContentTypeProfileConfig (p. 250)
A complex data type that specifies when to forward content if a content type isn't recognized andprofiles to use as by default in a request if a query argument doesn't specify a profile to use.
Type: ContentTypeProfileConfig (p. 304) object
Required: NoQueryArgProfileConfig (p. 250)
A complex data type that specifies when to forward content if a profile isn't found and the profilethat can be provided as a query argument in a request.
Type: QueryArgProfileConfig (p. 392) object
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryption> <FieldLevelEncryptionConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <ContentTypeProfileConfig> <ContentTypeProfiles> <Items> <ContentTypeProfile> <ContentType>string</ContentType> <Format>string</Format> <ProfileId>string</ProfileId> </ContentTypeProfile> </Items> <Quantity>integer</Quantity> </ContentTypeProfiles> <ForwardWhenContentTypeIsUnknown>boolean</ForwardWhenContentTypeIsUnknown> </ContentTypeProfileConfig> <QueryArgProfileConfig> <ForwardWhenQueryArgProfileIsUnknown>boolean</ForwardWhenQueryArgProfileIsUnknown> <QueryArgProfiles> <Items> <QueryArgProfile> <ProfileId>string</ProfileId> <QueryArg>string</QueryArg> </QueryArgProfile> </Items> <Quantity>integer</Quantity> </QueryArgProfiles> </QueryArgProfileConfig> </FieldLevelEncryptionConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></FieldLevelEncryption>
API Version 2020-05-31251
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryption (p. 251)
Root level tag for the FieldLevelEncryption parameters.
Required: YesFieldLevelEncryptionConfig (p. 251)
A complex data type that includes the profile configurations specified for field-level encryption.
Type: FieldLevelEncryptionConfig (p. 339) objectId (p. 251)
The configuration ID for a field-level encryption configuration which includes a set of profiles thatspecify certain selected data fields to be encrypted by specific public keys.
Type: StringLastModifiedTime (p. 251)
The last time the field-level encryption configuration was changed.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400
API Version 2020-05-31252
Amazon CloudFront API ReferenceSee Also
NoSuchFieldLevelEncryptionConfig
The specified configuration for field-level encryption doesn't exist.
HTTP Status Code: 404NoSuchFieldLevelEncryptionProfile
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412QueryArgProfileEmpty
No profile specified for the field-level encryption query argument.
HTTP Status Code: 400TooManyFieldLevelEncryptionContentTypeProfiles
The maximum number of content type profiles for field-level encryption have been created.
HTTP Status Code: 400TooManyFieldLevelEncryptionQueryArgProfiles
The maximum number of query arg profiles for field-level encryption have been created.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31253
Amazon CloudFront API ReferenceUpdateFieldLevelEncryptionProfile
UpdateFieldLevelEncryptionProfileUpdate a field-level encryption profile.
Request SyntaxPUT /2020-05-31/field-level-encryption-profile/Id/config HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfileConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Name>string</Name></FieldLevelEncryptionProfileConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
FieldLevelEncryptionProfileConfig (p. 254)
Root level tag for the FieldLevelEncryptionProfileConfig parameters.
Required: Yes
CallerReference (p. 254)
A unique number that ensures that the request can't be replayed.
Type: String
Required: Yes
Comment (p. 254)
An optional comment for the field-level encryption profile.
Type: String
Required: No
API Version 2020-05-31254
Amazon CloudFront API ReferenceResponse Syntax
EncryptionEntities (p. 254)
A complex data type of encryption entities for the field-level encryption profile that include thepublic key ID, provider, and field patterns for specifying which fields to encrypt with this key.
Type: EncryptionEntities (p. 335) object
Required: YesName (p. 254)
Profile name for the field-level encryption profile.
Type: String
Required: Yes
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><FieldLevelEncryptionProfile> <FieldLevelEncryptionProfileConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncryptionEntities> <Items> <EncryptionEntity> <FieldPatterns> <Items> <FieldPattern>string</FieldPattern> </Items> <Quantity>integer</Quantity> </FieldPatterns> <ProviderId>string</ProviderId> <PublicKeyId>string</PublicKeyId> </EncryptionEntity> </Items> <Quantity>integer</Quantity> </EncryptionEntities> <Name>string</Name> </FieldLevelEncryptionProfileConfig> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime></FieldLevelEncryptionProfile>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
FieldLevelEncryptionProfile (p. 255)
Root level tag for the FieldLevelEncryptionProfile parameters.
Required: YesFieldLevelEncryptionProfileConfig (p. 255)
A complex data type that includes the profile name and the encryption entities for the field-levelencryption profile.
API Version 2020-05-31255
Amazon CloudFront API ReferenceErrors
Type: FieldLevelEncryptionProfileConfig (p. 342) objectId (p. 255)
The ID for a field-level encryption profile configuration which includes a set of profiles that specifycertain selected data fields to be encrypted by specific public keys.
Type: StringLastModifiedTime (p. 255)
The last time the field-level encryption profile was updated.
Type: Timestamp
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403FieldLevelEncryptionProfileAlreadyExists
The specified profile for field-level encryption already exists.
HTTP Status Code: 409FieldLevelEncryptionProfileSizeExceeded
The maximum size of a profile for field-level encryption was exceeded.
HTTP Status Code: 400IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchFieldLevelEncryptionProfile
The specified profile for field-level encryption doesn't exist.
HTTP Status Code: 404
API Version 2020-05-31256
Amazon CloudFront API ReferenceSee Also
NoSuchPublicKey
The specified public key doesn't exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412TooManyFieldLevelEncryptionEncryptionEntities
The maximum number of encryption entities for field-level encryption have been created.
HTTP Status Code: 400TooManyFieldLevelEncryptionFieldPatterns
The maximum number of field patterns for field-level encryption have been created.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31257
Amazon CloudFront API ReferenceUpdateOriginRequestPolicy
UpdateOriginRequestPolicyUpdates an origin request policy configuration.
When you update an origin request policy configuration, all the fields are updated with the valuesprovided in the request. You cannot update some fields independent of others. To update an originrequest policy configuration:
1. Use GetOriginRequestPolicyConfig to get the current configuration.
2. Locally modify the fields in the origin request policy configuration that you want to update.
3. Call UpdateOriginRequestPolicy by providing the entire origin request policy configuration,including the fields that you modified and those that you didn’t.
Request SyntaxPUT /2020-05-31/origin-request-policy/Id HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicyConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies> </CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig></OriginRequestPolicyConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
API Version 2020-05-31258
Amazon CloudFront API ReferenceResponse Syntax
OriginRequestPolicyConfig (p. 258)
Root level tag for the OriginRequestPolicyConfig parameters.
Required: YesComment (p. 258)
A comment to describe the origin request policy.
Type: String
Required: NoCookiesConfig (p. 258)
The cookies from viewer requests to include in origin requests.
Type: OriginRequestPolicyCookiesConfig (p. 377) object
Required: YesHeadersConfig (p. 258)
The HTTP headers to include in origin requests. These can include headers from viewer requests andadditional headers added by CloudFront.
Type: OriginRequestPolicyHeadersConfig (p. 378) object
Required: YesName (p. 258)
A unique name to identify the origin request policy.
Type: String
Required: YesQueryStringsConfig (p. 258)
The URL query strings from viewer requests to include in origin requests.
Type: OriginRequestPolicyQueryStringsConfig (p. 380) object
Required: Yes
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><OriginRequestPolicy> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <OriginRequestPolicyConfig> <Comment>string</Comment> <CookiesConfig> <CookieBehavior>string</CookieBehavior> <Cookies> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Cookies>
API Version 2020-05-31259
Amazon CloudFront API ReferenceResponse Elements
</CookiesConfig> <HeadersConfig> <HeaderBehavior>string</HeaderBehavior> <Headers> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </Headers> </HeadersConfig> <Name>string</Name> <QueryStringsConfig> <QueryStringBehavior>string</QueryStringBehavior> <QueryStrings> <Items> <Name>string</Name> </Items> <Quantity>integer</Quantity> </QueryStrings> </QueryStringsConfig> </OriginRequestPolicyConfig></OriginRequestPolicy>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
OriginRequestPolicy (p. 259)
Root level tag for the OriginRequestPolicy parameters.
Required: YesId (p. 259)
The unique identifier for the origin request policy.
Type: StringLastModifiedTime (p. 259)
The date and time when the origin request policy was last modified.
Type: TimestampOriginRequestPolicyConfig (p. 259)
The origin request policy configuration.
Type: OriginRequestPolicyConfig (p. 375) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403
API Version 2020-05-31260
Amazon CloudFront API ReferenceSee Also
IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchOriginRequestPolicy
The origin request policy does not exist.
HTTP Status Code: 404OriginRequestPolicyAlreadyExists
An origin request policy with this name already exists. You must provide a unique name. To modifyan existing origin request policy, use UpdateOriginRequestPolicy.
HTTP Status Code: 409PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412TooManyCookiesInOriginRequestPolicy
The number of cookies in the origin request policy exceeds the maximum. For more information, seeQuotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyHeadersInOriginRequestPolicy
The number of headers in the origin request policy exceeds the maximum. For more information, seeQuotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400TooManyQueryStringsInOriginRequestPolicy
The number of query strings in the origin request policy exceeds the maximum. For moreinformation, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
API Version 2020-05-31261
Amazon CloudFront API ReferenceSee Also
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31262
Amazon CloudFront API ReferenceUpdatePublicKey
UpdatePublicKeyUpdate public key information. Note that the only value you can change is the comment.
Request SyntaxPUT /2020-05-31/public-key/Id/config HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><PublicKeyConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncodedKey>string</EncodedKey> <Name>string</Name></PublicKeyConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
PublicKeyConfig (p. 263)
Root level tag for the PublicKeyConfig parameters.
Required: YesCallerReference (p. 263)
A unique number that ensures that the request can't be replayed.
Type: String
Required: YesComment (p. 263)
An optional comment about a public key.
Type: String
Required: NoEncodedKey (p. 263)
The encoded public key that you want to add to CloudFront to use with features like field-levelencryption.
Type: String
Required: YesName (p. 263)
The name for a public key you add to CloudFront to use with features like field-level encryption.
Type: String
Required: Yes
API Version 2020-05-31263
Amazon CloudFront API ReferenceResponse Syntax
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><PublicKey> <CreatedTime>timestamp</CreatedTime> <Id>string</Id> <PublicKeyConfig> <CallerReference>string</CallerReference> <Comment>string</Comment> <EncodedKey>string</EncodedKey> <Name>string</Name> </PublicKeyConfig></PublicKey>
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
PublicKey (p. 264)
Root level tag for the PublicKey parameters.
Required: YesCreatedTime (p. 264)
A time you added a public key to CloudFront.
Type: TimestampId (p. 264)
A unique ID assigned to a public key you've added to CloudFront.
Type: StringPublicKeyConfig (p. 264)
A complex data type for a public key you add to CloudFront to use with features like field-levelencryption.
Type: PublicKeyConfig (p. 388) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CannotChangeImmutablePublicKeyFields
You can't change the value of a public key.
HTTP Status Code: 400
API Version 2020-05-31264
Amazon CloudFront API ReferenceSee Also
IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400NoSuchPublicKey
The specified public key doesn't exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31265
Amazon CloudFront API ReferenceUpdateRealtimeLogConfig
UpdateRealtimeLogConfigUpdates a real-time log configuration.
When you update a real-time log configuration, all the parameters are updated with the values providedin the request. You cannot update some parameters independent of others. To update a real-time logconfiguration:
1. Call GetRealtimeLogConfig to get the current real-time log configuration.2. Locally modify the parameters in the real-time log configuration that you want to update.3. Call this API (UpdateRealtimeLogConfig) by providing the entire real-time log configuration,
including the parameters that you modified and those that you didn’t.
You cannot update a real-time log configuration’s Name or ARN.
Request SyntaxPUT /2020-05-31/realtime-log-config/ HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><UpdateRealtimeLogConfigRequest xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <ARN>string</ARN> <EndPoints> <EndPoint> <KinesisStreamConfig> <RoleARN>string</RoleARN> <StreamARN>string</StreamARN> </KinesisStreamConfig> <StreamType>string</StreamType> </EndPoint> </EndPoints> <Fields> <Field>string</Field> </Fields> <Name>string</Name> <SamplingRate>long</SamplingRate></UpdateRealtimeLogConfigRequest>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
UpdateRealtimeLogConfigRequest (p. 266)
Root level tag for the UpdateRealtimeLogConfigRequest parameters.
Required: YesARN (p. 266)
The Amazon Resource Name (ARN) for this real-time log configuration.
Type: String
API Version 2020-05-31266
Amazon CloudFront API ReferenceResponse Syntax
Required: NoEndPoints (p. 266)
Contains information about the Amazon Kinesis data stream where you are sending real-time logdata.
Type: Array of EndPoint (p. 337) objects
Required: NoFields (p. 266)
A list of fields to include in each real-time log record.
For more information about fields, see Real-time log configuration fields in the Amazon CloudFrontDeveloper Guide.
Type: Array of strings
Required: NoName (p. 266)
The name for this real-time log configuration.
Type: String
Required: NoSamplingRate (p. 266)
The sampling rate for this real-time log configuration. The sampling rate determines the percentageof viewer requests that are represented in the real-time log data. You must provide an integerbetween 1 and 100, inclusive.
Type: Long
Required: No
Response SyntaxHTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><UpdateRealtimeLogConfigResult> <RealtimeLogConfig> <ARN>string</ARN> <EndPoints> <EndPoint> <KinesisStreamConfig> <RoleARN>string</RoleARN> <StreamARN>string</StreamARN> </KinesisStreamConfig> <StreamType>string</StreamType> </EndPoint> </EndPoints> <Fields> <Field>string</Field> </Fields> <Name>string</Name> <SamplingRate>long</SamplingRate> </RealtimeLogConfig></UpdateRealtimeLogConfigResult>
API Version 2020-05-31267
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
UpdateRealtimeLogConfigResult (p. 267)
Root level tag for the UpdateRealtimeLogConfigResult parameters.
Required: YesRealtimeLogConfig (p. 267)
A real-time log configuration.
Type: RealtimeLogConfig (p. 396) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
InvalidArgument
An argument is invalid.
HTTP Status Code: 400NoSuchRealtimeLogConfig
The real-time log configuration does not exist.
HTTP Status Code: 404
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31268
Amazon CloudFront API ReferenceUpdateStreamingDistribution
UpdateStreamingDistributionUpdate a streaming distribution.
Request Syntax
PUT /2020-05-31/streaming-distribution/Id/config HTTP/1.1<?xml version="1.0" encoding="UTF-8"?><StreamingDistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2020-05-31/"> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners></StreamingDistributionConfig>
URI Request ParametersThe request does not use any URI parameters.
Request BodyThe request accepts the following data in XML format.
StreamingDistributionConfig (p. 269)
Root level tag for the StreamingDistributionConfig parameters.
Required: Yes
Aliases (p. 269)
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisstreaming distribution.
Type: Aliases (p. 279) object
API Version 2020-05-31269
Amazon CloudFront API ReferenceRequest Body
Required: No
CallerReference (p. 269)
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theStreamingDistributionConfig object), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Required: Yes
Comment (p. 269)
Any comments you want to include about the streaming distribution.
Type: String
Required: Yes
Enabled (p. 269)
Whether the streaming distribution is enabled to accept user requests for content.
Type: Boolean
Required: Yes
Logging (p. 269)
A complex type that controls whether access logs are written for the streaming distribution.
Type: StreamingLoggingConfig (p. 414) object
Required: No
PriceClass (p. 269)
A complex type that contains information about price class for this streaming distribution.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: No
S3Origin (p. 269)
A complex type that contains information about the Amazon S3 bucket from which you wantCloudFront to get your media files for distribution.
Type: S3Origin (p. 401) object
Required: Yes
TrustedSigners (p. 269)
A complex type that specifies any AWS accounts that you want to permit to create signed URLs forprivate content. If you want the distribution to use signed URLs, include this element; if you want
API Version 2020-05-31270
Amazon CloudFront API ReferenceResponse Syntax
the distribution to use public URLs, remove this element. For more information, see Serving PrivateContent through CloudFront in the Amazon CloudFront Developer Guide.
Type: TrustedSigners (p. 418) object
Required: Yes
Response Syntax
HTTP/1.1 200<?xml version="1.0" encoding="UTF-8"?><StreamingDistribution> <ActiveTrustedSigners> <Enabled>boolean</Enabled> <Items> <Signer> <AwsAccountNumber>string</AwsAccountNumber> <KeyPairIds> <Items> <KeyPairId>string</KeyPairId> </Items> <Quantity>integer</Quantity> </KeyPairIds> </Signer> </Items> <Quantity>integer</Quantity> </ActiveTrustedSigners> <ARN>string</ARN> <DomainName>string</DomainName> <Id>string</Id> <LastModifiedTime>timestamp</LastModifiedTime> <Status>string</Status> <StreamingDistributionConfig> <Aliases> <Items> <CNAME>string</CNAME> </Items> <Quantity>integer</Quantity> </Aliases> <CallerReference>string</CallerReference> <Comment>string</Comment> <Enabled>boolean</Enabled> <Logging> <Bucket>string</Bucket> <Enabled>boolean</Enabled> <Prefix>string</Prefix> </Logging> <PriceClass>string</PriceClass> <S3Origin> <DomainName>string</DomainName> <OriginAccessIdentity>string</OriginAccessIdentity> </S3Origin> <TrustedSigners> <Enabled>boolean</Enabled> <Items> <AwsAccountNumber>string</AwsAccountNumber> </Items> <Quantity>integer</Quantity> </TrustedSigners> </StreamingDistributionConfig></StreamingDistribution>
API Version 2020-05-31271
Amazon CloudFront API ReferenceResponse Elements
Response ElementsIf the action is successful, the service sends back an HTTP 200 response.
The following data is returned in XML format by the service.
StreamingDistribution (p. 271)
Root level tag for the StreamingDistribution parameters.
Required: YesActiveTrustedSigners (p. 271)
A complex type that lists the AWS accounts, if any, that you included in the TrustedSignerscomplex type for this distribution. These are the accounts that you want to allow to create signedURLs for private content.
The Signer complex type lists the AWS account number of the trusted signer or self if the signeris the AWS account that created the distribution. The Signer element also includes the IDs ofany active CloudFront key pairs that are associated with the trusted signer's AWS account. If noKeyPairId element appears for a Signer, that signer can't create signed URLs.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
Type: ActiveTrustedSigners (p. 278) objectARN (p. 271)
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: StringDomainName (p. 271)
The domain name that corresponds to the streaming distribution, for example,s5c39gqb8ow64r.cloudfront.net.
Type: StringId (p. 271)
The identifier for the RTMP distribution. For example: EGTXBD79EXAMPLE.
Type: StringLastModifiedTime (p. 271)
The date and time that the distribution was last modified.
Type: TimestampStatus (p. 271)
The current status of the RTMP distribution. When the status is Deployed, the distribution'sinformation is propagated to all CloudFront edge locations.
Type: StringStreamingDistributionConfig (p. 271)
The current configuration information for the RTMP distribution.
API Version 2020-05-31272
Amazon CloudFront API ReferenceErrors
Type: StreamingDistributionConfig (p. 407) object
ErrorsFor information about the errors that are common to all actions, see Common Errors (p. 425).
AccessDenied
Access denied.
HTTP Status Code: 403CNAMEAlreadyExists
The CNAME specified is already defined for CloudFront.
HTTP Status Code: 409IllegalUpdate
The update contains modifications that are not allowed.
HTTP Status Code: 400InconsistentQuantities
The value of Quantity and the size of Items don't match.
HTTP Status Code: 400InvalidArgument
An argument is invalid.
HTTP Status Code: 400InvalidIfMatchVersion
The If-Match version is missing or not valid.
HTTP Status Code: 400InvalidOriginAccessIdentity
The origin access identity is not valid or doesn't exist.
HTTP Status Code: 400MissingBody
This operation requires a body. Ensure that the body is present and the Content-Type header isset.
HTTP Status Code: 400NoSuchStreamingDistribution
The specified streaming distribution does not exist.
HTTP Status Code: 404PreconditionFailed
The precondition given in one or more of the request header fields evaluated to false.
HTTP Status Code: 412
API Version 2020-05-31273
Amazon CloudFront API ReferenceSee Also
TooManyStreamingDistributionCNAMEs
Your request contains more CNAMEs than are allowed per distribution.
HTTP Status Code: 400TooManyTrustedSigners
Your request contains more trusted signers than are allowed per distribution.
HTTP Status Code: 400TrustedSignerDoesNotExist
One or more of your trusted signers don't exist.
HTTP Status Code: 400
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS Command Line Interface• AWS SDK for .NET• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for JavaScript• AWS SDK for PHP V3• AWS SDK for Python• AWS SDK for Ruby V3
API Version 2020-05-31274
Amazon CloudFront API Reference
Data TypesThe Amazon CloudFront API contains several data types that various actions use. This section describeseach data type in detail.
NoteThe order of each element in a data type structure is not guaranteed. Applications should notassume a particular order.
The following data types are supported:
• ActiveTrustedSigners (p. 278)• Aliases (p. 279)• AliasICPRecordal (p. 280)• AllowedMethods (p. 281)• CacheBehavior (p. 283)• CacheBehaviors (p. 288)• CachedMethods (p. 289)• CachePolicy (p. 290)• CachePolicyConfig (p. 291)• CachePolicyCookiesConfig (p. 293)• CachePolicyHeadersConfig (p. 294)• CachePolicyList (p. 295)• CachePolicyQueryStringsConfig (p. 296)• CachePolicySummary (p. 297)• CloudFrontOriginAccessIdentity (p. 298)• CloudFrontOriginAccessIdentityConfig (p. 299)• CloudFrontOriginAccessIdentityList (p. 300)• CloudFrontOriginAccessIdentitySummary (p. 302)• ContentTypeProfile (p. 303)• ContentTypeProfileConfig (p. 304)• ContentTypeProfiles (p. 305)• CookieNames (p. 306)• CookiePreference (p. 307)• CustomErrorResponse (p. 309)• CustomErrorResponses (p. 311)• CustomHeaders (p. 312)• CustomOriginConfig (p. 313)• DefaultCacheBehavior (p. 315)• Distribution (p. 319)• DistributionConfig (p. 321)• DistributionConfigWithTags (p. 326)• DistributionIdList (p. 327)• DistributionList (p. 329)• DistributionSummary (p. 331)• EncryptionEntities (p. 335)
API Version 2020-05-31275
Amazon CloudFront API Reference
• EncryptionEntity (p. 336)• EndPoint (p. 337)• FieldLevelEncryption (p. 338)• FieldLevelEncryptionConfig (p. 339)• FieldLevelEncryptionList (p. 340)• FieldLevelEncryptionProfile (p. 341)• FieldLevelEncryptionProfileConfig (p. 342)• FieldLevelEncryptionProfileList (p. 343)• FieldLevelEncryptionProfileSummary (p. 344)• FieldLevelEncryptionSummary (p. 345)• FieldPatterns (p. 346)• ForwardedValues (p. 347)• GeoRestriction (p. 350)• Headers (p. 352)• Invalidation (p. 353)• InvalidationBatch (p. 354)• InvalidationList (p. 355)• InvalidationSummary (p. 357)• KeyPairIds (p. 358)• KinesisStreamConfig (p. 359)• LambdaFunctionAssociation (p. 360)• LambdaFunctionAssociations (p. 362)• LoggingConfig (p. 363)• MonitoringSubscription (p. 365)• Origin (p. 366)• OriginCustomHeader (p. 368)• OriginGroup (p. 369)• OriginGroupFailoverCriteria (p. 370)• OriginGroupMember (p. 371)• OriginGroupMembers (p. 372)• OriginGroups (p. 373)• OriginRequestPolicy (p. 374)• OriginRequestPolicyConfig (p. 375)• OriginRequestPolicyCookiesConfig (p. 377)• OriginRequestPolicyHeadersConfig (p. 378)• OriginRequestPolicyList (p. 379)• OriginRequestPolicyQueryStringsConfig (p. 380)• OriginRequestPolicySummary (p. 381)• Origins (p. 382)• OriginSslProtocols (p. 383)• ParametersInCacheKeyAndForwardedToOrigin (p. 384)• Paths (p. 386)• PublicKey (p. 387)• PublicKeyConfig (p. 388)• PublicKeyList (p. 389)• PublicKeySummary (p. 390)
API Version 2020-05-31276
Amazon CloudFront API Reference
• QueryArgProfile (p. 391)• QueryArgProfileConfig (p. 392)• QueryArgProfiles (p. 393)• QueryStringCacheKeys (p. 394)• QueryStringNames (p. 395)• RealtimeLogConfig (p. 396)• RealtimeLogConfigs (p. 398)• RealtimeMetricsSubscriptionConfig (p. 399)• Restrictions (p. 400)• S3Origin (p. 401)• S3OriginConfig (p. 402)• Signer (p. 403)• StatusCodes (p. 404)• StreamingDistribution (p. 405)• StreamingDistributionConfig (p. 407)• StreamingDistributionConfigWithTags (p. 409)• StreamingDistributionList (p. 410)• StreamingDistributionSummary (p. 412)• StreamingLoggingConfig (p. 414)• Tag (p. 415)• TagKeys (p. 416)• Tags (p. 417)• TrustedSigners (p. 418)• ViewerCertificate (p. 419)
API Version 2020-05-31277
Amazon CloudFront API ReferenceActiveTrustedSigners
ActiveTrustedSignersA complex type that lists the AWS accounts, if any, that you included in the TrustedSigners complextype for this distribution. These are the accounts that you want to allow to create signed URLs for privatecontent.
The Signer complex type lists the AWS account number of the trusted signer or self if the signeris the AWS account that created the distribution. The Signer element also includes the IDs of anyactive CloudFront key pairs that are associated with the trusted signer's AWS account. If no KeyPairIdelement appears for a Signer, that signer can't create signed URLs.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
ContentsEnabled
Enabled is true if any of the AWS accounts listed in the TrustedSigners complex type for thisdistribution have active CloudFront key pairs. If not, Enabled is false.
Type: Boolean
Required: YesItems
A complex type that contains one Signer complex type for each trusted signer that is specified inthe TrustedSigners complex type.
Type: Array of Signer (p. 403) objects
Required: NoQuantity
The number of trusted signers specified in the TrustedSigners complex type.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31278
Amazon CloudFront API ReferenceAliases
AliasesA complex type that contains information about CNAMEs (alternate domain names), if any, for thisdistribution.
ContentsItems
A complex type that contains the CNAME aliases, if any, that you want to associate with thisdistribution.
Type: Array of strings
Required: NoQuantity
The number of CNAME aliases, if any, that you want to associate with this distribution.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31279
Amazon CloudFront API ReferenceAliasICPRecordal
AliasICPRecordalAWS services in China customers must file for an Internet Content Provider (ICP) recordal if they wantto serve content publicly on an alternate domain name, also known as a CNAME, that they've added toCloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions.The status is returned in the CloudFront response; you can't configure it yourself.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Started withAWS services in China.
ContentsCNAME
A domain name associated with a distribution.
Type: String
Required: NoICPRecordalStatus
The Internet Content Provider (ICP) recordal status for a CNAME. The ICPRecordalStatus is set toAPPROVED for all CNAMEs (aliases) in regions outside of China.
The status values returned are the following:• APPROVED indicates that the associated CNAME has a valid ICP recordal number. Multiple
CNAMEs can be associated with a distribution, and CNAMEs can correspond to different ICPrecordals. To be marked as APPROVED, that is, valid to use with China region, a CNAME must haveone ICP recordal number associated with it.
• SUSPENDED indicates that the associated CNAME does not have a valid ICP recordal number.• PENDING indicates that CloudFront can't determine the ICP recordal status of the CNAME
associated with the distribution because there was an error in trying to determine the status. Youcan try again to see if the error is resolved in which case CloudFront returns an APPROVED orSUSPENDED status.
Type: String
Valid Values: APPROVED | SUSPENDED | PENDING
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31280
Amazon CloudFront API ReferenceAllowedMethods
AllowedMethodsA complex type that controls which HTTP methods CloudFront processes and forwards to your AmazonS3 bucket or your custom origin. There are three choices:
• CloudFront forwards only GET and HEAD requests.• CloudFront forwards only GET, HEAD, and OPTIONS requests.• CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE requests.
If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your customorigin so users can't perform operations that you don't want them to. For example, you might not wantusers to have permissions to delete objects from your origin.
ContentsCachedMethods
A complex type that controls whether CloudFront caches the response to requests using thespecified HTTP methods. There are two choices:• CloudFront caches responses to GET and HEAD requests.• CloudFront caches responses to GET, HEAD, and OPTIONS requests.
If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to becached correctly.
Type: CachedMethods (p. 289) object
Required: NoItems
A complex type that contains the HTTP methods that you want CloudFront to process and forwardto your origin.
Type: Array of strings
Valid Values: GET | HEAD | POST | PUT | PATCH | OPTIONS | DELETE
Required: YesQuantity
The number of HTTP methods that you want CloudFront to forward to your origin. Valid values are2 (for GET and HEAD requests), 3 (for GET, HEAD, and OPTIONS requests) and 7 (for GET, HEAD,OPTIONS, PUT, PATCH, POST, and DELETE requests).
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
API Version 2020-05-31281
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31282
Amazon CloudFront API ReferenceCacheBehavior
CacheBehaviorA complex type that describes how CloudFront processes requests.
You must create at least as many cache behaviors (including the default cache behavior) as you haveorigins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies theone origin from which you want CloudFront to get objects. If you have two origins and only the defaultcache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins,but the other origin is never used.
For the current quota (formerly known as limit) on the number of cache behaviors that you can add to adistribution, see Quotas in the Amazon CloudFront Developer Guide.
If you don’t want to specify any cache behaviors, include only an empty CacheBehaviors element.Don’t include an empty CacheBehavior element because this is invalid.
To delete all cache behaviors in an existing distribution, update the distribution configuration andinclude only an empty CacheBehaviors element.
To add, change, or remove one or more cache behaviors, update the distribution configuration andspecify all of the cache behaviors that you want to include in the updated distribution.
For more information about cache behaviors, see Cache Behavior Settings in the Amazon CloudFrontDeveloper Guide.
ContentsAllowedMethods
A complex type that controls which HTTP methods CloudFront processes and forwards to yourAmazon S3 bucket or your custom origin. There are three choices:• CloudFront forwards only GET and HEAD requests.• CloudFront forwards only GET, HEAD, and OPTIONS requests.• CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE requests.
If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to yourcustom origin so users can't perform operations that you don't want them to. For example, youmight not want users to have permissions to delete objects from your origin.
Type: AllowedMethods (p. 281) object
Required: NoCachePolicyId
The unique identifier of the cache policy that is attached to this cache behavior. For moreinformation, see Creating cache policies or Using the managed cache policies in the AmazonCloudFront Developer Guide.
Type: String
Required: NoCompress
Whether you want CloudFront to automatically compress certain files for this cache behavior. If so,specify true; if not, specify false. For more information, see Serving Compressed Files in the AmazonCloudFront Developer Guide.
API Version 2020-05-31283
Amazon CloudFront API ReferenceContents
Type: Boolean
Required: NoDefaultTTL
This field is deprecated. We recommend that you use the DefaultTTL field in a cache policy insteadof this field. For more information, see Creating cache policies or Using the managed cache policiesin the Amazon CloudFront Developer Guide.
The default amount of time that you want objects to stay in CloudFront caches before CloudFrontforwards another request to your origin to determine whether the object has been updated. Thevalue that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information,see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFrontDeveloper Guide.
Type: Long
Required: NoFieldLevelEncryptionId
The value of ID for the field-level encryption configuration that you want CloudFront to use forencrypting specific fields of data for this cache behavior.
Type: String
Required: NoForwardedValues
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field. For more information, see Working with policies in the Amazon CloudFrontDeveloper Guide.
If you want to include values in the cache key, use a cache policy. For more information, see Creatingcache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.
If you want to send values to the origin but not include them in the cache key, use an origin requestpolicy. For more information, see Creating origin request policies or Using the managed originrequest policies in the Amazon CloudFront Developer Guide.
A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.
Type: ForwardedValues (p. 347) object
Required: NoLambdaFunctionAssociations
A complex type that contains zero or more Lambda function associations for a cache behavior.
Type: LambdaFunctionAssociations (p. 362) object
Required: NoMaxTTL
This field is deprecated. We recommend that you use the MaxTTL field in a cache policy instead ofthis field. For more information, see Creating cache policies or Using the managed cache policies inthe Amazon CloudFront Developer Guide.
The maximum amount of time that you want objects to stay in CloudFront caches before CloudFrontforwards another request to your origin to determine whether the object has been updated.
API Version 2020-05-31284
Amazon CloudFront API ReferenceContents
The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information,see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFrontDeveloper Guide.
Type: Long
Required: NoMinTTL
This field is deprecated. We recommend that you use the MinTTL field in a cache policy instead ofthis field. For more information, see Creating cache policies or Using the managed cache policies inthe Amazon CloudFront Developer Guide.
The minimum amount of time that you want objects to stay in CloudFront caches before CloudFrontforwards another request to your origin to determine whether the object has been updated. Formore information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin(under Headers, if you specify 1 for Quantity and * for Name).
Type: Long
Required: NoOriginRequestPolicyId
The unique identifier of the origin request policy that is attached to this cache behavior. For moreinformation, see Creating origin request policies or Using the managed origin request policies in theAmazon CloudFront Developer Guide.
Type: String
Required: NoPathPattern
The pattern (for example, images/*.jpg) that specifies which requests to apply the behavior to.When CloudFront receives a viewer request, the requested path is compared with path patterns inthe order in which cache behaviors are listed in the distribution.
NoteYou can optionally include a slash (/) at the beginning of the path pattern. For example, /images/*.jpg. CloudFront behavior is the same with or without the leading /.
The path pattern for the default cache behavior is * and cannot be changed. If the request for anobject does not match the path pattern for any cache behaviors, CloudFront applies the behavior inthe default cache behavior.
For more information, see Path Pattern in the Amazon CloudFront Developer Guide.
Type: String
Required: YesRealtimeLogConfigArn
The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cachebehavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.
Type: String
API Version 2020-05-31285
Amazon CloudFront API ReferenceContents
Required: NoSmoothStreaming
Indicates whether you want to distribute media files in the Microsoft Smooth Streaming formatusing the origin that is associated with this cache behavior. If so, specify true; if not, specify false.If you specify true for SmoothStreaming, you can still distribute other content using this cachebehavior if the content matches the value of PathPattern.
Type: Boolean
Required: NoTargetOriginId
The value of ID for the origin that you want CloudFront to route requests to when they match thiscache behavior.
Type: String
Required: YesTrustedSigners
A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLsfor private content.
If you want to require signed URLs in requests for objects in the target origin that match thePathPattern for this cache behavior, specify true for Enabled, and specify the applicable valuesfor Quantity and Items. For more information, see Serving Private Content with Signed URLs andSigned Cookies in the Amazon CloudFront Developer Guide.
If you don’t want to require signed URLs in requests for objects that match PathPattern, specifyfalse for Enabled and 0 for Quantity. Omit Items.
To add, change, or remove one or more trusted signers, change Enabled to true (if it’s currentlyfalse), change Quantity as applicable, and specify all of the trusted signers that you want toinclude in the updated distribution.
Type: TrustedSigners (p. 418) object
Required: YesViewerProtocolPolicy
The protocol that viewers can use to access the files in the origin specified by TargetOriginIdwhen a request matches the path pattern in PathPattern. You can specify the following options:• allow-all: Viewers can use HTTP or HTTPS.• redirect-to-https: If a viewer submits an HTTP request, CloudFront returns an HTTP status
code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer thenresubmits the request using the new URL.
• https-only: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403(Forbidden).
For more information about requiring the HTTPS protocol, see Requiring HTTPS Between Viewersand CloudFront in the Amazon CloudFront Developer Guide.
NoteThe only way to guarantee that viewers retrieve an object that was fetched from the originusing HTTPS is never to use any other protocol to fetch the object. If you have recentlychanged from HTTP to HTTPS, we recommend that you clear your objects’ cache becausecached objects are protocol agnostic. That means that an edge location will return an object
API Version 2020-05-31286
Amazon CloudFront API ReferenceSee Also
from the cache regardless of whether the current request protocol matches the protocolused previously. For more information, see Managing Cache Expiration in the AmazonCloudFront Developer Guide.
Type: String
Valid Values: allow-all | https-only | redirect-to-https
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31287
Amazon CloudFront API ReferenceCacheBehaviors
CacheBehaviorsA complex type that contains zero or more CacheBehavior elements.
ContentsItems
Optional: A complex type that contains cache behaviors for this distribution. If Quantity is 0, youcan omit Items.
Type: Array of CacheBehavior (p. 283) objects
Required: NoQuantity
The number of cache behaviors for this distribution.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31288
Amazon CloudFront API ReferenceCachedMethods
CachedMethodsA complex type that controls whether CloudFront caches the response to requests using the specifiedHTTP methods. There are two choices:
• CloudFront caches responses to GET and HEAD requests.• CloudFront caches responses to GET, HEAD, and OPTIONS requests.
If you pick the second choice for your Amazon S3 Origin, you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers, and Origin headers for the responses to be cachedcorrectly.
ContentsItems
A complex type that contains the HTTP methods that you want CloudFront to cache responses to.
Type: Array of strings
Valid Values: GET | HEAD | POST | PUT | PATCH | OPTIONS | DELETE
Required: YesQuantity
The number of HTTP methods for which you want CloudFront to cache responses. Valid values are2 (for caching responses to GET and HEAD requests) and 3 (for caching responses to GET, HEAD, andOPTIONS requests).
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31289
Amazon CloudFront API ReferenceCachePolicy
CachePolicyA cache policy.
When it’s attached to a cache behavior, the cache policy determines the following:
• The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies,and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return tothe viewer.
• The default, minimum, and maximum time to live (TTL) values that you want objects to stay in theCloudFront cache.
The headers, cookies, and query strings that are included in the cache key are automatically included inrequests that CloudFront sends to the origin. CloudFront sends a request when it can’t find a valid objectin its cache that matches the request’s cache key. If you want to send values to the origin but not includethem in the cache key, use OriginRequestPolicy.
ContentsCachePolicyConfig
The cache policy configuration.
Type: CachePolicyConfig (p. 291) object
Required: YesId
The unique identifier for the cache policy.
Type: String
Required: YesLastModifiedTime
The date and time when the cache policy was last modified.
Type: Timestamp
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31290
Amazon CloudFront API ReferenceCachePolicyConfig
CachePolicyConfigA cache policy configuration.
This configuration determines the following:
• The values that CloudFront includes in the cache key. These values can include HTTP headers, cookies,and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return tothe viewer.
• The default, minimum, and maximum time to live (TTL) values that you want objects to stay in theCloudFront cache.
The headers, cookies, and query strings that are included in the cache key are automatically included inrequests that CloudFront sends to the origin. CloudFront sends a request when it can’t find a valid objectin its cache that matches the request’s cache key. If you want to send values to the origin but not includethem in the cache key, use OriginRequestPolicy.
ContentsComment
A comment to describe the cache policy.
Type: String
Required: No
DefaultTTL
The default amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated.CloudFront uses this value as the object’s time to live (TTL) only when the origin does not sendCache-Control or Expires headers with the object. For more information, see Managing HowLong Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
The default value for this field is 86400 seconds (one day). If the value of MinTTL is more than86400 seconds, then the default value for this field is the same as the value of MinTTL.
Type: Long
Required: No
MaxTTL
The maximum amount of time, in seconds, that objects stay in the CloudFront cache beforeCloudFront sends another request to the origin to see if the object has been updated. CloudFrontuses this value only when the origin sends Cache-Control or Expires headers with the object.For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
The default value for this field is 31536000 seconds (one year). If the value of MinTTL orDefaultTTL is more than 31536000 seconds, then the default value for this field is the same as thevalue of DefaultTTL.
Type: Long
Required: No
API Version 2020-05-31291
Amazon CloudFront API ReferenceSee Also
MinTTL
The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cachebefore CloudFront sends another request to the origin to see if the object has been updated. Formore information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
Type: Long
Required: YesName
A unique name to identify the cache policy.
Type: String
Required: YesParametersInCacheKeyAndForwardedToOrigin
The HTTP headers, cookies, and URL query strings to include in the cache key. The values included inthe cache key are automatically included in requests that CloudFront sends to the origin.
Type: ParametersInCacheKeyAndForwardedToOrigin (p. 384) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31292
Amazon CloudFront API ReferenceCachePolicyCookiesConfig
CachePolicyCookiesConfigAn object that determines whether any cookies in viewer requests (and if so, which cookies) are includedin the cache key and automatically included in requests that CloudFront sends to the origin.
ContentsCookieBehavior
Determines whether any cookies in viewer requests are included in the cache key and automaticallyincluded in requests that CloudFront sends to the origin. Valid values are:• none – Cookies in viewer requests are not included in the cache key and are not automatically
included in requests that CloudFront sends to the origin. Even when this field is set to none, anycookies that are listed in an OriginRequestPolicy are included in origin requests.
• whitelist – The cookies in viewer requests that are listed in the CookieNames type are includedin the cache key and automatically included in requests that CloudFront sends to the origin.
• allExcept – All cookies in viewer requests that are not listed in the CookieNames type areincluded in the cache key and automatically included in requests that CloudFront sends to theorigin.
• all – All cookies in viewer requests are included in the cache key and are automatically includedin requests that CloudFront sends to the origin.
Type: String
Valid Values: none | whitelist | allExcept | all
Required: YesCookies
Contains a list of cookie names.
Type: CookieNames (p. 306) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31293
Amazon CloudFront API ReferenceCachePolicyHeadersConfig
CachePolicyHeadersConfigAn object that determines whether any HTTP headers (and if so, which headers) are included in the cachekey and automatically included in requests that CloudFront sends to the origin.
ContentsHeaderBehavior
Determines whether any HTTP headers are included in the cache key and automatically included inrequests that CloudFront sends to the origin. Valid values are:• none – HTTP headers are not included in the cache key and are not automatically included in
requests that CloudFront sends to the origin. Even when this field is set to none, any headers thatare listed in an OriginRequestPolicy are included in origin requests.
• whitelist – The HTTP headers that are listed in the Headers type are included in the cache keyand are automatically included in requests that CloudFront sends to the origin.
Type: String
Valid Values: none | whitelist
Required: YesHeaders
Contains a list of HTTP header names.
Type: Headers (p. 352) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31294
Amazon CloudFront API ReferenceCachePolicyList
CachePolicyListA list of cache policies.
ContentsItems
Contains the cache policies in the list.
Type: Array of CachePolicySummary (p. 297) objects
Required: NoMaxItems
The maximum number of cache policies requested.
Type: Integer
Required: YesNextMarker
If there are more items in the list than are in this response, this element is present. It contains thevalue that you should use in the Marker field of a subsequent request to continue listing cachepolicies where you left off.
Type: String
Required: NoQuantity
The total number of cache policies returned in the response.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31295
Amazon CloudFront API ReferenceCachePolicyQueryStringsConfig
CachePolicyQueryStringsConfigAn object that determines whether any URL query strings in viewer requests (and if so, which querystrings) are included in the cache key and automatically included in requests that CloudFront sends tothe origin.
ContentsQueryStringBehavior
Determines whether any URL query strings in viewer requests are included in the cache key andautomatically included in requests that CloudFront sends to the origin. Valid values are:• none – Query strings in viewer requests are not included in the cache key and are not
automatically included in requests that CloudFront sends to the origin. Even when this field is setto none, any query strings that are listed in an OriginRequestPolicy are included in originrequests.
• whitelist – The query strings in viewer requests that are listed in the QueryStringNames typeare included in the cache key and automatically included in requests that CloudFront sends to theorigin.
• allExcept – All query strings in viewer requests that are not listed in the QueryStringNamestype are included in the cache key and automatically included in requests that CloudFront sends tothe origin.
• all – All query strings in viewer requests are included in the cache key and are automaticallyincluded in requests that CloudFront sends to the origin.
Type: String
Valid Values: none | whitelist | allExcept | all
Required: YesQueryStrings
Contains the specific query strings in viewer requests that either are or are not included in thecache key and automatically included in requests that CloudFront sends to the origin. The behaviordepends on whether the QueryStringBehavior field in the CachePolicyQueryStringsConfigtype is set to whitelist (the listed query strings are included) or allExcept (the listed querystrings are not included, but all other query strings are).
Type: QueryStringNames (p. 395) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31296
Amazon CloudFront API ReferenceCachePolicySummary
CachePolicySummaryContains a cache policy.
ContentsCachePolicy
The cache policy.
Type: CachePolicy (p. 290) object
Required: YesType
The type of cache policy, either managed (created by AWS) or custom (created in this AWS account).
Type: String
Valid Values: managed | custom
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31297
Amazon CloudFront API ReferenceCloudFrontOriginAccessIdentity
CloudFrontOriginAccessIdentityCloudFront origin access identity.
ContentsCloudFrontOriginAccessIdentityConfig
The current configuration information for the identity.
Type: CloudFrontOriginAccessIdentityConfig (p. 299) object
Required: NoId
The ID for the origin access identity, for example, E74FTE3AJFJ256A.
Type: String
Required: YesS3CanonicalUserId
The Amazon S3 canonical user ID for the origin access identity, used when giving the origin accessidentity read permission to an object in Amazon S3.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31298
Amazon CloudFront API ReferenceCloudFrontOriginAccessIdentityConfig
CloudFrontOriginAccessIdentityConfigOrigin access identity configuration. Send a GET request to the /CloudFront API version/CloudFront/identity ID/config resource.
ContentsCallerReference
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theCloudFrontOriginAccessIdentityConfig object), a new origin access identity is created.
If the CallerReference is a value already sent in a previous identity request, and the content ofthe CloudFrontOriginAccessIdentityConfig is identical to the original request (ignoringwhite space), the response includes the same information returned to the original request.
If the CallerReference is a value you already sent in a previous request to create an identity, butthe content of the CloudFrontOriginAccessIdentityConfig is different from the originalrequest, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.
Type: String
Required: YesComment
Any comments you want to include about the origin access identity.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31299
Amazon CloudFront API ReferenceCloudFrontOriginAccessIdentityList
CloudFrontOriginAccessIdentityListLists the origin access identities for CloudFront.Send a GET request to the /CloudFrontAPI version/origin-access-identity/cloudfront resource. The responseincludes a CloudFrontOriginAccessIdentityList element with zero or moreCloudFrontOriginAccessIdentitySummary child elements. By default, your entire list of originaccess identities is returned in one single page. If the list is long, you can paginate it using the MaxItemsand Marker parameters.
ContentsIsTruncated
A flag that indicates whether more origin access identities remain to be listed. If your results weretruncated, you can make a follow-up pagination request using the Marker request parameter toretrieve more items in the list.
Type: Boolean
Required: YesItems
A complex type that contains one CloudFrontOriginAccessIdentitySummary element for eachorigin access identity that was created by the current AWS account.
Type: Array of CloudFrontOriginAccessIdentitySummary (p. 302) objects
Required: NoMarker
Use this when paginating results to indicate where to begin in your list of origin access identities.The results include identities in the list that occur after the marker. To get the next page of results,set the Marker to the value of the NextMarker from the current page's response (which is also theID of the last identity on that page).
Type: String
Required: YesMaxItems
The maximum number of origin access identities you want in the response body.
Type: Integer
Required: YesNextMarker
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your origin access identities where they left off.
Type: String
Required: NoQuantity
The number of CloudFront origin access identities that were created by the current AWS account.
Type: Integer
API Version 2020-05-31300
Amazon CloudFront API ReferenceSee Also
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31301
Amazon CloudFront API ReferenceCloudFrontOriginAccessIdentitySummary
CloudFrontOriginAccessIdentitySummarySummary of the information about a CloudFront origin access identity.
ContentsComment
The comment for this origin access identity, as originally specified when created.
Type: String
Required: YesId
The ID for the origin access identity. For example: E74FTE3AJFJ256A.
Type: String
Required: YesS3CanonicalUserId
The Amazon S3 canonical user ID for the origin access identity, which you use when giving the originaccess identity read permission to an object in Amazon S3.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31302
Amazon CloudFront API ReferenceContentTypeProfile
ContentTypeProfileA field-level encryption content type profile.
ContentsContentType
The content type for a field-level encryption content type-profile mapping.
Type: String
Required: YesFormat
The format for a field-level encryption content type-profile mapping.
Type: String
Valid Values: URLEncoded
Required: YesProfileId
The profile ID for a field-level encryption content type-profile mapping.
Type: String
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31303
Amazon CloudFront API ReferenceContentTypeProfileConfig
ContentTypeProfileConfigThe configuration for a field-level encryption content type-profile mapping.
ContentsContentTypeProfiles
The configuration for a field-level encryption content type-profile.
Type: ContentTypeProfiles (p. 305) object
Required: NoForwardWhenContentTypeIsUnknown
The setting in a field-level encryption content type-profile mapping that specifies what to do whenan unknown content type is provided for the profile. If true, content is forwarded without beingencrypted when the content type is unknown. If false (the default), an error is returned when thecontent type is unknown.
Type: Boolean
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31304
Amazon CloudFront API ReferenceContentTypeProfiles
ContentTypeProfilesField-level encryption content type-profile.
ContentsItems
Items in a field-level encryption content type-profile mapping.
Type: Array of ContentTypeProfile (p. 303) objects
Required: NoQuantity
The number of field-level encryption content type-profile mappings.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31305
Amazon CloudFront API ReferenceCookieNames
CookieNamesContains a list of cookie names.
ContentsItems
A list of cookie names.
Type: Array of strings
Required: NoQuantity
The number of cookie names in the Items list.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31306
Amazon CloudFront API ReferenceCookiePreference
CookiePreferenceThis field is deprecated. We recommend that you use a cache policy or an origin request policy instead ofthis field.
If you want to include cookies in the cache key, use CookiesConfig in a cache policy. SeeCachePolicy.
If you want to send cookies to the origin but not include them in the cache key, use CookiesConfig inan origin request policy. See OriginRequestPolicy.
A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so,which ones. For more information about forwarding cookies to the origin, see Caching Content Based onCookies in the Amazon CloudFront Developer Guide.
ContentsForward
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field.
If you want to include cookies in the cache key, use a cache policy. For more information, seeCreating cache policies in the Amazon CloudFront Developer Guide.
If you want to send cookies to the origin but not include them in the cache key, use origin requestpolicy. For more information, see Creating origin request policies in the Amazon CloudFrontDeveloper Guide.
Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list ofcookies specified in the WhitelistedNames complex type.
Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an AmazonS3 origin, specify none for the Forward element.
Type: String
Valid Values: none | whitelist | all
Required: YesWhitelistedNames
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field.
If you want to include cookies in the cache key, use a cache policy. For more information, seeCreating cache policies in the Amazon CloudFront Developer Guide.
If you want to send cookies to the origin but not include them in the cache key, use an originrequest policy. For more information, see Creating origin request policies in the Amazon CloudFrontDeveloper Guide.
Required if you specify whitelist for the value of Forward. A complex type that specifies howmany different cookies you want CloudFront to forward to the origin for this cache behavior and, ifyou want to forward selected cookies, the names of those cookies.
If you specify all or none for the value of Forward, omit WhitelistedNames. If you change thevalue of Forward from whitelist to all or none and you don't delete the WhitelistedNameselement and its child elements, CloudFront deletes them automatically.
API Version 2020-05-31307
Amazon CloudFront API ReferenceSee Also
For the current limit on the number of cookie names that you can whitelist for each cache behavior,see CloudFront Limits in the AWS General Reference.
Type: CookieNames (p. 306) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31308
Amazon CloudFront API ReferenceCustomErrorResponse
CustomErrorResponseA complex type that controls:
• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messagesbefore returning the response to the viewer.
• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the AmazonCloudFront Developer Guide.
ContentsErrorCachingMinTTL
The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP statuscode specified in ErrorCode. When this time period has elapsed, CloudFront queries your origin tosee whether the problem that caused the error has been resolved and the requested object is nowavailable.
For more information, see Customizing Error Responses in the Amazon CloudFront Developer Guide.
Type: Long
Required: NoErrorCode
The HTTP status code for which you want to specify a custom error page and/or a caching duration.
Type: Integer
Required: YesResponseCode
The HTTP status code that you want CloudFront to return to the viewer along with the custom errorpage. There are a variety of reasons that you might want CloudFront to return a status code differentfrom the status code that your origin returned to CloudFront, for example:• Some Internet devices (some firewalls and corporate proxies, for example) intercept HTTP 4xx
and 5xx and prevent the response from being returned to the viewer. If you substitute 200, theresponse typically won't be intercepted.
• If you don't care about distinguishing among different client errors or server errors, you canspecify 400 or 500 as the ResponseCode for all 4xx or 5xx errors.
• You might want to return a 200 status code (OK) and static website so your customers don't knowthat your website is down.
If you specify a value for ResponseCode, you must also specify a value for ResponsePagePath.
Type: String
Required: NoResponsePagePath
The path to the custom error page that you want CloudFront to return to a viewer when yourorigin returns the HTTP status code specified by ErrorCode, for example, /4xx-errors/403-forbidden.html. If you want to store your objects and your custom error pages in differentlocations, your distribution must include a cache behavior for which the following is true:
API Version 2020-05-31309
Amazon CloudFront API ReferenceSee Also
• The value of PathPattern matches the path to your custom error messages. For example,suppose you saved custom error pages for 4xx errors in an Amazon S3 bucket in a directory named/4xx-errors. Your distribution must include a cache behavior for which the path pattern routesrequests for your custom error pages to that location, for example, /4xx-errors/*.
• The value of TargetOriginId specifies the value of the ID element for the origin that containsyour custom error pages.
If you specify a value for ResponsePagePath, you must also specify a value for ResponseCode.
We recommend that you store custom error pages in an Amazon S3 bucket. If you store custom errorpages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the filesthat you want to return to viewers because the origin server is unavailable.
Type: String
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31310
Amazon CloudFront API ReferenceCustomErrorResponses
CustomErrorResponsesA complex type that controls:
• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messagesbefore returning the response to the viewer.
• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the AmazonCloudFront Developer Guide.
ContentsItems
A complex type that contains a CustomErrorResponse element for each HTTP status code forwhich you want to specify a custom error page and/or a caching duration.
Type: Array of CustomErrorResponse (p. 309) objects
Required: NoQuantity
The number of HTTP status codes for which you want to specify a custom error page and/or acaching duration. If Quantity is 0, you can omit Items.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31311
Amazon CloudFront API ReferenceCustomHeaders
CustomHeadersA complex type that contains the list of Custom Headers for each origin.
ContentsItems
Optional: A list that contains one OriginCustomHeader element for each custom header that youwant CloudFront to forward to the origin. If Quantity is 0, omit Items.
Type: Array of OriginCustomHeader (p. 368) objects
Required: NoQuantity
The number of custom headers, if any, for this distribution.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31312
Amazon CloudFront API ReferenceCustomOriginConfig
CustomOriginConfigA custom origin. A custom origin is any origin that is not an Amazon S3 bucket, with one exception. AnAmazon S3 bucket that is configured with static website hosting is a custom origin.
ContentsHTTPPort
The HTTP port that CloudFront uses to connect to the origin. Specify the HTTP port that the originlistens on.
Type: Integer
Required: YesHTTPSPort
The HTTPS port that CloudFront uses to connect to the origin. Specify the HTTPS port that theorigin listens on.
Type: Integer
Required: YesOriginKeepaliveTimeout
Specifies how long, in seconds, CloudFront persists its connection to the origin. The minimumtimeout is 1 second, the maximum is 60 seconds, and the default (if you don’t specify otherwise) is 5seconds.
For more information, see Origin Keep-alive Timeout in the Amazon CloudFront Developer Guide.
Type: Integer
Required: NoOriginProtocolPolicy
Specifies the protocol (HTTP or HTTPS) that CloudFront uses to connect to the origin. Valid valuesare:• http-only – CloudFront always uses HTTP to connect to the origin.• match-viewer – CloudFront connects to the origin using the same protocol that the viewer used
to connect to CloudFront.• https-only – CloudFront always uses HTTPS to connect to the origin.
Type: String
Valid Values: http-only | match-viewer | https-only
Required: YesOriginReadTimeout
Specifies how long, in seconds, CloudFront waits for a response from the origin. This is also known asthe origin response timeout. The minimum timeout is 1 second, the maximum is 60 seconds, and thedefault (if you don’t specify otherwise) is 30 seconds.
For more information, see Origin Response Timeout in the Amazon CloudFront Developer Guide.
Type: Integer
API Version 2020-05-31313
Amazon CloudFront API ReferenceSee Also
Required: NoOriginSslProtocols
Specifies the minimum SSL/TLS protocol that CloudFront uses when connecting to your origin overHTTPS. Valid values include SSLv3, TLSv1, TLSv1.1, and TLSv1.2.
For more information, see Minimum Origin SSL Protocol in the Amazon CloudFront Developer Guide.
Type: OriginSslProtocols (p. 383) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31314
Amazon CloudFront API ReferenceDefaultCacheBehavior
DefaultCacheBehaviorA complex type that describes the default cache behavior if you don’t specify a CacheBehaviorelement or if request URLs don’t match any of the values of PathPattern in CacheBehaviorelements. You must create exactly one default cache behavior.
ContentsAllowedMethods
A complex type that controls which HTTP methods CloudFront processes and forwards to yourAmazon S3 bucket or your custom origin. There are three choices:• CloudFront forwards only GET and HEAD requests.• CloudFront forwards only GET, HEAD, and OPTIONS requests.• CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE requests.
If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to yourcustom origin so users can't perform operations that you don't want them to. For example, youmight not want users to have permissions to delete objects from your origin.
Type: AllowedMethods (p. 281) object
Required: NoCachePolicyId
The unique identifier of the cache policy that is attached to the default cache behavior. For moreinformation, see Creating cache policies or Using the managed cache policies in the AmazonCloudFront Developer Guide.
Type: String
Required: NoCompress
Whether you want CloudFront to automatically compress certain files for this cache behavior. Ifso, specify true; if not, specify false. For more information, see Serving Compressed Files in theAmazon CloudFront Developer Guide.
Type: Boolean
Required: NoDefaultTTL
This field is deprecated. We recommend that you use the DefaultTTL field in a cache policy insteadof this field. For more information, see Creating cache policies or Using the managed cache policiesin the Amazon CloudFront Developer Guide.
The default amount of time that you want objects to stay in CloudFront caches before CloudFrontforwards another request to your origin to determine whether the object has been updated. Thevalue that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information,see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFrontDeveloper Guide.
Type: Long
Required: No
API Version 2020-05-31315
Amazon CloudFront API ReferenceContents
FieldLevelEncryptionId
The value of ID for the field-level encryption configuration that you want CloudFront to use forencrypting specific fields of data for the default cache behavior.
Type: String
Required: NoForwardedValues
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field. For more information, see Working with policies in the Amazon CloudFrontDeveloper Guide.
If you want to include values in the cache key, use a cache policy. For more information, see Creatingcache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.
If you want to send values to the origin but not include them in the cache key, use an origin requestpolicy. For more information, see Creating origin request policies or Using the managed originrequest policies in the Amazon CloudFront Developer Guide.
A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.
Type: ForwardedValues (p. 347) object
Required: NoLambdaFunctionAssociations
A complex type that contains zero or more Lambda function associations for a cache behavior.
Type: LambdaFunctionAssociations (p. 362) object
Required: NoMaxTTL
This field is deprecated. We recommend that you use the MaxTTL field in a cache policy instead ofthis field. For more information, see Creating cache policies or Using the managed cache policies inthe Amazon CloudFront Developer Guide.
The maximum amount of time that you want objects to stay in CloudFront caches before CloudFrontforwards another request to your origin to determine whether the object has been updated.The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information,see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFrontDeveloper Guide.
Type: Long
Required: NoMinTTL
This field is deprecated. We recommend that you use the MinTTL field in a cache policy instead ofthis field. For more information, see Creating cache policies or Using the managed cache policies inthe Amazon CloudFront Developer Guide.
The minimum amount of time that you want objects to stay in CloudFront caches before CloudFrontforwards another request to your origin to determine whether the object has been updated. Formore information, see Managing How Long Content Stays in an Edge Cache (Expiration) in theAmazon CloudFront Developer Guide.
API Version 2020-05-31316
Amazon CloudFront API ReferenceContents
You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin(under Headers, if you specify 1 for Quantity and * for Name).
Type: Long
Required: NoOriginRequestPolicyId
The unique identifier of the origin request policy that is attached to the default cache behavior. Formore information, see Creating origin request policies or Using the managed origin request policiesin the Amazon CloudFront Developer Guide.
Type: String
Required: NoRealtimeLogConfigArn
The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cachebehavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.
Type: String
Required: NoSmoothStreaming
Indicates whether you want to distribute media files in the Microsoft Smooth Streaming formatusing the origin that is associated with this cache behavior. If so, specify true; if not, specify false.If you specify true for SmoothStreaming, you can still distribute other content using this cachebehavior if the content matches the value of PathPattern.
Type: Boolean
Required: NoTargetOriginId
The value of ID for the origin that you want CloudFront to route requests to when they use thedefault cache behavior.
Type: String
Required: YesTrustedSigners
A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLsfor private content.
If you want to require signed URLs in requests for objects in the target origin that match thePathPattern for this cache behavior, specify true for Enabled, and specify the applicable valuesfor Quantity and Items. For more information, see Serving Private Content with Signed URLs andSigned Cookies in the Amazon CloudFront Developer Guide.
If you don’t want to require signed URLs in requests for objects that match PathPattern, specifyfalse for Enabled and 0 for Quantity. Omit Items.
To add, change, or remove one or more trusted signers, change Enabled to true (if it’s currentlyfalse), change Quantity as applicable, and specify all of the trusted signers that you want toinclude in the updated distribution.
Type: TrustedSigners (p. 418) object
API Version 2020-05-31317
Amazon CloudFront API ReferenceSee Also
Required: YesViewerProtocolPolicy
The protocol that viewers can use to access the files in the origin specified by TargetOriginIdwhen a request matches the path pattern in PathPattern. You can specify the following options:• allow-all: Viewers can use HTTP or HTTPS.• redirect-to-https: If a viewer submits an HTTP request, CloudFront returns an HTTP status
code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer thenresubmits the request using the new URL.
• https-only: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403(Forbidden).
For more information about requiring the HTTPS protocol, see Requiring HTTPS Between Viewersand CloudFront in the Amazon CloudFront Developer Guide.
NoteThe only way to guarantee that viewers retrieve an object that was fetched from the originusing HTTPS is never to use any other protocol to fetch the object. If you have recentlychanged from HTTP to HTTPS, we recommend that you clear your objects’ cache becausecached objects are protocol agnostic. That means that an edge location will return an objectfrom the cache regardless of whether the current request protocol matches the protocolused previously. For more information, see Managing Cache Expiration in the AmazonCloudFront Developer Guide.
Type: String
Valid Values: allow-all | https-only | redirect-to-https
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31318
Amazon CloudFront API ReferenceDistribution
DistributionA distribution tells CloudFront where you want content to be delivered from, and the details about howto track and manage content delivery.
ContentsActiveTrustedSigners
CloudFront automatically adds this element to the response only if you've set up the distribution toserve private content with signed URLs. The element lists the key pair IDs that CloudFront is awareof for each trusted signer. The Signer child element lists the AWS account number of the trustedsigner (or an empty Self element if the signer is you). The Signer element also includes the IDsof any active key pairs associated with the trusted signer's AWS account. If no KeyPairId elementappears for a Signer, that signer can't create working signed URLs.
Type: ActiveTrustedSigners (p. 278) object
Required: YesAliasICPRecordals
AWS services in China customers must file for an Internet Content Provider (ICP) recordal if theywant to serve content publicly on an alternate domain name, also known as a CNAME, that they'veadded to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated withdistributions.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Startedwith AWS services in China.
Type: Array of AliasICPRecordal (p. 280) objects
Required: NoARN
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: String
Required: YesDistributionConfig
The current configuration information for the distribution. Send a GET request to the /CloudFrontAPI version/distribution ID/config resource.
Type: DistributionConfig (p. 321) object
Required: YesDomainName
The domain name corresponding to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: String
Required: Yes
API Version 2020-05-31319
Amazon CloudFront API ReferenceSee Also
Id
The identifier for the distribution. For example: EDFDVBD632BHDS5.
Type: String
Required: YesInProgressInvalidationBatches
The number of invalidation batches currently in progress.
Type: Integer
Required: YesLastModifiedTime
The date and time the distribution was last modified.
Type: Timestamp
Required: YesStatus
This response element indicates the current status of the distribution. When the status is Deployed,the distribution's information is fully propagated to all CloudFront edge locations.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31320
Amazon CloudFront API ReferenceDistributionConfig
DistributionConfigA distribution configuration.
ContentsAliases
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisdistribution.
Type: Aliases (p. 279) object
Required: NoCacheBehaviors
A complex type that contains zero or more CacheBehavior elements.
Type: CacheBehaviors (p. 288) object
Required: NoCallerReference
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of the DistributionConfigobject), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Required: YesComment
Any comments you want to include about the distribution.
If you don't want to specify a comment, include an empty Comment element.
To delete an existing comment, update the distribution configuration and include an emptyComment element.
To add or change a comment, update the distribution configuration and specify the new comment.
Type: String
Required: YesCustomErrorResponses
A complex type that controls the following:• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error
messages before returning the response to the viewer.• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses in the AmazonCloudFront Developer Guide.
API Version 2020-05-31321
Amazon CloudFront API ReferenceContents
Type: CustomErrorResponses (p. 311) object
Required: NoDefaultCacheBehavior
A complex type that describes the default cache behavior if you don't specify a CacheBehaviorelement or if files don't match any of the values of PathPattern in CacheBehavior elements. Youmust create exactly one default cache behavior.
Type: DefaultCacheBehavior (p. 315) object
Required: YesDefaultRootObject
The object that you want CloudFront to request from your origin (for example, index.html)when a viewer requests the root URL for your distribution (http://www.example.com) insteadof an object in your distribution (http://www.example.com/product-description.html).Specifying a default root object avoids exposing the contents of your distribution.
Specify only the object name, for example, index.html. Don't add a / before the object name.
If you don't want to specify a default root object when you create a distribution, include an emptyDefaultRootObject element.
To delete the default root object from an existing distribution, update the distribution configurationand include an empty DefaultRootObject element.
To replace the default root object, update the distribution configuration and specify the new object.
For more information about the default root object, see Creating a Default Root Object in theAmazon CloudFront Developer Guide.
Type: String
Required: NoEnabled
From this field, you can enable or disable the selected distribution.
Type: Boolean
Required: YesHttpVersion
(Optional) Specify the maximum HTTP version that you want viewers to use to communicate withCloudFront. The default value for new web distributions is http2. Viewers that don't support HTTP/2automatically use an earlier HTTP version.
For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must supportServer Name Identification (SNI).
In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. Youcan improve performance by optimizing for HTTP/2. For more information, do an Internet search for"http/2 optimization."
Type: String
Valid Values: http1.1 | http2
Required: No
API Version 2020-05-31322
Amazon CloudFront API ReferenceContents
IsIPV6Enabled
If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution,specify true. If you specify false, CloudFront responds to IPv6 DNS requests with the DNSresponse code NOERROR and with no IP addresses. This allows viewers to submit a second request,for an IPv4 address for your distribution.
In general, you should enable IPv6 if you have users on IPv6 networks who want to access yourcontent. However, if you're using signed URLs or signed cookies to restrict access to your content,and if you're using a custom policy that includes the IpAddress parameter to restrict the IPaddresses that can access your content, don't enable IPv6. If you want to restrict access to somecontent by IP address and not restrict access to other content (or restrict access but not by IPaddress), you can create two distributions. For more information, see Creating a Signed URL Using aCustom Policy in the Amazon CloudFront Developer Guide.
If you're using an Amazon Route 53 alias resource record set to route traffic to your CloudFrontdistribution, you need to create a second alias resource record set when both of the following aretrue:• You enable IPv6 for the distribution• You're using alternate domain names in the URLs for your objects
For more information, see Routing Traffic to an Amazon CloudFront Web Distribution by Using YourDomain Name in the Amazon Route 53 Developer Guide.
If you created a CNAME resource record set, either with Amazon Route 53 or with another DNSservice, you don't need to make any changes. A CNAME record will route traffic to your distributionregardless of the IP address format of the viewer request.
Type: Boolean
Required: NoLogging
A complex type that controls whether access logs are written for the distribution.
For more information about logging, see Access Logs in the Amazon CloudFront Developer Guide.
Type: LoggingConfig (p. 363) object
Required: NoOriginGroups
A complex type that contains information about origin groups for this distribution.
Type: OriginGroups (p. 373) object
Required: NoOrigins
A complex type that contains information about origins for this distribution.
Type: Origins (p. 382) object
Required: YesPriceClass
The price class that corresponds with the maximum price that you want to pay for CloudFrontservice. If you specify PriceClass_All, CloudFront responds to requests for your objects from allCloudFront edge locations.
API Version 2020-05-31323
Amazon CloudFront API ReferenceSee Also
If you specify a price class other than PriceClass_All, CloudFront serves your objects from theCloudFront edge location that has the lowest latency among the edge locations in your price class.Viewers who are in or near regions that are excluded from your specified price class may encounterslower performance.
For more information about price classes, see Choosing the Price Class for a CloudFront Distributionin the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including howprice classes (such as Price Class 100) map to CloudFront regions, see Amazon CloudFront Pricing.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: NoRestrictions
A complex type that identifies ways in which you want to restrict distribution of your content.
Type: Restrictions (p. 400) object
Required: NoViewerCertificate
A complex type that determines the distribution’s SSL/TLS configuration for communicating withviewers.
Type: ViewerCertificate (p. 419) object
Required: NoWebACLId
A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for examplearn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use theACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests thatare forwarded to CloudFront, and lets you control access to your content. Based on conditions thatyou specify, such as the IP addresses that requests originate from or the values of query strings,CloudFront responds to requests either with the requested content or with an HTTP 403 status code(Forbidden). You can also configure CloudFront to return a custom error page when a request isblocked. For more information about AWS WAF, see the AWS WAF Developer Guide.
Type: String
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31324
Amazon CloudFront API ReferenceSee Also
API Version 2020-05-31325
Amazon CloudFront API ReferenceDistributionConfigWithTags
DistributionConfigWithTagsA distribution Configuration and a list of tags to be associated with the distribution.
ContentsDistributionConfig
A distribution configuration.
Type: DistributionConfig (p. 321) object
Required: YesTags
A complex type that contains zero or more Tag elements.
Type: Tags (p. 417) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31326
Amazon CloudFront API ReferenceDistributionIdList
DistributionIdListA list of distribution IDs.
ContentsIsTruncated
A flag that indicates whether more distribution IDs remain to be listed. If your results weretruncated, you can make a subsequent request using the Marker request field to retrieve moredistribution IDs in the list.
Type: Boolean
Required: YesItems
Contains the distribution IDs in the list.
Type: Array of strings
Required: NoMarker
The value provided in the Marker request field.
Type: String
Required: YesMaxItems
The maximum number of distribution IDs requested.
Type: Integer
Required: YesNextMarker
Contains the value that you should use in the Marker field of a subsequent request to continuelisting distribution IDs where you left off.
Type: String
Required: NoQuantity
The total number of distribution IDs returned in the response.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
API Version 2020-05-31327
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31328
Amazon CloudFront API ReferenceDistributionList
DistributionListA distribution list.
ContentsIsTruncated
A flag that indicates whether more distributions remain to be listed. If your results were truncated,you can make a follow-up pagination request using the Marker request parameter to retrieve moredistributions in the list.
Type: Boolean
Required: YesItems
A complex type that contains one DistributionSummary element for each distribution that wascreated by the current AWS account.
Type: Array of DistributionSummary (p. 331) objects
Required: NoMarker
The value you provided for the Marker request parameter.
Type: String
Required: YesMaxItems
The value you provided for the MaxItems request parameter.
Type: Integer
Required: YesNextMarker
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your distributions where they left off.
Type: String
Required: NoQuantity
The number of distributions that were created by the current AWS account.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
API Version 2020-05-31329
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31330
Amazon CloudFront API ReferenceDistributionSummary
DistributionSummaryA summary of the information about a CloudFront distribution.
ContentsAliases
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisdistribution.
Type: Aliases (p. 279) object
Required: YesAliasICPRecordals
AWS services in China customers must file for an Internet Content Provider (ICP) recordal if theywant to serve content publicly on an alternate domain name, also known as a CNAME, that they'veadded to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated withdistributions.
For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Startedwith AWS services in China.
Type: Array of AliasICPRecordal (p. 280) objects
Required: NoARN
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: String
Required: YesCacheBehaviors
A complex type that contains zero or more CacheBehavior elements.
Type: CacheBehaviors (p. 288) object
Required: YesComment
The comment originally specified when this distribution was created.
Type: String
Required: YesCustomErrorResponses
A complex type that contains zero or more CustomErrorResponses elements.
Type: CustomErrorResponses (p. 311) object
Required: Yes
API Version 2020-05-31331
Amazon CloudFront API ReferenceContents
DefaultCacheBehavior
A complex type that describes the default cache behavior if you don't specify a CacheBehaviorelement or if files don't match any of the values of PathPattern in CacheBehavior elements. Youmust create exactly one default cache behavior.
Type: DefaultCacheBehavior (p. 315) object
Required: YesDomainName
The domain name that corresponds to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: String
Required: YesEnabled
Whether the distribution is enabled to accept user requests for content.
Type: Boolean
Required: YesHttpVersion
Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront.The default value for new web distributions is http2. Viewers that don't support HTTP/2 willautomatically use an earlier version.
Type: String
Valid Values: http1.1 | http2
Required: YesId
The identifier for the distribution. For example: EDFDVBD632BHDS5.
Type: String
Required: YesIsIPV6Enabled
Whether CloudFront responds to IPv6 DNS requests with an IPv6 address for your distribution.
Type: Boolean
Required: YesLastModifiedTime
The date and time the distribution was last modified.
Type: Timestamp
Required: YesOriginGroups
A complex type that contains information about origin groups for this distribution.
API Version 2020-05-31332
Amazon CloudFront API ReferenceSee Also
Type: OriginGroups (p. 373) object
Required: NoOrigins
A complex type that contains information about origins for this distribution.
Type: Origins (p. 382) object
Required: YesPriceClass
A complex type that contains information about price class for this streaming distribution.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: YesRestrictions
A complex type that identifies ways in which you want to restrict distribution of your content.
Type: Restrictions (p. 400) object
Required: YesStatus
The current status of the distribution. When the status is Deployed, the distribution's information ispropagated to all CloudFront edge locations.
Type: String
Required: YesViewerCertificate
A complex type that determines the distribution’s SSL/TLS configuration for communicating withviewers.
Type: ViewerCertificate (p. 419) object
Required: YesWebACLId
The Web ACL Id (if any) associated with the distribution.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java
API Version 2020-05-31333
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Ruby V3
API Version 2020-05-31334
Amazon CloudFront API ReferenceEncryptionEntities
EncryptionEntitiesComplex data type for field-level encryption profiles that includes all of the encryption entities.
ContentsItems
An array of field patterns in a field-level encryption content type-profile mapping.
Type: Array of EncryptionEntity (p. 336) objects
Required: NoQuantity
Number of field pattern items in a field-level encryption content type-profile mapping.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31335
Amazon CloudFront API ReferenceEncryptionEntity
EncryptionEntityComplex data type for field-level encryption profiles that includes the encryption key and field patternspecifications.
ContentsFieldPatterns
Field patterns in a field-level encryption content type profile specify the fields that you want to beencrypted. You can provide the full field name, or any beginning characters followed by a wildcard(*). You can't overlap field patterns. For example, you can't have both ABC* and AB*. Note that fieldpatterns are case-sensitive.
Type: FieldPatterns (p. 346) object
Required: YesProviderId
The provider associated with the public key being used for encryption. This value must also beprovided with the private key for applications to be able to decrypt data.
Type: String
Required: YesPublicKeyId
The public key associated with a set of field-level encryption patterns, to be used when encryptingthe fields that match the patterns.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31336
Amazon CloudFront API ReferenceEndPoint
EndPointContains information about the Amazon Kinesis data stream where you are sending real-time log data ina real-time log configuration.
ContentsKinesisStreamConfig
Contains information about the Amazon Kinesis data stream where you are sending real-time logdata.
Type: KinesisStreamConfig (p. 359) object
Required: NoStreamType
The type of data stream where you are sending real-time log data. The only valid value is Kinesis.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31337
Amazon CloudFront API ReferenceFieldLevelEncryption
FieldLevelEncryptionA complex data type that includes the profile configurations and other options specified for field-levelencryption.
ContentsFieldLevelEncryptionConfig
A complex data type that includes the profile configurations specified for field-level encryption.
Type: FieldLevelEncryptionConfig (p. 339) object
Required: YesId
The configuration ID for a field-level encryption configuration which includes a set of profiles thatspecify certain selected data fields to be encrypted by specific public keys.
Type: String
Required: YesLastModifiedTime
The last time the field-level encryption configuration was changed.
Type: Timestamp
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31338
Amazon CloudFront API ReferenceFieldLevelEncryptionConfig
FieldLevelEncryptionConfigA complex data type that includes the profile configurations specified for field-level encryption.
ContentsCallerReference
A unique number that ensures the request can't be replayed.
Type: String
Required: YesComment
An optional comment about the configuration.
Type: String
Required: NoContentTypeProfileConfig
A complex data type that specifies when to forward content if a content type isn't recognized andprofiles to use as by default in a request if a query argument doesn't specify a profile to use.
Type: ContentTypeProfileConfig (p. 304) object
Required: NoQueryArgProfileConfig
A complex data type that specifies when to forward content if a profile isn't found and the profilethat can be provided as a query argument in a request.
Type: QueryArgProfileConfig (p. 392) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31339
Amazon CloudFront API ReferenceFieldLevelEncryptionList
FieldLevelEncryptionListList of field-level encrpytion configurations.
ContentsItems
An array of field-level encryption items.
Type: Array of FieldLevelEncryptionSummary (p. 345) objects
Required: NoMaxItems
The maximum number of elements you want in the response body.
Type: Integer
Required: YesNextMarker
If there are more elements to be listed, this element is present and contains the value that you canuse for the Marker request parameter to continue listing your configurations where you left off.
Type: String
Required: NoQuantity
The number of field-level encryption items.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31340
Amazon CloudFront API ReferenceFieldLevelEncryptionProfile
FieldLevelEncryptionProfileA complex data type for field-level encryption profiles.
ContentsFieldLevelEncryptionProfileConfig
A complex data type that includes the profile name and the encryption entities for the field-levelencryption profile.
Type: FieldLevelEncryptionProfileConfig (p. 342) object
Required: YesId
The ID for a field-level encryption profile configuration which includes a set of profiles that specifycertain selected data fields to be encrypted by specific public keys.
Type: String
Required: YesLastModifiedTime
The last time the field-level encryption profile was updated.
Type: Timestamp
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31341
Amazon CloudFront API ReferenceFieldLevelEncryptionProfileConfig
FieldLevelEncryptionProfileConfigA complex data type of profiles for the field-level encryption.
ContentsCallerReference
A unique number that ensures that the request can't be replayed.
Type: String
Required: YesComment
An optional comment for the field-level encryption profile.
Type: String
Required: NoEncryptionEntities
A complex data type of encryption entities for the field-level encryption profile that include thepublic key ID, provider, and field patterns for specifying which fields to encrypt with this key.
Type: EncryptionEntities (p. 335) object
Required: YesName
Profile name for the field-level encryption profile.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31342
Amazon CloudFront API ReferenceFieldLevelEncryptionProfileList
FieldLevelEncryptionProfileListList of field-level encryption profiles.
ContentsItems
The field-level encryption profile items.
Type: Array of FieldLevelEncryptionProfileSummary (p. 344) objects
Required: NoMaxItems
The maximum number of field-level encryption profiles you want in the response body.
Type: Integer
Required: YesNextMarker
If there are more elements to be listed, this element is present and contains the value that you canuse for the Marker request parameter to continue listing your profiles where you left off.
Type: String
Required: NoQuantity
The number of field-level encryption profiles.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31343
Amazon CloudFront API ReferenceFieldLevelEncryptionProfileSummary
FieldLevelEncryptionProfileSummaryThe field-level encryption profile summary.
ContentsComment
An optional comment for the field-level encryption profile summary.
Type: String
Required: NoEncryptionEntities
A complex data type of encryption entities for the field-level encryption profile that include thepublic key ID, provider, and field patterns for specifying which fields to encrypt with this key.
Type: EncryptionEntities (p. 335) object
Required: YesId
ID for the field-level encryption profile summary.
Type: String
Required: YesLastModifiedTime
The time when the the field-level encryption profile summary was last updated.
Type: Timestamp
Required: YesName
Name for the field-level encryption profile summary.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31344
Amazon CloudFront API ReferenceFieldLevelEncryptionSummary
FieldLevelEncryptionSummaryA summary of a field-level encryption item.
ContentsComment
An optional comment about the field-level encryption item.
Type: String
Required: NoContentTypeProfileConfig
A summary of a content type-profile mapping.
Type: ContentTypeProfileConfig (p. 304) object
Required: NoId
The unique ID of a field-level encryption item.
Type: String
Required: YesLastModifiedTime
The last time that the summary of field-level encryption items was modified.
Type: Timestamp
Required: YesQueryArgProfileConfig
A summary of a query argument-profile mapping.
Type: QueryArgProfileConfig (p. 392) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31345
Amazon CloudFront API ReferenceFieldPatterns
FieldPatternsA complex data type that includes the field patterns to match for field-level encryption.
ContentsItems
An array of the field-level encryption field patterns.
Type: Array of strings
Required: NoQuantity
The number of field-level encryption field patterns.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31346
Amazon CloudFront API ReferenceForwardedValues
ForwardedValuesThis field is deprecated. We recommend that you use a cache policy or an origin request policy instead ofthis field.
If you want to include values in the cache key, use a cache policy. For more information, see Creatingcache policies in the Amazon CloudFront Developer Guide.
If you want to send values to the origin but not include them in the cache key, use an origin requestpolicy. For more information, see Creating origin request policies in the Amazon CloudFront DeveloperGuide.
A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.
ContentsCookies
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field.
If you want to include cookies in the cache key, use a cache policy. For more information, seeCreating cache policies in the Amazon CloudFront Developer Guide.
If you want to send cookies to the origin but not include them in the cache key, use an originrequest policy. For more information, see Creating origin request policies in the Amazon CloudFrontDeveloper Guide.
A complex type that specifies whether you want CloudFront to forward cookies to the origin and, ifso, which ones. For more information about forwarding cookies to the origin, see How CloudFrontForwards, Caches, and Logs Cookies in the Amazon CloudFront Developer Guide.
Type: CookiePreference (p. 307) object
Required: YesHeaders
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field.
If you want to include headers in the cache key, use a cache policy. For more information, seeCreating cache policies in the Amazon CloudFront Developer Guide.
If you want to send headers to the origin but not include them in the cache key, use an originrequest policy. For more information, see Creating origin request policies in the Amazon CloudFrontDeveloper Guide.
A complex type that specifies the Headers, if any, that you want CloudFront to forward to theorigin for this cache behavior (whitelisted headers). For the headers that you specify, CloudFront alsocaches separate versions of a specified object that is based on the header values in viewer requests.
For more information, see Caching Content Based on Request Headers in the Amazon CloudFrontDeveloper Guide.
Type: Headers (p. 352) object
Required: No
API Version 2020-05-31347
Amazon CloudFront API ReferenceSee Also
QueryString
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field.
If you want to include query strings in the cache key, use a cache policy. For more information, seeCreating cache policies in the Amazon CloudFront Developer Guide.
If you want to send query strings to the origin but not include them in the cache key, use an originrequest policy. For more information, see Creating origin request policies in the Amazon CloudFrontDeveloper Guide.
Indicates whether you want CloudFront to forward query strings to the origin that is associated withthis cache behavior and cache based on the query string parameters. CloudFront behavior dependson the value of QueryString and on the values that you specify for QueryStringCacheKeys, ifany:
If you specify true for QueryString and you don't specify any values for QueryStringCacheKeys,CloudFront forwards all query string parameters to the origin and caches based on all querystring parameters. Depending on how many query string parameters and values you have, this canadversely affect performance because CloudFront must forward more requests to the origin.
If you specify true for QueryString and you specify one or more values forQueryStringCacheKeys, CloudFront forwards all query string parameters to the origin, but it onlycaches based on the query string parameters that you specify.
If you specify false for QueryString, CloudFront doesn't forward any query string parameters tothe origin, and doesn't cache based on query string parameters.
For more information, see Configuring CloudFront to Cache Based on Query String Parameters in theAmazon CloudFront Developer Guide.
Type: Boolean
Required: YesQueryStringCacheKeys
This field is deprecated. We recommend that you use a cache policy or an origin request policyinstead of this field.
If you want to include query strings in the cache key, use a cache policy. For more information, seeCreating cache policies in the Amazon CloudFront Developer Guide.
If you want to send query strings to the origin but not include them in the cache key, use an originrequest policy. For more information, see Creating origin request policies in the Amazon CloudFrontDeveloper Guide.
A complex type that contains information about the query string parameters that you wantCloudFront to use for caching for this cache behavior.
Type: QueryStringCacheKeys (p. 394) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++
API Version 2020-05-31348
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31349
Amazon CloudFront API ReferenceGeoRestriction
GeoRestrictionA complex type that controls the countries in which your content is distributed. CloudFront determinesthe location of your users using MaxMind GeoIP databases.
ContentsItems
A complex type that contains a Location element for each country in which you want CloudFronteither to distribute your content (whitelist) or not distribute your content (blacklist).
The Location element is a two-letter, uppercase country code for a country that you want toinclude in your blacklist or whitelist. Include one Location element for each country.
CloudFront and MaxMind both use ISO 3166 country codes. For the current list of countries andthe corresponding codes, see ISO 3166-1-alpha-2 code on the International Organization forStandardization website. You can also refer to the country list on the CloudFront console, whichincludes both country names and codes.
Type: Array of strings
Required: NoQuantity
When geo restriction is enabled, this is the number of countries in your whitelist or blacklist.Otherwise, when it is not enabled, Quantity is 0, and you can omit Items.
Type: Integer
Required: YesRestrictionType
The method that you want to use to restrict distribution of your content by country:• none: No geo restriction is enabled, meaning access to content is not restricted by client geo
location.• blacklist: The Location elements specify the countries in which you don't want CloudFront to
distribute your content.• whitelist: The Location elements specify the countries in which you want CloudFront to
distribute your content.
Type: String
Valid Values: blacklist | whitelist | none
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java
API Version 2020-05-31350
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Ruby V3
API Version 2020-05-31351
Amazon CloudFront API ReferenceHeaders
HeadersContains a list of HTTP header names.
ContentsItems
A list of HTTP header names.
Type: Array of strings
Required: NoQuantity
The number of header names in the Items list.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31352
Amazon CloudFront API ReferenceInvalidation
InvalidationAn invalidation.
ContentsCreateTime
The date and time the invalidation request was first made.
Type: Timestamp
Required: YesId
The identifier for the invalidation request. For example: IDFDVBD632BHDS5.
Type: String
Required: YesInvalidationBatch
The current invalidation information for the batch request.
Type: InvalidationBatch (p. 354) object
Required: YesStatus
The status of the invalidation request. When the invalidation batch is finished, the status isCompleted.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31353
Amazon CloudFront API ReferenceInvalidationBatch
InvalidationBatchAn invalidation batch.
ContentsCallerReference
A value that you specify to uniquely identify an invalidation request. CloudFront uses the valueto prevent you from accidentally resubmitting an identical request. Whenever you create a newinvalidation request, you must specify a new value for CallerReference and change other valuesin the request as applicable. One way to ensure that the value of CallerReference is unique is touse a timestamp, for example, 20120301090000.
If you make a second invalidation request with the same value for CallerReference, and if therest of the request is the same, CloudFront doesn't create a new invalidation request. Instead,CloudFront returns information about the invalidation request that you previously created with thesame CallerReference.
If CallerReference is a value you already sent in a previous invalidation batch requestbut the content of any Path is different from the original request, CloudFront returns anInvalidationBatchAlreadyExists error.
Type: String
Required: YesPaths
A complex type that contains information about the objects that you want to invalidate. For moreinformation, see Specifying the Objects to Invalidate in the Amazon CloudFront Developer Guide.
Type: Paths (p. 386) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31354
Amazon CloudFront API ReferenceInvalidationList
InvalidationListThe InvalidationList complex type describes the list of invalidation objects. For more informationabout invalidation, see Invalidating Objects (Web Distributions Only) in the Amazon CloudFront DeveloperGuide.
ContentsIsTruncated
A flag that indicates whether more invalidation batch requests remain to be listed. If your resultswere truncated, you can make a follow-up pagination request using the Marker request parameterto retrieve more invalidation batches in the list.
Type: Boolean
Required: YesItems
A complex type that contains one InvalidationSummary element for each invalidation batchcreated by the current AWS account.
Type: Array of InvalidationSummary (p. 357) objects
Required: NoMarker
The value that you provided for the Marker request parameter.
Type: String
Required: YesMaxItems
The value that you provided for the MaxItems request parameter.
Type: Integer
Required: YesNextMarker
If IsTruncated is true, this element is present and contains the value that you can use for theMarker request parameter to continue listing your invalidation batches where they left off.
Type: String
Required: NoQuantity
The number of invalidation batches that were created by the current AWS account.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
API Version 2020-05-31355
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31356
Amazon CloudFront API ReferenceInvalidationSummary
InvalidationSummaryA summary of an invalidation request.
ContentsCreateTime
The time that an invalidation request was created.
Type: Timestamp
Required: YesId
The unique ID for an invalidation request.
Type: String
Required: YesStatus
The status of an invalidation request.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31357
Amazon CloudFront API ReferenceKeyPairIds
KeyPairIdsA complex type that lists the active CloudFront key pairs, if any, that are associated withAwsAccountNumber.
For more information, see ActiveTrustedSigners.
ContentsItems
A complex type that lists the active CloudFront key pairs, if any, that are associated withAwsAccountNumber.
For more information, see ActiveTrustedSigners.
Type: Array of strings
Required: NoQuantity
The number of active CloudFront key pairs for AwsAccountNumber.
For more information, see ActiveTrustedSigners.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31358
Amazon CloudFront API ReferenceKinesisStreamConfig
KinesisStreamConfigContains information about the Amazon Kinesis data stream where you are sending real-time log data.
ContentsRoleARN
The Amazon Resource Name (ARN) of an AWS Identity and Access Management (IAM) role thatCloudFront can use to send real-time log data to your Kinesis data stream.
For more information the IAM role, see Real-time log configuration IAM role in the AmazonCloudFront Developer Guide.
Type: String
Required: YesStreamARN
The Amazon Resource Name (ARN) of the Kinesis data stream where you are sending real-time logdata.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31359
Amazon CloudFront API ReferenceLambdaFunctionAssociation
LambdaFunctionAssociationA complex type that contains a Lambda function association.
ContentsEventType
Specifies the event type that triggers a Lambda function invocation. You can specify the followingvalues:• viewer-request: The function executes when CloudFront receives a request from a viewer and
before it checks to see whether the requested object is in the edge cache.• origin-request: The function executes only when CloudFront sends a request to your origin.
When the requested object is in the edge cache, the function doesn't execute.• origin-response: The function executes after CloudFront receives a response from the origin
and before it caches the object in the response. When the requested object is in the edge cache,the function doesn't execute.
• viewer-response: The function executes before CloudFront returns the requested object to theviewer. The function executes regardless of whether the object was already in the edge cache.
If the origin returns an HTTP status code other than HTTP 200 (OK), the function doesn't execute.
Type: String
Valid Values: viewer-request | viewer-response | origin-request | origin-response
Required: YesIncludeBody
A flag that allows a Lambda function to have read access to the body content. For more information,see Accessing the Request Body by Choosing the Include Body Option in the Amazon CloudFrontDeveloper Guide.
Type: Boolean
Required: NoLambdaFunctionARN
The ARN of the Lambda function. You must specify the ARN of a function version; you can't specify aLambda alias or $LATEST.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31360
Amazon CloudFront API ReferenceSee Also
API Version 2020-05-31361
Amazon CloudFront API ReferenceLambdaFunctionAssociations
LambdaFunctionAssociationsA complex type that specifies a list of Lambda functions associations for a cache behavior.
If you want to invoke one or more Lambda functions triggered by requests that match the PathPatternof the cache behavior, specify the applicable values for Quantity and Items. Note that there can be upto 4 LambdaFunctionAssociation items in this list (one for each possible value of EventType) andeach EventType can be associated with the Lambda function only once.
If you don't want to invoke any Lambda functions for the requests that match PathPattern, specify 0for Quantity and omit Items.
ContentsItems
Optional: A complex type that contains LambdaFunctionAssociation items for this cachebehavior. If Quantity is 0, you can omit Items.
Type: Array of LambdaFunctionAssociation (p. 360) objects
Required: NoQuantity
The number of Lambda function associations for this cache behavior.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31362
Amazon CloudFront API ReferenceLoggingConfig
LoggingConfigA complex type that controls whether access logs are written for the distribution.
ContentsBucket
The Amazon S3 bucket to store the access logs in, for example,myawslogbucket.s3.amazonaws.com.
Type: String
Required: YesEnabled
Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don'twant to enable logging when you create a distribution or if you want to disable logging foran existing distribution, specify false for Enabled, and specify empty Bucket and Prefixelements. If you specify false for Enabled but you specify values for Bucket, prefix, andIncludeCookies, the values are automatically deleted.
Type: Boolean
Required: YesIncludeCookies
Specifies whether you want CloudFront to include cookies in access logs, specify true forIncludeCookies. If you choose to include cookies in logs, CloudFront logs all cookies regardlessof how you configure the cache behaviors for this distribution. If you don't want to include cookieswhen you create a distribution or if you want to disable include cookies for an existing distribution,specify false for IncludeCookies.
Type: Boolean
Required: YesPrefix
An optional string that you want CloudFront to prefix to the access log filenames for thisdistribution, for example, myprefix/. If you want to enable logging, but you don't want to specify aprefix, you still must include an empty Prefix element in the Logging element.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31363
Amazon CloudFront API ReferenceSee Also
API Version 2020-05-31364
Amazon CloudFront API ReferenceMonitoringSubscription
MonitoringSubscriptionA monitoring subscription. This structure contains information about whether additional CloudWatchmetrics are enabled for a given CloudFront distribution.
ContentsRealtimeMetricsSubscriptionConfig
A subscription configuration for additional CloudWatch metrics.
Type: RealtimeMetricsSubscriptionConfig (p. 399) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31365
Amazon CloudFront API ReferenceOrigin
OriginAn origin.
An origin is the location where content is stored, and from which CloudFront gets content to serve toviewers. To specify an origin:
• Use the S3OriginConfig type to specify an Amazon S3 bucket that is not configured with staticwebsite hosting.
• Use the CustomOriginConfig type to specify various other kinds of content containers or HTTPservers, including:• An Amazon S3 bucket that is configured with static website hosting• An Elastic Load Balancing load balancer• An AWS Elemental MediaPackage origin• An AWS Elemental MediaStore container• Any other HTTP server, running on an Amazon EC2 instance or any other kind of host
For the current maximum number of origins that you can specify per distribution, see General Quotas onWeb Distributions in the Amazon CloudFront Developer Guide (quotas were formerly referred to as limits).
ContentsConnectionAttempts
The number of times that CloudFront attempts to connect to the origin. The minimum number is 1,the maximum is 3, and the default (if you don’t specify otherwise) is 3.
For a custom origin (including an Amazon S3 bucket that’s configured with static website hosting),this value also specifies the number of times that CloudFront attempts to get a response from theorigin, in the case of an Origin Response Timeout.
For more information, see Origin Connection Attempts in the Amazon CloudFront Developer Guide.
Type: Integer
Required: NoConnectionTimeout
The number of seconds that CloudFront waits when trying to establish a connection to the origin.The minimum timeout is 1 second, the maximum is 10 seconds, and the default (if you don’t specifyotherwise) is 10 seconds.
For more information, see Origin Connection Timeout in the Amazon CloudFront Developer Guide.
Type: Integer
Required: NoCustomHeaders
A list of HTTP header names and values that CloudFront adds to requests it sends to the origin.
For more information, see Adding Custom Headers to Origin Requests in the Amazon CloudFrontDeveloper Guide.
Type: CustomHeaders (p. 312) object
API Version 2020-05-31366
Amazon CloudFront API ReferenceSee Also
Required: NoCustomOriginConfig
Use this type to specify an origin that is a content container or HTTP server, including an Amazon S3bucket that is configured with static website hosting. To specify an Amazon S3 bucket that is not configured with static website hosting, use the S3OriginConfig type instead.
Type: CustomOriginConfig (p. 313) object
Required: NoDomainName
The domain name for the origin.
For more information, see Origin Domain Name in the Amazon CloudFront Developer Guide.
Type: String
Required: YesId
A unique identifier for the origin. This value must be unique within the distribution.
Use this value to specify the TargetOriginId in a CacheBehavior or DefaultCacheBehavior.
Type: String
Required: YesOriginPath
An optional path that CloudFront appends to the origin domain name when CloudFront requestscontent from the origin.
For more information, see Origin Path in the Amazon CloudFront Developer Guide.
Type: String
Required: NoS3OriginConfig
Use this type to specify an origin that is an Amazon S3 bucket that is not configured with staticwebsite hosting. To specify any other type of origin, including an Amazon S3 bucket that isconfigured with static website hosting, use the CustomOriginConfig type instead.
Type: S3OriginConfig (p. 402) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31367
Amazon CloudFront API ReferenceOriginCustomHeader
OriginCustomHeaderA complex type that contains HeaderName and HeaderValue elements, if any, for this distribution.
ContentsHeaderName
The name of a header that you want CloudFront to send to your origin. For more information, seeAdding Custom Headers to Origin Requests in the Amazon CloudFront Developer Guide.
Type: String
Required: YesHeaderValue
The value for the header that you specified in the HeaderName field.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31368
Amazon CloudFront API ReferenceOriginGroup
OriginGroupAn origin group includes two origins (a primary origin and a second origin to failover to) and a failovercriteria that you specify. You create an origin group to support origin failover in CloudFront. Whenyou create or update a distribution, you can specifiy the origin group instead of a single origin, andCloudFront will failover from the primary origin to the second origin under the failover conditions thatyou've chosen.
ContentsFailoverCriteria
A complex type that contains information about the failover criteria for an origin group.
Type: OriginGroupFailoverCriteria (p. 370) object
Required: YesId
The origin group's ID.
Type: String
Required: YesMembers
A complex type that contains information about the origins in an origin group.
Type: OriginGroupMembers (p. 372) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31369
Amazon CloudFront API ReferenceOriginGroupFailoverCriteria
OriginGroupFailoverCriteriaA complex data type that includes information about the failover criteria for an origin group, includingthe status codes for which CloudFront will failover from the primary origin to the second origin.
ContentsStatusCodes
The status codes that, when returned from the primary origin, will trigger CloudFront to failover tothe second origin.
Type: StatusCodes (p. 404) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31370
Amazon CloudFront API ReferenceOriginGroupMember
OriginGroupMemberAn origin in an origin group.
ContentsOriginId
The ID for an origin in an origin group.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31371
Amazon CloudFront API ReferenceOriginGroupMembers
OriginGroupMembersA complex data type for the origins included in an origin group.
ContentsItems
Items (origins) in an origin group.
Type: Array of OriginGroupMember (p. 371) objects
Array Members: Fixed number of 2 items.
Required: YesQuantity
The number of origins in an origin group.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31372
Amazon CloudFront API ReferenceOriginGroups
OriginGroupsA complex data type for the origin groups specified for a distribution.
ContentsItems
The items (origin groups) in a distribution.
Type: Array of OriginGroup (p. 369) objects
Required: NoQuantity
The number of origin groups.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31373
Amazon CloudFront API ReferenceOriginRequestPolicy
OriginRequestPolicyAn origin request policy.
When it’s attached to a cache behavior, the origin request policy determines the values that CloudFrontincludes in requests that it sends to the origin. Each request that CloudFront sends to the origin includesthe following:
• The request body and the URL path (without the domain name) from the viewer request.• The headers that CloudFront automatically includes in every origin request, including Host, User-Agent, and X-Amz-Cf-Id.
• All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the originrequest policy. These can include items from the viewer request and, in the case of headers, additionalones that are added by CloudFront.
CloudFront sends a request when it can’t find an object in its cache that matches the request. If you wantto send values to the origin and also include them in the cache key, use CachePolicy.
ContentsId
The unique identifier for the origin request policy.
Type: String
Required: YesLastModifiedTime
The date and time when the origin request policy was last modified.
Type: Timestamp
Required: YesOriginRequestPolicyConfig
The origin request policy configuration.
Type: OriginRequestPolicyConfig (p. 375) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31374
Amazon CloudFront API ReferenceOriginRequestPolicyConfig
OriginRequestPolicyConfigAn origin request policy configuration.
This configuration determines the values that CloudFront includes in requests that it sends to the origin.Each request that CloudFront sends to the origin includes the following:
• The request body and the URL path (without the domain name) from the viewer request.• The headers that CloudFront automatically includes in every origin request, including Host, User-Agent, and X-Amz-Cf-Id.
• All HTTP headers, cookies, and URL query strings that are specified in the cache policy or the originrequest policy. These can include items from the viewer request and, in the case of headers, additionalones that are added by CloudFront.
CloudFront sends a request when it can’t find an object in its cache that matches the request. If you wantto send values to the origin and also include them in the cache key, use CachePolicy.
ContentsComment
A comment to describe the origin request policy.
Type: String
Required: NoCookiesConfig
The cookies from viewer requests to include in origin requests.
Type: OriginRequestPolicyCookiesConfig (p. 377) object
Required: YesHeadersConfig
The HTTP headers to include in origin requests. These can include headers from viewer requests andadditional headers added by CloudFront.
Type: OriginRequestPolicyHeadersConfig (p. 378) object
Required: YesName
A unique name to identify the origin request policy.
Type: String
Required: YesQueryStringsConfig
The URL query strings from viewer requests to include in origin requests.
Type: OriginRequestPolicyQueryStringsConfig (p. 380) object
Required: Yes
API Version 2020-05-31375
Amazon CloudFront API ReferenceSee Also
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31376
Amazon CloudFront API ReferenceOriginRequestPolicyCookiesConfig
OriginRequestPolicyCookiesConfigAn object that determines whether any cookies in viewer requests (and if so, which cookies) are includedin requests that CloudFront sends to the origin.
ContentsCookieBehavior
Determines whether cookies in viewer requests are included in requests that CloudFront sends to theorigin. Valid values are:• none – Cookies in viewer requests are not included in requests that CloudFront sends to the origin.
Even when this field is set to none, any cookies that are listed in a CachePolicy are included inorigin requests.
• whitelist – The cookies in viewer requests that are listed in the CookieNames type are includedin requests that CloudFront sends to the origin.
• all – All cookies in viewer requests are included in requests that CloudFront sends to the origin.
Type: String
Valid Values: none | whitelist | all
Required: YesCookies
Contains a list of cookie names.
Type: CookieNames (p. 306) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31377
Amazon CloudFront API ReferenceOriginRequestPolicyHeadersConfig
OriginRequestPolicyHeadersConfigAn object that determines whether any HTTP headers (and if so, which headers) are included in requeststhat CloudFront sends to the origin.
ContentsHeaderBehavior
Determines whether any HTTP headers are included in requests that CloudFront sends to the origin.Valid values are:• none – HTTP headers are not included in requests that CloudFront sends to the origin. Even
when this field is set to none, any headers that are listed in a CachePolicy are included in originrequests.
• whitelist – The HTTP headers that are listed in the Headers type are included in requests thatCloudFront sends to the origin.
• allViewer – All HTTP headers in viewer requests are included in requests that CloudFront sendsto the origin.
• allViewerAndWhitelistCloudFront – All HTTP headers in viewer requests and the additionalCloudFront headers that are listed in the Headers type are included in requests that CloudFrontsends to the origin. The additional headers are added by CloudFront.
Type: String
Valid Values: none | whitelist | allViewer | allViewerAndWhitelistCloudFront
Required: YesHeaders
Contains a list of HTTP header names.
Type: Headers (p. 352) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31378
Amazon CloudFront API ReferenceOriginRequestPolicyList
OriginRequestPolicyListA list of origin request policies.
ContentsItems
Contains the origin request policies in the list.
Type: Array of OriginRequestPolicySummary (p. 381) objects
Required: NoMaxItems
The maximum number of origin request policies requested.
Type: Integer
Required: YesNextMarker
If there are more items in the list than are in this response, this element is present. It contains thevalue that you should use in the Marker field of a subsequent request to continue listing originrequest policies where you left off.
Type: String
Required: NoQuantity
The total number of origin request policies returned in the response.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31379
Amazon CloudFront API ReferenceOriginRequestPolicyQueryStringsConfig
OriginRequestPolicyQueryStringsConfigAn object that determines whether any URL query strings in viewer requests (and if so, which querystrings) are included in requests that CloudFront sends to the origin.
ContentsQueryStringBehavior
Determines whether any URL query strings in viewer requests are included in requests thatCloudFront sends to the origin. Valid values are:• none – Query strings in viewer requests are not included in requests that CloudFront sends to the
origin. Even when this field is set to none, any query strings that are listed in a CachePolicy areincluded in origin requests.
• whitelist – The query strings in viewer requests that are listed in the QueryStringNames typeare included in requests that CloudFront sends to the origin.
• all – All query strings in viewer requests are included in requests that CloudFront sends to theorigin.
Type: String
Valid Values: none | whitelist | all
Required: YesQueryStrings
Contains a list of the query strings in viewer requests that are included in requests that CloudFrontsends to the origin.
Type: QueryStringNames (p. 395) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31380
Amazon CloudFront API ReferenceOriginRequestPolicySummary
OriginRequestPolicySummaryContains an origin request policy.
ContentsOriginRequestPolicy
The origin request policy.
Type: OriginRequestPolicy (p. 374) object
Required: YesType
The type of origin request policy, either managed (created by AWS) or custom (created in this AWSaccount).
Type: String
Valid Values: managed | custom
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31381
Amazon CloudFront API ReferenceOrigins
OriginsA complex type that contains information about origins and origin groups for this distribution.
ContentsItems
A complex type that contains origins or origin groups for this distribution.
Type: Array of Origin (p. 366) objects
Array Members: Minimum number of 1 item.
Required: YesQuantity
The number of origins or origin groups for this distribution.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31382
Amazon CloudFront API ReferenceOriginSslProtocols
OriginSslProtocolsA complex type that contains information about the SSL/TLS protocols that CloudFront can use whenestablishing an HTTPS connection with your origin.
ContentsItems
A list that contains allowed SSL/TLS protocols for this distribution.
Type: Array of strings
Valid Values: SSLv3 | TLSv1 | TLSv1.1 | TLSv1.2
Required: YesQuantity
The number of SSL/TLS protocols that you want to allow CloudFront to use when establishing anHTTPS connection with this origin.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31383
Amazon CloudFront API ReferenceParametersInCacheKeyAndForwardedToOrigin
ParametersInCacheKeyAndForwardedToOriginThis object determines the values that CloudFront includes in the cache key. These values can includeHTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in itscache that it can return to the viewer.
The headers, cookies, and query strings that are included in the cache key are automatically included inrequests that CloudFront sends to the origin. CloudFront sends a request when it can’t find an object inits cache that matches the request’s cache key. If you want to send values to the origin but not includethem in the cache key, use OriginRequestPolicy.
ContentsCookiesConfig
An object that determines whether any cookies in viewer requests (and if so, which cookies) areincluded in the cache key and automatically included in requests that CloudFront sends to the origin.
Type: CachePolicyCookiesConfig (p. 293) object
Required: YesEnableAcceptEncodingBrotli
A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key andincluded in requests that CloudFront sends to the origin.
This field is related to the EnableAcceptEncodingGzip field. If one or both of these fields is trueand the viewer request includes the Accept-Encoding header, then CloudFront does the following:• Normalizes the value of the viewer’s Accept-Encoding header• Includes the normalized header in the cache key• Includes the normalized header in the request to the origin, if a request is necessary
For more information, see Cache compressed objects in the Amazon CloudFront Developer Guide.
If you set this value to true, and this cache behavior also has an origin request policy attached, donot include the Accept-Encoding header in the origin request policy. CloudFront always includesthe Accept-Encoding header in origin requests when the value of this field is true, so includingthis header in an origin request policy has no effect.
If both of these fields are false, then CloudFront treats the Accept-Encoding header the sameas any other HTTP header in the viewer request. By default, it’s not included in the cache key andit’s not included in origin requests. In this case, you can manually add Accept-Encoding to theheaders whitelist like any other HTTP header.
Type: Boolean
Required: NoEnableAcceptEncodingGzip
A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key andincluded in requests that CloudFront sends to the origin.
This field is related to the EnableAcceptEncodingBrotli field. If one or both of these fields istrue and the viewer request includes the Accept-Encoding header, then CloudFront does thefollowing:• Normalizes the value of the viewer’s Accept-Encoding header
API Version 2020-05-31384
Amazon CloudFront API ReferenceSee Also
• Includes the normalized header in the cache key• Includes the normalized header in the request to the origin, if a request is necessary
For more information, see Cache compressed objects in the Amazon CloudFront Developer Guide.
If you set this value to true, and this cache behavior also has an origin request policy attached, donot include the Accept-Encoding header in the origin request policy. CloudFront always includesthe Accept-Encoding header in origin requests when the value of this field is true, so includingthis header in an origin request policy has no effect.
If both of these fields are false, then CloudFront treats the Accept-Encoding header the sameas any other HTTP header in the viewer request. By default, it’s not included in the cache key andit’s not included in origin requests. In this case, you can manually add Accept-Encoding to theheaders whitelist like any other HTTP header.
Type: Boolean
Required: YesHeadersConfig
An object that determines whether any HTTP headers (and if so, which headers) are included in thecache key and automatically included in requests that CloudFront sends to the origin.
Type: CachePolicyHeadersConfig (p. 294) object
Required: YesQueryStringsConfig
An object that determines whether any URL query strings in viewer requests (and if so, which querystrings) are included in the cache key and automatically included in requests that CloudFront sendsto the origin.
Type: CachePolicyQueryStringsConfig (p. 296) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31385
Amazon CloudFront API ReferencePaths
PathsA complex type that contains information about the objects that you want to invalidate. For moreinformation, see Specifying the Objects to Invalidate in the Amazon CloudFront Developer Guide.
ContentsItems
A complex type that contains a list of the paths that you want to invalidate.
Type: Array of strings
Required: NoQuantity
The number of invalidation paths specified for the objects that you want to invalidate.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31386
Amazon CloudFront API ReferencePublicKey
PublicKeyA complex data type of public keys you add to CloudFront to use with features like field-level encryption.
ContentsCreatedTime
A time you added a public key to CloudFront.
Type: Timestamp
Required: YesId
A unique ID assigned to a public key you've added to CloudFront.
Type: String
Required: YesPublicKeyConfig
A complex data type for a public key you add to CloudFront to use with features like field-levelencryption.
Type: PublicKeyConfig (p. 388) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31387
Amazon CloudFront API ReferencePublicKeyConfig
PublicKeyConfigInformation about a public key you add to CloudFront to use with features like field-level encryption.
ContentsCallerReference
A unique number that ensures that the request can't be replayed.
Type: String
Required: YesComment
An optional comment about a public key.
Type: String
Required: NoEncodedKey
The encoded public key that you want to add to CloudFront to use with features like field-levelencryption.
Type: String
Required: YesName
The name for a public key you add to CloudFront to use with features like field-level encryption.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31388
Amazon CloudFront API ReferencePublicKeyList
PublicKeyListA list of public keys you've added to CloudFront to use with features like field-level encryption.
ContentsItems
An array of information about a public key you add to CloudFront to use with features like field-levelencryption.
Type: Array of PublicKeySummary (p. 390) objects
Required: NoMaxItems
The maximum number of public keys you want in the response body.
Type: Integer
Required: YesNextMarker
If there are more elements to be listed, this element is present and contains the value that you canuse for the Marker request parameter to continue listing your public keys where you left off.
Type: String
Required: NoQuantity
The number of public keys you added to CloudFront to use with features like field-level encryption.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31389
Amazon CloudFront API ReferencePublicKeySummary
PublicKeySummaryA complex data type for public key information.
ContentsComment
Comment for public key information summary.
Type: String
Required: NoCreatedTime
Creation time for public key information summary.
Type: Timestamp
Required: YesEncodedKey
Encoded key for public key information summary.
Type: String
Required: YesId
ID for public key information summary.
Type: String
Required: YesName
Name for public key information summary.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31390
Amazon CloudFront API ReferenceQueryArgProfile
QueryArgProfileQuery argument-profile mapping for field-level encryption.
ContentsProfileId
ID of profile to use for field-level encryption query argument-profile mapping
Type: String
Required: YesQueryArg
Query argument for field-level encryption query argument-profile mapping.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31391
Amazon CloudFront API ReferenceQueryArgProfileConfig
QueryArgProfileConfigConfiguration for query argument-profile mapping for field-level encryption.
ContentsForwardWhenQueryArgProfileIsUnknown
Flag to set if you want a request to be forwarded to the origin even if the profile specified by thefield-level encryption query argument, fle-profile, is unknown.
Type: Boolean
Required: YesQueryArgProfiles
Profiles specified for query argument-profile mapping for field-level encryption.
Type: QueryArgProfiles (p. 393) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31392
Amazon CloudFront API ReferenceQueryArgProfiles
QueryArgProfilesQuery argument-profile mapping for field-level encryption.
ContentsItems
Number of items for query argument-profile mapping for field-level encryption.
Type: Array of QueryArgProfile (p. 391) objects
Required: NoQuantity
Number of profiles for query argument-profile mapping for field-level encryption.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31393
Amazon CloudFront API ReferenceQueryStringCacheKeys
QueryStringCacheKeysThis field is deprecated. We recommend that you use a cache policy or an origin request policy instead ofthis field.
If you want to include query strings in the cache key, use QueryStringsConfig in a cache policy. SeeCachePolicy.
If you want to send query strings to the origin but not include them in the cache key, useQueryStringsConfig in an origin request policy. See OriginRequestPolicy.
A complex type that contains information about the query string parameters that you want CloudFrontto use for caching for a cache behavior.
ContentsItems
A list that contains the query string parameters that you want CloudFront to use as a basis forcaching for a cache behavior. If Quantity is 0, you can omit Items.
Type: Array of strings
Required: NoQuantity
The number of whitelisted query string parameters for a cache behavior.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31394
Amazon CloudFront API ReferenceQueryStringNames
QueryStringNamesContains a list of query string names.
ContentsItems
A list of query string names.
Type: Array of strings
Required: NoQuantity
The number of query string names in the Items list.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31395
Amazon CloudFront API ReferenceRealtimeLogConfig
RealtimeLogConfigA real-time log configuration.
ContentsARN
The Amazon Resource Name (ARN) of this real-time log configuration.
Type: String
Required: YesEndPoints
Contains information about the Amazon Kinesis data stream where you are sending real-time logdata for this real-time log configuration.
Type: Array of EndPoint (p. 337) objects
Required: YesFields
A list of fields that are included in each real-time log record. In an API response, the fields areprovided in the same order in which they are sent to the Amazon Kinesis data stream.
For more information about fields, see Real-time log configuration fields in the Amazon CloudFrontDeveloper Guide.
Type: Array of strings
Required: YesName
The unique name of this real-time log configuration.
Type: String
Required: YesSamplingRate
The sampling rate for this real-time log configuration. The sampling rate determines the percentageof viewer requests that are represented in the real-time log data. The sampling rate is an integerbetween 1 and 100, inclusive.
Type: Long
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java
API Version 2020-05-31396
Amazon CloudFront API ReferenceSee Also
• AWS SDK for Ruby V3
API Version 2020-05-31397
Amazon CloudFront API ReferenceRealtimeLogConfigs
RealtimeLogConfigsA list of real-time log configurations.
ContentsIsTruncated
A flag that indicates whether there are more real-time log configurations than are contained in thislist.
Type: Boolean
Required: YesItems
Contains the list of real-time log configurations.
Type: Array of RealtimeLogConfig (p. 396) objects
Required: NoMarker
This parameter indicates where this list of real-time log configurations begins. This list includes real-time log configurations that occur after the marker.
Type: String
Required: YesMaxItems
The maximum number of real-time log configurations requested.
Type: Integer
Required: YesNextMarker
If there are more items in the list than are in this response, this element is present. It contains thevalue that you should use in the Marker field of a subsequent request to continue listing real-timelog configurations where you left off.
Type: String
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31398
Amazon CloudFront API ReferenceRealtimeMetricsSubscriptionConfig
RealtimeMetricsSubscriptionConfigA subscription configuration for additional CloudWatch metrics.
ContentsRealtimeMetricsSubscriptionStatus
A flag that indicates whether additional CloudWatch metrics are enabled for a given CloudFrontdistribution.
Type: String
Valid Values: Enabled | Disabled
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31399
Amazon CloudFront API ReferenceRestrictions
RestrictionsA complex type that identifies ways in which you want to restrict distribution of your content.
ContentsGeoRestriction
A complex type that controls the countries in which your content is distributed. CloudFrontdetermines the location of your users using MaxMind GeoIP databases.
Type: GeoRestriction (p. 350) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31400
Amazon CloudFront API ReferenceS3Origin
S3OriginA complex type that contains information about the Amazon S3 bucket from which you want CloudFrontto get your media files for distribution.
ContentsDomainName
The DNS name of the Amazon S3 origin.
Type: String
Required: YesOriginAccessIdentity
The CloudFront origin access identity to associate with the distribution. Use an origin access identityto configure the distribution so that end users can only access objects in an Amazon S3 bucketthrough CloudFront.
If you want end users to be able to access objects using either the CloudFront URL or the Amazon S3URL, specify an empty OriginAccessIdentity element.
To delete the origin access identity from an existing distribution, update the distributionconfiguration and include an empty OriginAccessIdentity element.
To replace the origin access identity, update the distribution configuration and specify the new originaccess identity.
For more information, see Using an Origin Access Identity to Restrict Access to Your Amazon S3Content in the Amazon CloudFront Developer Guide.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31401
Amazon CloudFront API ReferenceS3OriginConfig
S3OriginConfigA complex type that contains information about the Amazon S3 origin. If the origin is a custom origin oran S3 bucket that is configured as a website endpoint, use the CustomOriginConfig element instead.
ContentsOriginAccessIdentity
The CloudFront origin access identity to associate with the origin. Use an origin access identityto configure the origin so that viewers can only access objects in an Amazon S3 bucket throughCloudFront. The format of the value is:
origin-access-identity/cloudfront/ID-of-origin-access-identity
where ID-of-origin-access-identity is the value that CloudFront returned in the IDelement when you created the origin access identity.
If you want viewers to be able to access objects using either the CloudFront URL or the Amazon S3URL, specify an empty OriginAccessIdentity element.
To delete the origin access identity from an existing distribution, update the distributionconfiguration and include an empty OriginAccessIdentity element.
To replace the origin access identity, update the distribution configuration and specify the new originaccess identity.
For more information about the origin access identity, see Serving Private Content throughCloudFront in the Amazon CloudFront Developer Guide.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31402
Amazon CloudFront API ReferenceSigner
SignerA complex type that lists the AWS accounts that were included in the TrustedSigners complex type, aswell as their active CloudFront key pair IDs, if any.
ContentsAwsAccountNumber
An AWS account that is included in the TrustedSigners complex type for this distribution. Validvalues include:• self, which is the AWS account used to create the distribution.• An AWS account number.
Type: String
Required: NoKeyPairIds
A complex type that lists the active CloudFront key pairs, if any, that are associated withAwsAccountNumber.
Type: KeyPairIds (p. 358) object
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31403
Amazon CloudFront API ReferenceStatusCodes
StatusCodesA complex data type for the status codes that you specify that, when returned by a primary origin,trigger CloudFront to failover to a second origin.
ContentsItems
The items (status codes) for an origin group.
Type: Array of integers
Array Members: Minimum number of 1 item.
Required: YesQuantity
The number of status codes.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31404
Amazon CloudFront API ReferenceStreamingDistribution
StreamingDistributionA streaming distribution tells CloudFront where you want RTMP content to be delivered from, and thedetails about how to track and manage content delivery.
ContentsActiveTrustedSigners
A complex type that lists the AWS accounts, if any, that you included in the TrustedSignerscomplex type for this distribution. These are the accounts that you want to allow to create signedURLs for private content.
The Signer complex type lists the AWS account number of the trusted signer or self if the signeris the AWS account that created the distribution. The Signer element also includes the IDs ofany active CloudFront key pairs that are associated with the trusted signer's AWS account. If noKeyPairId element appears for a Signer, that signer can't create signed URLs.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
Type: ActiveTrustedSigners (p. 278) object
Required: YesARN
The ARN (Amazon Resource Name) for the distribution. For example:arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5, where123456789012 is your AWS account ID.
Type: String
Required: YesDomainName
The domain name that corresponds to the streaming distribution, for example,s5c39gqb8ow64r.cloudfront.net.
Type: String
Required: YesId
The identifier for the RTMP distribution. For example: EGTXBD79EXAMPLE.
Type: String
Required: YesLastModifiedTime
The date and time that the distribution was last modified.
Type: Timestamp
Required: NoStatus
The current status of the RTMP distribution. When the status is Deployed, the distribution'sinformation is propagated to all CloudFront edge locations.
API Version 2020-05-31405
Amazon CloudFront API ReferenceSee Also
Type: String
Required: YesStreamingDistributionConfig
The current configuration information for the RTMP distribution.
Type: StreamingDistributionConfig (p. 407) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31406
Amazon CloudFront API ReferenceStreamingDistributionConfig
StreamingDistributionConfigThe RTMP distribution's configuration information.
ContentsAliases
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisstreaming distribution.
Type: Aliases (p. 279) object
Required: NoCallerReference
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.
If the value of CallerReference is new (regardless of the content of theStreamingDistributionConfig object), CloudFront creates a new distribution.
If CallerReference is a value that you already sent in a previous request to create a distribution,CloudFront returns a DistributionAlreadyExists error.
Type: String
Required: YesComment
Any comments you want to include about the streaming distribution.
Type: String
Required: YesEnabled
Whether the streaming distribution is enabled to accept user requests for content.
Type: Boolean
Required: YesLogging
A complex type that controls whether access logs are written for the streaming distribution.
Type: StreamingLoggingConfig (p. 414) object
Required: NoPriceClass
A complex type that contains information about price class for this streaming distribution.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: No
API Version 2020-05-31407
Amazon CloudFront API ReferenceSee Also
S3Origin
A complex type that contains information about the Amazon S3 bucket from which you wantCloudFront to get your media files for distribution.
Type: S3Origin (p. 401) object
Required: YesTrustedSigners
A complex type that specifies any AWS accounts that you want to permit to create signed URLs forprivate content. If you want the distribution to use signed URLs, include this element; if you wantthe distribution to use public URLs, remove this element. For more information, see Serving PrivateContent through CloudFront in the Amazon CloudFront Developer Guide.
Type: TrustedSigners (p. 418) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31408
Amazon CloudFront API ReferenceStreamingDistributionConfigWithTags
StreamingDistributionConfigWithTagsA streaming distribution Configuration and a list of tags to be associated with the streaming distribution.
ContentsStreamingDistributionConfig
A streaming distribution Configuration.
Type: StreamingDistributionConfig (p. 407) object
Required: YesTags
A complex type that contains zero or more Tag elements.
Type: Tags (p. 417) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31409
Amazon CloudFront API ReferenceStreamingDistributionList
StreamingDistributionListA streaming distribution list.
ContentsIsTruncated
A flag that indicates whether more streaming distributions remain to be listed. If your results weretruncated, you can make a follow-up pagination request using the Marker request parameter toretrieve more distributions in the list.
Type: Boolean
Required: YesItems
A complex type that contains one StreamingDistributionSummary element for eachdistribution that was created by the current AWS account.
Type: Array of StreamingDistributionSummary (p. 412) objects
Required: NoMarker
The value you provided for the Marker request parameter.
Type: String
Required: YesMaxItems
The value you provided for the MaxItems request parameter.
Type: Integer
Required: YesNextMarker
If IsTruncated is true, this element is present and contains the value you can use for the Markerrequest parameter to continue listing your RTMP distributions where they left off.
Type: String
Required: NoQuantity
The number of streaming distributions that were created by the current AWS account.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
API Version 2020-05-31410
Amazon CloudFront API ReferenceSee Also
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31411
Amazon CloudFront API ReferenceStreamingDistributionSummary
StreamingDistributionSummaryA summary of the information for a CloudFront streaming distribution.
ContentsAliases
A complex type that contains information about CNAMEs (alternate domain names), if any, for thisstreaming distribution.
Type: Aliases (p. 279) object
Required: YesARN
The ARN (Amazon Resource Name) for the streaming distribution. For example:arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5,where 123456789012 is your AWS account ID.
Type: String
Required: YesComment
The comment originally specified when this distribution was created.
Type: String
Required: YesDomainName
The domain name corresponding to the distribution, for example,d111111abcdef8.cloudfront.net.
Type: String
Required: YesEnabled
Whether the distribution is enabled to accept end user requests for content.
Type: Boolean
Required: YesId
The identifier for the distribution, for example, EDFDVBD632BHDS5.
Type: String
Required: YesLastModifiedTime
The date and time the distribution was last modified.
Type: Timestamp
API Version 2020-05-31412
Amazon CloudFront API ReferenceSee Also
Required: YesPriceClass
A complex type that contains information about price class for this streaming distribution.
Type: String
Valid Values: PriceClass_100 | PriceClass_200 | PriceClass_All
Required: YesS3Origin
A complex type that contains information about the Amazon S3 bucket from which you wantCloudFront to get your media files for distribution.
Type: S3Origin (p. 401) object
Required: YesStatus
Indicates the current status of the distribution. When the status is Deployed, the distribution'sinformation is fully propagated throughout the Amazon CloudFront system.
Type: String
Required: YesTrustedSigners
A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLsfor private content. If you want to require signed URLs in requests for objects in the target originthat match the PathPattern for this cache behavior, specify true for Enabled, and specify theapplicable values for Quantity and Items.If you don't want to require signed URLs in requests forobjects that match PathPattern, specify false for Enabled and 0 for Quantity. Omit Items.To add, change, or remove one or more trusted signers, change Enabled to true (if it's currentlyfalse), change Quantity as applicable, and specify all of the trusted signers that you want toinclude in the updated distribution.
For more information, see Serving Private Content through CloudFront in the Amazon CloudFrontDeveloper Guide.
Type: TrustedSigners (p. 418) object
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31413
Amazon CloudFront API ReferenceStreamingLoggingConfig
StreamingLoggingConfigA complex type that controls whether access logs are written for this streaming distribution.
ContentsBucket
The Amazon S3 bucket to store the access logs in, for example,myawslogbucket.s3.amazonaws.com.
Type: String
Required: YesEnabled
Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don'twant to enable logging when you create a streaming distribution or if you want to disable loggingfor an existing streaming distribution, specify false for Enabled, and specify empty Bucket andPrefix elements. If you specify false for Enabled but you specify values for Bucket and Prefix,the values are automatically deleted.
Type: Boolean
Required: YesPrefix
An optional string that you want CloudFront to prefix to the access log filenames for this streamingdistribution, for example, myprefix/. If you want to enable logging, but you don't want to specify aprefix, you still must include an empty Prefix element in the Logging element.
Type: String
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31414
Amazon CloudFront API ReferenceTag
TagA complex type that contains Tag key and Tag value.
ContentsKey
A string that contains Tag key.
The string length should be between 1 and 128 characters. Valid characters include a-z, A-Z, 0-9,space, and the special characters _ - . : / = + @.
Type: String
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$
Required: YesValue
A string that contains an optional Tag value.
The string length should be between 0 and 256 characters. Valid characters include a-z, A-Z, 0-9,space, and the special characters _ - . : / = + @.
Type: String
Length Constraints: Minimum length of 0. Maximum length of 256.
Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31415
Amazon CloudFront API ReferenceTagKeys
TagKeysA complex type that contains zero or more Tag elements.
ContentsItems
A complex type that contains Tag key elements.
Type: Array of strings
Length Constraints: Minimum length of 1. Maximum length of 128.
Pattern: ^([\p{L}\p{Z}\p{N}_.:/=+\-@]*)$
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31416
Amazon CloudFront API ReferenceTags
TagsA complex type that contains zero or more Tag elements.
ContentsItems
A complex type that contains Tag elements.
Type: Array of Tag (p. 415) objects
Required: No
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31417
Amazon CloudFront API ReferenceTrustedSigners
TrustedSignersA complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs forprivate content.
If you want to require signed URLs in requests for objects in the target origin that match thePathPattern for this cache behavior, specify true for Enabled, and specify the applicable values forQuantity and Items. For more information, see Serving Private Content through CloudFront in the Amazon CloudFront Developer Guide.
If you don't want to require signed URLs in requests for objects that match PathPattern, specify falsefor Enabled and 0 for Quantity. Omit Items.
To add, change, or remove one or more trusted signers, change Enabled to true (if it's currentlyfalse), change Quantity as applicable, and specify all of the trusted signers that you want to includein the updated distribution.
For more information about updating the distribution configuration, see DistributionConfig in theAmazon CloudFront API Reference.
ContentsEnabled
Specifies whether you want to require viewers to use signed URLs to access the files specified byPathPattern and TargetOriginId.
Type: Boolean
Required: YesItems
Optional: A complex type that contains trusted signers for this cache behavior. If Quantity is 0, youcan omit Items.
Type: Array of strings
Required: NoQuantity
The number of trusted signers for this cache behavior.
Type: Integer
Required: Yes
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31418
Amazon CloudFront API ReferenceViewerCertificate
ViewerCertificateA complex type that determines the distribution’s SSL/TLS configuration for communicating withviewers.
If the distribution doesn’t use Aliases (also known as alternate domain names or CNAMEs)—that is, ifthe distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net—setCloudFrontDefaultCertificate to true and leave all other fields empty.
If the distribution uses Aliases (alternate domain names or CNAMEs), use the fields in this type tospecify the following settings:
• Which viewers the distribution accepts HTTPS connections from: only viewers that support servername indication (SNI) (recommended), or all viewers including those that don’t support SNI.• To accept HTTPS connections from only viewers that support SNI, set SSLSupportMethod to sni-only. This is recommended. Most browsers and clients support SNI. (In CloudFormation, the fieldname is SslSupportMethod. Note the different capitalization.)
• To accept HTTPS connections from all viewers, including those that don’t support SNI, setSSLSupportMethod to vip. This is not recommended, and results in additional monthly chargesfrom CloudFront. (In CloudFormation, the field name is SslSupportMethod. Note the differentcapitalization.)
• The minimum SSL/TLS protocol version that the distribution can use to communicate with viewers. Tospecify a minimum version, choose a value for MinimumProtocolVersion. For more information, seeSecurity Policy in the Amazon CloudFront Developer Guide.
• The location of the SSL/TLS certificate, AWS Certificate Manager (ACM) (recommended) or AWSIdentity and Access Management (AWS IAM). You specify the location by setting a value in one of thefollowing fields (not both):• ACMCertificateArn (In CloudFormation, this field name is AcmCertificateArn. Note the
different capitalization.)• IAMCertificateId (In CloudFormation, this field name is IamCertificateId. Note the different
capitalization.)
All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only,or to redirect them from HTTP to HTTPS, use ViewerProtocolPolicy in the CacheBehavior orDefaultCacheBehavior. To specify how CloudFront should use SSL/TLS to communicate with yourcustom origin, use CustomOriginConfig.
For more information, see Using HTTPS with CloudFront and Using Alternate Domain Names and HTTPSin the Amazon CloudFront Developer Guide.
ContentsACMCertificateArn
NoteIn CloudFormation, this field name is AcmCertificateArn. Note the differentcapitalization.
If the distribution uses Aliases (alternate domain names or CNAMEs) and the SSL/TLS certificateis stored in AWS Certificate Manager (ACM), provide the Amazon Resource Name (ARN) of theACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region (us-east-1).
If you specify an ACM certificate ARN, you must also specify values for MinimumProtocolVerisonand SSLSupportMethod. (In CloudFormation, the field name is SslSupportMethod. Note thedifferent capitalization.)
API Version 2020-05-31419
Amazon CloudFront API ReferenceContents
Type: String
Required: No
Certificate
This field is deprecated. Use one of the following fields instead:
• ACMCertificateArn (In CloudFormation, this field name is AcmCertificateArn. Note thedifferent capitalization.)
• IAMCertificateId (In CloudFormation, this field name is IamCertificateId. Note thedifferent capitalization.)
• CloudFrontDefaultCertificate
Type: String
Required: No
CertificateSource
This field is deprecated. Use one of the following fields instead:
• ACMCertificateArn (In CloudFormation, this field name is AcmCertificateArn. Note thedifferent capitalization.)
• IAMCertificateId (In CloudFormation, this field name is IamCertificateId. Note thedifferent capitalization.)
• CloudFrontDefaultCertificate
Type: String
Valid Values: cloudfront | iam | acm
Required: No
CloudFrontDefaultCertificate
If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net,set this field to true.
If the distribution uses Aliases (alternate domain names or CNAMEs), set this field to false andspecify values for the following fields:
• ACMCertificateArn or IAMCertificateId (specify a value for one, not both)
In CloudFormation, these field names are AcmCertificateArn and IamCertificateId. Notethe different capitalization.
• MinimumProtocolVersion
• SSLSupportMethod (In CloudFormation, this field name is SslSupportMethod. Note thedifferent capitalization.)
Type: Boolean
Required: No
IAMCertificateId
NoteIn CloudFormation, this field name is IamCertificateId. Note the differentcapitalization.
If the distribution uses Aliases (alternate domain names or CNAMEs) and the SSL/TLS certificate isstored in AWS Identity and Access Management (AWS IAM), provide the ID of the IAM certificate.
API Version 2020-05-31420
Amazon CloudFront API ReferenceContents
If you specify an IAM certificate ID, you must also specify values for MinimumProtocolVerisonand SSLSupportMethod. (In CloudFormation, the field name is SslSupportMethod. Note thedifferent capitalization.)
Type: String
Required: NoMinimumProtocolVersion
If the distribution uses Aliases (alternate domain names or CNAMEs), specify the security policythat you want CloudFront to use for HTTPS connections with viewers. The security policy determinestwo settings:• The minimum SSL/TLS protocol that CloudFront can use to communicate with viewers.• The ciphers that CloudFront can use to encrypt the content that it returns to viewers.
For more information, see Security Policy and Supported Protocols and Ciphers Between Viewersand CloudFront in the Amazon CloudFront Developer Guide.
NoteOn the CloudFront console, this setting is called Security Policy.
When you’re using SNI only (you set SSLSupportMethod to sni-only), you must specify TLSv1 orhigher. (In CloudFormation, the field name is SslSupportMethod. Note the different capitalization.)
If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net(you set CloudFrontDefaultCertificate to true), CloudFront automatically sets the securitypolicy to TLSv1 regardless of the value that you set here.
Type: String
Valid Values: SSLv3 | TLSv1 | TLSv1_2016 | TLSv1.1_2016 | TLSv1.2_2018 |TLSv1.2_2019
Required: NoSSLSupportMethod
NoteIn CloudFormation, this field name is SslSupportMethod. Note the differentcapitalization.
If the distribution uses Aliases (alternate domain names or CNAMEs), specify which viewers thedistribution accepts HTTPS connections from.• sni-only – The distribution accepts HTTPS connections from only viewers that support server
name indication (SNI). This is recommended. Most browsers and clients support SNI.• vip – The distribution accepts HTTPS connections from all viewers including those that don’t
support SNI. This is not recommended, and results in additional monthly charges from CloudFront.• static-ip - Do not specify this value unless your distribution has been enabled for this feature
by the CloudFront team. If you have a use case that requires static IP addresses for a distribution,contact CloudFront through the AWS Support Center.
If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net,don’t set a value for this field.
Type: String
Valid Values: sni-only | vip | static-ip
Required: No
API Version 2020-05-31421
Amazon CloudFront API ReferenceSee Also
See AlsoFor more information about using this API in one of the language-specific AWS SDKs, see the following:
• AWS SDK for C++• AWS SDK for Go• AWS SDK for Java• AWS SDK for Ruby V3
API Version 2020-05-31422
Amazon CloudFront API Reference
Common ParametersThe following list contains the parameters that all actions use for signing Signature Version 4 requestswith a query string. Any action-specific parameters are listed in the topic for that action. For moreinformation about Signature Version 4, see Signature Version 4 Signing Process in the Amazon WebServices General Reference.
Action
The action to be performed.
Type: string
Required: YesVersion
The API version that the request is written for, expressed in the format YYYY-MM-DD.
Type: string
Required: YesX-Amz-Algorithm
The hash algorithm that you used to create the request signature.
Condition: Specify this parameter when you include authentication information in a query stringinstead of in the HTTP authorization header.
Type: string
Valid Values: AWS4-HMAC-SHA256
Required: ConditionalX-Amz-Credential
The credential scope value, which is a string that includes your access key, the date, the region youare targeting, the service you are requesting, and a termination string ("aws4_request"). The value isexpressed in the following format: access_key/YYYYMMDD/region/service/aws4_request.
For more information, see Task 2: Create a String to Sign for Signature Version 4 in the Amazon WebServices General Reference.
Condition: Specify this parameter when you include authentication information in a query stringinstead of in the HTTP authorization header.
Type: string
Required: ConditionalX-Amz-Date
The date that is used to create the signature. The format must be ISO 8601 basic format(YYYYMMDD'T'HHMMSS'Z'). For example, the following date time is a valid X-Amz-Date value:20120325T120000Z.
Condition: X-Amz-Date is optional for all requests; it can be used to override the date used forsigning requests. If the Date header is specified in the ISO 8601 basic format, X-Amz-Date is
API Version 2020-05-31423
Amazon CloudFront API Reference
not required. When X-Amz-Date is used, it always overrides the value of the Date header. Formore information, see Handling Dates in Signature Version 4 in the Amazon Web Services GeneralReference.
Type: string
Required: ConditionalX-Amz-Security-Token
The temporary security token that was obtained through a call to AWS Security Token Service (AWSSTS). For a list of services that support temporary security credentials from AWS Security TokenService, go to AWS Services That Work with IAM in the IAM User Guide.
Condition: If you're using temporary security credentials from the AWS Security Token Service, youmust include the security token.
Type: string
Required: ConditionalX-Amz-Signature
Specifies the hex-encoded signature that was calculated from the string to sign and the derivedsigning key.
Condition: Specify this parameter when you include authentication information in a query stringinstead of in the HTTP authorization header.
Type: string
Required: ConditionalX-Amz-SignedHeaders
Specifies all the HTTP headers that were included as part of the canonical request. For moreinformation about specifying signed headers, see Task 1: Create a Canonical Request For SignatureVersion 4 in the Amazon Web Services General Reference.
Condition: Specify this parameter when you include authentication information in a query stringinstead of in the HTTP authorization header.
Type: string
Required: Conditional
API Version 2020-05-31424
Amazon CloudFront API Reference
Common ErrorsThis section lists the errors common to the API actions of all AWS services. For errors specific to an APIaction for this service, see the topic for that API action.
AccessDeniedException
You do not have sufficient access to perform this action.
HTTP Status Code: 400IncompleteSignature
The request signature does not conform to AWS standards.
HTTP Status Code: 400InternalFailure
The request processing has failed because of an unknown error, exception or failure.
HTTP Status Code: 500InvalidAction
The action or operation requested is invalid. Verify that the action is typed correctly.
HTTP Status Code: 400InvalidClientTokenId
The X.509 certificate or AWS access key ID provided does not exist in our records.
HTTP Status Code: 403InvalidParameterCombination
Parameters that must not be used together were used together.
HTTP Status Code: 400InvalidParameterValue
An invalid or out-of-range value was supplied for the input parameter.
HTTP Status Code: 400InvalidQueryParameter
The AWS query string is malformed or does not adhere to AWS standards.
HTTP Status Code: 400MalformedQueryString
The query string contains a syntax error.
HTTP Status Code: 404MissingAction
The request is missing an action or a required parameter.
HTTP Status Code: 400
API Version 2020-05-31425
Amazon CloudFront API Reference
MissingAuthenticationToken
The request must contain either a valid (registered) AWS access key ID or X.509 certificate.
HTTP Status Code: 403MissingParameter
A required parameter for the specified action is not supplied.
HTTP Status Code: 400OptInRequired
The AWS access key ID needs a subscription for the service.
HTTP Status Code: 403RequestExpired
The request reached the service more than 15 minutes after the date stamp on the request or morethan 15 minutes after the request expiration date (such as for pre-signed URLs), or the date stampon the request is more than 15 minutes in the future.
HTTP Status Code: 400ServiceUnavailable
The request has failed due to a temporary failure of the server.
HTTP Status Code: 503ThrottlingException
The request was denied due to request throttling.
HTTP Status Code: 400ValidationError
The input fails to satisfy the constraints specified by an AWS service.
HTTP Status Code: 400
API Version 2020-05-31426