S3BucketOrigin

class aws_cdk.aws_cloudfront_origins.S3BucketOrigin(bucket, *, origin_path=None, connection_attempts=None, connection_timeout=None, custom_headers=None, origin_access_control_id=None, origin_id=None, origin_shield_enabled=None, origin_shield_region=None)

Bases: OriginBase

A S3 Bucket Origin.

ExampleMetadata:

infused

Example:

my_bucket = s3.Bucket(self, "myBucket")
cloudfront.Distribution(self, "myDist",
    default_behavior=cloudfront.BehaviorOptions(
        origin=origins.OriginGroup(
            primary_origin=origins.S3BucketOrigin.with_origin_access_control(my_bucket),
            fallback_origin=origins.HttpOrigin("www.example.com"),
            # optional, defaults to: 500, 502, 503 and 504
            fallback_status_codes=[404]
        )
    )
)
Parameters:
  • bucket (IBucket) –

  • origin_path (Optional[str]) – An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with ‘/’ (e.g., ‘/production/images’). Default: ‘/’

  • connection_attempts (Union[int, float, None]) – The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts. Default: 3

  • connection_timeout (Optional[Duration]) – The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive. Default: Duration.seconds(10)

  • custom_headers (Optional[Mapping[str, str]]) – A list of HTTP header names and values that CloudFront adds to requests it sends to the origin. Default: {}

  • origin_access_control_id (Optional[str]) – The unique identifier of an origin access control for this origin. Default: - no origin access control

  • origin_id (Optional[str]) – A unique identifier for the origin. This value must be unique within the distribution. Default: - an originid will be generated for you

  • origin_shield_enabled (Optional[bool]) – Origin Shield is enabled by setting originShieldRegion to a valid region, after this to disable Origin Shield again you must set this flag to false. Default: - true

  • origin_shield_region (Optional[str]) – When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance. Default: - origin shield not enabled

Methods

bind(_scope, *, origin_id, distribution_id=None)

Binds the origin to the associated Distribution.

Can be used to grant permissions, create dependent resources, etc.

Parameters:
  • _scope (Construct) –

  • origin_id (str) – The identifier of this Origin, as assigned by the Distribution this Origin has been used added to.

  • distribution_id (Optional[str]) – The identifier of the Distribution this Origin is used for. This is used to grant origin access permissions to the distribution for origin access control. Default: - no distribution id

Return type:

OriginBindConfig

Static Methods

classmethod with_bucket_defaults(bucket, *, origin_path=None, connection_attempts=None, connection_timeout=None, custom_headers=None, origin_access_control_id=None, origin_id=None, origin_shield_enabled=None, origin_shield_region=None)

Create a S3 Origin with default S3 bucket settings (no origin access control).

Parameters:
  • bucket (IBucket) –

  • origin_path (Optional[str]) – An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with ‘/’ (e.g., ‘/production/images’). Default: ‘/’

  • connection_attempts (Union[int, float, None]) – The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts. Default: 3

  • connection_timeout (Optional[Duration]) – The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive. Default: Duration.seconds(10)

  • custom_headers (Optional[Mapping[str, str]]) – A list of HTTP header names and values that CloudFront adds to requests it sends to the origin. Default: {}

  • origin_access_control_id (Optional[str]) – The unique identifier of an origin access control for this origin. Default: - no origin access control

  • origin_id (Optional[str]) – A unique identifier for the origin. This value must be unique within the distribution. Default: - an originid will be generated for you

  • origin_shield_enabled (Optional[bool]) – Origin Shield is enabled by setting originShieldRegion to a valid region, after this to disable Origin Shield again you must set this flag to false. Default: - true

  • origin_shield_region (Optional[str]) – When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance. Default: - origin shield not enabled

Return type:

IOrigin

classmethod with_origin_access_control(bucket, *, origin_access_control=None, origin_access_levels=None, origin_path=None, connection_attempts=None, connection_timeout=None, custom_headers=None, origin_access_control_id=None, origin_id=None, origin_shield_enabled=None, origin_shield_region=None)

Create a S3 Origin with Origin Access Control (OAC) configured.

Parameters:
  • bucket (IBucket) –

  • origin_access_control (Optional[IOriginAccessControl]) – An optional Origin Access Control. Default: - an Origin Access Control will be created.

  • origin_access_levels (Optional[Sequence[AccessLevel]]) – The level of permissions granted in the bucket policy and key policy (if applicable) to the CloudFront distribution. Default: [AccessLevel.READ]

  • origin_path (Optional[str]) – An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with ‘/’ (e.g., ‘/production/images’). Default: ‘/’

  • connection_attempts (Union[int, float, None]) – The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts. Default: 3

  • connection_timeout (Optional[Duration]) – The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive. Default: Duration.seconds(10)

  • custom_headers (Optional[Mapping[str, str]]) – A list of HTTP header names and values that CloudFront adds to requests it sends to the origin. Default: {}

  • origin_access_control_id (Optional[str]) – The unique identifier of an origin access control for this origin. Default: - no origin access control

  • origin_id (Optional[str]) – A unique identifier for the origin. This value must be unique within the distribution. Default: - an originid will be generated for you

  • origin_shield_enabled (Optional[bool]) – Origin Shield is enabled by setting originShieldRegion to a valid region, after this to disable Origin Shield again you must set this flag to false. Default: - true

  • origin_shield_region (Optional[str]) – When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance. Default: - origin shield not enabled

Return type:

IOrigin

classmethod with_origin_access_identity(bucket, *, origin_access_identity=None, origin_path=None, connection_attempts=None, connection_timeout=None, custom_headers=None, origin_access_control_id=None, origin_id=None, origin_shield_enabled=None, origin_shield_region=None)

Create a S3 Origin with Origin Access Identity (OAI) configured OAI is a legacy feature and we strongly recommend you to use OAC via withOriginAccessControl() unless it is not supported in your required region (e.g. China regions).

Parameters:
  • bucket (IBucket) –

  • origin_access_identity (Optional[IOriginAccessIdentity]) – An optional Origin Access Identity. Default: - an Origin Access Identity will be created.

  • origin_path (Optional[str]) – An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with ‘/’ (e.g., ‘/production/images’). Default: ‘/’

  • connection_attempts (Union[int, float, None]) – The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts. Default: 3

  • connection_timeout (Optional[Duration]) – The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive. Default: Duration.seconds(10)

  • custom_headers (Optional[Mapping[str, str]]) – A list of HTTP header names and values that CloudFront adds to requests it sends to the origin. Default: {}

  • origin_access_control_id (Optional[str]) – The unique identifier of an origin access control for this origin. Default: - no origin access control

  • origin_id (Optional[str]) – A unique identifier for the origin. This value must be unique within the distribution. Default: - an originid will be generated for you

  • origin_shield_enabled (Optional[bool]) – Origin Shield is enabled by setting originShieldRegion to a valid region, after this to disable Origin Shield again you must set this flag to false. Default: - true

  • origin_shield_region (Optional[str]) – When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance. Default: - origin shield not enabled

Return type:

IOrigin