@pulumi/aws

import * as pulumi from "@pulumi/pulumi"; import * as inputs from "../types/input"; import * as outputs from "../types/output"; /** * Creates an Amazon CloudFront web distribution. * * For information about CloudFront distributions, see the [Amazon CloudFront Developer Guide](http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html). For specific information about creating CloudFront web distributions, see the [POST Distribution](https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html) page in the Amazon CloudFront API Reference. * * > **NOTE:** CloudFront distributions take about 15 minutes to reach a deployed state after creation or modification. During this time, deletes to resources will be blocked. If you need to delete a distribution that is enabled and you do not want to wait, you need to use the `retainOnDelete` flag. * * ## Example Usage * * ### S3 Origin * * The example below creates a CloudFront distribution with an S3 origin. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const b = new aws.s3.Bucket("b", { * bucket: "mybucket", * tags: { * Name: "My bucket", * }, * }); * const s3OriginId = "myS3Origin"; * const myDomain = "mydomain.com"; * const myDomainGetCertificate = aws.acm.getCertificate({ * region: "us-east-1", * domain: `*.${myDomain}`, * statuses: ["ISSUED"], * }); * const _default = new aws.cloudfront.OriginAccessControl("default", { * name: "default-oac", * originAccessControlOriginType: "s3", * signingBehavior: "always", * signingProtocol: "sigv4", * }); * const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", { * origins: [{ * domainName: b.bucketRegionalDomainName, * originAccessControlId: _default.id, * originId: s3OriginId, * }], * enabled: true, * isIpv6Enabled: true, * comment: "Some comment", * defaultRootObject: "index.html", * aliases: [ * `mysite.${myDomain}`, * `yoursite.${myDomain}`, * ], * defaultCacheBehavior: { * allowedMethods: [ * "DELETE", * "GET", * "HEAD", * "OPTIONS", * "PATCH", * "POST", * "PUT", * ], * cachedMethods: [ * "GET", * "HEAD", * ], * targetOriginId: s3OriginId, * forwardedValues: { * queryString: false, * cookies: { * forward: "none", * }, * }, * viewerProtocolPolicy: "allow-all", * minTtl: 0, * defaultTtl: 3600, * maxTtl: 86400, * }, * orderedCacheBehaviors: [ * { * pathPattern: "/content/immutable/*", * allowedMethods: [ * "GET", * "HEAD", * "OPTIONS", * ], * cachedMethods: [ * "GET", * "HEAD", * "OPTIONS", * ], * targetOriginId: s3OriginId, * forwardedValues: { * queryString: false, * headers: ["Origin"], * cookies: { * forward: "none", * }, * }, * minTtl: 0, * defaultTtl: 86400, * maxTtl: 31536000, * compress: true, * viewerProtocolPolicy: "redirect-to-https", * }, * { * pathPattern: "/content/*", * allowedMethods: [ * "GET", * "HEAD", * "OPTIONS", * ], * cachedMethods: [ * "GET", * "HEAD", * ], * targetOriginId: s3OriginId, * forwardedValues: { * queryString: false, * cookies: { * forward: "none", * }, * }, * minTtl: 0, * defaultTtl: 3600, * maxTtl: 86400, * compress: true, * viewerProtocolPolicy: "redirect-to-https", * }, * ], * priceClass: "PriceClass_200", * restrictions: { * geoRestriction: { * restrictionType: "whitelist", * locations: [ * "US", * "CA", * "GB", * "DE", * ], * }, * }, * tags: { * Environment: "production", * }, * viewerCertificate: { * acmCertificateArn: myDomainGetCertificate.then(myDomainGetCertificate => myDomainGetCertificate.arn), * sslSupportMethod: "sni-only", * }, * }); * // See https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html * const originBucketPolicy = aws.iam.getPolicyDocumentOutput({ * statements: [{ * sid: "AllowCloudFrontServicePrincipalReadWrite", * effect: "Allow", * principals: [{ * type: "Service", * identifiers: ["cloudfront.amazonaws.com"], * }], * actions: [ * "s3:GetObject", * "s3:PutObject", * ], * resources: [pulumi.interpolate`${b.arn}/*`], * conditions: [{ * test: "StringEquals", * variable: "AWS:SourceArn", * values: [s3Distribution.arn], * }], * }], * }); * const bBucketPolicy = new aws.s3.BucketPolicy("b", { * bucket: b.bucket, * policy: originBucketPolicy.apply(originBucketPolicy => originBucketPolicy.json), * }); * // Create Route53 records for the CloudFront distribution aliases * const myDomainGetZone = aws.route53.getZone({ * name: myDomain, * }); * const cloudfront: aws.route53.Record[] = []; * s3Distribution.aliases.apply(rangeBody => { * for (const range of rangeBody.map((v, k) => ({key: k, value: v}))) { * cloudfront.push(new aws.route53.Record(`cloudfront-${range.key}`, { * zoneId: myDomainGetZone.then(myDomainGetZone => myDomainGetZone.zoneId), * name: range.value, * type: aws.route53.RecordType.A, * aliases: [{ * name: s3Distribution.domainName, * zoneId: s3Distribution.hostedZoneId, * evaluateTargetHealth: false, * }], * })); * } * }); * ``` * * ### With Failover Routing * * The example below creates a CloudFront distribution with an origin group for failover routing. * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", { * originGroups: [{ * originId: "groupS3", * failoverCriteria: { * statusCodes: [ * 403, * 404, * 500, * 502, * ], * }, * members: [ * { * originId: "primaryS3", * }, * { * originId: "failoverS3", * }, * ], * }], * origins: [ * { * domainName: primary.bucketRegionalDomainName, * originId: "primaryS3", * s3OriginConfig: { * originAccessIdentity: _default.cloudfrontAccessIdentityPath, * }, * }, * { * domainName: failover.bucketRegionalDomainName, * originId: "failoverS3", * s3OriginConfig: { * originAccessIdentity: _default.cloudfrontAccessIdentityPath, * }, * }, * ], * defaultCacheBehavior: { * targetOriginId: "groupS3", * }, * }); * ``` * * ### With Managed Caching Policy * * The example below creates a CloudFront distribution with an [AWS managed caching policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html). * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const s3OriginId = "myS3Origin"; * const s3Distribution = new aws.cloudfront.Distribution("s3_distribution", { * origins: [{ * domainName: primary.bucketRegionalDomainName, * originId: "myS3Origin", * s3OriginConfig: { * originAccessIdentity: _default.cloudfrontAccessIdentityPath, * }, * }], * enabled: true, * isIpv6Enabled: true, * comment: "Some comment", * defaultRootObject: "index.html", * defaultCacheBehavior: { * cachePolicyId: "4135ea2d-6df8-44a3-9df3-4b5a84be39ad", * allowedMethods: [ * "GET", * "HEAD", * "OPTIONS", * ], * cachedMethods: [ * "GET", * "HEAD", * ], * targetOriginId: s3OriginId, * viewerProtocolPolicy: "allow-all", * }, * restrictions: { * geoRestriction: { * restrictionType: "whitelist", * locations: [ * "US", * "CA", * "GB", * "DE", * ], * }, * }, * viewerCertificate: { * cloudfrontDefaultCertificate: true, * }, * }); * ``` * * ### With V2 logging to S3 * * The example below creates a CloudFront distribution with [standard logging V2 to S3](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/standard-logging.html#enable-access-logging-api). * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.cloudfront.Distribution("example", {}); * const exampleLogDeliverySource = new aws.cloudwatch.LogDeliverySource("example", { * region: "us-east-1", * name: "example", * logType: "ACCESS_LOGS", * resourceArn: example.arn, * }); * const exampleBucket = new aws.s3.Bucket("example", { * bucket: "testbucket", * forceDestroy: true, * }); * const exampleLogDeliveryDestination = new aws.cloudwatch.LogDeliveryDestination("example", { * region: "us-east-1", * name: "s3-destination", * outputFormat: "parquet", * deliveryDestinationConfiguration: { * destinationResourceArn: pulumi.interpolate`${exampleBucket.arn}/prefix`, * }, * }); * const exampleLogDelivery = new aws.cloudwatch.LogDelivery("example", { * region: "us-east-1", * deliverySourceName: exampleLogDeliverySource.name, * deliveryDestinationArn: exampleLogDeliveryDestination.arn, * s3DeliveryConfigurations: [{ * suffixPath: "/123456678910/{DistributionId}/{yyyy}/{MM}/{dd}/{HH}", * }], * }); * ``` * * ### With V2 logging to Data Firehose * * The example below creates a CloudFront distribution with [standard logging V2 to Data Firehose](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/standard-logging.html#enable-access-logging-api). * * ```typescript * import * as pulumi from "@pulumi/pulumi"; * import * as aws from "@pulumi/aws"; * * const example = new aws.cloudfront.Distribution("example", {}); * const cloudfrontLogs = new aws.kinesis.FirehoseDeliveryStream("cloudfront_logs", { * region: "us-east-1", * tags: { * LogDeliveryEnabled: "true", * }, * }); * const exampleLogDeliverySource = new aws.cloudwatch.LogDeliverySource("example", { * region: "us-east-1", * name: "cloudfront-logs-source", * logType: "ACCESS_LOGS", * resourceArn: example.arn, * }); * const exampleLogDeliveryDestination = new aws.cloudwatch.LogDeliveryDestination("example", { * region: "us-east-1", * name: "firehose-destination", * outputFormat: "json", * deliveryDestinationConfiguration: { * destinationResourceArn: cloudfrontLogs.arn, * }, * }); * const exampleLogDelivery = new aws.cloudwatch.LogDelivery("example", { * region: "us-east-1", * deliverySourceName: exampleLogDeliverySource.name, * deliveryDestinationArn: exampleLogDeliveryDestination.arn, * }); * ``` * * ## Import * * Using `pulumi import`, import CloudFront Distributions using the `id`. For example: * * ```sh * $ pulumi import aws:cloudfront/distribution:Distribution distribution E74FTE3EXAMPLE * ``` */ export declare class Distribution extends pulumi.CustomResource { /** * Get an existing Distribution resource's state with the given name, ID, and optional extra * properties used to qualify the lookup. * * @param name The _unique_ name of the resulting resource. * @param id The _unique_ provider ID of the resource to lookup. * @param state Any extra arguments used during the lookup. * @param opts Optional settings to control the behavior of the CustomResource. */ static get(name: string, id: pulumi.Input<pulumi.ID>, state?: DistributionState, opts?: pulumi.CustomResourceOptions): Distribution; /** * Returns true if the given object is an instance of Distribution. This is designed to work even * when multiple copies of the Pulumi SDK have been loaded into the same process. */ static isInstance(obj: any): obj is Distribution; /** * Extra CNAMEs (alternate domain names), if any, for this distribution. */ readonly aliases: pulumi.Output<string[] | undefined>; /** * ID of the Anycast static IP list that is associated with the distribution. */ readonly anycastIpListId: pulumi.Output<string | undefined>; /** * ARN for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID. */ readonly arn: pulumi.Output<string>; /** * Internal value used by CloudFront to allow future updates to the distribution configuration. */ readonly callerReference: pulumi.Output<string>; /** * Any comments you want to include about the distribution. */ readonly comment: pulumi.Output<string | undefined>; /** * Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the `aws.cloudfront.ContinuousDeploymentPolicy` resource for additional details. */ readonly continuousDeploymentPolicyId: pulumi.Output<string>; /** * One or more custom error response elements (multiples allowed). */ readonly customErrorResponses: pulumi.Output<outputs.cloudfront.DistributionCustomErrorResponse[] | undefined>; /** * Default cache behavior for this distribution (maximum one). Requires either `cachePolicyId` (preferred) or `forwardedValues` (deprecated) be set. */ readonly defaultCacheBehavior: pulumi.Output<outputs.cloudfront.DistributionDefaultCacheBehavior>; /** * Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. */ readonly defaultRootObject: pulumi.Output<string | undefined>; /** * Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`. */ readonly domainName: pulumi.Output<string>; /** * Whether the distribution is enabled to accept end user requests for content. */ readonly enabled: pulumi.Output<boolean>; /** * Current version of the distribution's information. For example: `E2QWRUHAPOMQZL`. */ readonly etag: pulumi.Output<string>; /** * CloudFront Route 53 zone ID that can be used to route an [Alias Resource Record Set](http://docs.aws.amazon.com/Route53/latest/APIReference/CreateAliasRRSAPI.html) to. This attribute is simply an alias for the zone ID `Z2FDTNDATAQYW2`. */ readonly hostedZoneId: pulumi.Output<string>; /** * Maximum HTTP version to support on the distribution. Allowed values are `http1.1`, `http2`, `http2and3` and `http3`. The default is `http2`. */ readonly httpVersion: pulumi.Output<string | undefined>; /** * Number of invalidation batches currently in progress. */ readonly inProgressValidationBatches: pulumi.Output<number>; /** * Whether the IPv6 is enabled for the distribution. */ readonly isIpv6Enabled: pulumi.Output<boolean | undefined>; /** * Date and time the distribution was last modified. */ readonly lastModifiedTime: pulumi.Output<string>; /** * The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs. */ readonly loggingConfig: pulumi.Output<outputs.cloudfront.DistributionLoggingConfig | undefined>; /** * Whether V1 logging is enabled for the distribution. */ readonly loggingV1Enabled: pulumi.Output<boolean>; /** * Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. */ readonly orderedCacheBehaviors: pulumi.Output<outputs.cloudfront.DistributionOrderedCacheBehavior[] | undefined>; /** * One or more originGroup for this distribution (multiples allowed). */ readonly originGroups: pulumi.Output<outputs.cloudfront.DistributionOriginGroup[] | undefined>; /** * One or more origins for this distribution (multiples allowed). */ readonly origins: pulumi.Output<outputs.cloudfront.DistributionOrigin[]>; /** * Price class for this distribution. One of `PriceClass_All`, `PriceClass_200`, `PriceClass_100`. */ readonly priceClass: pulumi.Output<string | undefined>; /** * The restriction configuration for this distribution (maximum one). */ readonly restrictions: pulumi.Output<outputs.cloudfront.DistributionRestrictions>; /** * Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default: `false`. */ readonly retainOnDelete: pulumi.Output<boolean | undefined>; /** * A Boolean that indicates whether this is a staging distribution. Defaults to `false`. */ readonly staging: pulumi.Output<boolean | undefined>; /** * Current status of the distribution. `Deployed` if the distribution's information is fully propagated throughout the Amazon CloudFront system. */ readonly status: pulumi.Output<string>; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ readonly tags: pulumi.Output<{ [key: string]: string; } | undefined>; /** * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. */ readonly tagsAll: pulumi.Output<{ [key: string]: string; }>; /** * List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs. */ readonly trustedKeyGroups: pulumi.Output<outputs.cloudfront.DistributionTrustedKeyGroup[]>; /** * List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs. */ readonly trustedSigners: pulumi.Output<outputs.cloudfront.DistributionTrustedSigner[]>; /** * The SSL configuration for this distribution (maximum one). */ readonly viewerCertificate: pulumi.Output<outputs.cloudfront.DistributionViewerCertificate>; /** * If enabled, the resource will wait for the distribution status to change from `InProgress` to `Deployed`. Setting this to`false` will skip the process. Default: `true`. */ readonly waitForDeployment: pulumi.Output<boolean | undefined>; /** * Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example `aws_wafv2_web_acl.example.arn`. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `aws_waf_web_acl.example.id`. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must have `waf:GetWebACL` permissions assigned. */ readonly webAclId: pulumi.Output<string | undefined>; /** * Create a Distribution resource with the given unique name, arguments, and options. * * @param name The _unique_ name of the resource. * @param args The arguments to use to populate this resource's properties. * @param opts A bag of options that control this resource's behavior. */ constructor(name: string, args: DistributionArgs, opts?: pulumi.CustomResourceOptions); } /** * Input properties used for looking up and filtering Distribution resources. */ export interface DistributionState { /** * Extra CNAMEs (alternate domain names), if any, for this distribution. */ aliases?: pulumi.Input<pulumi.Input<string>[]>; /** * ID of the Anycast static IP list that is associated with the distribution. */ anycastIpListId?: pulumi.Input<string>; /** * ARN for the distribution. For example: `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`, where `123456789012` is your AWS account ID. */ arn?: pulumi.Input<string>; /** * Internal value used by CloudFront to allow future updates to the distribution configuration. */ callerReference?: pulumi.Input<string>; /** * Any comments you want to include about the distribution. */ comment?: pulumi.Input<string>; /** * Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the `aws.cloudfront.ContinuousDeploymentPolicy` resource for additional details. */ continuousDeploymentPolicyId?: pulumi.Input<string>; /** * One or more custom error response elements (multiples allowed). */ customErrorResponses?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionCustomErrorResponse>[]>; /** * Default cache behavior for this distribution (maximum one). Requires either `cachePolicyId` (preferred) or `forwardedValues` (deprecated) be set. */ defaultCacheBehavior?: pulumi.Input<inputs.cloudfront.DistributionDefaultCacheBehavior>; /** * Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. */ defaultRootObject?: pulumi.Input<string>; /** * Domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`. */ domainName?: pulumi.Input<string>; /** * Whether the distribution is enabled to accept end user requests for content. */ enabled?: pulumi.Input<boolean>; /** * Current version of the distribution's information. For example: `E2QWRUHAPOMQZL`. */ etag?: pulumi.Input<string>; /** * CloudFront Route 53 zone ID that can be used to route an [Alias Resource Record Set](http://docs.aws.amazon.com/Route53/latest/APIReference/CreateAliasRRSAPI.html) to. This attribute is simply an alias for the zone ID `Z2FDTNDATAQYW2`. */ hostedZoneId?: pulumi.Input<string>; /** * Maximum HTTP version to support on the distribution. Allowed values are `http1.1`, `http2`, `http2and3` and `http3`. The default is `http2`. */ httpVersion?: pulumi.Input<string>; /** * Number of invalidation batches currently in progress. */ inProgressValidationBatches?: pulumi.Input<number>; /** * Whether the IPv6 is enabled for the distribution. */ isIpv6Enabled?: pulumi.Input<boolean>; /** * Date and time the distribution was last modified. */ lastModifiedTime?: pulumi.Input<string>; /** * The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs. */ loggingConfig?: pulumi.Input<inputs.cloudfront.DistributionLoggingConfig>; /** * Whether V1 logging is enabled for the distribution. */ loggingV1Enabled?: pulumi.Input<boolean>; /** * Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. */ orderedCacheBehaviors?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionOrderedCacheBehavior>[]>; /** * One or more originGroup for this distribution (multiples allowed). */ originGroups?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionOriginGroup>[]>; /** * One or more origins for this distribution (multiples allowed). */ origins?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionOrigin>[]>; /** * Price class for this distribution. One of `PriceClass_All`, `PriceClass_200`, `PriceClass_100`. */ priceClass?: pulumi.Input<string>; /** * The restriction configuration for this distribution (maximum one). */ restrictions?: pulumi.Input<inputs.cloudfront.DistributionRestrictions>; /** * Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default: `false`. */ retainOnDelete?: pulumi.Input<boolean>; /** * A Boolean that indicates whether this is a staging distribution. Defaults to `false`. */ staging?: pulumi.Input<boolean>; /** * Current status of the distribution. `Deployed` if the distribution's information is fully propagated throughout the Amazon CloudFront system. */ status?: pulumi.Input<string>; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * Map of tags assigned to the resource, including those inherited from the provider `defaultTags` configuration block. */ tagsAll?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * List of nested attributes for active trusted key groups, if the distribution is set up to serve private content with signed URLs. */ trustedKeyGroups?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionTrustedKeyGroup>[]>; /** * List of nested attributes for active trusted signers, if the distribution is set up to serve private content with signed URLs. */ trustedSigners?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionTrustedSigner>[]>; /** * The SSL configuration for this distribution (maximum one). */ viewerCertificate?: pulumi.Input<inputs.cloudfront.DistributionViewerCertificate>; /** * If enabled, the resource will wait for the distribution status to change from `InProgress` to `Deployed`. Setting this to`false` will skip the process. Default: `true`. */ waitForDeployment?: pulumi.Input<boolean>; /** * Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example `aws_wafv2_web_acl.example.arn`. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `aws_waf_web_acl.example.id`. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must have `waf:GetWebACL` permissions assigned. */ webAclId?: pulumi.Input<string>; } /** * The set of arguments for constructing a Distribution resource. */ export interface DistributionArgs { /** * Extra CNAMEs (alternate domain names), if any, for this distribution. */ aliases?: pulumi.Input<pulumi.Input<string>[]>; /** * ID of the Anycast static IP list that is associated with the distribution. */ anycastIpListId?: pulumi.Input<string>; /** * Any comments you want to include about the distribution. */ comment?: pulumi.Input<string>; /** * Identifier of a continuous deployment policy. This argument should only be set on a production distribution. See the `aws.cloudfront.ContinuousDeploymentPolicy` resource for additional details. */ continuousDeploymentPolicyId?: pulumi.Input<string>; /** * One or more custom error response elements (multiples allowed). */ customErrorResponses?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionCustomErrorResponse>[]>; /** * Default cache behavior for this distribution (maximum one). Requires either `cachePolicyId` (preferred) or `forwardedValues` (deprecated) be set. */ defaultCacheBehavior: pulumi.Input<inputs.cloudfront.DistributionDefaultCacheBehavior>; /** * Object that you want CloudFront to return (for example, index.html) when an end user requests the root URL. */ defaultRootObject?: pulumi.Input<string>; /** * Whether the distribution is enabled to accept end user requests for content. */ enabled: pulumi.Input<boolean>; /** * Maximum HTTP version to support on the distribution. Allowed values are `http1.1`, `http2`, `http2and3` and `http3`. The default is `http2`. */ httpVersion?: pulumi.Input<string>; /** * Whether the IPv6 is enabled for the distribution. */ isIpv6Enabled?: pulumi.Input<boolean>; /** * The logging configuration that controls how logs are written to your distribution (maximum one). AWS provides two versions of access logs for CloudFront: Legacy and v2. This argument configures legacy version standard logs. */ loggingConfig?: pulumi.Input<inputs.cloudfront.DistributionLoggingConfig>; /** * Ordered list of cache behaviors resource for this distribution. List from top to bottom in order of precedence. The topmost cache behavior will have precedence 0. */ orderedCacheBehaviors?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionOrderedCacheBehavior>[]>; /** * One or more originGroup for this distribution (multiples allowed). */ originGroups?: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionOriginGroup>[]>; /** * One or more origins for this distribution (multiples allowed). */ origins: pulumi.Input<pulumi.Input<inputs.cloudfront.DistributionOrigin>[]>; /** * Price class for this distribution. One of `PriceClass_All`, `PriceClass_200`, `PriceClass_100`. */ priceClass?: pulumi.Input<string>; /** * The restriction configuration for this distribution (maximum one). */ restrictions: pulumi.Input<inputs.cloudfront.DistributionRestrictions>; /** * Disables the distribution instead of deleting it when destroying the resource through the provider. If this is set, the distribution needs to be deleted manually afterwards. Default: `false`. */ retainOnDelete?: pulumi.Input<boolean>; /** * A Boolean that indicates whether this is a staging distribution. Defaults to `false`. */ staging?: pulumi.Input<boolean>; /** * A map of tags to assign to the resource. If configured with a provider `defaultTags` configuration block present, tags with matching keys will overwrite those defined at the provider-level. */ tags?: pulumi.Input<{ [key: string]: pulumi.Input<string>; }>; /** * The SSL configuration for this distribution (maximum one). */ viewerCertificate: pulumi.Input<inputs.cloudfront.DistributionViewerCertificate>; /** * If enabled, the resource will wait for the distribution status to change from `InProgress` to `Deployed`. Setting this to`false` will skip the process. Default: `true`. */ waitForDeployment?: pulumi.Input<boolean>; /** * Unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF (WAFv2), use the ACL ARN, for example `aws_wafv2_web_acl.example.arn`. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `aws_waf_web_acl.example.id`. The WAF Web ACL must exist in the WAF Global (CloudFront) region and the credentials configuring this argument must have `waf:GetWebACL` permissions assigned. */ webAclId?: pulumi.Input<string>; }