Table Of Contents

Feedback

User Guide

First time using the AWS CLI? See the User Guide for help getting started.

Note: You are viewing the documentation for an older major version of the AWS CLI (version 1).

AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.

[ aws . cloudfront ]

create-cache-policy

Description

Creates a cache policy.

After you create a cache policy, you can attach it to one or more cache behaviors. When it’s attached to a cache behavior, the cache policy determines the following:

  • The values that CloudFront includes in the cache key . These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
  • The default, minimum, and maximum time to live (TTL) values that you want objects to stay in the CloudFront cache.

The headers, cookies, and query strings that are included in the cache key are automatically included in requests that CloudFront sends to the origin. CloudFront sends a request when it can’t find an object in its cache that matches the request’s cache key. If you want to send values to the origin but not include them in the cache key, use OriginRequestPolicy .

For more information about cache policies, see Controlling the cache key in the Amazon CloudFront Developer Guide .

See also: AWS API Documentation

See 'aws help' for descriptions of global parameters.

Synopsis

  create-cache-policy
--cache-policy-config <value>
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]

Options

--cache-policy-config (structure)

A cache policy configuration.

Comment -> (string)

A comment to describe the cache policy. The comment cannot be longer than 128 characters.

Name -> (string)

A unique name to identify the cache policy.

DefaultTTL -> (long)

The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object’s time to live (TTL) only when the origin does not send Cache-Control or Expires headers with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

The default value for this field is 86400 seconds (one day). If the value of MinTTL is more than 86400 seconds, then the default value for this field is the same as the value of MinTTL .

MaxTTL -> (long)

The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends Cache-Control or Expires headers with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

The default value for this field is 31536000 seconds (one year). If the value of MinTTL or DefaultTTL is more than 31536000 seconds, then the default value for this field is the same as the value of DefaultTTL .

MinTTL -> (long)

The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

ParametersInCacheKeyAndForwardedToOrigin -> (structure)

The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are automatically included in requests that CloudFront sends to the origin.

EnableAcceptEncodingGzip -> (boolean)

A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.

This field is related to the EnableAcceptEncodingBrotli field. If one or both of these fields is true and the viewer request includes the Accept-Encoding header, then CloudFront does the following:

  • Normalizes the value of the viewer’s Accept-Encoding header
  • Includes the normalized header in the cache key
  • Includes the normalized header in the request to the origin, if a request is necessary

For more information, see Compression support in the Amazon CloudFront Developer Guide .

If you set this value to true , and this cache behavior also has an origin request policy attached, do not include the Accept-Encoding header in the origin request policy. CloudFront always includes the Accept-Encoding header in origin requests when the value of this field is true , so including this header in an origin request policy has no effect.

If both of these fields are false , then CloudFront treats the Accept-Encoding header the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually add Accept-Encoding to the headers whitelist like any other HTTP header.

EnableAcceptEncodingBrotli -> (boolean)

A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.

This field is related to the EnableAcceptEncodingGzip field. If one or both of these fields is true and the viewer request includes the Accept-Encoding header, then CloudFront does the following:

  • Normalizes the value of the viewer’s Accept-Encoding header
  • Includes the normalized header in the cache key
  • Includes the normalized header in the request to the origin, if a request is necessary

For more information, see Compression support in the Amazon CloudFront Developer Guide .

If you set this value to true , and this cache behavior also has an origin request policy attached, do not include the Accept-Encoding header in the origin request policy. CloudFront always includes the Accept-Encoding header in origin requests when the value of this field is true , so including this header in an origin request policy has no effect.

If both of these fields are false , then CloudFront treats the Accept-Encoding header the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually add Accept-Encoding to the headers whitelist like any other HTTP header.

HeadersConfig -> (structure)

An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and automatically included in requests that CloudFront sends to the origin.

HeaderBehavior -> (string)

Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are:

  • none – HTTP headers are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin. Even when this field is set to none , any headers that are listed in an OriginRequestPolicy are included in origin requests.
  • whitelist – The HTTP headers that are listed in the Headers type are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

Headers -> (structure)

Contains a list of HTTP header names.

Quantity -> (integer)

The number of header names in the Items list.

Items -> (list)

A list of HTTP header names.

(string)

CookiesConfig -> (structure)

An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and automatically included in requests that CloudFront sends to the origin.

CookieBehavior -> (string)

Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are:

  • none – Cookies in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin. Even when this field is set to none , any cookies that are listed in an OriginRequestPolicy are included in origin requests.
  • whitelist – The cookies in viewer requests that are listed in the CookieNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • allExcept – All cookies in viewer requests that are * not * listed in the CookieNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • all – All cookies in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

Cookies -> (structure)

Contains a list of cookie names.

Quantity -> (integer)

The number of cookie names in the Items list.

Items -> (list)

A list of cookie names.

(string)

QueryStringsConfig -> (structure)

An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and automatically included in requests that CloudFront sends to the origin.

QueryStringBehavior -> (string)

Determines whether any URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are:

  • none – Query strings in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin. Even when this field is set to none , any query strings that are listed in an OriginRequestPolicy are included in origin requests.
  • whitelist – The query strings in viewer requests that are listed in the QueryStringNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • allExcept – All query strings in viewer requests that are * not * listed in the QueryStringNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • all – All query strings in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

QueryStrings -> (structure)

Contains the specific query strings in viewer requests that either * are * or * are not * included in the cache key and automatically included in requests that CloudFront sends to the origin. The behavior depends on whether the QueryStringBehavior field in the CachePolicyQueryStringsConfig type is set to whitelist (the listed query strings * are * included) or allExcept (the listed query strings * are not * included, but all other query strings are).

Quantity -> (integer)

The number of query string names in the Items list.

Items -> (list)

A list of query string names.

(string)

JSON Syntax:

{
  "Comment": "string",
  "Name": "string",
  "DefaultTTL": long,
  "MaxTTL": long,
  "MinTTL": long,
  "ParametersInCacheKeyAndForwardedToOrigin": {
    "EnableAcceptEncodingGzip": true|false,
    "EnableAcceptEncodingBrotli": true|false,
    "HeadersConfig": {
      "HeaderBehavior": "none"|"whitelist",
      "Headers": {
        "Quantity": integer,
        "Items": ["string", ...]
      }
    },
    "CookiesConfig": {
      "CookieBehavior": "none"|"whitelist"|"allExcept"|"all",
      "Cookies": {
        "Quantity": integer,
        "Items": ["string", ...]
      }
    },
    "QueryStringsConfig": {
      "QueryStringBehavior": "none"|"whitelist"|"allExcept"|"all",
      "QueryStrings": {
        "Quantity": integer,
        "Items": ["string", ...]
      }
    }
  }
}

--cli-input-json (string) Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.

--generate-cli-skeleton (string) Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.

See 'aws help' for descriptions of global parameters.

Output

CachePolicy -> (structure)

A cache policy.

Id -> (string)

The unique identifier for the cache policy.

LastModifiedTime -> (timestamp)

The date and time when the cache policy was last modified.

CachePolicyConfig -> (structure)

The cache policy configuration.

Comment -> (string)

A comment to describe the cache policy. The comment cannot be longer than 128 characters.

Name -> (string)

A unique name to identify the cache policy.

DefaultTTL -> (long)

The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object’s time to live (TTL) only when the origin does not send Cache-Control or Expires headers with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

The default value for this field is 86400 seconds (one day). If the value of MinTTL is more than 86400 seconds, then the default value for this field is the same as the value of MinTTL .

MaxTTL -> (long)

The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends Cache-Control or Expires headers with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

The default value for this field is 31536000 seconds (one year). If the value of MinTTL or DefaultTTL is more than 31536000 seconds, then the default value for this field is the same as the value of DefaultTTL .

MinTTL -> (long)

The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .

ParametersInCacheKeyAndForwardedToOrigin -> (structure)

The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are automatically included in requests that CloudFront sends to the origin.

EnableAcceptEncodingGzip -> (boolean)

A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.

This field is related to the EnableAcceptEncodingBrotli field. If one or both of these fields is true and the viewer request includes the Accept-Encoding header, then CloudFront does the following:

  • Normalizes the value of the viewer’s Accept-Encoding header
  • Includes the normalized header in the cache key
  • Includes the normalized header in the request to the origin, if a request is necessary

For more information, see Compression support in the Amazon CloudFront Developer Guide .

If you set this value to true , and this cache behavior also has an origin request policy attached, do not include the Accept-Encoding header in the origin request policy. CloudFront always includes the Accept-Encoding header in origin requests when the value of this field is true , so including this header in an origin request policy has no effect.

If both of these fields are false , then CloudFront treats the Accept-Encoding header the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually add Accept-Encoding to the headers whitelist like any other HTTP header.

EnableAcceptEncodingBrotli -> (boolean)

A flag that can affect whether the Accept-Encoding HTTP header is included in the cache key and included in requests that CloudFront sends to the origin.

This field is related to the EnableAcceptEncodingGzip field. If one or both of these fields is true and the viewer request includes the Accept-Encoding header, then CloudFront does the following:

  • Normalizes the value of the viewer’s Accept-Encoding header
  • Includes the normalized header in the cache key
  • Includes the normalized header in the request to the origin, if a request is necessary

For more information, see Compression support in the Amazon CloudFront Developer Guide .

If you set this value to true , and this cache behavior also has an origin request policy attached, do not include the Accept-Encoding header in the origin request policy. CloudFront always includes the Accept-Encoding header in origin requests when the value of this field is true , so including this header in an origin request policy has no effect.

If both of these fields are false , then CloudFront treats the Accept-Encoding header the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually add Accept-Encoding to the headers whitelist like any other HTTP header.

HeadersConfig -> (structure)

An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and automatically included in requests that CloudFront sends to the origin.

HeaderBehavior -> (string)

Determines whether any HTTP headers are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are:

  • none – HTTP headers are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin. Even when this field is set to none , any headers that are listed in an OriginRequestPolicy are included in origin requests.
  • whitelist – The HTTP headers that are listed in the Headers type are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

Headers -> (structure)

Contains a list of HTTP header names.

Quantity -> (integer)

The number of header names in the Items list.

Items -> (list)

A list of HTTP header names.

(string)

CookiesConfig -> (structure)

An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and automatically included in requests that CloudFront sends to the origin.

CookieBehavior -> (string)

Determines whether any cookies in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are:

  • none – Cookies in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin. Even when this field is set to none , any cookies that are listed in an OriginRequestPolicy are included in origin requests.
  • whitelist – The cookies in viewer requests that are listed in the CookieNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • allExcept – All cookies in viewer requests that are * not * listed in the CookieNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • all – All cookies in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

Cookies -> (structure)

Contains a list of cookie names.

Quantity -> (integer)

The number of cookie names in the Items list.

Items -> (list)

A list of cookie names.

(string)

QueryStringsConfig -> (structure)

An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and automatically included in requests that CloudFront sends to the origin.

QueryStringBehavior -> (string)

Determines whether any URL query strings in viewer requests are included in the cache key and automatically included in requests that CloudFront sends to the origin. Valid values are:

  • none – Query strings in viewer requests are not included in the cache key and are not automatically included in requests that CloudFront sends to the origin. Even when this field is set to none , any query strings that are listed in an OriginRequestPolicy are included in origin requests.
  • whitelist – The query strings in viewer requests that are listed in the QueryStringNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • allExcept – All query strings in viewer requests that are * not * listed in the QueryStringNames type are included in the cache key and automatically included in requests that CloudFront sends to the origin.
  • all – All query strings in viewer requests are included in the cache key and are automatically included in requests that CloudFront sends to the origin.

QueryStrings -> (structure)

Contains the specific query strings in viewer requests that either * are * or * are not * included in the cache key and automatically included in requests that CloudFront sends to the origin. The behavior depends on whether the QueryStringBehavior field in the CachePolicyQueryStringsConfig type is set to whitelist (the listed query strings * are * included) or allExcept (the listed query strings * are not * included, but all other query strings are).

Quantity -> (integer)

The number of query string names in the Items list.

Items -> (list)

A list of query string names.

(string)

Location -> (string)

The fully qualified URI of the cache policy just created.

ETag -> (string)

The current version of the cache policy.