AWS Documentation » Amazon CloudFront » API Reference » Complex Types » DistributionConfig Complex Type	« Previous Next »
	Did this page help you? Yes \| No \| Tell us about it...

DistributionConfig Complex Type

Topics

Description

The DistributionConfig complex type describes a distribution's configuration information. For more information about distributions, go to Working with Distributions in the Amazon CloudFront Developer Guide.

Important

When you update the DistributionConfig, you replace the entire configuration with a new one, you don't add to the existing configuration. For example, if you want to add a CNAME alias to a distribution that already has one, you must specify both the original CNAME alias and the new one. Otherwise, the updated configuration will contain only the new CNAME alias, not the original one. This requirement is enforced by the Quantity element. For example, if you specify 3 for the Quantity element under Aliases but you don't specify any CNAME elements, CloudFront returns an error.

The DistributionConfig complex type is used in the following CloudFront API actions:

POST Distribution (see request parameter)
PUT Distribution Config (see request parameter)
GET Distribution (see response element)
GET Distribution Config (see response element)

Syntax

<DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2013-05-12/">
   <CallerReference>unique description for this
      distribution config</CallerReference>
   <Aliases>
      <Quantity>number of CNAME aliases</Quantity>
      <!-- Optional. Omit when Quantity = 0. -->
      <Items>
         <CNAME>CNAME alias</CNAME>
      </Items>
   </Aliases>
   <DefaultRootObject>URL for default root object</DefaultRootObject>
   <Origins>
      <Quantity>number of origins</Quantity>
      <Items>
         <Origin>
            <Id>unique identifier for this origin</Id>
            <DomainName>domain name of origin</DomainName>
            <!-- In a request, include the S3OriginConfig element 
               only if you use an Amazon S3 origin for your distribution. 
               In a response, this element appears only 
               if you use an Amazon S3 origin. -->
            <S3OriginConfig>
               <OriginAccessIdentity>origin-access-identity/
                  cloudfront/ID</OriginAccessIdentity>
            </S3OriginConfig>
            <!-- In a request, include the CustomOriginConfig element 
               only if you use an custom origin for your distribution. 
               In a response, this element appears only 
               if you use a custom origin. -->
            <CustomOriginConfig>
               <HTTPPort>HTTP port that the custom origin 
                  listens on</HTTPPort>
               <HTTPSPort>HTTPS port that the custom origin 
                  listens on</HTTPSPort>
               <OriginProtocolPolicy>http-only | 
                  match-viewer</OriginProtocolPolicy>
            </CustomOriginConfig>
         </Origin>
      </Items>
   </Origins>
   <DefaultCacheBehavior>
      <TargetOriginId>ID of the origin that the default cache behavior 
         applies to</TargetOriginId>
      <ForwardedValues>
         <QueryString>true | false</QueryString>
         <Cookies>
            <Forward>all | whitelist | none</Forward>
            <!-- Required when Forward = whitelist, 
               omitted otherwise. -->
            <WhitelistedNames>
               <Quantity>number of cookie names to 
                  forward to origin</Quantity>
               <Items>
                  <Name>name of a cookie to forward to 
                     the origin</Name>
               </Items>
            </WhitelistedNames>
         </Cookies>
      </ForwardedValues>
      <TrustedSigners>
         <Enabled>true | false</Enabled>
         <Quantity>number of trusted signers</Quantity>
         <!-- Optional. Omit when Quantity = 0. -->
         <Items>
            <AwsAccountNumber>self | AWS account that can create 
               signed URLs</AwsAccountNumber>
         </Items>
      </TrustedSigners>
      <ViewerProtocolPolicy>allow-all | 
         https-only</ViewerProtocolPolicy>
      <MinTTL>minimum TTL in seconds</MinTTL>
   </DefaultCacheBehavior>
   <CacheBehaviors>
      <Quantity>number of cache behaviors</Quantity>
      <!-- Optional. Omit when Quantity = 0. -->
      <Items>
         <CacheBehavior>
            <PathPattern>pattern that specifies files that this 
               cache behavior applies to</PathPattern>
            <TargetOriginId>ID of the origin that this cache behavior 
               applies to</TargetOriginId>
            <ForwardedValues>
               <QueryString>true | false</QueryString>
               <Cookies>
                  <Forward>all | whitelist | none</Forward>
                  <!-- Required when Forward = whitelist, 
                     omitted otherwise. -->
                  <WhitelistedNames>
                     <Quantity>number of cookie names to forward 
                        to origin</Quantity>
                     <Items>
                        <Name>name of a cookie to forward to 
                           the origin</Name>
                     </Items>
                  </WhitelistedNames>
               </Cookies>
            </ForwardedValues>
            <TrustedSigners>
               <Enabled>true | false</Enabled>
               <Quantity>number of trusted signers</Quantity>
               <!-- Optional. Omit when Quantity = 0. -->
               <Items>
                  <AwsAccountNumber>self | AWS account that can create 
                     signed URLs</AwsAccountNumber>
               </Items>
            </TrustedSigners>
            <ViewerProtocolPolicy>allow-all | 
               https-only</ViewerProtocolPolicy>
            <MinTTL>minimum TTL in seconds for files 
               specified by PathPattern</MinTTL>
         </CacheBehavior>
      </Items>
   </CacheBehaviors>
   <Comment>comment about the distribution</Comment>
   <Logging>
      <Enabled>true | false</Enabled>
      <IncludeCookies>true | false</IncludeCookies>
      <Bucket>Amazon S3 bucket to save logs in</Bucket>
      <Prefix>prefix for log filenames</Prefix>
   </Logging>
   <ViewerCertificate>
      <IAMCertificateId>IAM certificate ID</IAMCertificateId> | <CloudFrontDefaultCertificate>true</CloudFrontDefaultCertificate>
   </ViewerCertificate>
   <PriceClass>maximum price class for the distribution</PriceClass>
   <Enabled>true | false</Enabled>
</DistributionConfig>

Elements

The following table describes the child elements in the DistributionConfig datatype. They're presented in the order they appear in the configuration. All values are required except where specified.

Name	Description
`CallerReference`	A unique value (for example, a date-time stamp) that ensures that the request can't be replayed. If the value of `CallerReference` is new (regardless of the content of the `DistributionConfig` object), CloudFront creates a new distribution. If `CallerReference` is a value you already sent in a previous request to create a distribution, and if the content of the `DistributionConfig` is identical to the original request (ignoring white space), CloudFront returns the same the response that it returned to the original request. If `CallerReference` is a value you already sent in a previous request to create a distribution but the content of the `DistributionConfig` is different from the original request, CloudFront returns a `DistributionAlreadyExists` error. Type: String Default: None Constraints: Allowable characters are any Unicode code points that are legal in an XML 1.0 document. The UTF-8 encoding of the value must be less than 128 bytes. Parent: `DistributionConfig`
`Aliases`	A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution. Type: Complex Default: None Children: `Quantity`, `Items` Parent: `DistributionConfig`
`Quantity (Aliases)`	The number of CNAMEs, if any, for this distribution. Type: Integer Default: None Parent: `Aliases`
`Items (Aliases)`	Optional: A complex type that contains `CNAME` elements, if any, for this distribution. If `Quantity` is 0, you can omit `Items`. Type: Complex Default: None Children: `CNAME` Parent: `Aliases`
`CNAME`	A CNAME (alternate domain name) that you want to associate with this distribution. For more information about CNAMEs, go to Using CNAMEs in the Amazon CloudFront Developer Guide. By default, you can create a maximum of 10 CNAMEs per distribution. To request a higher limit, fill out the form at http://aws.amazon.com/cloudfront-request/. When you're creating a distribution, if you don't want to specify any CNAMEs, specify 0 for `Quantity` and omit `Items`. When you're updating a distribution: If you want to delete all CNAMEs, change `Quantity` to 0, and delete `Items`. If you want to add, change, or remove one or more CNAMEs, change the value of `Quantity` and specify all of the CNAMEs that you want to include in the updated distribution. Type: String Default: None Valid Value: A CNAME alias Parent: `Items`
`DefaultRootObject`	The object that you want CloudFront to request from your origin (for example, `index.html`) when a viewer requests the root URL for your distribution (`http://www.example.com`) instead of an object in your distribution (`http://www.example.com/product-description.html`). Specifying a default root object avoids exposing the contents of your distribution. If you don't want to specify a default root object when you create a distribution, include an empty `DefaultRootObject` element. To delete the default root object from an existing distribution, update the distribution configuration and include an empty `DefaultRootObject` element. To replace the default root object, update the distribution configuration and specify the new object. For more information about the default root object, go to Creating a Default Root Object in the Amazon CloudFront Developer Guide. Type: String Default: None Valid Value: The name of the object, for example, `index.html` Constraints: Maximum 255 characters. The name of the object can contain any of the following characters: A-Z, a-z 0-9 _ - . * $ / ~ " ' & (passed and returned as `&`) Parent: `DistributionConfig`
`Origins`	A complex type that contains information about origins for this distribution. Type: Complex Default: None Parent: `DistributionConfig` Child: `Quantity`, `Items`
`Quantity (Origins)`	The number of origins for this distribution. Type: Integer Default: None Parent: `Origins`
`Items (Origins)`	A complex type that contains origins for this distribution. Type: Complex Default: None Children: `Origin` Parent: `Origins`
`Origin`	A complex type that describes the Amazon S3 bucket or the HTTP server (for example, a web server) from which CloudFront gets your files. You must create at least one origin. By default, you can create a maximum of 10 origins. To request a higher limit, fill out the form at http://aws.amazon.com/cloudfront-request/. Type: Complex Default: None Parent: `Items` Children: `Id`, `DomainName`, and either `S3OriginConfig` (when the origin is an Amazon S3 bucket) or `CustomOriginConfig` (when the origin is an HTTP server)
`Id`	A unique identifier for the origin. The value of `Id` must be unique within the distribution. When you specify the value of `TargetOriginId` for the default cache behavior or for another cache behavior, you indicate the origin to which you want the cache behavior to route requests by specifying the value of the `Id` element for that origin. When a request matches the path pattern for that cache behavior, CloudFront routes the request to the specified origin. For more information, see Cache Behavior Settings in the Amazon CloudFront Developer Guide. Type: String Default: None Parent: `Origin`
`DomainName`	Amazon S3 origins: The DNS name of the Amazon S3 bucket from which you want CloudFront to get objects for this origin, for example, `myawsbucket.s3.amazonaws.com`. Constraints for Amazon S3 origins: The bucket name must be between 3 and 63 characters long (inclusive). The bucket name must contain only lowercase characters, numbers, periods, underscores, and dashes. The bucket name must not contain adjacent periods. Custom origins: The DNS domain name for the HTTP server from which you want CloudFront to get objects for this origin, for example, `www.example.com`. Constraints for custom origins: `DomainName` must be a valid DNS name that contains only a-z, A-Z, 0-9, dot (.), hyphen (-), or underscore (_) characters. The name cannot exceed 128 characters. Type: String Default: None Parent: `Origin`
`S3OriginConfig`	A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin, use the `CustomOriginConfig` element instead. Type: Complex Default: None Parent: `Origin` Child: `OriginAccessIdentity`
`OriginAccessIdentity`	The CloudFront origin access identity to associate with the origin. Use an origin access identity to configure the origin so that end users can only access objects in an Amazon S3 bucket through CloudFront. If you want end users to be able to access objects using either the CloudFront URL or the Amazon S3 URL, specify an empty `OriginAccessIdentity` element. To delete the origin access identity from an existing distribution, update the distribution configuration and include an empty `OriginAccessIdentity` element. To replace the origin access identity, update the distribution configuration and specify the new origin access identity. For more information about the origin access identity, go to Serving Private Content through CloudFront in the Amazon CloudFront Developer Guide. For more information about updating the distribution configuration, see PUT Distribution Config. Type: String Default: None Constraints: Must be in format `origin-access-identity/cloudfront/Id` Parent: `S3OriginConfig`
`CustomOriginConfig`	A complex type that contains information about a custom origin. If the origin is an Amazon S3 bucket, use the `S3OriginConfig` element instead. Type: Complex Default: None Constraints: You cannot use `S3OriginConfig` and `CustomOriginConfig` in the same origin. Parent: `Origin` Children: `HTTPPort`, `HTTPSPort`, `OriginProtocolPolicy`
`HTTPPort`	The HTTP port that the custom origin listens on. Type: Integer Default: 80 Valid Values: 80, 443, or 1024-65535 (inclusive) Parent: `CustomOriginConfig`
`HTTPSPort`	The HTTPS port that the custom origin listens on. Type: Integer Default: 443 Valid Values: 80, 443, or 1024-65535 (inclusive) Parent: `CustomOriginConfig`
`OriginProtocolPolicy`	The protocol policy that you want CloudFront to use when fetching objects from your origin server. If you specify `http-only`, CloudFront only uses HTTP to access the origin. If you specify `match-viewer`, CloudFront fetches objects from your origin using HTTP or HTTPS, depending on the protocol of the viewer request. Type: `OriginProtocolPolicy` Valid Values: `http-only` \| `match-viewer` Default: none Parent: `CustomOriginConfig`
`DefaultCacheBehavior`	A complex type that describes the default cache behavior if you do not specify a `CacheBehavior` element or if files don't match any of the values of `PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior. Type: Complex Default: None Parent: `DistributionConfig` Children: `TargetOriginId`, `ForwardedValues`, `TrustedSigners`, `ViewerProtocolPolicy`, `MinTTL`
`CacheBehaviors`	A complex type that contains zero or more `CacheBehavior` elements. Type: Complex Default: None Parent: `DistributionConfig` Child: `Quantity`, `Items`
`Quantity (CacheBehaviors)`	The number of cache behaviors for this distribution. Type: Integer Default: None Parent: `CacheBehaviors`
`Items (CacheBehaviors)`	Optional: A complex type that contains cache behaviors for this distribution. If `Quantity` is 0, you can omit `Items`. Type: Complex Default: None Children: `CacheBehavior` Parent: `CacheBehaviors`
`CacheBehavior`	A complex type that describes how CloudFront processes requests. You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to distribute objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin will never be used. By default, you can create a maximum of nine cache behaviors in addition to the default cache behavior. To request a higher limit, fill out the form at http://aws.amazon.com/cloudfront-request/. If you don't want to specify any cache behaviors, include only an empty `CacheBehaviors` element. Don't include an empty `CacheBehavior` element, or CloudFront returns a `MalformedXML` error. To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty `CacheBehaviors` element. To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution. For more information about cache behaviors, see Cache Behaviors in the Amazon CloudFront Developer Guide. Type: Complex Default: None Parent: `Items` Children: `PathPattern`, `TargetOriginId`, `ForwardedValues`, `TrustedSigners`, `ViewerProtocolPolicy`, `MinTTL`
`PathPattern`	The pattern (for example, `/images/.jpg`) that specifies which requests you want this cache behavior to apply to. When CloudFront receives an end-user request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution. The path pattern for the default cache behavior is `` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior. For more information, see Path Pattern in the Amazon CloudFront Developer Guide. Type: String Constraints: Maximum 255 characters. The name of the object can contain any of the following characters: A-Z, a-z 0-9 _ - . * $ / ~ " ' @ : + * as a character in the string, specified as `\*` &, passed and returned as `&` Default: None Parent: `CacheBehavior`
`TargetOriginId`	The value of `ID` for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior. Type: String Default: None Parent: `DefaultCacheBehavior` or `CacheBehavior`
`ForwardedValues`	A complex type that specifies how CloudFront handles query strings and cookies. Type: Complex Default: None Parent: `DefaultCacheBehavior` or `CacheBehavior` Child: `QueryString`, `Cookies`
`QueryString`	Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior. If so, specify `true`; if not, specify `false`. Type: String Default: None Valid Values: `true` \| `false` Parent: `ForwardedValues`
`Cookies`	A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, go to How CloudFront Forwards, Caches, and Logs Cookies in the Amazon CloudFront Developer Guide. Type: Complex Default: None Parent: `ForwardedValues` Child: `Forward`, `WhitelistedNames`
`Forward`	Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the `WhitelistedNames` complex type. Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify `none` for the `Forward` element. Type: String Valid Values: `all` \| `whitelist` \| `none` Default: no default Parent: `Cookies`
`WhitelistedNames`	Required if you specify `whitelist` for the value of `Forward`: A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies. If you specify `all` or `none` for the value of `Forward`, omit `WhitelistedNames`. If you change the value of `Forward` from `whitelist` to `all` or `none` and you don't delete the `WhitelistedNames` element and its child elements, CloudFront deletes them automatically. By default, you can whitelist a maximum of 10 cookie names per distribution. (If you specify `all` for the value of the `Forward` element, CloudFront forwards all cookies regardless of how many your application uses.) To request a higher limit, fill out the form at http://aws.amazon.com/cloudfront-request/. Type: Complex Default: None Parent: `Cookies` Child: `Quantity`, `Items`
`Quantity (WhitelistedNames)`	The number of different cookies that you want CloudFront to forward to the origin for this cache behavior. Type: Integer Default: None Parent: `WhitelistedNames`
`Items (WhitelistedNames)`	A complex type that contains one `Name` element for each cookie that you want CloudFront to forward to the origin for this cache behavior. Type: Complex Default: None Children: `Name` Parent: `WhitelistedNames`
`Name`	The name of a cookie that you want CloudFront to forward to the origin for this cache behavior. Type: String Default: None Parent: `Items`
`TrustedSigners`	A complex type that specifies the AWS accounts, if any, that you want to allow to create signed URLs for private content. If you want to require signed URLs in requests for objects in the target origin that match the `PathPattern` for this cache behavior, specify `true` for `Enabled`, and specify the applicable values for `Quantity` and `Items`. For more information, go to Serving Private Content through CloudFront in the Amazon CloudFront Developer Guide. If you don't want to require signed URLs in requests for objects that match `PathPattern`, specify `false` for `Enabled` and `0` for `Quantity.` Omit `Items`. To add, change, or remove one or more trusted signers, change `Enabled` to `true` (if it's currently `false`), change `Quantity` as applicable, and specify all of the trusted signers that you want to include in the updated distribution. For more information about updating the distribution configuration, see PUT Distribution Config. Type: Complex type Default: None Parent: `DefaultCacheBehavior` or `CacheBehavior` Children: `Enabled`, `Quantity`, `Items`
`Enabled (Trusted Signers)`	Specifies whether you want to require end users to use signed URLs to access the files specified by `PathPattern` and `TargetOriginId`. Type: String Default: None Valid Values: `true` \| `false` Parent: `TrustedSigners`
`Quantity (TrustedSigners)`	The number of trusted signers for this cache behavior. Type: Integer Default: None Parent: `TrustedSigners`
`Items (TrustedSigners)`	Optional: A complex type that contains trusted signers for this cache behavior. If `Quantity` is 0, you can omit `Items`. Type: Complex Default: None Children: `Origin` Parent: `TrustedSigners`
`AwsAccountNumber`	Specifies an AWS account that can create signed URLs. Valid values include: `self`, which indicates that the AWS account that was used to create the distribution can created signed URLs. An AWS account number. Omit the dashes in the account number. You can specify up to five accounts (including `self`) per cache behavior in separate `AwsAccountNumber` elements. For more information, see the `TrustedSigners` element. Type: String Default: None Parent: `Items`
`ViewerProtocolPolicy`	Use this element to specify the protocol that users can use to access the files in the origin specified by `TargetOriginId` when a request matches the path pattern in `PathPattern`. If you want CloudFront to allow end users to use any available protocol, specify `allow-all`. If you want CloudFront to require HTTPS, specify `https`. For more information about requiring the HTTPS protocol, go to Creating Secure HTTPS Connections in the Amazon CloudFront Developer Guide. Type: String Default: None Valid Values: `allow-all` or `https` Parent: `DefaultCacheBehavior` or `CacheBehavior` Caution The only way to guarantee that your end users retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see Specifying How Long Objects Stay in a CloudFront Edge Cache (Object Expiration) in the Amazon CloudFront Developer Guide.
`MinTTL`	The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated. For more information, see Specifying How Long Objects Stay in a CloudFront Edge Cache (Object Expiration) in the Amazon CloudFront Developer Guide. Type: Long Default: 0 Valid Values: 0 to ~3,153,600,000 (100 years) Parent: `DefaultCacheBehavior` or `CacheBehavior`
`Comment`	Any comments you want to include about the distribution. If you don't want to specify a comment, include an empty `Comment` element. To delete an existing comment, update the distribution configuration and include an empty `Comment` element. To add or change a comment, update the distribution configuration and specify the new comment. For more information about updating the distribution configuration, see PUT Distribution Config. Type: String Default: None Constraints: Maximum 128 characters Parent: `DistributionConfig`
`Logging`	A complex type that controls whether access logs are written for the distribution. For more information about logging, go to Access Logs in the Amazon CloudFront Developer Guide. Type: Complex type Default: None Parent: `DistributionConfig` Children: `Bucket`, `Prefix`
`Enabled (Logging)`	Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you do not want to enable logging when you create a distribution or if you want to disable logging for an existing distribution, specify `false` for `Enabled`, and specify empty `Bucket` and `Prefix` elements. If you specify `false` for `Enabled` but you specify values for `Bucket` and `Prefix`, the values are automatically deleted. Type: String Default: None Valid Values: `true` \| `false` Parent: `Logging`
`IncludeCookies`	If you want CloudFront to include cookies in access logs, specify `true`. If you choose to include cookies in logs, CloudFront logs all cookies regardless of whether you configure the distribution to forward all cookies, no cookies, or a specified list of cookies to the origin. For more information about forwarding cookies, see the Cookies complex type earlier in this topic. Type: String Default: None Valid Values: `true` \| `false` Parent: `Logging`
`Bucket`	The Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com`. For more information, see the `Enabled` (Logging) element. Type: String Default: None Constraints: Maximum 128 characters Parent: `Logging`
`Prefix`	An optional string that you want CloudFront to prefix to the access log filenames for this distribution, for example, `myprefix/`. If you want to enable logging, but you do not want to specify a prefix, you still must include an empty `Prefix` element in the `Logging` element. For more information, see the `Logging` element. Type: String Default: None Constraints: Maximum 256 characters; the string must not start with a slash ( / ). Parent: `Logging`
`ViewerCertificate`	A complex type that specifies which certificate to use when viewers request objects using HTTPS: A custom certificate that you have uploaded to the IAM certificate store, which you use when the URLs for your objects include an alternate domain name, for example, `https://www.example.com/image.jpg`. The default CloudFront certificate, which you use when the URLs for your objects include the CloudFront domain name, for example, `https://d111111abcdef8.cloudfront.net/image.jpg`. For more information, go to Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide. Type: Complex type Default: None Parent: `DistributionConfig` Children: `IAMCertificateId`, `CloudFrontDefaultCertificate`
`IAMCertificateId / CloudFrontDefaultCertificate`	If you want viewers to use HTTPS to request your objects and you want the URL for your objects to use: An alternate domain name such as example.com: Specify `<IAMCertificateId>IAM certificate ID</IAMCertificateId>` where `IAM certificate ID` is the ID that IAM returned when you added the certificate to the IAM certificate store. The CloudFront domain name, for example, d111111abcdef8.cloudfront.net: Specify `<CloudFrontDefaultCertificate>true</CloudFrontDefaultCertificate>`. Specify only one value or the other, not both. Do not specify `false` for `CloudFrontDefaultCertificate`. In addition, you must also specify the following values: `<ViewerProtocolPolicy>https-only</ViewerProtocolPolicy>` `<OriginProtocolPolicy>match-viewer</OriginProtocolPolicy>` For more information, go to Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide. Type: `IAMCertificateId`: String `CloudFrontDefaultCertificate`: Boolean Default: None Parent: `ViewerCertificate`
`PriceClass`	The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify `PriceClass_All`, CloudFront responds to requests for your objects from all CloudFront edge locations. If you specify a price class other than `PriceClass_All`, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance. For more information about price classes, go to Choosing the Price Class for a CloudFront Distribution in the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including how price classes map to CloudFront regions, go to Amazon CloudFront Pricing. Type: String Default: None Valid Values: `PriceClass_All`: Requests are routed to all CloudFront edge locations based entirely on latency. `PriceClass_200`: Requests are routed to more edge locations than with `PriceClass_100` but not to all edge locations. `PriceClass_100`: Requests are routed to edge locations in the least-expensive CloudFront regions. Parent: `DistributionConfig`
`Enabled (DistributionConfig)`	Whether the distribution is enabled to accept end user requests for content. Type: String Default: None Valid Values: `true` \| `false` Parent: `DistributionConfig`

Example

Example of a distribution configuration with Amazon S3 and custom origins

The following example configuration is for a distribution that has both an Amazon S3 origin and a custom origin.

<DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2013-05-12/">
   <CallerReference>example.com2012-04-11-5:09pm</CallerReference>
   <Aliases>
      <Quantity>1</Quantity>
      <Items>
         <CNAME>www.example.com</CNAME>
      </Items>
   </Aliases>
   <DefaultRootObject>index.html</DefaultRootObject>
   <Origins>
      <Quantity>2</Quantity>
      <Items>
         <Origin>
            <Id>example-Amazon S3-origin</Id>
            <DomainName>myawsbucket.s3.amazonaws.com</DomainName>
            <S3OriginConfig>
               <OriginAccessIdentity>origin-access-identity/cloudfront/E74FTE3AEXAMPLE</OriginAccessIdentity>
            </S3OriginConfig>
         </Origin>
         <Origin>
            <Id>example-custom-origin</Id>
            <DomainName>example.com</DomainName>
            <CustomOriginConfig>
               <HTTPPort>80</HTTPPort>
               <HTTPSPort>443</HTTPSPort>
               <OriginProtocolPolicy>match-viewer</OriginProtocolPolicy>
            </CustomOriginConfig>
         </Origin>
      </Items>
   </Origins>
   <DefaultCacheBehavior>
      <TargetOriginId>example-Amazon S3-origin</TargetOriginId>
      <ForwardedValues>
         <QueryString>true</QueryString>
         <Cookies>
            <Forward>whitelist</Forward>
            <WhitelistedNames>
               <Quantity>1</Quantity>
               <Items>
                  <Name>example-cookie</Name>
               </Items>
            </WhitelistedNames>
         </Cookies>
      </ForwardedValues>
      <TrustedSigners>
         <Enabled>true</Enabled>
         <Quantity>3</Quantity>
         <Items>
            <AwsAccountNumber>self</AwsAccountNumber>
            <AwsAccountNumber>111122223333</AwsAccountNumber>
            <AwsAccountNumber>444455556666</AwsAccountNumber>
         </Items>
      </TrustedSigners>
      <ViewerProtocolPolicy>https-only</ViewerProtocolPolicy>
      <MinTTL>0</MinTTL>
   </DefaultCacheBehavior>
   <CacheBehaviors>
      <Quantity>1</Quantity>
      <Items>
         <CacheBehavior>
            <PathPattern>*.jpg</PathPattern>
            <TargetOriginId>example-custom-origin</TargetOriginId>
            <ForwardedValues>
               <QueryString>false</QueryString>
               <Cookies>
                  <Forward>all</Forward>
               </Cookies>
            </ForwardedValues>
            <TrustedSigners>
               <Enabled>true</Enabled>
               <Quantity>2</Quantity>
               <Items>
                  <AwsAccountNumber>self</AwsAccountNumber>
                  <AwsAccountNumber>111122223333</AwsAccountNumber>
               </Items>
            </TrustedSigners>
            <ViewerProtocolPolicy>allow-all</ViewerProtocolPolicy>
            <MinTTL>86400</MinTTL>
         </CacheBehavior>
      </Items>
   </CacheBehaviors>
   <Comment>example comment</Comment>
   <Logging>
      <Enabled>true</Enabled>
      <IncludeCookies>true</IncludeCookies>
      <Bucket>myawslogbucket.s3.amazonaws.com</Bucket>
      <Prefix>example.com.</Prefix>
   </Logging>
   <ViewerCertificate>
      <IAMCertificateId>AS1A2M3P4L5E67SIIXR3J</IAMCertificateId>
   </ViewerCertificate>
   <PriceClass>PriceClass_All</PriceClass>
   <Enabled>true</Enabled>
</DistributionConfig>

Example of a distribution that includes no optional elements

The following example configuration is for a distribution for which all optional elements have been omitted.

<DistributionConfig xmlns="http://cloudfront.amazonaws.com/doc/2013-05-12/">
   <CallerReference>example.com2012-04-11-5:09pm</CallerReference>
   <Aliases>
      <Quantity>0</Quantity>
   </Aliases>
   <DefaultRootObject/>
   <Origins>
      <Quantity>1</Quantity>
      <Items>
         <Origin>
            <Id>example-Amazon-S3-origin</Id>
            <DomainName>myawsbucket.s3.amazonaws.com</DomainName>
            <S3OriginConfig/>
         </Origin>
      </Items>
   </Origins>
   <DefaultCacheBehavior>
      <TargetOriginId>example-Amazon-S3-origin</TargetOriginId>
      <ForwardedValues>
         <QueryString>true</QueryString>
         <Cookies>
            <Forward>none</Forward>
         </Cookies>
      </ForwardedValues>
      <TrustedSigners>
         <Enabled>false</Enabled>
         <Quantity>0</Quantity>
      </TrustedSigners>
      <ViewerProtocolPolicy>allow-all</ViewerProtocolPolicy>
      <MinTTL>3600</MinTTL>
   </DefaultCacheBehavior>
   <CacheBehaviors>
      <Quantity>0</Quantity>
   </CacheBehaviors>
   <Comment/>
   <Logging>
         <Enabled>false</Enabled>
         <IncludeCookies>true</IncludeCookies>
         <Bucket/>
         <Prefix/>
   </Logging>
   <PriceClass>PriceClass_All</PriceClass>
   <Enabled>true</Enabled>
</DistributionConfig>

Document Conventions	« Previous Next »
Terms of Use	Did this page help you? Yes \| No \| Tell us about it...