Class CfnDistribution.DistributionConfigProperty
A distribution configuration.
Implements
Inherited Members
Namespace: Amazon.CDK.AWS.CloudFront
Assembly: Amazon.CDK.Lib.dll
Syntax (csharp)
public class CfnDistribution.DistributionConfigProperty : CfnDistribution.IDistributionConfigPropertySyntax (vb)
Public Class CfnDistribution.DistributionConfigProperty Implements CfnDistribution.IDistributionConfigPropertyRemarks
ExampleMetadata: infused
Examples
// Create the simple Origin
var myBucket = new Bucket(this, "myBucket");
var s3Origin = S3BucketOrigin.WithOriginAccessControl(myBucket, new S3BucketOriginWithOACProps {
OriginAccessLevels = new [] { AccessLevel.READ, AccessLevel.LIST }
});
// Create the Distribution construct
var myMultiTenantDistribution = new Distribution(this, "cf-hosted-distribution", new DistributionProps {
DefaultBehavior = new BehaviorOptions {
Origin = s3Origin
},
DefaultRootObject = "index.html"
});
// Access the underlying L1 CfnDistribution to configure SaaS Manager properties which are not yet available in the L2 Distribution construct
var cfnDistribution = (CfnDistribution)myMultiTenantDistribution.Node.DefaultChild;
var defaultCacheBehavior = new DefaultCacheBehaviorProperty {
TargetOriginId = myBucket.BucketArn,
ViewerProtocolPolicy = "allow-all",
Compress = false,
AllowedMethods = new [] { "GET", "HEAD" },
CachePolicyId = CachePolicy.CACHING_OPTIMIZED.CachePolicyId
};
// Create the updated distributionConfig
var distributionConfig = new DistributionConfigProperty {
DefaultCacheBehavior = defaultCacheBehavior,
Enabled = true,
// the properties below are optional
ConnectionMode = "tenant-only",
Origins = new [] { new OriginProperty {
Id = myBucket.BucketArn,
DomainName = myBucket.BucketDomainName,
S3OriginConfig = new S3OriginConfigProperty { },
OriginPath = "/{{tenantName}}"
} },
TenantConfig = new TenantConfigProperty {
ParameterDefinitions = new [] { new ParameterDefinitionProperty {
Definition = new DefinitionProperty {
StringSchema = new StringSchemaProperty {
Required = false,
// the properties below are optional
Comment = "tenantName",
DefaultValue = "root"
}
},
Name = "tenantName"
} }
}
};
// Override the distribution configuration to enable multi-tenancy.
cfnDistribution.DistributionConfig = distributionConfig;
// Create a connection group so we have access to the RoutingEndpoint associated with the tenant we are about to create
var connectionGroup = new CfnConnectionGroup(this, "self-hosted-connection-group", new CfnConnectionGroupProps {
Enabled = true,
Ipv6Enabled = true,
Name = "self-hosted-connection-group"
});
// Export the RoutingEndpoint, skip this step if you'd prefer to fetch it from the CloudFront console or via Cloudfront.ListConnectionGroups API
// Export the RoutingEndpoint, skip this step if you'd prefer to fetch it from the CloudFront console or via Cloudfront.ListConnectionGroups API
new CfnOutput(this, "RoutingEndpoint", new CfnOutputProps {
Value = connectionGroup.AttrRoutingEndpoint,
Description = "CloudFront Routing Endpoint to be added to my hosted zone CNAME records"
});
// Create a distribution tenant with a self-hosted domain.
var selfHostedTenant = new CfnDistributionTenant(this, "self-hosted-tenant", new CfnDistributionTenantProps {
DistributionId = myMultiTenantDistribution.DistributionId,
ConnectionGroupId = connectionGroup.AttrId,
Name = "self-hosted-tenant",
Domains = new [] { "self-hosted-tenant.my.domain.com" },
Enabled = true,
ManagedCertificateRequest = new ManagedCertificateRequestProperty {
PrimaryDomainName = "self-hosted-tenant.my.domain.com",
ValidationTokenHost = "self-hosted"
}
});Synopsis
Constructors
| DistributionConfigProperty() | A distribution configuration. |
Properties
| Aliases | This field only supports standard distributions. |
| AnycastIpListId | To use this field for a multi-tenant distribution, use a connection group instead. |
| CacheBehaviors | A complex type that contains zero or more |
| CnamEs | An alias for the CloudFront distribution's domain name. |
| Comment | A comment to describe the distribution. |
| ConnectionFunctionAssociation | The distribution's connection function association. |
| ConnectionMode | This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only). |
| ContinuousDeploymentPolicyId | This field only supports standard distributions. |
| CustomErrorResponses | A complex type that controls the following:. |
| CustomOrigin | The user-defined HTTP server that serves as the origin for content that CloudFront distributes. |
| DefaultCacheBehavior | A complex type that describes the default cache behavior if you don't specify a |
| DefaultRootObject | When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin. |
| Enabled | From this field, you can enable or disable the selected distribution. |
| HttpVersion | (Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront . |
| Ipv6Enabled | To use this field for a multi-tenant distribution, use a connection group instead. |
| Logging | A complex type that controls whether access logs are written for the distribution. |
| OriginGroups | A complex type that contains information about origin groups for this distribution. |
| Origins | A complex type that contains information about origins for this distribution. |
| PriceClass | This field only supports standard distributions. |
| Restrictions | A complex type that identifies ways in which you want to restrict distribution of your content. |
| S3Origin | The origin as an Amazon S3 bucket. |
| Staging | This field only supports standard distributions. |
| TenantConfig | This field only supports multi-tenant distributions. |
| ViewerCertificate | A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. |
| ViewerMtlsConfig | The distribution's viewer mTLS configuration. |
| WebAclId | Multi-tenant distributions only support AWS WAF V2 web ACLs. |
Constructors
DistributionConfigProperty()
A distribution configuration.
public DistributionConfigProperty()Remarks
ExampleMetadata: infused
Examples
// Create the simple Origin
var myBucket = new Bucket(this, "myBucket");
var s3Origin = S3BucketOrigin.WithOriginAccessControl(myBucket, new S3BucketOriginWithOACProps {
OriginAccessLevels = new [] { AccessLevel.READ, AccessLevel.LIST }
});
// Create the Distribution construct
var myMultiTenantDistribution = new Distribution(this, "cf-hosted-distribution", new DistributionProps {
DefaultBehavior = new BehaviorOptions {
Origin = s3Origin
},
DefaultRootObject = "index.html"
});
// Access the underlying L1 CfnDistribution to configure SaaS Manager properties which are not yet available in the L2 Distribution construct
var cfnDistribution = (CfnDistribution)myMultiTenantDistribution.Node.DefaultChild;
var defaultCacheBehavior = new DefaultCacheBehaviorProperty {
TargetOriginId = myBucket.BucketArn,
ViewerProtocolPolicy = "allow-all",
Compress = false,
AllowedMethods = new [] { "GET", "HEAD" },
CachePolicyId = CachePolicy.CACHING_OPTIMIZED.CachePolicyId
};
// Create the updated distributionConfig
var distributionConfig = new DistributionConfigProperty {
DefaultCacheBehavior = defaultCacheBehavior,
Enabled = true,
// the properties below are optional
ConnectionMode = "tenant-only",
Origins = new [] { new OriginProperty {
Id = myBucket.BucketArn,
DomainName = myBucket.BucketDomainName,
S3OriginConfig = new S3OriginConfigProperty { },
OriginPath = "/{{tenantName}}"
} },
TenantConfig = new TenantConfigProperty {
ParameterDefinitions = new [] { new ParameterDefinitionProperty {
Definition = new DefinitionProperty {
StringSchema = new StringSchemaProperty {
Required = false,
// the properties below are optional
Comment = "tenantName",
DefaultValue = "root"
}
},
Name = "tenantName"
} }
}
};
// Override the distribution configuration to enable multi-tenancy.
cfnDistribution.DistributionConfig = distributionConfig;
// Create a connection group so we have access to the RoutingEndpoint associated with the tenant we are about to create
var connectionGroup = new CfnConnectionGroup(this, "self-hosted-connection-group", new CfnConnectionGroupProps {
Enabled = true,
Ipv6Enabled = true,
Name = "self-hosted-connection-group"
});
// Export the RoutingEndpoint, skip this step if you'd prefer to fetch it from the CloudFront console or via Cloudfront.ListConnectionGroups API
// Export the RoutingEndpoint, skip this step if you'd prefer to fetch it from the CloudFront console or via Cloudfront.ListConnectionGroups API
new CfnOutput(this, "RoutingEndpoint", new CfnOutputProps {
Value = connectionGroup.AttrRoutingEndpoint,
Description = "CloudFront Routing Endpoint to be added to my hosted zone CNAME records"
});
// Create a distribution tenant with a self-hosted domain.
var selfHostedTenant = new CfnDistributionTenant(this, "self-hosted-tenant", new CfnDistributionTenantProps {
DistributionId = myMultiTenantDistribution.DistributionId,
ConnectionGroupId = connectionGroup.AttrId,
Name = "self-hosted-tenant",
Domains = new [] { "self-hosted-tenant.my.domain.com" },
Enabled = true,
ManagedCertificateRequest = new ManagedCertificateRequestProperty {
PrimaryDomainName = "self-hosted-tenant.my.domain.com",
ValidationTokenHost = "self-hosted"
}
});Properties
Aliases
This field only supports standard distributions.
public string[]? Aliases { get; set; }Property Value
string[]
Remarks
You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .
A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.
AnycastIpListId
To use this field for a multi-tenant distribution, use a connection group instead.
public string? AnycastIpListId { get; set; }Property Value
Remarks
For more information, see ConnectionGroup .
ID of the Anycast static IP list that is associated with the distribution.
CacheBehaviors
A complex type that contains zero or more CacheBehavior elements.
public object? CacheBehaviors { get; set; }Property Value
Remarks
CnamEs
An alias for the CloudFront distribution's domain name.
public string[]? CnamEs { get; set; }Property Value
string[]
Remarks
This property is legacy. We recommend that you use <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html#cfn-cloudfront-distribution-distributionconfig-aliases">Aliases</a> instead.
Comment
A comment to describe the distribution.
public string? Comment { get; set; }Property Value
Remarks
The comment cannot be longer than 128 characters.
Default: - ""
ConnectionFunctionAssociation
The distribution's connection function association.
public object? ConnectionFunctionAssociation { get; set; }Property Value
Remarks
ConnectionMode
This field specifies whether the connection mode is through a standard distribution (direct) or a multi-tenant distribution with distribution tenants (tenant-only).
public string? ConnectionMode { get; set; }Property Value
Remarks
ContinuousDeploymentPolicyId
This field only supports standard distributions.
public string? ContinuousDeploymentPolicyId { get; set; }Property Value
Remarks
You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .
The identifier of a continuous deployment policy. For more information, see CreateContinuousDeploymentPolicy .
CustomErrorResponses
A complex type that controls the following:.
public object? CustomErrorResponses { get; set; }Property Value
Remarks
For more information about custom error pages, see Customizing Error Responses in the Amazon CloudFront Developer Guide .
Type union: either IResolvable or (either IResolvable or CfnDistribution.ICustomErrorResponseProperty)[]
CustomOrigin
The user-defined HTTP server that serves as the origin for content that CloudFront distributes.
public object? CustomOrigin { get; set; }Property Value
Remarks
This property is legacy. We recommend that you use <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html">Origin</a> instead.
Type union: either IResolvable or CfnDistribution.ILegacyCustomOriginProperty
DefaultCacheBehavior
A complex type that describes the default cache behavior if you don't specify a CacheBehavior element or if files don't match any of the values of PathPattern in CacheBehavior elements.
public object DefaultCacheBehavior { get; set; }Property Value
Remarks
You must create exactly one default cache behavior.
Type union: either IResolvable or CfnDistribution.IDefaultCacheBehaviorProperty
DefaultRootObject
When a viewer requests the root URL for your distribution, the default root object is the object that you want CloudFront to request from your origin.
public string? DefaultRootObject { get; set; }Property Value
Remarks
For example, if your root URL is https://www.example.com , you can specify CloudFront to return the index.html file as the default root object. You can specify a default root object so that viewers see a specific file or object, instead of another object in your distribution (for example, https://www.example.com/product-description.html ). A default root object avoids exposing the contents of your distribution.
You can specify the object name or a path to the object name (for example, index.html or exampleFolderName/index.html ). Your string can't begin with a forward slash ( / ). Only specify the object name or the path to the object.
If you don't want to specify a default root object when you create a distribution, include an empty DefaultRootObject element.
To delete the default root object from an existing distribution, update the distribution configuration and include an empty DefaultRootObject element.
To replace the default root object, update the distribution configuration and specify the new object.
For more information about the default root object, see Specify a default root object in the Amazon CloudFront Developer Guide .
Default: - ""
Enabled
From this field, you can enable or disable the selected distribution.
public object Enabled { get; set; }Property Value
Remarks
HttpVersion
(Optional) Specify the HTTP version(s) that you want viewers to use to communicate with CloudFront .
public string? HttpVersion { get; set; }Property Value
Remarks
The default value for new distributions is http1.1 .
For viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).
For viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see Connection Migration at RFC 9000. For more information about supported TLSv1.3 ciphers, see Supported protocols and ciphers between viewers and CloudFront .
Default: - "http1.1"
Ipv6Enabled
To use this field for a multi-tenant distribution, use a connection group instead.
public object? Ipv6Enabled { get; set; }Property Value
Remarks
For more information, see ConnectionGroup .
If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify true . If you specify false , CloudFront responds to IPv6 DNS requests with the DNS response code NOERROR and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.
In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the IpAddress parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see Creating a Signed URL Using a Custom Policy in the Amazon CloudFront Developer Guide .
If you're using an Amazon Route 53 AWS Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:
For more information, see Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name in the Amazon Route 53 AWS Integration Developer Guide .
If you created a CNAME resource record set, either with Amazon Route 53 AWS Integration or with another DNS service, you don't need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.
Type union: either bool or IResolvable
Logging
A complex type that controls whether access logs are written for the distribution.
public object? Logging { get; set; }Property Value
Remarks
For more information about logging, see Access Logs in the Amazon CloudFront Developer Guide .
Type union: either IResolvable or CfnDistribution.ILoggingProperty
OriginGroups
A complex type that contains information about origin groups for this distribution.
public object? OriginGroups { get; set; }Property Value
Remarks
Specify a value for either the Origins or OriginGroups property.
Type union: either IResolvable or CfnDistribution.IOriginGroupsProperty
Origins
A complex type that contains information about origins for this distribution.
public object? Origins { get; set; }Property Value
Remarks
Specify a value for either the Origins or OriginGroups property.
Type union: either IResolvable or (either IResolvable or CfnDistribution.IOriginProperty)[]
PriceClass
This field only supports standard distributions.
public string? PriceClass { get; set; }Property Value
Remarks
You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .
The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify PriceClass_All , CloudFront responds to requests for your objects from all CloudFront edge locations.
If you specify a price class other than PriceClass_All , CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.
For more information about price classes, see Choosing the Price Class for a CloudFront Distribution in the Amazon CloudFront Developer Guide . For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see Amazon CloudFront Pricing .
Default: - "PriceClass_All"
Restrictions
A complex type that identifies ways in which you want to restrict distribution of your content.
public object? Restrictions { get; set; }Property Value
Remarks
S3Origin
The origin as an Amazon S3 bucket.
public object? S3Origin { get; set; }Property Value
Remarks
This property is legacy. We recommend that you use <a href="https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-origin.html">Origin</a> instead.
Type union: either IResolvable or CfnDistribution.ILegacyS3OriginProperty
Staging
This field only supports standard distributions.
public object? Staging { get; set; }Property Value
Remarks
You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .
A Boolean that indicates whether this is a staging distribution. When this value is true , this is a staging distribution. When this value is false , this is not a staging distribution.
Type union: either bool or IResolvable
TenantConfig
This field only supports multi-tenant distributions.
public object? TenantConfig { get; set; }Property Value
Remarks
You can't specify this field for standard distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide .
A distribution tenant configuration.
Type union: either IResolvable or CfnDistribution.ITenantConfigProperty
ViewerCertificate
A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.
public object? ViewerCertificate { get; set; }Property Value
Remarks
ViewerMtlsConfig
The distribution's viewer mTLS configuration.
public object? ViewerMtlsConfig { get; set; }Property Value
Remarks
WebAclId
Multi-tenant distributions only support AWS WAF V2 web ACLs.
public string? WebAclId { get; set; }Property Value
Remarks
A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF , use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 . To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example a1b2c3d4-5678-90ab-cdef-EXAMPLE11111 .
AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF , see the AWS WAF Developer Guide .
Default: - ""