aws-sdk-cloudfront 1.118.0 → 1.123.0

data/lib/aws-sdk-cloudfront/client.rb

@@ -95,7 +95,7 @@ module Aws::CloudFront
     #     class name or an instance of a plugin class.
     #
     #   @option options [required, Aws::CredentialProvider] :credentials
-    #     Your AWS credentials. This can be an instance of any one of the
+    #     Your AWS credentials used for authentication. This can be an instance of any one of the
     #     following classes:
     #
     #     * `Aws::Credentials` - Used for configuring static, non-refreshing
@@ -128,18 +128,23 @@ module Aws::CloudFront
     #     locations will be searched for credentials:
     #
     #     * `Aws.config[:credentials]`
+    #
     #     * The `:access_key_id`, `:secret_access_key`, `:session_token`, and
     #       `:account_id` options.
-    #     * ENV['AWS_ACCESS_KEY_ID'], ENV['AWS_SECRET_ACCESS_KEY'],
-    #       ENV['AWS_SESSION_TOKEN'], and ENV['AWS_ACCOUNT_ID']
+    #
+    #     * `ENV['AWS_ACCESS_KEY_ID']`, `ENV['AWS_SECRET_ACCESS_KEY']`,
+    #       `ENV['AWS_SESSION_TOKEN']`, and `ENV['AWS_ACCOUNT_ID']`.
+    #
     #     * `~/.aws/credentials`
+    #
     #     * `~/.aws/config`
+    #
     #     * EC2/ECS IMDS instance profile - When used by default, the timeouts
     #       are very aggressive. Construct and pass an instance of
     #       `Aws::InstanceProfileCredentials` or `Aws::ECSCredentials` to
     #       enable retries and extended timeouts. Instance profile credential
-    #       fetching can be disabled by setting ENV['AWS_EC2_METADATA_DISABLED']
-    #       to true.
+    #       fetching can be disabled by setting `ENV['AWS_EC2_METADATA_DISABLED']`
+    #       to `true`.
     #
     #   @option options [required, String] :region
     #     The AWS region to connect to.  The configured `:region` is
@@ -167,6 +172,11 @@ module Aws::CloudFront
     #     When false, the request will raise a `RetryCapacityNotAvailableError` and will
     #     not retry instead of sleeping.
     #
+    #   @option options [Array<String>] :auth_scheme_preference
+    #     A list of preferred authentication schemes to use when making a request. Supported values are:
+    #     `sigv4`, `sigv4a`, `httpBearerAuth`, and `noAuth`. When set using `ENV['AWS_AUTH_SCHEME_PREFERENCE']` or in
+    #     shared config as `auth_scheme_preference`, the value should be a comma-separated list.
+    #
     #   @option options [Boolean] :client_side_monitoring (false)
     #     When `true`, client-side metrics will be collected for all API requests from
     #     this client.
@@ -253,8 +263,8 @@ module Aws::CloudFront
     #     4 times. Used in `standard` and `adaptive` retry modes.
     #
     #   @option options [String] :profile ("default")
-    #     Used when loading credentials from the shared credentials file
-    #     at HOME/.aws/credentials.  When not specified, 'default' is used.
+    #     Used when loading credentials from the shared credentials file at `HOME/.aws/credentials`.
+    #     When not specified, 'default' is used.
     #
     #   @option options [String] :request_checksum_calculation ("when_supported")
     #     Determines when a checksum will be calculated for request payloads. Values are:
@@ -367,7 +377,7 @@ module Aws::CloudFront
     #     `Aws::Telemetry::OTelProvider` for telemetry provider.
     #
     #   @option options [Aws::TokenProvider] :token_provider
-    #     A Bearer Token Provider. This can be an instance of any one of the
+    #     Your Bearer token used for authentication. This can be an instance of any one of the
     #     following classes:
     #
     #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
@@ -469,31 +479,45 @@ module Aws::CloudFront
 
     # @!group API Operations
 
-    # Associates an alias (also known as a CNAME or an alternate domain
-    # name) with a CloudFront distribution.
+    # <note markdown="1"> The `AssociateAlias` API operation only supports
+    # standard
+    # distributions. To move domains between distribution tenants and/or
+    # standard distributions, we recommend that you use the
+    # [UpdateDomainAssociation][1] API operation instead.
+    #
+    #  </note>
     #
-    # With this operation you can move an alias that's already in use on a
-    # CloudFront distribution to a different distribution in one step. This
+    #  Associates an alias with a CloudFront standard distribution. An alias
+    # is commonly known as a custom domain or vanity domain. It can also be
+    # called a CNAME or alternate domain name.
+    #
+    #  With this operation, you can move an alias that's already used for a
+    # standard distribution to a different standard distribution. This
     # prevents the downtime that could occur if you first remove the alias
-    # from one distribution and then separately add the alias to another
-    # distribution.
+    # from one standard distribution and then separately add the alias to
+    # another standard distribution.
     #
-    # To use this operation to associate an alias with a distribution, you
-    # provide the alias and the ID of the target distribution for the alias.
-    # For more information, including how to set up the target distribution,
-    # prerequisites that you must complete, and other restrictions, see
-    # [Moving an alternate domain name to a different distribution][1] in
-    # the *Amazon CloudFront Developer Guide*.
+    #  To use this operation, specify the alias and the ID of the target
+    # standard distribution.
     #
+    #  For more information, including how to set up the target standard
+    # distribution, prerequisites that you must complete, and other
+    # restrictions, see [Moving an alternate domain name to a different
+    # standard distribution or distribution tenant][2] in the *Amazon
+    # CloudFront Developer Guide*.
     #
     #
-    # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-move
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDomainAssociation.html
+    # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-move
     #
     # @option params [required, String] :target_distribution_id
-    #   The ID of the distribution that you're associating the alias with.
+    #   The ID of the standard distribution that you're associating the alias
+    #   with.
     #
     # @option params [required, String] :alias
-    #   The alias (also known as a CNAME) to add to the target distribution.
+    #   The alias (also known as a CNAME) to add to the target standard
+    #   distribution.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
     #
@@ -699,6 +723,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -712,6 +737,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -940,6 +966,11 @@ module Aws::CloudFront
     # * The default, minimum, and maximum time to live (TTL) values that you
     #   want objects to stay in the CloudFront cache.
     #
+    #   If your minimum TTL is greater than 0, CloudFront will cache content
+    #   for at least the duration specified in the cache policy's minimum
+    #   TTL, even if the `Cache-Control: no-cache`, `no-store`, or `private`
+    #   directives are present in the origin headers.
+    #
     # The headers, cookies, and query strings that are included in the cache
     # key are also included in requests that CloudFront sends to the origin.
     # CloudFront sends a request when it can't find an object in its cache
@@ -1269,6 +1300,7 @@ module Aws::CloudFront
     #             },
     #             s3_origin_config: {
     #               origin_access_identity: "string", # required
+    #               origin_read_timeout: 1,
     #             },
     #             custom_origin_config: {
     #               http_port: 1, # required
@@ -1288,6 +1320,7 @@ module Aws::CloudFront
     #             },
     #             connection_attempts: 1,
     #             connection_timeout: 1,
+    #             response_completion_timeout: 1,
     #             origin_shield: {
     #               enabled: false, # required
     #               origin_shield_region: "OriginShieldRegion",
@@ -1491,7 +1524,7 @@ module Aws::CloudFront
     #       enabled: false, # required
     #       viewer_certificate: {
     #         cloud_front_default_certificate: false,
-    #         iam_certificate_id: "string",
+    #         iam_certificate_id: "ServerCertificateId",
     #         acm_certificate_arn: "string",
     #         ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
     #         minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
@@ -1517,7 +1550,7 @@ module Aws::CloudFront
     #             name: "ParameterName", # required
     #             definition: { # required
     #               string_schema: {
-    #                 comment: "string",
+    #                 comment: "sensitiveStringType",
     #                 default_value: "ParameterValue",
     #                 required: false, # required
     #               },
@@ -1566,6 +1599,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -1579,6 +1613,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -1922,6 +1957,7 @@ module Aws::CloudFront
     #               },
     #               s3_origin_config: {
     #                 origin_access_identity: "string", # required
+    #                 origin_read_timeout: 1,
     #               },
     #               custom_origin_config: {
     #                 http_port: 1, # required
@@ -1941,6 +1977,7 @@ module Aws::CloudFront
     #               },
     #               connection_attempts: 1,
     #               connection_timeout: 1,
+    #               response_completion_timeout: 1,
     #               origin_shield: {
     #                 enabled: false, # required
     #                 origin_shield_region: "OriginShieldRegion",
@@ -2144,7 +2181,7 @@ module Aws::CloudFront
     #         enabled: false, # required
     #         viewer_certificate: {
     #           cloud_front_default_certificate: false,
-    #           iam_certificate_id: "string",
+    #           iam_certificate_id: "ServerCertificateId",
     #           acm_certificate_arn: "string",
     #           ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
     #           minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
@@ -2170,7 +2207,7 @@ module Aws::CloudFront
     #               name: "ParameterName", # required
     #               definition: { # required
     #                 string_schema: {
-    #                   comment: "string",
+    #                   comment: "sensitiveStringType",
     #                   default_value: "ParameterValue",
     #                   required: false, # required
     #                 },
@@ -2228,6 +2265,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -2241,6 +2279,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -3999,7 +4038,7 @@ module Aws::CloudFront
     # @example Request syntax with placeholder values
     #
     #   resp = client.delete_function({
-    #     name: "string", # required
+    #     name: "FunctionName", # required
     #     if_match: "string", # required
     #   })
     #
@@ -4460,7 +4499,7 @@ module Aws::CloudFront
     # @example Request syntax with placeholder values
     #
     #   resp = client.describe_function({
-    #     name: "string", # required
+    #     name: "FunctionName", # required
     #     stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
     #   })
     #
@@ -5065,6 +5104,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -5078,6 +5118,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -5277,6 +5318,7 @@ module Aws::CloudFront
     #   resp.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -5290,6 +5332,7 @@ module Aws::CloudFront
     #   resp.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -5744,7 +5787,7 @@ module Aws::CloudFront
     # @example Request syntax with placeholder values
     #
     #   resp = client.get_function({
-    #     name: "string", # required
+    #     name: "FunctionName", # required
     #     stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
     #   })
     #
@@ -6834,44 +6877,54 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Gets a list of aliases (also called CNAMEs or alternate domain names)
-    # that conflict or overlap with the provided alias, and the associated
-    # CloudFront distributions and Amazon Web Services accounts for each
-    # conflicting alias. In the returned list, the distribution and account
-    # IDs are partially hidden, which allows you to identify the
-    # distributions and accounts that you own, but helps to protect the
+    # <note markdown="1"> The `ListConflictingAliases` API operation only
+    # supports standard
+    # distributions. To list domain conflicts for both standard
+    # distributions and distribution tenants, we recommend that you use the
+    # [ListDomainConflicts][1] API operation instead.
+    #
+    #  </note>
+    #
+    #  Gets a list of aliases that conflict or overlap with the provided
+    # alias, and the associated CloudFront standard distribution and Amazon
+    # Web Services accounts for each conflicting alias. An alias is commonly
+    # known as a custom domain or vanity domain. It can also be called a
+    # CNAME or alternate domain name.
+    #
+    #  In the returned list, the standard distribution and account IDs are
+    # partially hidden, which allows you to identify the standard
+    # distribution and accounts that you own, and helps to protect the
     # information of ones that you don't own.
     #
-    # Use this operation to find aliases that are in use in CloudFront that
+    #  Use this operation to find aliases that are in use in CloudFront that
     # conflict or overlap with the provided alias. For example, if you
     # provide `www.example.com` as input, the returned list can include
     # `www.example.com` and the overlapping wildcard alternate domain name
-    # (`*.example.com`), if they exist. If you provide `*.example.com` as
-    # input, the returned list can include `*.example.com` and any alternate
-    # domain names covered by that wildcard (for example, `www.example.com`,
-    # `test.example.com`, `dev.example.com`, and so on), if they exist.
-    #
-    # To list conflicting aliases, you provide the alias to search and the
-    # ID of a distribution in your account that has an attached SSL/TLS
-    # certificate that includes the provided alias. For more information,
-    # including how to set up the distribution and certificate, see [Moving
-    # an alternate domain name to a different distribution][1] in the
-    # *Amazon CloudFront Developer Guide*.
-    #
-    # You can optionally specify the maximum number of items to receive in
-    # the response. If the total number of items in the list exceeds the
-    # maximum that you specify, or the default maximum, the response is
-    # paginated. To get the next page of items, send a subsequent request
-    # that specifies the `NextMarker` value from the current response as the
-    # `Marker` value in the subsequent request.
-    #
-    #
-    #
-    # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-move
+    # (`.example.com</code>), if they exist. If you provide
+    # </em>.example.com as input, the returned list can include
+    # *.example.com and any alternate domain names covered by that wildcard
+    # (for example, www.example.com, test.example.com, dev.example.com, and
+    # so on), if they exist.</p> To list conflicting aliases, specify the
+    # alias to search and the ID of a standard distribution in your account
+    # that has an attached TLS certificate that includes the provided alias.
+    # For more information, including how to set up the standard
+    # distribution and certificate, see Moving an alternate domain name to a
+    # different standard distribution or distribution tenant in the Amazon
+    # CloudFront Developer Guide. You can optionally specify the maximum
+    # number of items to receive in the response. If the total number of
+    # items in the list exceeds the maximum that you specify, or the default
+    # maximum, the response is paginated. To get the next page of items,
+    # send a subsequent request that specifies the NextMarker value from the
+    # current response as the Marker value in the subsequent request.</p>
+    # `
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListDomainConflicts.html
     #
     # @option params [required, String] :distribution_id
-    #   The ID of a distribution in your account that has an attached SSL/TLS
-    #   certificate that includes the provided alias.
+    #   The ID of a standard distribution in your account that has an attached
+    #   TLS certificate that includes the provided alias.
     #
     # @option params [required, String] :alias
     #   The alias (also called a CNAME) to search for conflicting aliases.
@@ -7213,6 +7266,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -7226,6 +7280,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_attempts #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution_list.items[0].origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
@@ -7430,6 +7485,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -7443,6 +7499,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_attempts #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution_list.items[0].origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
@@ -7656,7 +7713,9 @@ module Aws::CloudFront
     #   The maximum number of distributions to return.
     #
     # @option params [required, String] :connection_mode
-    #   The connection mode to filter distributions by.
+    #   This field specifies whether the connection mode is through a standard
+    #   distribution (direct) or a multi-tenant distribution with distribution
+    #   tenants (tenant-only).
     #
     # @return [Types::ListDistributionsByConnectionModeResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -7699,6 +7758,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -7712,6 +7772,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_attempts #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution_list.items[0].origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
@@ -8044,6 +8105,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -8057,6 +8119,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_attempts #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution_list.items[0].origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
@@ -8391,6 +8454,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution_list.items[0].origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution_list.items[0].origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -8404,6 +8468,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_attempts #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution_list.items[0].origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
@@ -8553,20 +8618,55 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Lists existing domain associations that conflict with the domain that
+    # <note markdown="1"> We recommend that you use the
+    # `ListDomainConflicts` API operation to
+    # check for domain conflicts, as it supports both standard distributions
+    # and distribution tenants. [ListConflictingAliases][1] performs similar
+    # checks but only supports standard distributions.
+    #
+    #  </note>
+    #
+    #  Lists existing domain associations that conflict with the domain that
     # you specify.
     #
-    # You can use this API operation when transferring domains to identify
-    # potential domain conflicts. Domain conflicts must be resolved first
-    # before they can be moved.
+    #  You can use this API operation to identify potential domain conflicts
+    # when moving domains between standard distributions and/or distribution
+    # tenants. Domain conflicts must be resolved first before they can be
+    # moved.
+    #
+    #  For example, if you provide `www.example.com` as input, the returned
+    # list can include `www.example.com` and the overlapping wildcard
+    # alternate domain name (`.example.com</code>), if they exist. If you
+    # provide </em>.example.com as input, the returned list can include
+    # *.example.com and any alternate domain names covered by that wildcard
+    # (for example, www.example.com, test.example.com, dev.example.com, and
+    # so on), if they exist.</p> To list conflicting domains, specify the
+    # following:   The domain to search for   The ID of a standard
+    # distribution or distribution tenant in your account that has an
+    # attached TLS certificate, which covers the specified domain   For more
+    # information, including how to set up the standard distribution or
+    # distribution tenant, and the certificate, see Moving an alternate
+    # domain name to a different standard distribution or distribution
+    # tenant in the Amazon CloudFront Developer Guide. You can optionally
+    # specify the maximum number of items to receive in the response. If the
+    # total number of items in the list exceeds the maximum that you
+    # specify, or the default maximum, the response is paginated. To get the
+    # next page of items, send a subsequent request that specifies the
+    # NextMarker value from the current response as the Marker value in the
+    # subsequent request.</p>
+    # `
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ListConflictingAliases.html
     #
     # @option params [required, String] :domain
     #   The domain to check for conflicts.
     #
     # @option params [required, Types::DistributionResourceId] :domain_control_validation_resource
-    #   The distribution resource identifier. This can be the distribution or
-    #   distribution tenant that has a valid certificate, which covers the
-    #   domain that you specify.
+    #   The distribution resource identifier. This can be the standard
+    #   distribution or distribution tenant that has a valid certificate,
+    #   which covers the domain that you specify.
     #
     # @option params [Integer] :max_items
     #   The maximum number of domain conflicts to return.
@@ -9051,6 +9151,8 @@ module Aws::CloudFront
     #
     #   * {Types::ListOriginAccessControlsResult#origin_access_control_list #origin_access_control_list} => Types::OriginAccessControlList
     #
+    # The returned {Seahorse::Client::Response response} is a pageable response and is Enumerable. For details on usage see {Aws::PageableResponse PageableResponse}.
+    #
     # @example Request syntax with placeholder values
     #
     #   resp = client.list_origin_access_controls({
@@ -9564,7 +9666,7 @@ module Aws::CloudFront
     # @example Request syntax with placeholder values
     #
     #   resp = client.publish_function({
-    #     name: "string", # required
+    #     name: "FunctionName", # required
     #     if_match: "string", # required
     #   })
     #
@@ -9675,7 +9777,7 @@ module Aws::CloudFront
     # @example Request syntax with placeholder values
     #
     #   resp = client.test_function({
-    #     name: "string", # required
+    #     name: "FunctionName", # required
     #     if_match: "string", # required
     #     stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
     #     event_object: "data", # required
@@ -9759,6 +9861,11 @@ module Aws::CloudFront
     #     configuration, including the fields that you modified and those
     #     that you didn't.
     #
+    # If your minimum TTL is greater than 0, CloudFront will cache content
+    # for at least the duration specified in the cache policy's minimum
+    # TTL, even if the `Cache-Control: no-cache`, `no-store`, or `private`
+    # directives are present in the origin headers.
+    #
     # @option params [required, Types::CachePolicyConfig] :cache_policy_config
     #   A cache policy configuration.
     #
@@ -10119,6 +10226,7 @@ module Aws::CloudFront
     #             },
     #             s3_origin_config: {
     #               origin_access_identity: "string", # required
+    #               origin_read_timeout: 1,
     #             },
     #             custom_origin_config: {
     #               http_port: 1, # required
@@ -10138,6 +10246,7 @@ module Aws::CloudFront
     #             },
     #             connection_attempts: 1,
     #             connection_timeout: 1,
+    #             response_completion_timeout: 1,
     #             origin_shield: {
     #               enabled: false, # required
     #               origin_shield_region: "OriginShieldRegion",
@@ -10341,7 +10450,7 @@ module Aws::CloudFront
     #       enabled: false, # required
     #       viewer_certificate: {
     #         cloud_front_default_certificate: false,
-    #         iam_certificate_id: "string",
+    #         iam_certificate_id: "ServerCertificateId",
     #         acm_certificate_arn: "string",
     #         ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
     #         minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
@@ -10367,7 +10476,7 @@ module Aws::CloudFront
     #             name: "ParameterName", # required
     #             definition: { # required
     #               string_schema: {
-    #                 comment: "string",
+    #                 comment: "sensitiveStringType",
     #                 default_value: "ParameterValue",
     #                 required: false, # required
     #               },
@@ -10418,6 +10527,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -10431,6 +10541,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -10806,6 +10917,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
     #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
     #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_read_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
@@ -10819,6 +10931,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].vpc_origin_config.origin_keepalive_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].response_completion_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
     #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
@@ -10979,18 +11092,44 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Moves a domain from its current distribution or distribution tenant to
-    # another one.
+    # <note markdown="1"> We recommend that you use the
+    # `UpdateDomainAssociation` API operation
+    # to move a domain association, as it supports both standard
+    # distributions and distribution tenants. [AssociateAlias][1] performs
+    # similar checks but only supports standard distributions.
+    #
+    #  </note>
+    #
+    #  Moves a domain from its current standard distribution or distribution
+    # tenant to another one.
+    #
+    #  You must first disable the source distribution (standard distribution
+    # or distribution tenant) and then separately call this operation to
+    # move the domain to another target distribution (standard distribution
+    # or distribution tenant).
+    #
+    #  To use this operation, specify the domain and the ID of the target
+    # resource (standard distribution or distribution tenant). For more
+    # information, including how to set up the target resource,
+    # prerequisites that you must complete, and other restrictions, see
+    # [Moving an alternate domain name to a different standard distribution
+    # or distribution tenant][2] in the *Amazon CloudFront Developer Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_AssociateAlias.html
+    # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-move
     #
     # @option params [required, String] :domain
     #   The domain to update.
     #
     # @option params [required, Types::DistributionResourceId] :target_resource
-    #   The target distribution resource for the domain. You can specify
-    #   either `DistributionId` or `DistributionTenantId`, but not both.
+    #   The target standard distribution or distribution tenant resource for
+    #   the domain. You can specify either `DistributionId` or
+    #   `DistributionTenantId`, but not both.
     #
     # @option params [String] :if_match
-    #   The value of the `ETag` identifier for the distribution or
+    #   The value of the `ETag` identifier for the standard distribution or
     #   distribution tenant that will be associated with the domain.
     #
     # @return [Types::UpdateDomainAssociationResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -11259,7 +11398,7 @@ module Aws::CloudFront
     # @example Request syntax with placeholder values
     #
     #   resp = client.update_function({
-    #     name: "string", # required
+    #     name: "FunctionName", # required
     #     if_match: "string", # required
     #     function_config: { # required
     #       comment: "string", # required
@@ -12145,7 +12284,7 @@ module Aws::CloudFront
         tracer: tracer
       )
       context[:gem_name] = 'aws-sdk-cloudfront'
-      context[:gem_version] = '1.118.0'
+      context[:gem_version] = '1.123.0'
       Seahorse::Client::Request.new(handlers, context)
     end