ViewerCertificateOptions

class aws_cdk.aws_cloudfront.ViewerCertificateOptions(*, aliases=None, security_policy=None, ssl_method=None)

Bases: object

Parameters:
  • aliases (Optional[Sequence[str]]) – Domain names on the certificate (both main domain name and Subject Alternative names).

  • security_policy (Optional[SecurityPolicyProtocol]) – The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify. Default: - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

  • ssl_method (Optional[SSLMethod]) – How CloudFront should serve HTTPS requests. See the notes on SSLMethod if you wish to use other SSL termination types. Default: SSLMethod.SNI

ExampleMetadata:

lit=test/example.iam-cert-alias.lit.ts infused

Example:

s3_bucket_source = s3.Bucket(self, "Bucket")

distribution = cloudfront.CloudFrontWebDistribution(self, "AnAmazingWebsiteProbably",
    origin_configs=[cloudfront.SourceConfiguration(
        s3_origin_source=cloudfront.S3OriginConfig(s3_bucket_source=s3_bucket_source),
        behaviors=[cloudfront.Behavior(is_default_behavior=True)]
    )],
    viewer_certificate=cloudfront.ViewerCertificate.from_iam_certificate("certificateId",
        aliases=["example.com"],
        security_policy=cloudfront.SecurityPolicyProtocol.SSL_V3,  # default
        ssl_method=cloudfront.SSLMethod.SNI
    )
)

Attributes

aliases

Domain names on the certificate (both main domain name and Subject Alternative names).

security_policy

The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections.

CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify.

Default:
  • SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNI

ssl_method

How CloudFront should serve HTTPS requests.

See the notes on SSLMethod if you wish to use other SSL termination types.

Default:

SSLMethod.SNI

See:

https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html