Distribution
cloudfront.services.k8s.aws/v1alpha1
| Type | Link |
|---|---|
| GoDoc | cloudfront-controller/apis/v1alpha1#Distribution |
Metadata
| Property | Value |
|---|---|
| Scope | Namespaced |
| Kind | Distribution |
| ListKind | DistributionList |
| Plural | distributions |
| Singular | distribution |
A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.
Spec
distributionConfig:
aliases:
items:
- string
cacheBehaviors:
items:
allowedMethods:
cachedMethods:
items:
- string
items:
- string
cachePolicyID: string
compress: boolean
defaultTTL: integer
fieldLevelEncryptionID: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
items:
- string
headers:
items:
- string
queryString: boolean
queryStringCacheKeys:
items:
- string
functionAssociations:
items:
- eventType: string
functionARN: string
lambdaFunctionAssociations:
items:
- eventType: string
includeBody: boolean
lambdaFunctionARN: string
maxTTL: integer
minTTL: integer
originRequestPolicyID: string
pathPattern: string
realtimeLogConfigARN: string
responseHeadersPolicyID: string
smoothStreaming: boolean
targetOriginID: string
trustedKeyGroups:
enabled: boolean
items:
- string
trustedSigners:
enabled: boolean
items:
- string
viewerProtocolPolicy: string
comment: string
continuousDeploymentPolicyID: string
customErrorResponses:
items:
- errorCachingMinTTL: integer
errorCode: integer
responseCode: string
responsePagePath: string
defaultCacheBehavior:
allowedMethods:
cachedMethods:
items:
- string
items:
- string
cachePolicyID: string
compress: boolean
defaultTTL: integer
fieldLevelEncryptionID: string
forwardedValues:
cookies:
forward: string
whitelistedNames:
items:
- string
headers:
items:
- string
queryString: boolean
queryStringCacheKeys:
items:
- string
functionAssociations:
items:
- eventType: string
functionARN: string
lambdaFunctionAssociations:
items:
- eventType: string
includeBody: boolean
lambdaFunctionARN: string
maxTTL: integer
minTTL: integer
originRequestPolicyID: string
realtimeLogConfigARN: string
responseHeadersPolicyID: string
smoothStreaming: boolean
targetOriginID: string
trustedKeyGroups:
enabled: boolean
items:
- string
trustedSigners:
enabled: boolean
items:
- string
viewerProtocolPolicy: string
defaultRootObject: string
enabled: boolean
httpVersion: string
isIPV6Enabled: boolean
logging:
bucket: string
enabled: boolean
includeCookies: boolean
prefix: string
originGroups:
items:
failoverCriteria:
statusCodes:
items:
- integer
id: string
members:
items:
- originID: string
origins:
items:
- connectionAttempts: integer
connectionTimeout: integer
customHeaders:
items:
- headerName: string
headerValue: string
customOriginConfig:
httpPort: integer
httpSPort: integer
originKeepaliveTimeout: integer
originProtocolPolicy: string
originReadTimeout: integer
originSSLProtocols:
items:
- string
domainName: string
id: string
originAccessControlID: string
originPath: string
originShield:
enabled: boolean
originShieldRegion: string
s3OriginConfig:
originAccessIdentity: string
priceClass: string
restrictions:
geoRestriction:
items:
- string
restrictionType: string
staging: boolean
viewerCertificate:
acmCertificateARN: string
acmCertificateRef:
from:
name: string
certificate: string
certificateSource: string
cloudFrontDefaultCertificate: boolean
iamCertificateID: string
minimumProtocolVersion: string
sslSupportMethod: string
webACLID: string
| Field | Description |
|---|---|
| distributionConfig Required | object The distribution’s configuration information. |
| distributionConfig.aliases Optional | object A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution. |
| distributionConfig.aliases.items Optional | array |
| distributionConfig.aliases.items.[] Required | string |
| distributionConfig.cacheBehaviors.items Optional | array |
| distributionConfig.cacheBehaviors.items.[] Required | object A complex type that describes how CloudFront processes requests. |
You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.
For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see Quotas (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html) in the Amazon CloudFront Developer Guide.
If you don’t want to specify any cache behaviors, include only an empty CacheBehaviors element. Don’t include an empty CacheBehavior element because this is invalid.
To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty CacheBehaviors element.
To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.
For more information about cache behaviors, see Cache Behavior Settings (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior)
in the Amazon CloudFront Developer Guide. || distributionConfig.cacheBehaviors.items.[].allowedMethods
Optional | object
A complex type that controls which HTTP methods CloudFront processes and
forwards to your Amazon S3 bucket or your custom origin. There are three
choices:
* CloudFront forwards only GET and HEAD requests.
* CloudFront forwards only GET, HEAD, and OPTIONS requests.
* CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE
requests.
If you pick the third choice, you may need to restrict access to your Amazon
S3 bucket or to your custom origin so users can’t perform operations that
you don’t want them to. For example, you might not want users to have permissions
to delete objects from your origin. |
| distributionConfig.cacheBehaviors.items.[].allowedMethods.cachedMethods
Optional | object
A complex type that controls whether CloudFront caches the response to requests
using the specified HTTP methods. There are two choices:
* CloudFront caches responses to GET and HEAD requests.
* CloudFront caches responses to GET, HEAD, and OPTIONS requests.
If you pick the second choice for your Amazon S3 Origin, you may need to
forward Access-Control-Request-Method, Access-Control-Request-Headers, and
Origin headers for the responses to be cached correctly. |
| distributionConfig.cacheBehaviors.items.[].allowedMethods.cachedMethods.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].allowedMethods.cachedMethods.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].allowedMethods.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].allowedMethods.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].cachePolicyID
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].compress
Optional | boolean
|
| distributionConfig.cacheBehaviors.items.[].defaultTTL
Optional | integer
|
| distributionConfig.cacheBehaviors.items.[].fieldLevelEncryptionID
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].forwardedValues
Optional | object
This field is deprecated. We recommend that you use a cache policy or an
origin request policy instead of this field.
If you want to include values in the cache key, use a cache policy. For more
information, see Creating cache policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy)
in the Amazon CloudFront Developer Guide.
If you want to send values to the origin but not include them in the cache
key, use an origin request policy. For more information, see Creating origin
request policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy)
in the Amazon CloudFront Developer Guide.
A complex type that specifies how CloudFront handles query strings, cookies,
and HTTP headers. |
| distributionConfig.cacheBehaviors.items.[].forwardedValues.cookies
Optional | object
This field is deprecated. We recommend that you use a cache policy or an
origin request policy instead of this field.
If you want to include cookies in the cache key, use CookiesConfig in a cache
policy. See CachePolicy.
If you want to send cookies to the origin but not include them in the cache
key, use CookiesConfig in an origin request policy. See OriginRequestPolicy.
A complex type that specifies whether you want CloudFront to forward cookies
to the origin and, if so, which ones. For more information about forwarding
cookies to the origin, see Caching Content Based on Cookies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html)
in the Amazon CloudFront Developer Guide. |
| distributionConfig.cacheBehaviors.items.[].forwardedValues.cookies.forward
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].forwardedValues.cookies.whitelistedNames
Optional | object
Contains a list of cookie names. |
| distributionConfig.cacheBehaviors.items.[].forwardedValues.cookies.whitelistedNames.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].forwardedValues.cookies.whitelistedNames.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].forwardedValues.headers
Optional | object
Contains a list of HTTP header names. |
| distributionConfig.cacheBehaviors.items.[].forwardedValues.headers.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].forwardedValues.headers.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].forwardedValues.queryString
Optional | boolean
|
| distributionConfig.cacheBehaviors.items.[].forwardedValues.queryStringCacheKeys
Optional | object
This field is deprecated. We recommend that you use a cache policy or an
origin request policy instead of this field.
If you want to include query strings in the cache key, use QueryStringsConfig
in a cache policy. See CachePolicy.
If you want to send query strings to the origin but not include them in the
cache key, use QueryStringsConfig in an origin request policy. See OriginRequestPolicy.
A complex type that contains information about the query string parameters
that you want CloudFront to use for caching for a cache behavior. |
| distributionConfig.cacheBehaviors.items.[].forwardedValues.queryStringCacheKeys.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].forwardedValues.queryStringCacheKeys.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].functionAssociations
Optional | object
A list of CloudFront functions that are associated with a cache behavior
in a CloudFront distribution. CloudFront functions must be published to the
LIVE stage to associate them with a cache behavior. |
| distributionConfig.cacheBehaviors.items.[].functionAssociations.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].functionAssociations.items.[]
Required | object
A CloudFront function that is associated with a cache behavior in a CloudFront
distribution. || distributionConfig.cacheBehaviors.items.[].functionAssociations.items.[].eventType
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].functionAssociations.items.[].functionARN
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].lambdaFunctionAssociations
Optional | object
A complex type that specifies a list of Lambda@Edge functions associations
for a cache behavior.
If you want to invoke one or more Lambda@Edge functions triggered by requests
that match the PathPattern of the cache behavior, specify the applicable
values for Quantity and Items. Note that there can be up to 4 LambdaFunctionAssociation
items in this list (one for each possible value of EventType) and each EventType
can be associated with only one function.
If you don’t want to invoke any Lambda@Edge functions for the requests that
match PathPattern, specify 0 for Quantity and omit Items. |
| distributionConfig.cacheBehaviors.items.[].lambdaFunctionAssociations.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].lambdaFunctionAssociations.items.[]
Required | object
A complex type that contains a Lambda@Edge function association. || distributionConfig.cacheBehaviors.items.[].lambdaFunctionAssociations.items.[].eventType
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].lambdaFunctionAssociations.items.[].includeBody
Optional | boolean
|
| distributionConfig.cacheBehaviors.items.[].lambdaFunctionAssociations.items.[].lambdaFunctionARN
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].maxTTL
Optional | integer
|
| distributionConfig.cacheBehaviors.items.[].minTTL
Optional | integer
|
| distributionConfig.cacheBehaviors.items.[].originRequestPolicyID
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].pathPattern
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].realtimeLogConfigARN
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].responseHeadersPolicyID
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].smoothStreaming
Optional | boolean
|
| distributionConfig.cacheBehaviors.items.[].targetOriginID
Optional | string
|
| distributionConfig.cacheBehaviors.items.[].trustedKeyGroups
Optional | object
A list of key groups whose public keys CloudFront can use to verify the signatures
of signed URLs and signed cookies. |
| distributionConfig.cacheBehaviors.items.[].trustedKeyGroups.enabled
Optional | boolean
|
| distributionConfig.cacheBehaviors.items.[].trustedKeyGroups.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].trustedKeyGroups.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].trustedSigners
Optional | object
A list of Amazon Web Services accounts whose public keys CloudFront can use
to verify the signatures of signed URLs and signed cookies. |
| distributionConfig.cacheBehaviors.items.[].trustedSigners.enabled
Optional | boolean
|
| distributionConfig.cacheBehaviors.items.[].trustedSigners.items
Optional | array
|
| distributionConfig.cacheBehaviors.items.[].trustedSigners.items.[]
Required | string
|| distributionConfig.cacheBehaviors.items.[].viewerProtocolPolicy
Optional | string
|
| distributionConfig.comment
Optional | string
|
| distributionConfig.continuousDeploymentPolicyID
Optional | string
|
| distributionConfig.customErrorResponses
Optional | object
A complex type that controls:
* Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range
with custom error messages before returning the response to the viewer.
* How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html)
in the Amazon CloudFront Developer Guide. |
| distributionConfig.customErrorResponses.items
Optional | array
|
| distributionConfig.customErrorResponses.items.[]
Required | object
A complex type that controls:
Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.
How long CloudFront caches HTTP status codes in the 4xx and 5xx range.
For more information about custom error pages, see Customizing Error Responses
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html)
in the Amazon CloudFront Developer Guide. || distributionConfig.customErrorResponses.items.[].errorCachingMinTTL
Optional | integer
|
| distributionConfig.customErrorResponses.items.[].errorCode
Optional | integer
|
| distributionConfig.customErrorResponses.items.[].responseCode
Optional | string
|
| distributionConfig.customErrorResponses.items.[].responsePagePath
Optional | string
|
| distributionConfig.defaultCacheBehavior
Optional | object
A complex type that describes the default cache behavior if you don’t specify
a CacheBehavior element or if request URLs don’t match any of the values
of PathPattern in CacheBehavior elements. You must create exactly one default
cache behavior. |
| distributionConfig.defaultCacheBehavior.allowedMethods
Optional | object
A complex type that controls which HTTP methods CloudFront processes and
forwards to your Amazon S3 bucket or your custom origin. There are three
choices:
* CloudFront forwards only GET and HEAD requests.
* CloudFront forwards only GET, HEAD, and OPTIONS requests.
* CloudFront forwards GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE
requests.
If you pick the third choice, you may need to restrict access to your Amazon
S3 bucket or to your custom origin so users can’t perform operations that
you don’t want them to. For example, you might not want users to have permissions
to delete objects from your origin. |
| distributionConfig.defaultCacheBehavior.allowedMethods.cachedMethods
Optional | object
A complex type that controls whether CloudFront caches the response to requests
using the specified HTTP methods. There are two choices:
* CloudFront caches responses to GET and HEAD requests.
* CloudFront caches responses to GET, HEAD, and OPTIONS requests.
If you pick the second choice for your Amazon S3 Origin, you may need to
forward Access-Control-Request-Method, Access-Control-Request-Headers, and
Origin headers for the responses to be cached correctly. |
| distributionConfig.defaultCacheBehavior.allowedMethods.cachedMethods.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.allowedMethods.cachedMethods.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.allowedMethods.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.allowedMethods.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.cachePolicyID
Optional | string
|
| distributionConfig.defaultCacheBehavior.compress
Optional | boolean
|
| distributionConfig.defaultCacheBehavior.defaultTTL
Optional | integer
|
| distributionConfig.defaultCacheBehavior.fieldLevelEncryptionID
Optional | string
|
| distributionConfig.defaultCacheBehavior.forwardedValues
Optional | object
This field is deprecated. We recommend that you use a cache policy or an
origin request policy instead of this field.
If you want to include values in the cache key, use a cache policy. For more
information, see Creating cache policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy)
in the Amazon CloudFront Developer Guide.
If you want to send values to the origin but not include them in the cache
key, use an origin request policy. For more information, see Creating origin
request policies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy)
in the Amazon CloudFront Developer Guide.
A complex type that specifies how CloudFront handles query strings, cookies,
and HTTP headers. |
| distributionConfig.defaultCacheBehavior.forwardedValues.cookies
Optional | object
This field is deprecated. We recommend that you use a cache policy or an
origin request policy instead of this field.
If you want to include cookies in the cache key, use CookiesConfig in a cache
policy. See CachePolicy.
If you want to send cookies to the origin but not include them in the cache
key, use CookiesConfig in an origin request policy. See OriginRequestPolicy.
A complex type that specifies whether you want CloudFront to forward cookies
to the origin and, if so, which ones. For more information about forwarding
cookies to the origin, see Caching Content Based on Cookies (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Cookies.html)
in the Amazon CloudFront Developer Guide. |
| distributionConfig.defaultCacheBehavior.forwardedValues.cookies.forward
Optional | string
|
| distributionConfig.defaultCacheBehavior.forwardedValues.cookies.whitelistedNames
Optional | object
Contains a list of cookie names. |
| distributionConfig.defaultCacheBehavior.forwardedValues.cookies.whitelistedNames.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.forwardedValues.cookies.whitelistedNames.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.forwardedValues.headers
Optional | object
Contains a list of HTTP header names. |
| distributionConfig.defaultCacheBehavior.forwardedValues.headers.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.forwardedValues.headers.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.forwardedValues.queryString
Optional | boolean
|
| distributionConfig.defaultCacheBehavior.forwardedValues.queryStringCacheKeys
Optional | object
This field is deprecated. We recommend that you use a cache policy or an
origin request policy instead of this field.
If you want to include query strings in the cache key, use QueryStringsConfig
in a cache policy. See CachePolicy.
If you want to send query strings to the origin but not include them in the
cache key, use QueryStringsConfig in an origin request policy. See OriginRequestPolicy.
A complex type that contains information about the query string parameters
that you want CloudFront to use for caching for a cache behavior. |
| distributionConfig.defaultCacheBehavior.forwardedValues.queryStringCacheKeys.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.forwardedValues.queryStringCacheKeys.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.functionAssociations
Optional | object
A list of CloudFront functions that are associated with a cache behavior
in a CloudFront distribution. CloudFront functions must be published to the
LIVE stage to associate them with a cache behavior. |
| distributionConfig.defaultCacheBehavior.functionAssociations.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.functionAssociations.items.[]
Required | object
A CloudFront function that is associated with a cache behavior in a CloudFront
distribution. || distributionConfig.defaultCacheBehavior.functionAssociations.items.[].eventType
Optional | string
|
| distributionConfig.defaultCacheBehavior.functionAssociations.items.[].functionARN
Optional | string
|
| distributionConfig.defaultCacheBehavior.lambdaFunctionAssociations
Optional | object
A complex type that specifies a list of Lambda@Edge functions associations
for a cache behavior.
If you want to invoke one or more Lambda@Edge functions triggered by requests
that match the PathPattern of the cache behavior, specify the applicable
values for Quantity and Items. Note that there can be up to 4 LambdaFunctionAssociation
items in this list (one for each possible value of EventType) and each EventType
can be associated with only one function.
If you don’t want to invoke any Lambda@Edge functions for the requests that
match PathPattern, specify 0 for Quantity and omit Items. |
| distributionConfig.defaultCacheBehavior.lambdaFunctionAssociations.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.lambdaFunctionAssociations.items.[]
Required | object
A complex type that contains a Lambda@Edge function association. || distributionConfig.defaultCacheBehavior.lambdaFunctionAssociations.items.[].eventType
Optional | string
|
| distributionConfig.defaultCacheBehavior.lambdaFunctionAssociations.items.[].includeBody
Optional | boolean
|
| distributionConfig.defaultCacheBehavior.lambdaFunctionAssociations.items.[].lambdaFunctionARN
Optional | string
|
| distributionConfig.defaultCacheBehavior.maxTTL
Optional | integer
|
| distributionConfig.defaultCacheBehavior.minTTL
Optional | integer
|
| distributionConfig.defaultCacheBehavior.originRequestPolicyID
Optional | string
|
| distributionConfig.defaultCacheBehavior.realtimeLogConfigARN
Optional | string
|
| distributionConfig.defaultCacheBehavior.responseHeadersPolicyID
Optional | string
|
| distributionConfig.defaultCacheBehavior.smoothStreaming
Optional | boolean
|
| distributionConfig.defaultCacheBehavior.targetOriginID
Optional | string
|
| distributionConfig.defaultCacheBehavior.trustedKeyGroups
Optional | object
A list of key groups whose public keys CloudFront can use to verify the signatures
of signed URLs and signed cookies. |
| distributionConfig.defaultCacheBehavior.trustedKeyGroups.enabled
Optional | boolean
|
| distributionConfig.defaultCacheBehavior.trustedKeyGroups.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.trustedKeyGroups.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.trustedSigners
Optional | object
A list of Amazon Web Services accounts whose public keys CloudFront can use
to verify the signatures of signed URLs and signed cookies. |
| distributionConfig.defaultCacheBehavior.trustedSigners.enabled
Optional | boolean
|
| distributionConfig.defaultCacheBehavior.trustedSigners.items
Optional | array
|
| distributionConfig.defaultCacheBehavior.trustedSigners.items.[]
Required | string
|| distributionConfig.defaultCacheBehavior.viewerProtocolPolicy
Optional | string
|
| distributionConfig.defaultRootObject
Optional | string
|
| distributionConfig.enabled
Optional | boolean
|
| distributionConfig.httpVersion
Optional | string
|
| distributionConfig.isIPV6Enabled
Optional | boolean
|
| distributionConfig.logging
Optional | object
A complex type that controls whether access logs are written for the distribution. |
| distributionConfig.logging.bucket
Optional | string
|
| distributionConfig.logging.enabled
Optional | boolean
|
| distributionConfig.logging.includeCookies
Optional | boolean
|
| distributionConfig.logging.prefix
Optional | string
|
| distributionConfig.originGroups
Optional | object
A complex data type for the origin groups specified for a distribution. |
| distributionConfig.originGroups.items
Optional | array
List of origin groups for a distribution. |
| distributionConfig.originGroups.items.[]
Required | object
An origin group includes two origins (a primary origin and a second origin
to failover to) and a failover criteria that you specify. You create an origin
group to support origin failover in CloudFront. When you create or update
a distribution, you can specifiy the origin group instead of a single origin,
and CloudFront will failover from the primary origin to the second origin
under the failover conditions that you’ve chosen. || distributionConfig.originGroups.items.[].failoverCriteria
Optional | object
A complex data type that includes information about the failover criteria
for an origin group, including the status codes for which CloudFront will
failover from the primary origin to the second origin. |
| distributionConfig.originGroups.items.[].failoverCriteria.statusCodes
Optional | object
A complex data type for the status codes that you specify that, when returned
by a primary origin, trigger CloudFront to failover to a second origin. |
| distributionConfig.originGroups.items.[].failoverCriteria.statusCodes.items
Optional | array
List of status codes for origin failover. |
| distributionConfig.originGroups.items.[].failoverCriteria.statusCodes.items.[]
Required | integer
|| distributionConfig.originGroups.items.[].id
Optional | string
|
| distributionConfig.originGroups.items.[].members
Optional | object
A complex data type for the origins included in an origin group. |
| distributionConfig.originGroups.items.[].members.items
Optional | array
List of origins in an origin group. |
| distributionConfig.originGroups.items.[].members.items.[]
Required | object
An origin in an origin group. || distributionConfig.originGroups.items.[].members.items.[].originID
Optional | string
|
| distributionConfig.origins
Optional | object
Contains information about the origins for this distribution. |
| distributionConfig.origins.items
Optional | array
|
| distributionConfig.origins.items.[]
Required | object
An origin.
An origin is the location where content is stored, and from which CloudFront gets content to serve to viewers. To specify an origin:
Use S3OriginConfig to specify an Amazon S3 bucket that is not configured with static website hosting.
Use CustomOriginConfig to specify all other kinds of origins, including: An Amazon S3 bucket that is configured with static website hosting An Elastic Load Balancing load balancer An AWS Elemental MediaPackage endpoint An AWS Elemental MediaStore container Any other HTTP server, running on an Amazon EC2 instance or any other kind of host
For the current maximum number of origins that you can specify per distribution,
see General Quotas on Web Distributions (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html#limits-web-distributions)
in the Amazon CloudFront Developer Guide (quotas were formerly referred to
as limits). || distributionConfig.origins.items.[].connectionAttempts
Optional | integer
|
| distributionConfig.origins.items.[].connectionTimeout
Optional | integer
|
| distributionConfig.origins.items.[].customHeaders
Optional | object
A complex type that contains the list of Custom Headers for each origin. |
| distributionConfig.origins.items.[].customHeaders.items
Optional | array
|
| distributionConfig.origins.items.[].customHeaders.items.[]
Required | object
A complex type that contains HeaderName and HeaderValue elements, if any,
for this distribution. || distributionConfig.origins.items.[].customHeaders.items.[].headerName
Optional | string
|
| distributionConfig.origins.items.[].customHeaders.items.[].headerValue
Optional | string
|
| distributionConfig.origins.items.[].customOriginConfig
Optional | object
A custom origin. A custom origin is any origin that is not an Amazon S3 bucket,
with one exception. An Amazon S3 bucket that is configured with static website
hosting (https://docs.aws.amazon.com/AmazonS3/latest/dev/WebsiteHosting.html)
is a custom origin. |
| distributionConfig.origins.items.[].customOriginConfig.httpPort
Optional | integer
|
| distributionConfig.origins.items.[].customOriginConfig.httpSPort
Optional | integer
|
| distributionConfig.origins.items.[].customOriginConfig.originKeepaliveTimeout
Optional | integer
|
| distributionConfig.origins.items.[].customOriginConfig.originProtocolPolicy
Optional | string
|
| distributionConfig.origins.items.[].customOriginConfig.originReadTimeout
Optional | integer
|
| distributionConfig.origins.items.[].customOriginConfig.originSSLProtocols
Optional | object
A complex type that contains information about the SSL/TLS protocols that
CloudFront can use when establishing an HTTPS connection with your origin. |
| distributionConfig.origins.items.[].customOriginConfig.originSSLProtocols.items
Optional | array
|
| distributionConfig.origins.items.[].customOriginConfig.originSSLProtocols.items.[]
Required | string
|| distributionConfig.origins.items.[].domainName
Optional | string
|
| distributionConfig.origins.items.[].id
Optional | string
|
| distributionConfig.origins.items.[].originAccessControlID
Optional | string
|
| distributionConfig.origins.items.[].originPath
Optional | string
|
| distributionConfig.origins.items.[].originShield
Optional | object
CloudFront Origin Shield.
Using Origin Shield can help reduce the load on your origin. For more information,
see Using Origin Shield (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html)
in the Amazon CloudFront Developer Guide. |
| distributionConfig.origins.items.[].originShield.enabled
Optional | boolean
|
| distributionConfig.origins.items.[].originShield.originShieldRegion
Optional | string
|
| distributionConfig.origins.items.[].s3OriginConfig
Optional | object
A complex type that contains information about the Amazon S3 origin. If the
origin is a custom origin or an S3 bucket that is configured as a website
endpoint, use the CustomOriginConfig element instead. |
| distributionConfig.origins.items.[].s3OriginConfig.originAccessIdentity
Optional | string
|
| distributionConfig.priceClass
Optional | string
|
| distributionConfig.restrictions
Optional | object
A complex type that identifies ways in which you want to restrict distribution
of your content. |
| distributionConfig.restrictions.geoRestriction
Optional | object
A complex type that controls the countries in which your content is distributed.
CloudFront determines the location of your users using MaxMind GeoIP databases. |
| distributionConfig.restrictions.geoRestriction.items
Optional | array
|
| distributionConfig.restrictions.geoRestriction.items.[]
Required | string
|| distributionConfig.restrictions.geoRestriction.restrictionType
Optional | string
|
| distributionConfig.staging
Optional | boolean
|
| distributionConfig.viewerCertificate
Optional | object
A complex type that determines the distribution’s SSL/TLS configuration for
communicating with viewers.
If the distribution doesn’t use Aliases (also known as alternate domain names
or CNAMEs)—that is, if the distribution uses the CloudFront domain name
such as d111111abcdef8.cloudfront.net—set CloudFrontDefaultCertificate
to true and leave all other fields empty.
If the distribution uses Aliases (alternate domain names or CNAMEs), use
the fields in this type to specify the following settings:
* Which viewers the distribution accepts HTTPS connections from: only
viewers that support server name indication (SNI) (https://en.wikipedia.org/wiki/Server_Name_Indication)
(recommended), or all viewers including those that don’t support SNI.
To accept HTTPS connections from only viewers that support SNI, set SSLSupportMethod
to sni-only. This is recommended. Most browsers and clients support SNI.
To accept HTTPS connections from all viewers, including those that don’t
support SNI, set SSLSupportMethod to vip. This is not recommended, and
results in additional monthly charges from CloudFront.
* The minimum SSL/TLS protocol version that the distribution can use to
communicate with viewers. To specify a minimum version, choose a value
for MinimumProtocolVersion. For more information, see Security Policy
(https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy)
in the Amazon CloudFront Developer Guide.
* The location of the SSL/TLS certificate, Certificate Manager (ACM) (https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html)
(recommended) or Identity and Access Management (IAM) (https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html).
You specify the location by setting a value in one of the following fields
(not both): ACMCertificateArn IAMCertificateId
All distributions support HTTPS connections from viewers. To require viewers
to use HTTPS only, or to redirect them from HTTP to HTTPS, use ViewerProtocolPolicy
in the CacheBehavior or DefaultCacheBehavior. To specify how CloudFront should
use SSL/TLS to communicate with your custom origin, use CustomOriginConfig.
For more information, see Using HTTPS with CloudFront (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https.html)
and Using Alternate Domain Names and HTTPS (https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-alternate-domain-names.html)
in the Amazon CloudFront Developer Guide. |
| distributionConfig.viewerCertificate.acmCertificateARN
Optional | string
|
| distributionConfig.viewerCertificate.acmCertificateRef
Optional | object
Reference field for ACMCertificateARN |
| distributionConfig.viewerCertificate.acmCertificateRef.from
Optional | object
AWSResourceReference provides all the values necessary to reference another
k8s resource for finding the identifier(Id/ARN/Name) |
| distributionConfig.viewerCertificate.acmCertificateRef.from.name
Optional | string
|
| distributionConfig.viewerCertificate.certificate
Optional | string
|
| distributionConfig.viewerCertificate.certificateSource
Optional | string
|
| distributionConfig.viewerCertificate.cloudFrontDefaultCertificate
Optional | boolean
|
| distributionConfig.viewerCertificate.iamCertificateID
Optional | string
|
| distributionConfig.viewerCertificate.minimumProtocolVersion
Optional | string
|
| distributionConfig.viewerCertificate.sslSupportMethod
Optional | string
|
| distributionConfig.webACLID
Optional | string
|
Status
ackResourceMetadata:
arn: string
ownerAccountID: string
region: string
activeTrustedKeyGroups:
enabled: boolean
items:
- keyGroupID: string
keyPairIDs:
items:
- string
quantity: integer
activeTrustedSigners:
enabled: boolean
items:
- awsAccountNumber: string
keyPairIDs:
items:
- string
quantity: integer
aliasICPRecordals:
- cname: string
iCPRecordalStatus: string
callerReference: string
conditions:
- lastTransitionTime: string
message: string
reason: string
status: string
type: string
domainName: string
eTag: string
id: string
inProgressInvalidationBatches: integer
lastModifiedTime: string
status: string
| Field | Description |
|---|---|
| ackResourceMetadata Optional | object All CRs managed by ACK have a common Status.ACKResourceMetadata memberthat is used to contain resource sync state, account ownership, constructed ARN for the resource |
| ackResourceMetadata.arn Optional | string ARN is the Amazon Resource Name for the resource. This is a globally-unique identifier and is set only by the ACK service controller once the controller has orchestrated the creation of the resource OR when it has verified that an “adopted” resource (a resource where the ARN annotation was set by the Kubernetes user on the CR) exists and matches the supplied CR’s Spec field values. TODO(vijat@): Find a better strategy for resources that do not have ARN in CreateOutputResponse https://github.com/aws/aws-controllers-k8s/issues/270 |
| ackResourceMetadata.ownerAccountID Required | string OwnerAccountID is the AWS Account ID of the account that owns the backend AWS service API resource. |
| ackResourceMetadata.region Required | string Region is the AWS region in which the resource exists or will exist. |
| activeTrustedKeyGroups Optional | object This field contains a list of key groups and the public keys in each key group that CloudFront can use to verify the signatures of signed URLs or signed cookies. |
| activeTrustedKeyGroups.enabled Optional | boolean |
| activeTrustedKeyGroups.items Optional | array |
| activeTrustedKeyGroups.items.[] Required | object A list of identifiers for the public keys that CloudFront can use to verify |
| the signatures of signed URLs and signed cookies. | |
| activeTrustedKeyGroups.items.[].keyPairIDs Optional | object A list of CloudFront key pair identifiers. |
| activeTrustedKeyGroups.items.[].keyPairIDs.items Optional | array |
| activeTrustedKeyGroups.items.[].keyPairIDs.items.[] Required | string |
| activeTrustedSigners Optional | object We recommend using TrustedKeyGroups instead of TrustedSigners. This field contains a list of Amazon Web Services account IDs and the active CloudFront key pairs in each account that CloudFront can use to verify the signatures of signed URLs or signed cookies. |
| activeTrustedSigners.enabled Optional | boolean |
| activeTrustedSigners.items Optional | array |
| activeTrustedSigners.items.[] Required | object A list of Amazon Web Services accounts and the active CloudFront key pairs |
| in each account that CloudFront can use to verify the signatures of signed | |
| URLs and signed cookies. | |
| activeTrustedSigners.items.[].keyPairIDs Optional | object A list of CloudFront key pair identifiers. |
| activeTrustedSigners.items.[].keyPairIDs.items Optional | array |
| activeTrustedSigners.items.[].keyPairIDs.items.[] Required | string |
| aliasICPRecordals Optional | array Amazon Web Services services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they’ve added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions. For more information about ICP recordals, see Signup, Accounts, and Credentials (https://docs.amazonaws.cn/en_us/aws/latest/userguide/accounts-and-credentials.html) in Getting Started with Amazon Web Services services in China. |
| aliasICPRecordals.[] Required | object Amazon Web Services services in China customers must file for an Internet |
| Content Provider (ICP) recordal if they want to serve content publicly on | |
| an alternate domain name, also known as a CNAME, that they’ve added to CloudFront. | |
| AliasICPRecordal provides the ICP recordal status for CNAMEs associated with | |
| distributions. The status is returned in the CloudFront response; you can’t | |
| configure it yourself. |
For more information about ICP recordals, see Signup, Accounts, and Credentials
(https://docs.amazonaws.cn/en_us/aws/latest/userguide/accounts-and-credentials.html)
in Getting Started with Amazon Web Services services in China. || aliasICPRecordals.[].cname
Optional | string
|
| aliasICPRecordals.[].iCPRecordalStatus
Optional | string
|
| callerReference
Optional | string
|
| conditions
Optional | array
All CRS managed by ACK have a common Status.Conditions member that
contains a collection of ackv1alpha1.Condition objects that describe
the various terminal states of the CR and its backend AWS service API
resource |
| conditions.[]
Required | object
Condition is the common struct used by all CRDs managed by ACK service
controllers to indicate terminal states of the CR and its backend AWS
service API resource || conditions.[].lastTransitionTime
Optional | string
Last time the condition transitioned from one status to another. |
| conditions.[].message
Optional | string
A human readable message indicating details about the transition. |
| conditions.[].reason
Optional | string
The reason for the condition’s last transition. |
| conditions.[].status
Optional | string
Status of the condition, one of True, False, Unknown. |
| conditions.[].type
Optional | string
Type is the type of the Condition |
| domainName
Optional | string
The distribution’s CloudFront domain name. For example: d111111abcdef8.cloudfront.net. |
| eTag
Optional | string
The current version of the distribution created. |
| id
Optional | string
The distribution’s identifier. For example: E1U5RQF7T870K0. |
| inProgressInvalidationBatches
Optional | integer
The number of invalidation batches currently in progress. |
| lastModifiedTime
Optional | string
The date and time when the distribution was last modified. |
| status
Optional | string
The distribution’s status. When the status is Deployed, the distribution’s
information is fully propagated to all CloudFront edge locations. |