Amazon CloudFront
API Reference (API Version 2016-09-29)


A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content.

If you want to require signed URLs in requests for objects in the target origin that match the PathPattern for this cache behavior, specify true for Enabled, and specify the applicable values for Quantity and Items. For more information, see Serving Private Content through CloudFront in the Amazon Amazon CloudFront Developer Guide.

If you don't want to require signed URLs in requests for objects that match PathPattern, specify false for Enabled and 0 for Quantity. Omit Items.

To add, change, or remove one or more trusted signers, change Enabled to true (if it's currently false), change Quantity as applicable, and specify all of the trusted signers that you want to include in the updated distribution.

For more information about updating the distribution configuration, see DistributionConfig .



Specifies whether you want to require viewers to use signed URLs to access the files specified by PathPattern and TargetOriginId.

Type: Boolean

Required: Yes


Optional: A complex type that contains trusted signers for this cache behavior. If Quantity is 0, you can omit Items.

Type: array of Strings

Required: No


The number of trusted signers for this cache behavior.

Type: Integer

Required: Yes