S3BucketOriginWithOACProps

class aws_cdk.aws_cloudfront_origins.S3BucketOriginWithOACProps(*, connection_attempts=None, connection_timeout=None, custom_headers=None, origin_access_control_id=None, origin_id=None, origin_shield_enabled=None, origin_shield_region=None, origin_path=None, origin_access_control=None, origin_access_levels=None)

Bases: S3BucketOriginBaseProps

Properties for configuring a S3 origin with OAC.

Parameters:
  • connection_attempts (Union[int, float, None]) – The number of times that CloudFront attempts to connect to the origin; valid values are 1, 2, or 3 attempts. Default: 3

  • connection_timeout (Optional[Duration]) – The number of seconds that CloudFront waits when trying to establish a connection to the origin. Valid values are 1-10 seconds, inclusive. Default: Duration.seconds(10)

  • custom_headers (Optional[Mapping[str, str]]) – A list of HTTP header names and values that CloudFront adds to requests it sends to the origin. Default: {}

  • origin_access_control_id (Optional[str]) – The unique identifier of an origin access control for this origin. Default: - no origin access control

  • origin_id (Optional[str]) – A unique identifier for the origin. This value must be unique within the distribution. Default: - an originid will be generated for you

  • origin_shield_enabled (Optional[bool]) – Origin Shield is enabled by setting originShieldRegion to a valid region, after this to disable Origin Shield again you must set this flag to false. Default: - true

  • origin_shield_region (Optional[str]) – When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance. Default: - origin shield not enabled

  • origin_path (Optional[str]) – An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin. Must begin, but not end, with ‘/’ (e.g., ‘/production/images’). Default: ‘/’

  • origin_access_control (Optional[IOriginAccessControl]) – An optional Origin Access Control. Default: - an Origin Access Control will be created.

  • origin_access_levels (Optional[Sequence[AccessLevel]]) – The level of permissions granted in the bucket policy and key policy (if applicable) to the CloudFront distribution. Default: [AccessLevel.READ]

ExampleMetadata:

infused

Example:

my_bucket = s3.Bucket(self, "myBucket")
s3_origin = origins.S3BucketOrigin.with_origin_access_control(my_bucket,
    origin_access_levels=[cloudfront.AccessLevel.READ, cloudfront.AccessLevel.WRITE, cloudfront.AccessLevel.DELETE]
)

Attributes

connection_attempts

The number of times that CloudFront attempts to connect to the origin;

valid values are 1, 2, or 3 attempts.

Default:

3

connection_timeout

The number of seconds that CloudFront waits when trying to establish a connection to the origin.

Valid values are 1-10 seconds, inclusive.

Default:

Duration.seconds(10)

custom_headers

A list of HTTP header names and values that CloudFront adds to requests it sends to the origin.

Default:

{}

origin_access_control

An optional Origin Access Control.

Default:
  • an Origin Access Control will be created.

origin_access_control_id

The unique identifier of an origin access control for this origin.

Default:
  • no origin access control

origin_access_levels

The level of permissions granted in the bucket policy and key policy (if applicable) to the CloudFront distribution.

Default:

[AccessLevel.READ]

origin_id

A unique identifier for the origin.

This value must be unique within the distribution.

Default:
  • an originid will be generated for you

origin_path

An optional path that CloudFront appends to the origin domain name when CloudFront requests content from the origin.

Must begin, but not end, with ‘/’ (e.g., ‘/production/images’).

Default:

‘/’

origin_shield_enabled

Origin Shield is enabled by setting originShieldRegion to a valid region, after this to disable Origin Shield again you must set this flag to false.

Default:
  • true

origin_shield_region

When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance.

Default:
  • origin shield not enabled

See:

https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html