AWS services or capabilities described in AWS Documentation may vary by region/location. Click Getting Started with Amazon AWS to see specific differences applicable to the China (Beijing) Region.
New-CFDistribution-ViewerCertificate_ACMCertificateArn <String>-Logging_Bucket <String>-DefaultCacheBehavior_CachePolicyId <String>-DistributionConfig_CallerReference <String>-ViewerCertificate_CloudFrontDefaultCertificate <Boolean>-DistributionConfig_Comment <String>-DefaultCacheBehavior_Compress <Boolean>-DistributionConfig_ContinuousDeploymentPolicyId <String>-DistributionConfig_DefaultRootObject <String>-TrustedKeyGroups_Enabled <Boolean>-TrustedSigners_Enabled <Boolean>-DistributionConfig_Enabled <Boolean>-Logging_Enabled <Boolean>-DefaultCacheBehavior_FieldLevelEncryptionId <String>-Cookies_Forward <ItemSelection>-DistributionConfig_HttpVersion <HttpVersion>-ViewerCertificate_IAMCertificateId <String>-Logging_IncludeCookie <Boolean>-DistributionConfig_IsIPV6Enabled <Boolean>-Aliases_Item <String[]>-CacheBehaviors_Item <CacheBehavior[]>-CustomErrorResponses_Item <CustomErrorResponse[]>-CachedMethods_Item <String[]>-AllowedMethods_Item <String[]>-WhitelistedNames_Item <String[]>-Headers_Item <String[]>-QueryStringCacheKeys_Item <String[]>-FunctionAssociations_Item <FunctionAssociation[]>-LambdaFunctionAssociations_Item <LambdaFunctionAssociation[]>-TrustedKeyGroups_Item <String[]>-TrustedSigners_Item <String[]>-OriginGroups_Item <OriginGroup[]>-Origins_Item <Origin[]>-GeoRestriction_Item <String[]>-ViewerCertificate_MinimumProtocolVersion <MinimumProtocolVersion>-DefaultCacheBehavior_OriginRequestPolicyId <String>-Logging_Prefix <String>-DistributionConfig_PriceClass <PriceClass>-Aliases_Quantity <Int32>-CacheBehaviors_Quantity <Int32>-CustomErrorResponses_Quantity <Int32>-CachedMethods_Quantity <Int32>-AllowedMethods_Quantity <Int32>-WhitelistedNames_Quantity <Int32>-Headers_Quantity <Int32>-QueryStringCacheKeys_Quantity <Int32>-FunctionAssociations_Quantity <Int32>-LambdaFunctionAssociations_Quantity <Int32>-TrustedKeyGroups_Quantity <Int32>-TrustedSigners_Quantity <Int32>-OriginGroups_Quantity <Int32>-Origins_Quantity <Int32>-GeoRestriction_Quantity <Int32>-ForwardedValues_QueryString <Boolean>-DefaultCacheBehavior_RealtimeLogConfigArn <String>-DefaultCacheBehavior_ResponseHeadersPolicyId <String>-GeoRestriction_RestrictionType <GeoRestrictionType>-DefaultCacheBehavior_SmoothStreaming <Boolean>-ViewerCertificate_SSLSupportMethod <SSLSupportMethod>-DistributionConfig_Staging <Boolean>-DefaultCacheBehavior_TargetOriginId <String>-DefaultCacheBehavior_ViewerProtocolPolicy <ViewerProtocolPolicy>-DistributionConfig_WebACLId <String>-ViewerCertificate_Certificate <String>-ViewerCertificate_CertificateSource <CertificateSource>-DefaultCacheBehavior_DefaultTTL <Int64>-DefaultCacheBehavior_MaxTTL <Int64>-DefaultCacheBehavior_MinTTL <Int64>-Select <String>-Force <SwitchParameter>-ClientConfig <AmazonCloudFrontConfig>
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Aliases_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Aliases_Quantity |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_AllowedMethods_Items |
GET
and HEAD
requests), 3 (for GET
, HEAD
, and OPTIONS
requests) and 7 (for GET, HEAD, OPTIONS, PUT, PATCH, POST
, and DELETE
requests). Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_AllowedMethods_Quantity |
Quantity
is 0
, you can omit Items
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_CacheBehaviors_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_CacheBehaviors_Quantity |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_AllowedMethods_CachedMethods_Items |
2
(for caching responses to GET
and HEAD
requests) and 3
(for caching responses to GET
, HEAD
, and OPTIONS
requests). Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_AllowedMethods_CachedMethods_Quantity |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
WhitelistedNames
complex type.Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the Forward
element. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_Cookies_Forward |
CustomErrorResponse
element for each HTTP status code for which you want to specify a custom error page and/or a caching duration. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_CustomErrorResponses_Items |
Quantity
is 0
, you can omit Items
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_CustomErrorResponses_Quantity |
DefaultCacheBehavior
must include either a CachePolicyId
or ForwardedValues
. We recommend that you use a CachePolicyId
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_CachePolicyId |
true
; if not, specify false
. For more information, see Serving Compressed Files in the Amazon CloudFront Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_Compress |
DefaultTTL
field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age
, Cache-Control s-maxage
, and Expires
to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.This parameter is deprecated. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_DefaultTTL |
ID
for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for the default cache behavior. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_FieldLevelEncryptionId |
MaxTTL
field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age
, Cache-Control s-maxage
, and Expires
to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.This parameter is deprecated. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_MaxTTL |
MinTTL
field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.You must specify 0
for MinTTL
if you configure CloudFront to forward all headers to your origin (under Headers
, if you specify 1
for Quantity
and *
for Name
).This parameter is deprecated. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_MinTTL |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_OriginRequestPolicyId |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_RealtimeLogConfigArn |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ResponseHeadersPolicyId |
true
; if not, specify false
. If you specify true
for SmoothStreaming
, you can still distribute other content using this cache behavior if the content matches the value of PathPattern
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_SmoothStreaming |
ID
for the origin that you want CloudFront to route requests to when they use the default cache behavior. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TargetOriginId |
TargetOriginId
when a request matches the path pattern in PathPattern
. You can specify the following options:allow-all
: Viewers can use HTTP or HTTPS.redirect-to-https
: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.https-only
: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ViewerProtocolPolicy |
CallerReference
is new (regardless of the content of the DistributionConfig
object), CloudFront creates a new distribution.If CallerReference
is a value that you already sent in a previous request to create a distribution, CloudFront returns a DistributionAlreadyExists
error. Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
CreateContinuousDeploymentPolicy
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
index.html
) when a viewer requests the root URL for your distribution (https://www.example.com
) instead of an object in your distribution (https://www.example.com/product-description.html
). Specifying a default root object avoids exposing the contents of your distribution.Specify only the object name, for example, index.html
. Don't add a /
before the object name.If you don't want to specify a default root object when you create a distribution, include an empty DefaultRootObject
element.To delete the default root object from an existing distribution, update the distribution configuration and include an empty DefaultRootObject
element.To replace the default root object, update the distribution configuration and specify the new object.For more information about the default root object, see Creating a Default Root Object in the Amazon CloudFront Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
http2
. Viewers that don't support HTTP/2 automatically use an earlier HTTP version.For viewers and CloudFront to use HTTP/2, viewers must support TLSv1.2 or later, and must support Server Name Indication (SNI).For viewers and CloudFront to use HTTP/3, viewers must support TLSv1.3 and Server Name Indication (SNI). CloudFront supports HTTP/3 connection migration to allow the viewer to switch networks without losing connection. For more information about connection migration, see Connection Migration at RFC 9000. For more information about supported TLSv1.3 ciphers, see Supported protocols and ciphers between viewers and CloudFront. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
true
. If you specify false
, CloudFront responds to IPv6 DNS requests with the DNS response code NOERROR
and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you're using signed URLs or signed cookies to restrict access to your content, and if you're using a custom policy that includes the IpAddress
parameter to restrict the IP addresses that can access your content, don't enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see Creating a Signed URL Using a Custom Policy in the Amazon CloudFront Developer Guide.If you're using an Route 53 Amazon Web Services Integration alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
PriceClass_All
, CloudFront responds to requests for your objects from all CloudFront edge locations.If you specify a price class other than PriceClass_All
, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.For more information about price classes, see Choosing the Price Class for a CloudFront Distribution in the Amazon CloudFront Developer Guide. For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see Amazon CloudFront Pricing. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
true
, this is a staging distribution. When this value is false
, this is not a staging distribution. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a
. To specify a web ACL created using WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a
.WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about WAF, see the WAF Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
QueryString
and on the values that you specify for QueryStringCacheKeys
, if any:If you specify true for QueryString
and you don't specify any values for QueryStringCacheKeys
, CloudFront forwards all query string parameters to the origin and caches based on all query string parameters. Depending on how many query string parameters and values you have, this can adversely affect performance because CloudFront must forward more requests to the origin.If you specify true for QueryString
and you specify one or more values for QueryStringCacheKeys
, CloudFront forwards all query string parameters to the origin, but it only caches based on the query string parameters that you specify.If you specify false for QueryString
, CloudFront doesn't forward any query string parameters to the origin, and doesn't cache based on query string parameters.For more information, see Configuring CloudFront to Cache Based on Query String Parameters in the Amazon CloudFront Developer Guide. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_QueryString |
LIVE
stage to associate them with a cache behavior. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_FunctionAssociations_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_FunctionAssociations_Quantity |
Location
element for each country in which you want CloudFront either to distribute your content (whitelist
) or not distribute your content (blacklist
).The Location
element is a two-letter, uppercase country code for a country that you want to include in your blacklist
or whitelist
. Include one Location
element for each country.CloudFront and MaxMind
both use ISO 3166
country codes. For the current list of countries and the corresponding codes, see ISO 3166-1-alpha-2
code on the International Organization for Standardization website. You can also refer to the country list on the CloudFront console, which includes both country names and codes. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Restrictions_GeoRestriction_Items |
enabled
, this is the number of countries in your whitelist
or blacklist
. Otherwise, when it is not enabled, Quantity
is 0
, and you can omit Items
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Restrictions_GeoRestriction_Quantity |
none
: No geo restriction is enabled, meaning access to content is not restricted by client geo location.blacklist
: The Location
elements specify the countries in which you don't want CloudFront to distribute your content.whitelist
: The Location
elements specify the countries in which you want CloudFront to distribute your content.Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Restrictions_GeoRestriction_RestrictionType |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_Headers_Items |
Items
list. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_Headers_Quantity |
LambdaFunctionAssociation
items for this cache behavior. If Quantity
is 0
, you can omit Items
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_LambdaFunctionAssociations_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_LambdaFunctionAssociations_Quantity |
myawslogbucket.s3.amazonaws.com
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Logging_Bucket |
false
for Enabled
, and specify empty Bucket
and Prefix
elements. If you specify false
for Enabled
but you specify values for Bucket
, prefix
, and IncludeCookies
, the values are automatically deleted. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Logging_Enabled |
true
for IncludeCookies
. If you choose to include cookies in logs, CloudFront logs all cookies regardless of how you configure the cache behaviors for this distribution. If you don't want to include cookies when you create a distribution or if you want to disable include cookies for an existing distribution, specify false
for IncludeCookies
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Logging_IncludeCookies |
filenames
for this distribution, for example, myprefix/
. If you want to enable logging, but you don't want to specify a prefix, you still must include an empty Prefix
element in the Logging
element. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Logging_Prefix |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_OriginGroups_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_OriginGroups_Quantity |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Origins_Items |
Required? | True |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_Origins_Quantity |
Quantity
is 0, you can omit Items
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_QueryStringCacheKeys_Items |
whitelisted
query string parameters for a cache behavior. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_QueryStringCacheKeys_Quantity |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
true
if any of the key groups in the list have public keys that CloudFront can use to verify the signatures of signed URLs and signed cookies. If not, this field is false
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TrustedKeyGroups_Enabled |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TrustedKeyGroups_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TrustedKeyGroups_Quantity |
true
if any of the Amazon Web Services accounts in the list are configured as trusted signers. If not, this field is false
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TrustedSigners_Enabled |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TrustedSigners_Items |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_TrustedSigners_Quantity |
Aliases
(alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in Certificate Manager (ACM), provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region (us-east-1
).If you specify an ACM certificate ARN, you must also specify values for MinimumProtocolVersion
and SSLSupportMethod
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_ACMCertificateArn |
ACMCertificateArn
IAMCertificateId
CloudFrontDefaultCertificate
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_Certificate |
ACMCertificateArn
IAMCertificateId
CloudFrontDefaultCertificate
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_CertificateSource |
d111111abcdef8.cloudfront.net
, set this field to true
.If the distribution uses Aliases
(alternate domain names or CNAMEs), set this field to false
and specify values for the following fields:ACMCertificateArn
or IAMCertificateId
(specify a value for one, not both)MinimumProtocolVersion
SSLSupportMethod
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_CloudFrontDefaultCertificate |
Aliases
(alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in Identity and Access Management (IAM), provide the ID of the IAM certificate.If you specify an IAM certificate ID, you must also specify values for MinimumProtocolVersion
and SSLSupportMethod
. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_IAMCertificateId |
Aliases
(alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:SSLSupportMethod
to sni-only
), you must specify TLSv1
or higher.If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net
(you set CloudFrontDefaultCertificate
to true
), CloudFront automatically sets the security policy to TLSv1
regardless of the value that you set here. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_MinimumProtocolVersion |
Aliases
(alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.sni-only
– The distribution accepts HTTPS connections from only viewers that support server name indication (SNI). This is recommended. Most browsers and clients support SNI.vip
– The distribution accepts HTTPS connections from all viewers including those that don't support SNI. This is not recommended, and results in additional monthly charges from CloudFront.static-ip
- Do not specify this value unless your distribution has been enabled for this feature by the CloudFront team. If you have a use case that requires static IP addresses for a distribution, contact CloudFront through the Amazon Web Services Support Center.d111111abcdef8.cloudfront.net
, don't set a value for this field. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_ViewerCertificate_SSLSupportMethod |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_Cookies_WhitelistedNames_Items |
Items
list. Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | DistributionConfig_DefaultCacheBehavior_ForwardedValues_Cookies_WhitelistedNames_Quantity |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AK |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByValue, ByPropertyName) |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | AWSProfilesLocation, ProfilesLocation |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | StoredCredentials, AWSProfileName |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | RegionToCall |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | SK, SecretAccessKey |
Required? | False |
Position? | Named |
Accept pipeline input? | True (ByPropertyName) |
Aliases | ST |
$origin = New-Object Amazon.CloudFront.Model.Origin
$origin.DomainName = "ps-cmdlet-sample.s3.amazonaws.com"
$origin.Id = "UniqueOrigin1"
$origin.S3OriginConfig = New-Object Amazon.CloudFront.Model.S3OriginConfig
$origin.S3OriginConfig.OriginAccessIdentity = ""
New-CFDistribution `
-DistributionConfig_Enabled $true `
-DistributionConfig_Comment "Test distribution" `
-Origins_Item $origin `
-Origins_Quantity 1 `
-Logging_Enabled $true `
-Logging_IncludeCookie $true `
-Logging_Bucket ps-cmdlet-sample-logging.s3.amazonaws.com `
-Logging_Prefix "help/" `
-DistributionConfig_CallerReference Client1 `
-DistributionConfig_DefaultRootObject index.html `
-DefaultCacheBehavior_TargetOriginId $origin.Id `
-ForwardedValues_QueryString $true `
-Cookies_Forward all `
-WhitelistedNames_Quantity 0 `
-TrustedSigners_Enabled $false `
-TrustedSigners_Quantity 0 `
-DefaultCacheBehavior_ViewerProtocolPolicy allow-all `
-DefaultCacheBehavior_MinTTL 1000 `
-DistributionConfig_PriceClass "PriceClass_All" `
-CacheBehaviors_Quantity 0 `
-Aliases_Quantity 0
Creates a basic CloudFront distribution, configured with logging and caching.
AWS Tools for PowerShell: 2.x.y.z