AWS Tools for Windows PowerShell
Command Reference

AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.

Synopsis

Calls the Amazon CloudFront UpdateDistribution API operation.

Syntax

Update-CFDistribution
-Id <String>
-IfMatch <String>
-ViewerCertificate_ACMCertificateArn <String>
-Logging_Bucket <String>
-DistributionConfig_CallerReference <String>
-ViewerCertificate_Certificate <String>
-ViewerCertificate_CertificateSource <CertificateSource>
-ViewerCertificate_CloudFrontDefaultCertificate <Boolean>
-DistributionConfig_Comment <String>
-DefaultCacheBehavior_Compress <Boolean>
-DistributionConfig_DefaultRootObject <String>
-DefaultCacheBehavior_DefaultTTL <Int64>
-TrustedSigners_Enabled <Boolean>
-DistributionConfig_Enabled <Boolean>
-Logging_Enabled <Boolean>
-Cookies_Forward <ItemSelection>
-DistributionConfig_HttpVersion <HttpVersion>
-ViewerCertificate_IAMCertificateId <String>
-Logging_IncludeCookie <Boolean>
-DistributionConfig_IsIPV6Enabled <Boolean>
-Aliases_Item <String[]>
-CacheBehaviors_Item <CacheBehavior[]>
-CustomErrorResponses_Item <CustomErrorResponse[]>
-CachedMethods_Item <String[]>
-AllowedMethods_Item <String[]>
-WhitelistedNames_Item <String[]>
-Headers_Item <String[]>
-QueryStringCacheKeys_Item <String[]>
-LambdaFunctionAssociations_Item <LambdaFunctionAssociation[]>
-TrustedSigners_Item <String[]>
-Origins_Item <Origin[]>
-GeoRestriction_Item <String[]>
-DefaultCacheBehavior_MaxTTL <Int64>
-ViewerCertificate_MinimumProtocolVersion <MinimumProtocolVersion>
-DefaultCacheBehavior_MinTTL <Int64>
-Logging_Prefix <String>
-DistributionConfig_PriceClass <PriceClass>
-Aliases_Quantity <Int32>
-CacheBehaviors_Quantity <Int32>
-CustomErrorResponses_Quantity <Int32>
-CachedMethods_Quantity <Int32>
-AllowedMethods_Quantity <Int32>
-WhitelistedNames_Quantity <Int32>
-Headers_Quantity <Int32>
-QueryStringCacheKeys_Quantity <Int32>
-LambdaFunctionAssociations_Quantity <Int32>
-TrustedSigners_Quantity <Int32>
-Origins_Quantity <Int32>
-GeoRestriction_Quantity <Int32>
-ForwardedValues_QueryString <Boolean>
-GeoRestriction_RestrictionType <GeoRestrictionType>
-DefaultCacheBehavior_SmoothStreaming <Boolean>
-ViewerCertificate_SSLSupportMethod <SSLSupportMethod>
-DefaultCacheBehavior_TargetOriginId <String>
-DefaultCacheBehavior_ViewerProtocolPolicy <ViewerProtocolPolicy>
-DistributionConfig_WebACLId <String>
-Force <SwitchParameter>

Description

Updates the configuration for a web distribution. Perform the following steps. For information about updating a distribution using the CloudFront console, see Creating or Updating a Web Distribution Using the CloudFront Console in the Amazon CloudFront Developer Guide. To update a web distribution using the CloudFront API
  1. Submit a GetDistributionConfig request to get the current configuration and an Etag header for the distribution. If you update the distribution again, you need to get a new Etag header.
  2. Update the XML document that was returned in the response to your GetDistributionConfig request to include the desired changes. You can't change the value of CallerReference. If you try to change this value, CloudFront returns an IllegalUpdate error. The new configuration replaces the existing configuration; the values that you specify in an UpdateDistribution request are not merged into the existing configuration. When you add, delete, or replace values in an element that allows multiple values (for example, CNAME), you must specify all of the values that you want to appear in the updated distribution. In addition, you must update the corresponding Quantity element.
  3. Submit an UpdateDistribution request to update the configuration for your distribution:
    • In the request body, include the XML document that you updated in Step 2. The request body must include an XML document with a DistributionConfig element.
    • Set the value of the HTTP If-Match header to the value of the ETag header that CloudFront returned when you submitted the GetDistributionConfig request in Step 1.
  4. Review the response to the UpdateDistribution request to confirm that the configuration was successfully updated.
  5. Optional: Submit a GetDistribution request to confirm that your changes have propagated. When propagation is complete, the value of Status is Deployed. Beginning with the 2012-05-05 version of the CloudFront API, we made substantial changes to the format of the XML document that you include in the request body when you create or update a distribution. With previous versions of the API, we discovered that it was too easy to accidentally delete one or more values for an element that accepts multiple values, for example, CNAMEs and trusted signers. Our changes for the 2012-05-05 release are intended to prevent these accidental deletions and to notify you when there's a mismatch between the number of values you say you're specifying in the Quantity element and the number of values you're actually specifying.

Parameters

-Aliases_Item <String[]>
A complex type that contains the CNAME aliases, if any, that you want to associate with this distribution.
Required?False
Position?Named
Accept pipeline input?False
-Aliases_Quantity <Int32>
The number of CNAME aliases, if any, that you want to associate with this distribution.
Required?False
Position?Named
Accept pipeline input?False
-AllowedMethods_Item <String[]>
A complex type that contains the HTTP methods that you want CloudFront to process and forward to your origin.
Required?False
Position?Named
Accept pipeline input?False
-AllowedMethods_Quantity <Int32>
The number of HTTP methods that you want CloudFront to forward to your origin. Valid values are 2 (for GET and HEAD requests), 3 (for GET, HEAD, and OPTIONS requests) and 7 (for GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE requests).
Required?False
Position?Named
Accept pipeline input?False
-CacheBehaviors_Item <CacheBehavior[]>
Optional: A complex type that contains cache behaviors for this distribution. If Quantity is 0, you can omit Items.
Required?False
Position?Named
Accept pipeline input?False
-CacheBehaviors_Quantity <Int32>
The number of cache behaviors for this distribution.
Required?False
Position?Named
Accept pipeline input?False
-CachedMethods_Item <String[]>
A complex type that contains the HTTP methods that you want CloudFront to cache responses to.
Required?False
Position?Named
Accept pipeline input?False
-CachedMethods_Quantity <Int32>
The number of HTTP methods for which you want CloudFront to cache responses. Valid values are 2 (for caching responses to GET and HEAD requests) and 3 (for caching responses to GET, HEAD, and OPTIONS requests).
Required?False
Position?Named
Accept pipeline input?False
-Cookies_Forward <ItemSelection>
Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the WhitelistedNames complex type.Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the Forward element.
Required?False
Position?Named
Accept pipeline input?False
-CustomErrorResponses_Item <CustomErrorResponse[]>
A complex type that contains a CustomErrorResponse element for each HTTP status code for which you want to specify a custom error page and/or a caching duration.
Required?False
Position?Named
Accept pipeline input?False
-CustomErrorResponses_Quantity <Int32>
The number of HTTP status codes for which you want to specify a custom error page and/or a caching duration. If Quantity is 0, you can omit Items.
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_Compress <Boolean>
Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see Serving Compressed Files in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_DefaultTTL <Int64>
The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Specifying How Long Objects and Errors Stay in a CloudFront Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_MaxTTL <Int64>
Documentation for this parameter is not currently available; please refer to the service API documentation.
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_MinTTL <Int64>
The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see Specifying How Long Objects and Errors Stay in a CloudFront Edge Cache (Expiration) in the Amazon Amazon CloudFront Developer Guide.You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin (under Headers, if you specify 1 for Quantity and * for Name).
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_SmoothStreaming <Boolean>
Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify true; if not, specify false. If you specify true for SmoothStreaming, you can still distribute other content using this cache behavior if the content matches the value of PathPattern.
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_TargetOriginId <String>
The value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
Required?False
Position?Named
Accept pipeline input?False
-DefaultCacheBehavior_ViewerProtocolPolicy <ViewerProtocolPolicy>
The protocol that viewers can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. You can specify the following options:
  • allow-all: Viewers can use HTTP or HTTPS.
  • redirect-to-https: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.
  • https-only: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).
For more information about requiring the HTTPS protocol, see Using an HTTPS Connection to Access Your Objects in the Amazon CloudFront Developer Guide.The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects' cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see Specifying How Long Objects and Errors Stay in a CloudFront Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_CallerReference <String>
A unique value (for example, a date-time stamp) that ensures that the request can't be replayed.If the value of CallerReference is new (regardless of the content of the DistributionConfig object), CloudFront creates a new distribution.If CallerReference is a value you already sent in a previous request to create a distribution, and if the content of the DistributionConfig is identical to the original request (ignoring white space), CloudFront returns the same the response that it returned to the original request.If CallerReference is a value you already sent in a previous request to create a distribution but the content of the DistributionConfig is different from the original request, CloudFront returns a DistributionAlreadyExists error.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_Comment <String>
Any comments you want to include about the distribution.If you don't want to specify a comment, include an empty Comment element.To delete an existing comment, update the distribution configuration and include an empty Comment element.To add or change a comment, update the distribution configuration and specify the new comment.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_DefaultRootObject <String>
The object that you want CloudFront to request from your origin (for example, index.html) when a viewer requests the root URL for your distribution (http://www.example.com) instead of an object in your distribution (http://www.example.com/product-description.html). Specifying a default root object avoids exposing the contents of your distribution.Specify only the object name, for example, index.html. Don't add a / before the object name.If you don't want to specify a default root object when you create a distribution, include an empty DefaultRootObject element.To delete the default root object from an existing distribution, update the distribution configuration and include an empty DefaultRootObject element.To replace the default root object, update the distribution configuration and specify the new object.For more information about the default root object, see Creating a Default Root Object in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_Enabled <Boolean>
From this field, you can enable or disable the selected distribution.If you specify false for Enabled but you specify values for Bucket and Prefix, the values are automatically deleted.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_HttpVersion <HttpVersion>
(Optional) Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront. The default value for new web distributions is http2. Viewers that don't support HTTP/2 automatically use an earlier HTTP version.For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must support Server Name Identification (SNI).In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. You can improve performance by optimizing for HTTP/2. For more information, do an Internet search for "http/2 optimization."
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_IsIPV6Enabled <Boolean>
If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify true. If you specify false, CloudFront responds to IPv6 DNS requests with the DNS response code NOERROR and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution. In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the IpAddress parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see Creating a Signed URL Using a Custom Policy in the Amazon CloudFront Developer Guide.If you're using an Amazon Route 53 alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:
  • You enable IPv6 for the distribution
  • You're using alternate domain names in the URLs for your objects
For more information, see Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name in the Amazon Route 53 Developer Guide.If you created a CNAME resource record set, either with Amazon Route 53 or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_PriceClass <PriceClass>
The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify PriceClass_All, CloudFront responds to requests for your objects from all CloudFront edge locations.If you specify a price class other than PriceClass_All, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.For more information about price classes, see Choosing the Price Class for a CloudFront Distribution in the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including how price classes map to CloudFront regions, see Amazon CloudFront Pricing.
Required?False
Position?Named
Accept pipeline input?False
-DistributionConfig_WebACLId <String>
A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF, see the AWS WAF Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-Force <SwitchParameter>
This parameter overrides confirmation prompts to force the cmdlet to continue its operation. This parameter should always be used with caution.
Required?False
Position?Named
Accept pipeline input?False
-ForwardedValues_QueryString <Boolean>
Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior and cache based on the query string parameters. CloudFront behavior depends on the value of QueryString and on the values that you specify for QueryStringCacheKeys, if any:If you specify true for QueryString and you don't specify any values for QueryStringCacheKeys, CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.If you specify true for QueryString and you specify one or more values for QueryStringCacheKeys, CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.If you specify false for QueryString, CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.For more information, see Configuring CloudFront to Cache Based on Query String Parameters in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-GeoRestriction_Item <String[]>
A complex type that contains a Location element for each country in which you want CloudFront either to distribute your content (whitelist) or not distribute your content (blacklist).The Location element is a two-letter, uppercase country code for a country that you want to include in your blacklist or whitelist. Include one Location element for each country.CloudFront and MaxMind both use ISO 3166 country codes. For the current list of countries and the corresponding codes, see ISO 3166-1-alpha-2 code on the International Organization for Standardization website. You can also refer to the country list on the CloudFront console, which includes both country names and codes.
Required?False
Position?Named
Accept pipeline input?False
-GeoRestriction_Quantity <Int32>
When geo restriction is enabled, this is the number of countries in your whitelist or blacklist. Otherwise, when it is not enabled, Quantity is 0, and you can omit Items.
Required?False
Position?Named
Accept pipeline input?False
-GeoRestriction_RestrictionType <GeoRestrictionType>
The method that you want to use to restrict distribution of your content by country:
  • none: No geo restriction is enabled, meaning access to content is not restricted by client geo location.
  • blacklist: The Location elements specify the countries in which you don't want CloudFront to distribute your content.
  • whitelist: The Location elements specify the countries in which you want CloudFront to distribute your content.
Required?False
Position?Named
Accept pipeline input?False
-Headers_Item <String[]>
A list that contains one Name element for each header that you want CloudFront to use for caching in this cache behavior. If Quantity is 0, omit Items.
Required?False
Position?Named
Accept pipeline input?False
-Headers_Quantity <Int32>
The number of different headers that you want CloudFront to base caching on for this cache behavior. You can configure each cache behavior in a web distribution to do one of the following:
  • Forward all headers to your origin: Specify 1 for Quantity and * for Name.CloudFront doesn't cache the objects that are associated with this cache behavior. Instead, CloudFront sends every request to the origin.
  • Forward a whitelist of headers you specify: Specify the number of headers that you want CloudFront to base caching on. Then specify the header names in Name elements. CloudFront caches your objects based on the values in the specified headers.
  • Forward only the default headers: Specify 0 for Quantity and omit Items. In this configuration, CloudFront doesn't cache based on the values in the request headers.
Regardless of which option you choose, CloudFront forwards headers to your origin based on whether the origin is an S3 bucket or a custom origin. See the following documentation:
Required?False
Position?Named
Accept pipeline input?False
-Id <String>
The distribution's id.
Required?False
Position?1
Accept pipeline input?True (ByValue, ByPropertyName)
-IfMatch <String>
The value of the ETag header that you received when retrieving the distribution's configuration. For example: E2QWRUHAPOMQZL.
Required?False
Position?2
Accept pipeline input?False
-LambdaFunctionAssociations_Item <LambdaFunctionAssociation[]>
Optional: A complex type that contains LambdaFunctionAssociation items for this cache behavior. If Quantity is 0, you can omit Items.
Required?False
Position?Named
Accept pipeline input?False
-LambdaFunctionAssociations_Quantity <Int32>
The number of Lambda function associations for this cache behavior.
Required?False
Position?Named
Accept pipeline input?False
-Logging_Bucket <String>
The Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
Required?False
Position?Named
Accept pipeline input?False
-Logging_Enabled <Boolean>
Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket. If you don't want to enable logging when you create a distribution or if you want to disable logging for an existing distribution, specify false for Enabled, and specify empty Bucket and Prefix elements. If you specify false for Enabled but you specify values for Bucket, prefix, and IncludeCookies, the values are automatically deleted.
Required?False
Position?Named
Accept pipeline input?False
-Logging_IncludeCookie <Boolean>
Specifies whether you want CloudFront to include cookies in access logs, specify true for IncludeCookies. If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify false for IncludeCookies.
Required?False
Position?Named
Accept pipeline input?False
-Logging_Prefix <String>
An optional string that you want CloudFront to prefix to the access log filenames for this distribution, for example, myprefix/. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty Prefix element in the Logging element.
Required?False
Position?Named
Accept pipeline input?False
-Origins_Item <Origin[]>
A complex type that contains origins for this distribution.
Required?False
Position?Named
Accept pipeline input?False
-Origins_Quantity <Int32>
The number of origins for this distribution.
Required?False
Position?Named
Accept pipeline input?False
-QueryStringCacheKeys_Item <String[]>
(Optional) A list that contains the query string parameters that you want CloudFront to use as a basis for caching for this cache behavior. If Quantity is 0, you can omit Items.
Required?False
Position?Named
Accept pipeline input?False
-QueryStringCacheKeys_Quantity <Int32>
The number of whitelisted query string parameters for this cache behavior.
Required?False
Position?Named
Accept pipeline input?False
-TrustedSigners_Enabled <Boolean>
Specifies whether you want to require viewers to use signed URLs to access the files specified by PathPattern and TargetOriginId.
Required?False
Position?Named
Accept pipeline input?False
-TrustedSigners_Item <String[]>
Optional: A complex type that contains trusted signers for this cache behavior. If Quantity is 0, you can omit Items.
Required?False
Position?Named
Accept pipeline input?False
-TrustedSigners_Quantity <Int32>
The number of trusted signers for this cache behavior.
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_ACMCertificateArn <String>
For information about how and when to use ACMCertificateArn, see ViewerCertificate.
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_Certificate <String>
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_CertificateSource <CertificateSource>
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_CloudFrontDefaultCertificate <Boolean>
For information about how and when to use CloudFrontDefaultCertificate, see ViewerCertificate.
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_IAMCertificateId <String>
For information about how and when to use IAMCertificateId, see ViewerCertificate.
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_MinimumProtocolVersion <MinimumProtocolVersion>
Specify the security policy that you want CloudFront to use for HTTPS connections. A security policy determines two settings:
  • The minimum SSL/TLS protocol that CloudFront uses to communicate with viewers
  • The cipher that CloudFront uses to encrypt the content that it returns to viewers
On the CloudFront console, this setting is called Security policy.We recommend that you specify TLSv1.1_2016 unless your users are using browsers or devices that do not support TLSv1.1 or later.When both of the following are true, you must specify TLSv1 or later for the security policy:
  • You're using a custom certificate: you specified a value for ACMCertificateArn or for IAMCertificateId
  • You're using SNI: you specified sni-only for SSLSupportMethod
If you specify true for CloudFrontDefaultCertificate, CloudFront automatically sets the security policy to TLSv1 regardless of the value that you specify for MinimumProtocolVersion.For information about the relationship between the security policy that you choose and the protocols and ciphers that CloudFront uses to communicate with viewers, see Supported SSL/TLS Protocols and Ciphers for Communication Between Viewers and CloudFront in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-ViewerCertificate_SSLSupportMethod <SSLSupportMethod>
If you specify a value for ViewerCertificate$ACMCertificateArn or for ViewerCertificate$IAMCertificateId, you must also specify how you want CloudFront to serve HTTPS requests: using a method that works for all clients or one that works for most clients:
  • vip: CloudFront uses dedicated IP addresses for your content and can respond to HTTPS requests from any viewer. However, you will incur additional monthly charges.
  • sni-only: CloudFront can respond to HTTPS requests from viewers that support Server Name Indication (SNI). All modern browsers support SNI, but some browsers still in use don't support SNI. If some of your users' browsers don't support SNI, we recommend that you do one of the following:
    • Use the vip option (dedicated IP addresses) instead of sni-only.
    • Use the CloudFront SSL/TLS certificate instead of a custom certificate. This requires that you use the CloudFront domain name of your distribution in the URLs for your objects, for example, https://d111111abcdef8.cloudfront.net/logo.png.
    • If you can control which browser your users use, upgrade the browser to one that supports SNI.
    • Use HTTP instead of HTTPS.
Don't specify a value for SSLSupportMethod if you specified <CloudFrontDefaultCertificate>true<CloudFrontDefaultCertificate>.For more information, see Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.
Required?False
Position?Named
Accept pipeline input?False
-WhitelistedNames_Item <String[]>
A complex type that contains one Name element for each cookie that you want CloudFront to forward to the origin for this cache behavior.
Required?False
Position?Named
Accept pipeline input?False
-WhitelistedNames_Quantity <Int32>
The number of different cookies that you want CloudFront to forward to the origin for this cache behavior.
Required?False
Position?Named
Accept pipeline input?False

Common Credential and Region Parameters

-AccessKey <String>
The AWS access key for the user account. This can be a temporary access key if the corresponding session token is supplied to the -SessionToken parameter.
Required? False
Position? Named
Accept pipeline input? False
-Credential <AWSCredentials>
An AWSCredentials object instance containing access and secret key information, and optionally a token for session-based credentials.
Required? False
Position? Named
Accept pipeline input? False
-ProfileLocation <String>

Used to specify the name and location of the ini-format credential file (shared with the AWS CLI and other AWS SDKs)

If this optional parameter is omitted this cmdlet will search the encrypted credential file used by the AWS SDK for .NET and AWS Toolkit for Visual Studio first. If the profile is not found then the cmdlet will search in the ini-format credential file at the default location: (user's home directory)\.aws\credentials. Note that the encrypted credential file is not supported on all platforms. It will be skipped when searching for profiles on Windows Nano Server, Mac, and Linux platforms.

If this parameter is specified then this cmdlet will only search the ini-format credential file at the location given.

As the current folder can vary in a shell or during script execution it is advised that you use specify a fully qualified path instead of a relative path.

Required? False
Position? Named
Accept pipeline input? False
-ProfileName <String>
The user-defined name of an AWS credentials or SAML-based role profile containing credential information. The profile is expected to be found in the secure credential file shared with the AWS SDK for .NET and AWS Toolkit for Visual Studio. You can also specify the name of a profile stored in the .ini-format credential file used with the AWS CLI and other AWS SDKs.
Required? False
Position? Named
Accept pipeline input? False
-NetworkCredential <PSCredential>
Used with SAML-based authentication when ProfileName references a SAML role profile. Contains the network credentials to be supplied during authentication with the configured identity provider's endpoint. This parameter is not required if the user's default network identity can or should be used during authentication.
Required? False
Position? Named
Accept pipeline input? False
-SecretKey <String>
The AWS secret key for the user account. This can be a temporary secret key if the corresponding session token is supplied to the -SessionToken parameter.
Required? False
Position? Named
Accept pipeline input? False
-SessionToken <String>
The session token if the access and secret keys are temporary session-based credentials.
Required? False
Position? Named
Accept pipeline input? False
-Region <String>
The system name of the AWS region in which the operation should be invoked. For example, us-east-1, eu-west-1 etc.
Required? False
Position? Named
Accept pipeline input? False
-EndpointUrl <String>

The endpoint to make the call against.

Note: This parameter is primarily for internal AWS use and is not required/should not be specified for normal usage. The cmdlets normally determine which endpoint to call based on the region specified to the -Region parameter or set as default in the shell (via Set-DefaultAWSRegion). Only specify this parameter if you must direct the call to a specific custom endpoint.

Required? False
Position? Named
Accept pipeline input? False

Inputs

You can pipe a String object to this cmdlet for the Id parameter.

Outputs

This cmdlet returns a Distribution object. The service call response (type Amazon.CloudFront.Model.UpdateDistributionResponse) can also be referenced from properties attached to the cmdlet entry in the $AWSHistory stack. Additionally, the following properties are added as Note properties to the service response type instance for the cmdlet entry in the $AWSHistory stack: ETag (type System.String)

Supported Version

AWS Tools for PowerShell: 2.x.y.z