Class CloudFrontException

Access denied.

Invalidation batch specified is too large.

The CNAME specified is already defined for CloudFront.

A cache policy with this name already exists. You must provide a unique name. To modify an existing cache policy, use UpdateCachePolicy.

Cannot delete the cache policy because it is attached to one or more cache behaviors.

You can't change the value of a public key.

If the CallerReference is a value you already sent in a previous request to create an identity but the content of the CloudFrontOriginAccessIdentityConfig is different from the original request, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.

The Origin Access Identity specified is already in use.

A continuous deployment policy with this configuration already exists.

You cannot delete a continuous deployment policy that is associated with a primary distribution.

The caller reference you attempted to create the distribution with is associated with another distribution.

The specified CloudFront distribution is not disabled. You must disable the distribution before you can delete it.

The specified configuration for field-level encryption already exists.

The specified configuration for field-level encryption is in use.

The specified profile for field-level encryption already exists.

The specified profile for field-level encryption is in use.

The maximum size of a profile for field-level encryption was exceeded.

A function with the same name already exists in this Amazon Web Services account. To create a function, you must provide a unique name. To update an existing function, use UpdateFunction.

Cannot delete the function because it's attached to one or more cache behaviors.

The function is too large. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You cannot delete a managed policy.

The specified configuration for field-level encryption can't be associated with the specified cache behavior.

An origin cannot contain both an origin access control (OAC) and an origin access identity (OAI).

The update contains modifications that are not allowed.

The value of Quantity and the size of Items don't match.

An argument is invalid.

The default root object file name is too big or contains an invalid character.

An origin access control is associated with an origin whose domain name is not supported.

An invalid error code was specified.

Your request contains forward cookies option which doesn't match with the expectation for the whitelisted list of cookie names. Either list of cookie names has been specified when not allowed or list of cookie names is missing when expected.

A CloudFront function association is invalid.

The specified geo restriction parameter is not valid.

The headers specified are not valid for an Amazon S3 origin.

The If-Match version is missing or not valid.

The specified Lambda@Edge function association is invalid.

The location code specified is not valid.

The minimum protocol version specified is not valid.

The Amazon S3 origin server specified does not refer to a valid Amazon S3 bucket.

The origin access control is not valid.

The origin access identity is not valid or doesn't exist.

The keep alive timeout specified for the origin is not valid.

The read timeout specified for the origin is not valid.

You cannot specify SSLv3 as the minimum protocol version if you only want to support only clients that support Server Name Indication (SNI).

The query string parameters specified are not valid.

The relative path is too big, is not URL-encoded, or does not begin with a slash (/).

This operation requires the HTTPS protocol. Ensure that you specify the HTTPS protocol in your request, or omit the RequiredProtocols element from your distribution configuration.

A response code is not valid.

The TTL order specified is not valid.

The tagging specified is not valid.

A viewer certificate specified is not valid.

A web ACL ID specified is not valid. To specify a web ACL created using the latest version of WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

A key group with this name already exists. You must provide a unique name. To modify an existing key group, use UpdateKeyGroup.

This operation requires a body. Ensure that the body is present and the Content-Type header is set.

A monitoring subscription already exists for the specified distribution.

The cache policy does not exist.

The specified origin access identity does not exist.

The continuous deployment policy doesn't exist.

The specified distribution does not exist.

The specified configuration for field-level encryption doesn't exist.

The specified profile for field-level encryption doesn't exist.

The function does not exist.

The specified invalidation does not exist.

A monitoring subscription does not exist for the specified distribution.

No origin exists with the specified Origin Id.

The origin access control does not exist.

The origin request policy does not exist.

The specified public key doesn't exist.

The real-time log configuration does not exist.

A resource that was specified is not valid.

The response headers policy does not exist.

The specified streaming distribution does not exist.

An origin access control with the specified parameters already exists.

Cannot delete the origin access control because it's in use by one or more distributions.

An origin request policy with this name already exists. You must provide a unique name. To modify an existing origin request policy, use UpdateOriginRequestPolicy.

Cannot delete the origin request policy because it is attached to one or more cache behaviors.

The precondition in one or more of the request fields evaluated to false.

The specified public key already exists.

The specified public key is in use.

No profile specified for the field-level encryption query argument.

A real-time log configuration with this name already exists. You must provide a unique name. To modify an existing real-time log configuration, use UpdateRealtimeLogConfig.

Cannot delete the real-time log configuration because it is attached to one or more cache behaviors.

The specified real-time log configuration belongs to a different Amazon Web Services account.

Cannot delete this resource because it is in use.

A response headers policy with this name already exists. You must provide a unique name. To modify an existing response headers policy, use UpdateResponseHeadersPolicy.

Cannot delete the response headers policy because it is attached to one or more cache behaviors in a CloudFront distribution.

A continuous deployment policy for this staging distribution already exists.

The caller reference you attempted to create the streaming distribution with is associated with another distribution

The specified CloudFront distribution is not disabled. You must disable the distribution before you can delete it.

The CloudFront function failed.

The length of the Content-Security-Policy header value in the response headers policy exceeds the maximum.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You cannot create more cache behaviors for the distribution.

You have reached the maximum number of cache policies for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You cannot create anymore custom SSL/TLS certificates.

Processing your request would cause you to exceed the maximum number of origin access identities allowed.

You have reached the maximum number of continuous deployment policies for this Amazon Web Services account.

Your request contains more cookie names in the whitelist than are allowed per cache behavior.

The number of cookies in the cache policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The number of cookies in the origin request policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The number of custom headers in the response headers policy exceeds the maximum.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Your request contains more CNAMEs than are allowed per distribution.

Processing your request would cause you to exceed the maximum number of distributions allowed.

The maximum number of distributions have been associated with the specified cache policy. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The maximum number of distributions have been associated with the specified configuration for field-level encryption.

The number of distributions that reference this key group is more than the maximum allowed. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The maximum number of distributions have been associated with the specified origin access control.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The maximum number of distributions have been associated with the specified origin request policy. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The maximum number of distributions have been associated with the specified response headers policy.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You have reached the maximum number of distributions that are associated with a CloudFront function. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Processing your request would cause the maximum number of distributions with Lambda@Edge function associations per owner to be exceeded.

The maximum number of distributions have been associated with the specified Lambda@Edge function.

The maximum number of configurations for field-level encryption have been created.

The maximum number of content type profiles for field-level encryption have been created.

The maximum number of encryption entities for field-level encryption have been created.

The maximum number of field patterns for field-level encryption have been created.

The maximum number of profiles for field-level encryption have been created.

The maximum number of query arg profiles for field-level encryption have been created.

You have reached the maximum number of CloudFront function associations for this distribution. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You have reached the maximum number of CloudFront functions for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The number of headers in the cache policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Your request contains too many headers in forwarded values.

The number of headers in the origin request policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You have exceeded the maximum number of allowable InProgress invalidation batch requests, or invalidation objects.

You have reached the maximum number of key groups for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The number of key groups referenced by this distribution is more than the maximum allowed. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Your request contains more Lambda@Edge function associations than are allowed per distribution.

The number of origin access controls in your Amazon Web Services account exceeds the maximum allowed.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Your request contains too many origin custom headers.

Processing your request would cause you to exceed the maximum number of origin groups allowed.

You have reached the maximum number of origin request policies for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You cannot create more origins for the distribution.

The maximum number of public keys for field-level encryption have been created. To create a new public key, delete one of the existing keys.

The number of public keys in this key group is more than the maximum allowed. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Your request contains too many query string parameters.

The number of query strings in the cache policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The number of query strings in the origin request policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You have reached the maximum number of real-time log configurations for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

The number of headers in RemoveHeadersConfig in the response headers policy exceeds the maximum.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

You have reached the maximum number of response headers policies for this Amazon Web Services account.

For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.

Your request contains more CNAMEs than are allowed per distribution.

Processing your request would cause you to exceed the maximum number of streaming distributions allowed.

Your request contains more trusted signers than are allowed per distribution.

The specified key group does not exist.

One or more of your trusted signers don't exist.

This operation is not supported in this region.