ViewerCertificate
- class aws_cdk.aws_cloudfront.ViewerCertificate(*args: Any, **kwargs)
Bases:
object
Viewer certificate configuration class.
- ExampleMetadata:
lit=aws-cloudfront/test/example.iam-cert-alias.lit.ts infused
Example:
s3_bucket_source = s3.Bucket(self, "Bucket") distribution = cloudfront.CloudFrontWebDistribution(self, "AnAmazingWebsiteProbably", origin_configs=[cloudfront.aws_cloudfront.SourceConfiguration( s3_origin_source=cloudfront.aws_cloudfront.S3OriginConfig(s3_bucket_source=s3_bucket_source), behaviors=[cloudfront.aws_cloudfront.Behavior(is_default_behavior=True)] )], viewer_certificate=cloudfront.ViewerCertificate.from_iam_certificate("certificateId", aliases=["example.com"], security_policy=cloudfront.SecurityPolicyProtocol.SSL_V3, # default ssl_method=cloudfront.SSLMethod.SNI ) )
Attributes
- aliases
- props
Static Methods
- classmethod from_acm_certificate(certificate, *, aliases=None, security_policy=None, ssl_method=None)
Generate an AWS Certificate Manager (ACM) viewer certificate configuration.
- Parameters:
certificate (
ICertificate
) – AWS Certificate Manager (ACM) certificate. Your certificate must be located in the us-east-1 (US East (N. Virginia)) region to be accessed by CloudFrontaliases (
Optional
[Sequence
[str
]]) – Domain names on the certificate (both main domain name and Subject Alternative names).security_policy (
Optional
[SecurityPolicyProtocol
]) – The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify. Default: - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNIssl_method (
Optional
[SSLMethod
]) – How CloudFront should serve HTTPS requests. See the notes on SSLMethod if you wish to use other SSL termination types. Default: SSLMethod.SNI
- Return type:
- classmethod from_cloud_front_default_certificate(*aliases)
Generate a viewer certificate configuration using the CloudFront default certificate (e.g. d111111abcdef8.cloudfront.net) and a
SecurityPolicyProtocol.TLS_V1
security policy.- Parameters:
aliases (
str
) – Alternative CNAME aliases You also must create a CNAME record with your DNS service to route queries.- Return type:
- classmethod from_iam_certificate(iam_certificate_id, *, aliases=None, security_policy=None, ssl_method=None)
Generate an IAM viewer certificate configuration.
- Parameters:
iam_certificate_id (
str
) – Identifier of the IAM certificate.aliases (
Optional
[Sequence
[str
]]) – Domain names on the certificate (both main domain name and Subject Alternative names).security_policy (
Optional
[SecurityPolicyProtocol
]) – The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. CloudFront serves your objects only to browsers or devices that support at least the SSL version that you specify. Default: - SSLv3 if sslMethod VIP, TLSv1 if sslMethod SNIssl_method (
Optional
[SSLMethod
]) – How CloudFront should serve HTTPS requests. See the notes on SSLMethod if you wish to use other SSL termination types. Default: SSLMethod.SNI
- Return type: