aws-sdk-cloudfront 1.44.0 → 1.45.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -69,6 +69,7 @@ module Aws::CloudFront
69
69
  # * {InvalidTagging}
70
70
  # * {InvalidViewerCertificate}
71
71
  # * {InvalidWebACLId}
72
+ # * {KeyGroupAlreadyExists}
72
73
  # * {MissingBody}
73
74
  # * {NoSuchCachePolicy}
74
75
  # * {NoSuchCloudFrontOriginAccessIdentity}
@@ -90,6 +91,7 @@ module Aws::CloudFront
90
91
  # * {QueryArgProfileEmpty}
91
92
  # * {RealtimeLogConfigAlreadyExists}
92
93
  # * {RealtimeLogConfigInUse}
94
+ # * {ResourceInUse}
93
95
  # * {StreamingDistributionAlreadyExists}
94
96
  # * {StreamingDistributionNotDisabled}
95
97
  # * {TooManyCacheBehaviors}
@@ -103,6 +105,7 @@ module Aws::CloudFront
103
105
  # * {TooManyDistributions}
104
106
  # * {TooManyDistributionsAssociatedToCachePolicy}
105
107
  # * {TooManyDistributionsAssociatedToFieldLevelEncryptionConfig}
108
+ # * {TooManyDistributionsAssociatedToKeyGroup}
106
109
  # * {TooManyDistributionsAssociatedToOriginRequestPolicy}
107
110
  # * {TooManyDistributionsWithLambdaAssociations}
108
111
  # * {TooManyDistributionsWithSingleFunctionARN}
@@ -116,12 +119,15 @@ module Aws::CloudFront
116
119
  # * {TooManyHeadersInForwardedValues}
117
120
  # * {TooManyHeadersInOriginRequestPolicy}
118
121
  # * {TooManyInvalidationsInProgress}
122
+ # * {TooManyKeyGroups}
123
+ # * {TooManyKeyGroupsAssociatedToDistribution}
119
124
  # * {TooManyLambdaFunctionAssociations}
120
125
  # * {TooManyOriginCustomHeaders}
121
126
  # * {TooManyOriginGroupsPerDistribution}
122
127
  # * {TooManyOriginRequestPolicies}
123
128
  # * {TooManyOrigins}
124
129
  # * {TooManyPublicKeys}
130
+ # * {TooManyPublicKeysInKeyGroup}
125
131
  # * {TooManyQueryStringParameters}
126
132
  # * {TooManyQueryStringsInCachePolicy}
127
133
  # * {TooManyQueryStringsInOriginRequestPolicy}
@@ -129,6 +135,7 @@ module Aws::CloudFront
129
135
  # * {TooManyStreamingDistributionCNAMEs}
130
136
  # * {TooManyStreamingDistributions}
131
137
  # * {TooManyTrustedSigners}
138
+ # * {TrustedKeyGroupDoesNotExist}
132
139
  # * {TrustedSignerDoesNotExist}
133
140
  #
134
141
  # Additionally, error classes are dynamically generated for service errors based on the error code
@@ -767,6 +774,21 @@ module Aws::CloudFront
767
774
  end
768
775
  end
769
776
 
777
+ class KeyGroupAlreadyExists < ServiceError
778
+
779
+ # @param [Seahorse::Client::RequestContext] context
780
+ # @param [String] message
781
+ # @param [Aws::CloudFront::Types::KeyGroupAlreadyExists] data
782
+ def initialize(context, message, data = Aws::EmptyStructure.new)
783
+ super(context, message, data)
784
+ end
785
+
786
+ # @return [String]
787
+ def message
788
+ @message || @data[:message]
789
+ end
790
+ end
791
+
770
792
  class MissingBody < ServiceError
771
793
 
772
794
  # @param [Seahorse::Client::RequestContext] context
@@ -1082,6 +1104,21 @@ module Aws::CloudFront
1082
1104
  end
1083
1105
  end
1084
1106
 
1107
+ class ResourceInUse < ServiceError
1108
+
1109
+ # @param [Seahorse::Client::RequestContext] context
1110
+ # @param [String] message
1111
+ # @param [Aws::CloudFront::Types::ResourceInUse] data
1112
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1113
+ super(context, message, data)
1114
+ end
1115
+
1116
+ # @return [String]
1117
+ def message
1118
+ @message || @data[:message]
1119
+ end
1120
+ end
1121
+
1085
1122
  class StreamingDistributionAlreadyExists < ServiceError
1086
1123
 
1087
1124
  # @param [Seahorse::Client::RequestContext] context
@@ -1277,6 +1314,21 @@ module Aws::CloudFront
1277
1314
  end
1278
1315
  end
1279
1316
 
1317
+ class TooManyDistributionsAssociatedToKeyGroup < ServiceError
1318
+
1319
+ # @param [Seahorse::Client::RequestContext] context
1320
+ # @param [String] message
1321
+ # @param [Aws::CloudFront::Types::TooManyDistributionsAssociatedToKeyGroup] data
1322
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1323
+ super(context, message, data)
1324
+ end
1325
+
1326
+ # @return [String]
1327
+ def message
1328
+ @message || @data[:message]
1329
+ end
1330
+ end
1331
+
1280
1332
  class TooManyDistributionsAssociatedToOriginRequestPolicy < ServiceError
1281
1333
 
1282
1334
  # @param [Seahorse::Client::RequestContext] context
@@ -1472,6 +1524,36 @@ module Aws::CloudFront
1472
1524
  end
1473
1525
  end
1474
1526
 
1527
+ class TooManyKeyGroups < ServiceError
1528
+
1529
+ # @param [Seahorse::Client::RequestContext] context
1530
+ # @param [String] message
1531
+ # @param [Aws::CloudFront::Types::TooManyKeyGroups] data
1532
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1533
+ super(context, message, data)
1534
+ end
1535
+
1536
+ # @return [String]
1537
+ def message
1538
+ @message || @data[:message]
1539
+ end
1540
+ end
1541
+
1542
+ class TooManyKeyGroupsAssociatedToDistribution < ServiceError
1543
+
1544
+ # @param [Seahorse::Client::RequestContext] context
1545
+ # @param [String] message
1546
+ # @param [Aws::CloudFront::Types::TooManyKeyGroupsAssociatedToDistribution] data
1547
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1548
+ super(context, message, data)
1549
+ end
1550
+
1551
+ # @return [String]
1552
+ def message
1553
+ @message || @data[:message]
1554
+ end
1555
+ end
1556
+
1475
1557
  class TooManyLambdaFunctionAssociations < ServiceError
1476
1558
 
1477
1559
  # @param [Seahorse::Client::RequestContext] context
@@ -1562,6 +1644,21 @@ module Aws::CloudFront
1562
1644
  end
1563
1645
  end
1564
1646
 
1647
+ class TooManyPublicKeysInKeyGroup < ServiceError
1648
+
1649
+ # @param [Seahorse::Client::RequestContext] context
1650
+ # @param [String] message
1651
+ # @param [Aws::CloudFront::Types::TooManyPublicKeysInKeyGroup] data
1652
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1653
+ super(context, message, data)
1654
+ end
1655
+
1656
+ # @return [String]
1657
+ def message
1658
+ @message || @data[:message]
1659
+ end
1660
+ end
1661
+
1565
1662
  class TooManyQueryStringParameters < ServiceError
1566
1663
 
1567
1664
  # @param [Seahorse::Client::RequestContext] context
@@ -1667,6 +1764,21 @@ module Aws::CloudFront
1667
1764
  end
1668
1765
  end
1669
1766
 
1767
+ class TrustedKeyGroupDoesNotExist < ServiceError
1768
+
1769
+ # @param [Seahorse::Client::RequestContext] context
1770
+ # @param [String] message
1771
+ # @param [Aws::CloudFront::Types::TrustedKeyGroupDoesNotExist] data
1772
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1773
+ super(context, message, data)
1774
+ end
1775
+
1776
+ # @return [String]
1777
+ def message
1778
+ @message || @data[:message]
1779
+ end
1780
+ end
1781
+
1670
1782
  class TrustedSignerDoesNotExist < ServiceError
1671
1783
 
1672
1784
  # @param [Seahorse::Client::RequestContext] context
@@ -23,40 +23,55 @@ module Aws::CloudFront
23
23
  include Aws::Structure
24
24
  end
25
25
 
26
- # A complex type that lists the AWS accounts, if any, that you included
27
- # in the `TrustedSigners` complex type for this distribution. These are
28
- # the accounts that you want to allow to create signed URLs for private
29
- # content.
26
+ # A list of key groups, and the public keys in each key group, that
27
+ # CloudFront can use to verify the signatures of signed URLs and signed
28
+ # cookies.
30
29
  #
31
- # The `Signer` complex type lists the AWS account number of the trusted
32
- # signer or `self` if the signer is the AWS account that created the
33
- # distribution. The `Signer` element also includes the IDs of any active
34
- # CloudFront key pairs that are associated with the trusted signer's
35
- # AWS account. If no `KeyPairId` element appears for a `Signer`, that
36
- # signer can't create signed URLs.
30
+ # @!attribute [rw] enabled
31
+ # This field is `true` if any of the key groups have public keys that
32
+ # CloudFront can use to verify the signatures of signed URLs and
33
+ # signed cookies. If not, this field is `false`.
34
+ # @return [Boolean]
37
35
  #
38
- # For more information, see [Serving Private Content through
39
- # CloudFront][1] in the *Amazon CloudFront Developer Guide*.
36
+ # @!attribute [rw] quantity
37
+ # The number of key groups in the list.
38
+ # @return [Integer]
40
39
  #
40
+ # @!attribute [rw] items
41
+ # A list of key groups, including the identifiers of the public keys
42
+ # in each key group that CloudFront can use to verify the signatures
43
+ # of signed URLs and signed cookies.
44
+ # @return [Array<Types::KGKeyPairIds>]
41
45
  #
46
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ActiveTrustedKeyGroups AWS API Documentation
42
47
  #
43
- # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
48
+ class ActiveTrustedKeyGroups < Struct.new(
49
+ :enabled,
50
+ :quantity,
51
+ :items)
52
+ SENSITIVE = []
53
+ include Aws::Structure
54
+ end
55
+
56
+ # A list of AWS accounts and the active CloudFront key pairs in each
57
+ # account that CloudFront can use to verify the signatures of signed
58
+ # URLs and signed cookies.
44
59
  #
45
60
  # @!attribute [rw] enabled
46
- # Enabled is `true` if any of the AWS accounts listed in the
47
- # `TrustedSigners` complex type for this distribution have active
48
- # CloudFront key pairs. If not, `Enabled` is `false`.
61
+ # This field is `true` if any of the AWS accounts in the list have
62
+ # active CloudFront key pairs that CloudFront can use to verify the
63
+ # signatures of signed URLs and signed cookies. If not, this field is
64
+ # `false`.
49
65
  # @return [Boolean]
50
66
  #
51
67
  # @!attribute [rw] quantity
52
- # The number of trusted signers specified in the `TrustedSigners`
53
- # complex type.
68
+ # The number of AWS accounts in the list.
54
69
  # @return [Integer]
55
70
  #
56
71
  # @!attribute [rw] items
57
- # A complex type that contains one `Signer` complex type for each
58
- # trusted signer that is specified in the `TrustedSigners` complex
59
- # type.
72
+ # A list of AWS accounts and the identifiers of active CloudFront key
73
+ # pairs in each account that CloudFront can use to verify the
74
+ # signatures of signed URLs and signed cookies.
60
75
  # @return [Array<Types::Signer>]
61
76
  #
62
77
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ActiveTrustedSigners AWS API Documentation
@@ -281,7 +296,12 @@ module Aws::CloudFront
281
296
  # {
282
297
  # path_pattern: "string", # required
283
298
  # target_origin_id: "string", # required
284
- # trusted_signers: { # required
299
+ # trusted_signers: {
300
+ # enabled: false, # required
301
+ # quantity: 1, # required
302
+ # items: ["string"],
303
+ # },
304
+ # trusted_key_groups: {
285
305
  # enabled: false, # required
286
306
  # quantity: 1, # required
287
307
  # items: ["string"],
@@ -365,29 +385,42 @@ module Aws::CloudFront
365
385
  # @return [String]
366
386
  #
367
387
  # @!attribute [rw] trusted_signers
368
- # A complex type that specifies the AWS accounts, if any, that you
369
- # want to allow to create signed URLs for private content.
388
+ # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
389
+ #
390
+ # A list of AWS account IDs whose public keys CloudFront can use to
391
+ # validate signed URLs or signed cookies.
392
+ #
393
+ # When a cache behavior contains trusted signers, CloudFront requires
394
+ # signed URLs or signed cookies for all requests that match the cache
395
+ # behavior. The URLs or cookies must be signed with the private key of
396
+ # a CloudFront key pair in the trusted signer’s AWS account. The
397
+ # signed URL or cookie contains information about which public key
398
+ # CloudFront should use to verify the signature. For more information,
399
+ # see [Serving private content][1] in the *Amazon CloudFront Developer
400
+ # Guide*.
401
+ #
370
402
  #
371
- # If you want to require signed URLs in requests for objects in the
372
- # target origin that match the `PathPattern` for this cache behavior,
373
- # specify `true` for `Enabled`, and specify the applicable values for
374
- # `Quantity` and `Items`. For more information, see [Serving Private
375
- # Content with Signed URLs and Signed Cookies][1] in the *Amazon
376
- # CloudFront Developer Guide*.
377
403
  #
378
- # If you don’t want to require signed URLs in requests for objects
379
- # that match `PathPattern`, specify `false` for `Enabled` and `0` for
380
- # `Quantity`. Omit `Items`.
404
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
405
+ # @return [Types::TrustedSigners]
381
406
  #
382
- # To add, change, or remove one or more trusted signers, change
383
- # `Enabled` to `true` (if it’s currently `false`), change `Quantity`
384
- # as applicable, and specify all of the trusted signers that you want
385
- # to include in the updated distribution.
407
+ # @!attribute [rw] trusted_key_groups
408
+ # A list of key groups that CloudFront can use to validate signed URLs
409
+ # or signed cookies.
410
+ #
411
+ # When a cache behavior contains trusted key groups, CloudFront
412
+ # requires signed URLs or signed cookies for all requests that match
413
+ # the cache behavior. The URLs or cookies must be signed with a
414
+ # private key whose corresponding public key is in the key group. The
415
+ # signed URL or cookie contains information about which public key
416
+ # CloudFront should use to verify the signature. For more information,
417
+ # see [Serving private content][1] in the *Amazon CloudFront Developer
418
+ # Guide*.
386
419
  #
387
420
  #
388
421
  #
389
422
  # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
390
- # @return [Types::TrustedSigners]
423
+ # @return [Types::TrustedKeyGroups]
391
424
  #
392
425
  # @!attribute [rw] viewer_protocol_policy
393
426
  # The protocol that viewers can use to access the files in the origin
@@ -611,6 +644,7 @@ module Aws::CloudFront
611
644
  :path_pattern,
612
645
  :target_origin_id,
613
646
  :trusted_signers,
647
+ :trusted_key_groups,
614
648
  :viewer_protocol_policy,
615
649
  :allowed_methods,
616
650
  :smooth_streaming,
@@ -639,7 +673,12 @@ module Aws::CloudFront
639
673
  # {
640
674
  # path_pattern: "string", # required
641
675
  # target_origin_id: "string", # required
642
- # trusted_signers: { # required
676
+ # trusted_signers: {
677
+ # enabled: false, # required
678
+ # quantity: 1, # required
679
+ # items: ["string"],
680
+ # },
681
+ # trusted_key_groups: {
643
682
  # enabled: false, # required
644
683
  # quantity: 1, # required
645
684
  # items: ["string"],
@@ -1815,7 +1854,12 @@ module Aws::CloudFront
1815
1854
  # },
1816
1855
  # default_cache_behavior: { # required
1817
1856
  # target_origin_id: "string", # required
1818
- # trusted_signers: { # required
1857
+ # trusted_signers: {
1858
+ # enabled: false, # required
1859
+ # quantity: 1, # required
1860
+ # items: ["string"],
1861
+ # },
1862
+ # trusted_key_groups: {
1819
1863
  # enabled: false, # required
1820
1864
  # quantity: 1, # required
1821
1865
  # items: ["string"],
@@ -1873,7 +1917,12 @@ module Aws::CloudFront
1873
1917
  # {
1874
1918
  # path_pattern: "string", # required
1875
1919
  # target_origin_id: "string", # required
1876
- # trusted_signers: { # required
1920
+ # trusted_signers: {
1921
+ # enabled: false, # required
1922
+ # quantity: 1, # required
1923
+ # items: ["string"],
1924
+ # },
1925
+ # trusted_key_groups: {
1877
1926
  # enabled: false, # required
1878
1927
  # quantity: 1, # required
1879
1928
  # items: ["string"],
@@ -2083,7 +2132,12 @@ module Aws::CloudFront
2083
2132
  # },
2084
2133
  # default_cache_behavior: { # required
2085
2134
  # target_origin_id: "string", # required
2086
- # trusted_signers: { # required
2135
+ # trusted_signers: {
2136
+ # enabled: false, # required
2137
+ # quantity: 1, # required
2138
+ # items: ["string"],
2139
+ # },
2140
+ # trusted_key_groups: {
2087
2141
  # enabled: false, # required
2088
2142
  # quantity: 1, # required
2089
2143
  # items: ["string"],
@@ -2141,7 +2195,12 @@ module Aws::CloudFront
2141
2195
  # {
2142
2196
  # path_pattern: "string", # required
2143
2197
  # target_origin_id: "string", # required
2144
- # trusted_signers: { # required
2198
+ # trusted_signers: {
2199
+ # enabled: false, # required
2200
+ # quantity: 1, # required
2201
+ # items: ["string"],
2202
+ # },
2203
+ # trusted_key_groups: {
2145
2204
  # enabled: false, # required
2146
2205
  # quantity: 1, # required
2147
2206
  # items: ["string"],
@@ -2466,6 +2525,51 @@ module Aws::CloudFront
2466
2525
  include Aws::Structure
2467
2526
  end
2468
2527
 
2528
+ # @note When making an API call, you may pass CreateKeyGroupRequest
2529
+ # data as a hash:
2530
+ #
2531
+ # {
2532
+ # key_group_config: { # required
2533
+ # name: "string", # required
2534
+ # items: ["string"], # required
2535
+ # comment: "string",
2536
+ # },
2537
+ # }
2538
+ #
2539
+ # @!attribute [rw] key_group_config
2540
+ # A key group configuration.
2541
+ # @return [Types::KeyGroupConfig]
2542
+ #
2543
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateKeyGroupRequest AWS API Documentation
2544
+ #
2545
+ class CreateKeyGroupRequest < Struct.new(
2546
+ :key_group_config)
2547
+ SENSITIVE = []
2548
+ include Aws::Structure
2549
+ end
2550
+
2551
+ # @!attribute [rw] key_group
2552
+ # The key group that was just created.
2553
+ # @return [Types::KeyGroup]
2554
+ #
2555
+ # @!attribute [rw] location
2556
+ # The URL of the key group.
2557
+ # @return [String]
2558
+ #
2559
+ # @!attribute [rw] etag
2560
+ # The identifier for this version of the key group.
2561
+ # @return [String]
2562
+ #
2563
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateKeyGroupResult AWS API Documentation
2564
+ #
2565
+ class CreateKeyGroupResult < Struct.new(
2566
+ :key_group,
2567
+ :location,
2568
+ :etag)
2569
+ SENSITIVE = []
2570
+ include Aws::Structure
2571
+ end
2572
+
2469
2573
  # @note When making an API call, you may pass CreateMonitoringSubscriptionRequest
2470
2574
  # data as a hash:
2471
2575
  #
@@ -2589,7 +2693,7 @@ module Aws::CloudFront
2589
2693
  # }
2590
2694
  #
2591
2695
  # @!attribute [rw] public_key_config
2592
- # The request to add a public key to CloudFront.
2696
+ # A CloudFront public key configuration.
2593
2697
  # @return [Types::PublicKeyConfig]
2594
2698
  #
2595
2699
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreatePublicKeyRequest AWS API Documentation
@@ -2601,16 +2705,15 @@ module Aws::CloudFront
2601
2705
  end
2602
2706
 
2603
2707
  # @!attribute [rw] public_key
2604
- # Returned when you add a public key.
2708
+ # The public key.
2605
2709
  # @return [Types::PublicKey]
2606
2710
  #
2607
2711
  # @!attribute [rw] location
2608
- # The fully qualified URI of the new public key resource just created.
2712
+ # The URL of the public key.
2609
2713
  # @return [String]
2610
2714
  #
2611
2715
  # @!attribute [rw] etag
2612
- # The current version of the public key. For example:
2613
- # `E2QWRUHAPOMQZL`.
2716
+ # The identifier for this version of the public key.
2614
2717
  # @return [String]
2615
2718
  #
2616
2719
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreatePublicKeyResult AWS API Documentation
@@ -3145,7 +3248,12 @@ module Aws::CloudFront
3145
3248
  #
3146
3249
  # {
3147
3250
  # target_origin_id: "string", # required
3148
- # trusted_signers: { # required
3251
+ # trusted_signers: {
3252
+ # enabled: false, # required
3253
+ # quantity: 1, # required
3254
+ # items: ["string"],
3255
+ # },
3256
+ # trusted_key_groups: {
3149
3257
  # enabled: false, # required
3150
3258
  # quantity: 1, # required
3151
3259
  # items: ["string"],
@@ -3204,29 +3312,42 @@ module Aws::CloudFront
3204
3312
  # @return [String]
3205
3313
  #
3206
3314
  # @!attribute [rw] trusted_signers
3207
- # A complex type that specifies the AWS accounts, if any, that you
3208
- # want to allow to create signed URLs for private content.
3315
+ # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
3316
+ #
3317
+ # A list of AWS account IDs whose public keys CloudFront can use to
3318
+ # validate signed URLs or signed cookies.
3319
+ #
3320
+ # When a cache behavior contains trusted signers, CloudFront requires
3321
+ # signed URLs or signed cookies for all requests that match the cache
3322
+ # behavior. The URLs or cookies must be signed with the private key of
3323
+ # a CloudFront key pair in a trusted signer’s AWS account. The signed
3324
+ # URL or cookie contains information about which public key CloudFront
3325
+ # should use to verify the signature. For more information, see
3326
+ # [Serving private content][1] in the *Amazon CloudFront Developer
3327
+ # Guide*.
3328
+ #
3209
3329
  #
3210
- # If you want to require signed URLs in requests for objects in the
3211
- # target origin that match the `PathPattern` for this cache behavior,
3212
- # specify `true` for `Enabled`, and specify the applicable values for
3213
- # `Quantity` and `Items`. For more information, see [Serving Private
3214
- # Content with Signed URLs and Signed Cookies][1] in the *Amazon
3215
- # CloudFront Developer Guide*.
3216
3330
  #
3217
- # If you don’t want to require signed URLs in requests for objects
3218
- # that match `PathPattern`, specify `false` for `Enabled` and `0` for
3219
- # `Quantity`. Omit `Items`.
3331
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
3332
+ # @return [Types::TrustedSigners]
3220
3333
  #
3221
- # To add, change, or remove one or more trusted signers, change
3222
- # `Enabled` to `true` (if it’s currently `false`), change `Quantity`
3223
- # as applicable, and specify all of the trusted signers that you want
3224
- # to include in the updated distribution.
3334
+ # @!attribute [rw] trusted_key_groups
3335
+ # A list of key groups that CloudFront can use to validate signed URLs
3336
+ # or signed cookies.
3337
+ #
3338
+ # When a cache behavior contains trusted key groups, CloudFront
3339
+ # requires signed URLs or signed cookies for all requests that match
3340
+ # the cache behavior. The URLs or cookies must be signed with a
3341
+ # private key whose corresponding public key is in the key group. The
3342
+ # signed URL or cookie contains information about which public key
3343
+ # CloudFront should use to verify the signature. For more information,
3344
+ # see [Serving private content][1] in the *Amazon CloudFront Developer
3345
+ # Guide*.
3225
3346
  #
3226
3347
  #
3227
3348
  #
3228
3349
  # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
3229
- # @return [Types::TrustedSigners]
3350
+ # @return [Types::TrustedKeyGroups]
3230
3351
  #
3231
3352
  # @!attribute [rw] viewer_protocol_policy
3232
3353
  # The protocol that viewers can use to access the files in the origin
@@ -3449,6 +3570,7 @@ module Aws::CloudFront
3449
3570
  class DefaultCacheBehavior < Struct.new(
3450
3571
  :target_origin_id,
3451
3572
  :trusted_signers,
3573
+ :trusted_key_groups,
3452
3574
  :viewer_protocol_policy,
3453
3575
  :allowed_methods,
3454
3576
  :smooth_streaming,
@@ -3644,6 +3766,34 @@ module Aws::CloudFront
3644
3766
  include Aws::Structure
3645
3767
  end
3646
3768
 
3769
+ # @note When making an API call, you may pass DeleteKeyGroupRequest
3770
+ # data as a hash:
3771
+ #
3772
+ # {
3773
+ # id: "string", # required
3774
+ # if_match: "string",
3775
+ # }
3776
+ #
3777
+ # @!attribute [rw] id
3778
+ # The identifier of the key group that you are deleting. To get the
3779
+ # identifier, use `ListKeyGroups`.
3780
+ # @return [String]
3781
+ #
3782
+ # @!attribute [rw] if_match
3783
+ # The version of the key group that you are deleting. The version is
3784
+ # the key group’s `ETag` value. To get the `ETag`, use `GetKeyGroup`
3785
+ # or `GetKeyGroupConfig`.
3786
+ # @return [String]
3787
+ #
3788
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DeleteKeyGroupRequest AWS API Documentation
3789
+ #
3790
+ class DeleteKeyGroupRequest < Struct.new(
3791
+ :id,
3792
+ :if_match)
3793
+ SENSITIVE = []
3794
+ include Aws::Structure
3795
+ end
3796
+
3647
3797
  # @note When making an API call, you may pass DeleteMonitoringSubscriptionRequest
3648
3798
  # data as a hash:
3649
3799
  #
@@ -3810,17 +3960,24 @@ module Aws::CloudFront
3810
3960
  # @return [String]
3811
3961
  #
3812
3962
  # @!attribute [rw] active_trusted_signers
3813
- # CloudFront automatically adds this element to the response only if
3814
- # you've set up the distribution to serve private content with signed
3815
- # URLs. The element lists the key pair IDs that CloudFront is aware of
3816
- # for each trusted signer. The `Signer` child element lists the AWS
3817
- # account number of the trusted signer (or an empty `Self` element if
3818
- # the signer is you). The `Signer` element also includes the IDs of
3819
- # any active key pairs associated with the trusted signer's AWS
3820
- # account. If no `KeyPairId` element appears for a `Signer`, that
3821
- # signer can't create working signed URLs.
3963
+ # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
3964
+ #
3965
+ # CloudFront automatically adds this field to the response if you’ve
3966
+ # configured a cache behavior in this distribution to serve private
3967
+ # content using trusted signers. This field contains a list of AWS
3968
+ # account IDs and the active CloudFront key pairs in each account that
3969
+ # CloudFront can use to verify the signatures of signed URLs or signed
3970
+ # cookies.
3822
3971
  # @return [Types::ActiveTrustedSigners]
3823
3972
  #
3973
+ # @!attribute [rw] active_trusted_key_groups
3974
+ # CloudFront automatically adds this field to the response if you’ve
3975
+ # configured a cache behavior in this distribution to serve private
3976
+ # content using key groups. This field contains a list of key groups
3977
+ # and the public keys in each key group that CloudFront can use to
3978
+ # verify the signatures of signed URLs or signed cookies.
3979
+ # @return [Types::ActiveTrustedKeyGroups]
3980
+ #
3824
3981
  # @!attribute [rw] distribution_config
3825
3982
  # The current configuration information for the distribution. Send a
3826
3983
  # `GET` request to the `/CloudFront API version/distribution
@@ -3852,6 +4009,7 @@ module Aws::CloudFront
3852
4009
  :in_progress_invalidation_batches,
3853
4010
  :domain_name,
3854
4011
  :active_trusted_signers,
4012
+ :active_trusted_key_groups,
3855
4013
  :distribution_config,
3856
4014
  :alias_icp_recordals)
3857
4015
  SENSITIVE = []
@@ -3947,7 +4105,12 @@ module Aws::CloudFront
3947
4105
  # },
3948
4106
  # default_cache_behavior: { # required
3949
4107
  # target_origin_id: "string", # required
3950
- # trusted_signers: { # required
4108
+ # trusted_signers: {
4109
+ # enabled: false, # required
4110
+ # quantity: 1, # required
4111
+ # items: ["string"],
4112
+ # },
4113
+ # trusted_key_groups: {
3951
4114
  # enabled: false, # required
3952
4115
  # quantity: 1, # required
3953
4116
  # items: ["string"],
@@ -4005,7 +4168,12 @@ module Aws::CloudFront
4005
4168
  # {
4006
4169
  # path_pattern: "string", # required
4007
4170
  # target_origin_id: "string", # required
4008
- # trusted_signers: { # required
4171
+ # trusted_signers: {
4172
+ # enabled: false, # required
4173
+ # quantity: 1, # required
4174
+ # items: ["string"],
4175
+ # },
4176
+ # trusted_key_groups: {
4009
4177
  # enabled: false, # required
4010
4178
  # quantity: 1, # required
4011
4179
  # items: ["string"],
@@ -4432,7 +4600,12 @@ module Aws::CloudFront
4432
4600
  # },
4433
4601
  # default_cache_behavior: { # required
4434
4602
  # target_origin_id: "string", # required
4435
- # trusted_signers: { # required
4603
+ # trusted_signers: {
4604
+ # enabled: false, # required
4605
+ # quantity: 1, # required
4606
+ # items: ["string"],
4607
+ # },
4608
+ # trusted_key_groups: {
4436
4609
  # enabled: false, # required
4437
4610
  # quantity: 1, # required
4438
4611
  # items: ["string"],
@@ -4490,7 +4663,12 @@ module Aws::CloudFront
4490
4663
  # {
4491
4664
  # path_pattern: "string", # required
4492
4665
  # target_origin_id: "string", # required
4493
- # trusted_signers: { # required
4666
+ # trusted_signers: {
4667
+ # enabled: false, # required
4668
+ # quantity: 1, # required
4669
+ # items: ["string"],
4670
+ # },
4671
+ # trusted_key_groups: {
4494
4672
  # enabled: false, # required
4495
4673
  # quantity: 1, # required
4496
4674
  # items: ["string"],
@@ -6062,6 +6240,80 @@ module Aws::CloudFront
6062
6240
  include Aws::Structure
6063
6241
  end
6064
6242
 
6243
+ # @note When making an API call, you may pass GetKeyGroupConfigRequest
6244
+ # data as a hash:
6245
+ #
6246
+ # {
6247
+ # id: "string", # required
6248
+ # }
6249
+ #
6250
+ # @!attribute [rw] id
6251
+ # The identifier of the key group whose configuration you are getting.
6252
+ # To get the identifier, use `ListKeyGroups`.
6253
+ # @return [String]
6254
+ #
6255
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetKeyGroupConfigRequest AWS API Documentation
6256
+ #
6257
+ class GetKeyGroupConfigRequest < Struct.new(
6258
+ :id)
6259
+ SENSITIVE = []
6260
+ include Aws::Structure
6261
+ end
6262
+
6263
+ # @!attribute [rw] key_group_config
6264
+ # The key group configuration.
6265
+ # @return [Types::KeyGroupConfig]
6266
+ #
6267
+ # @!attribute [rw] etag
6268
+ # The identifier for this version of the key group.
6269
+ # @return [String]
6270
+ #
6271
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetKeyGroupConfigResult AWS API Documentation
6272
+ #
6273
+ class GetKeyGroupConfigResult < Struct.new(
6274
+ :key_group_config,
6275
+ :etag)
6276
+ SENSITIVE = []
6277
+ include Aws::Structure
6278
+ end
6279
+
6280
+ # @note When making an API call, you may pass GetKeyGroupRequest
6281
+ # data as a hash:
6282
+ #
6283
+ # {
6284
+ # id: "string", # required
6285
+ # }
6286
+ #
6287
+ # @!attribute [rw] id
6288
+ # The identifier of the key group that you are getting. To get the
6289
+ # identifier, use `ListKeyGroups`.
6290
+ # @return [String]
6291
+ #
6292
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetKeyGroupRequest AWS API Documentation
6293
+ #
6294
+ class GetKeyGroupRequest < Struct.new(
6295
+ :id)
6296
+ SENSITIVE = []
6297
+ include Aws::Structure
6298
+ end
6299
+
6300
+ # @!attribute [rw] key_group
6301
+ # The key group.
6302
+ # @return [Types::KeyGroup]
6303
+ #
6304
+ # @!attribute [rw] etag
6305
+ # The identifier for this version of the key group.
6306
+ # @return [String]
6307
+ #
6308
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetKeyGroupResult AWS API Documentation
6309
+ #
6310
+ class GetKeyGroupResult < Struct.new(
6311
+ :key_group,
6312
+ :etag)
6313
+ SENSITIVE = []
6314
+ include Aws::Structure
6315
+ end
6316
+
6065
6317
  # @note When making an API call, you may pass GetMonitoringSubscriptionRequest
6066
6318
  # data as a hash:
6067
6319
  #
@@ -6186,7 +6438,8 @@ module Aws::CloudFront
6186
6438
  # }
6187
6439
  #
6188
6440
  # @!attribute [rw] id
6189
- # Request the ID for the public key configuration.
6441
+ # The identifier of the public key whose configuration you are
6442
+ # getting.
6190
6443
  # @return [String]
6191
6444
  #
6192
6445
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetPublicKeyConfigRequest AWS API Documentation
@@ -6198,12 +6451,11 @@ module Aws::CloudFront
6198
6451
  end
6199
6452
 
6200
6453
  # @!attribute [rw] public_key_config
6201
- # Return the result for the public key configuration.
6454
+ # A public key configuration.
6202
6455
  # @return [Types::PublicKeyConfig]
6203
6456
  #
6204
6457
  # @!attribute [rw] etag
6205
- # The current version of the public key configuration. For example:
6206
- # `E2QWRUHAPOMQZL`.
6458
+ # The identifier for this version of the public key configuration.
6207
6459
  # @return [String]
6208
6460
  #
6209
6461
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetPublicKeyConfigResult AWS API Documentation
@@ -6223,7 +6475,7 @@ module Aws::CloudFront
6223
6475
  # }
6224
6476
  #
6225
6477
  # @!attribute [rw] id
6226
- # Request the ID for the public key.
6478
+ # The identifier of the public key you are getting.
6227
6479
  # @return [String]
6228
6480
  #
6229
6481
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetPublicKeyRequest AWS API Documentation
@@ -6235,12 +6487,11 @@ module Aws::CloudFront
6235
6487
  end
6236
6488
 
6237
6489
  # @!attribute [rw] public_key
6238
- # Return the public key.
6490
+ # The public key.
6239
6491
  # @return [Types::PublicKey]
6240
6492
  #
6241
6493
  # @!attribute [rw] etag
6242
- # The current version of the public key. For example:
6243
- # `E2QWRUHAPOMQZL`.
6494
+ # The identifier for this version of the public key.
6244
6495
  # @return [String]
6245
6496
  #
6246
6497
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetPublicKeyResult AWS API Documentation
@@ -6927,90 +7178,221 @@ module Aws::CloudFront
6927
7178
  include Aws::Structure
6928
7179
  end
6929
7180
 
6930
- # A complex type that lists the active CloudFront key pairs, if any,
6931
- # that are associated with `AwsAccountNumber`.
7181
+ # A list of identifiers for the public keys that CloudFront can use to
7182
+ # verify the signatures of signed URLs and signed cookies.
6932
7183
  #
6933
- # For more information, see [ActiveTrustedSigners][1].
7184
+ # @!attribute [rw] key_group_id
7185
+ # The identifier of the key group that contains the public keys.
7186
+ # @return [String]
6934
7187
  #
7188
+ # @!attribute [rw] key_pair_ids
7189
+ # A list of CloudFront key pair identifiers.
7190
+ # @return [Types::KeyPairIds]
6935
7191
  #
7192
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KGKeyPairIds AWS API Documentation
6936
7193
  #
6937
- # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ActiveTrustedSigners.html
7194
+ class KGKeyPairIds < Struct.new(
7195
+ :key_group_id,
7196
+ :key_pair_ids)
7197
+ SENSITIVE = []
7198
+ include Aws::Structure
7199
+ end
7200
+
7201
+ # A key group.
6938
7202
  #
6939
- # @!attribute [rw] quantity
6940
- # The number of active CloudFront key pairs for `AwsAccountNumber`.
7203
+ # A key group contains a list of public keys that you can use with
7204
+ # [CloudFront signed URLs and signed cookies][1].
6941
7205
  #
6942
- # For more information, see [ActiveTrustedSigners][1].
6943
7206
  #
6944
7207
  #
7208
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
6945
7209
  #
6946
- # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ActiveTrustedSigners.html
6947
- # @return [Integer]
7210
+ # @!attribute [rw] id
7211
+ # The identifier for the key group.
7212
+ # @return [String]
6948
7213
  #
6949
- # @!attribute [rw] items
6950
- # A complex type that lists the active CloudFront key pairs, if any,
6951
- # that are associated with `AwsAccountNumber`.
7214
+ # @!attribute [rw] last_modified_time
7215
+ # The date and time when the key group was last modified.
7216
+ # @return [Time]
6952
7217
  #
6953
- # For more information, see [ActiveTrustedSigners][1].
7218
+ # @!attribute [rw] key_group_config
7219
+ # The key group configuration.
7220
+ # @return [Types::KeyGroupConfig]
6954
7221
  #
7222
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyGroup AWS API Documentation
6955
7223
  #
7224
+ class KeyGroup < Struct.new(
7225
+ :id,
7226
+ :last_modified_time,
7227
+ :key_group_config)
7228
+ SENSITIVE = []
7229
+ include Aws::Structure
7230
+ end
7231
+
7232
+ # A key group with this name already exists. You must provide a unique
7233
+ # name. To modify an existing key group, use `UpdateKeyGroup`.
6956
7234
  #
6957
- # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ActiveTrustedSigners.html
6958
- # @return [Array<String>]
7235
+ # @!attribute [rw] message
7236
+ # @return [String]
6959
7237
  #
6960
- # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyPairIds AWS API Documentation
7238
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyGroupAlreadyExists AWS API Documentation
6961
7239
  #
6962
- class KeyPairIds < Struct.new(
6963
- :quantity,
6964
- :items)
7240
+ class KeyGroupAlreadyExists < Struct.new(
7241
+ :message)
6965
7242
  SENSITIVE = []
6966
7243
  include Aws::Structure
6967
7244
  end
6968
7245
 
6969
- # Contains information about the Amazon Kinesis data stream where you
6970
- # are sending real-time log data.
7246
+ # A key group configuration.
6971
7247
  #
6972
- # @note When making an API call, you may pass KinesisStreamConfig
6973
- # data as a hash:
7248
+ # A key group contains a list of public keys that you can use with
7249
+ # [CloudFront signed URLs and signed cookies][1].
6974
7250
  #
6975
- # {
6976
- # role_arn: "string", # required
6977
- # stream_arn: "string", # required
6978
- # }
6979
7251
  #
6980
- # @!attribute [rw] role_arn
6981
- # The Amazon Resource Name (ARN) of an AWS Identity and Access
6982
- # Management (IAM) role that CloudFront can use to send real-time log
6983
- # data to your Kinesis data stream.
6984
7252
  #
6985
- # For more information the IAM role, see [Real-time log configuration
6986
- # IAM role][1] in the *Amazon CloudFront Developer Guide*.
7253
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
6987
7254
  #
7255
+ # @note When making an API call, you may pass KeyGroupConfig
7256
+ # data as a hash:
6988
7257
  #
7258
+ # {
7259
+ # name: "string", # required
7260
+ # items: ["string"], # required
7261
+ # comment: "string",
7262
+ # }
6989
7263
  #
6990
- # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role
7264
+ # @!attribute [rw] name
7265
+ # A name to identify the key group.
6991
7266
  # @return [String]
6992
7267
  #
6993
- # @!attribute [rw] stream_arn
6994
- # The Amazon Resource Name (ARN) of the Kinesis data stream where you
6995
- # are sending real-time log data.
7268
+ # @!attribute [rw] items
7269
+ # A list of the identifiers of the public keys in the key group.
7270
+ # @return [Array<String>]
7271
+ #
7272
+ # @!attribute [rw] comment
7273
+ # A comment to describe the key group.
6996
7274
  # @return [String]
6997
7275
  #
6998
- # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KinesisStreamConfig AWS API Documentation
7276
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyGroupConfig AWS API Documentation
6999
7277
  #
7000
- class KinesisStreamConfig < Struct.new(
7001
- :role_arn,
7002
- :stream_arn)
7278
+ class KeyGroupConfig < Struct.new(
7279
+ :name,
7280
+ :items,
7281
+ :comment)
7003
7282
  SENSITIVE = []
7004
7283
  include Aws::Structure
7005
7284
  end
7006
7285
 
7007
- # A complex type that contains a Lambda function association.
7286
+ # A list of key groups.
7008
7287
  #
7009
- # @note When making an API call, you may pass LambdaFunctionAssociation
7010
- # data as a hash:
7288
+ # @!attribute [rw] next_marker
7289
+ # If there are more items in the list than are in this response, this
7290
+ # element is present. It contains the value that you should use in the
7291
+ # `Marker` field of a subsequent request to continue listing key
7292
+ # groups.
7293
+ # @return [String]
7011
7294
  #
7012
- # {
7013
- # lambda_function_arn: "LambdaFunctionARN", # required
7295
+ # @!attribute [rw] max_items
7296
+ # The maximum number of key groups requested.
7297
+ # @return [Integer]
7298
+ #
7299
+ # @!attribute [rw] quantity
7300
+ # The number of key groups returned in the response.
7301
+ # @return [Integer]
7302
+ #
7303
+ # @!attribute [rw] items
7304
+ # A list of key groups.
7305
+ # @return [Array<Types::KeyGroupSummary>]
7306
+ #
7307
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyGroupList AWS API Documentation
7308
+ #
7309
+ class KeyGroupList < Struct.new(
7310
+ :next_marker,
7311
+ :max_items,
7312
+ :quantity,
7313
+ :items)
7314
+ SENSITIVE = []
7315
+ include Aws::Structure
7316
+ end
7317
+
7318
+ # Contains information about a key group.
7319
+ #
7320
+ # @!attribute [rw] key_group
7321
+ # A key group.
7322
+ # @return [Types::KeyGroup]
7323
+ #
7324
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyGroupSummary AWS API Documentation
7325
+ #
7326
+ class KeyGroupSummary < Struct.new(
7327
+ :key_group)
7328
+ SENSITIVE = []
7329
+ include Aws::Structure
7330
+ end
7331
+
7332
+ # A list of CloudFront key pair identifiers.
7333
+ #
7334
+ # @!attribute [rw] quantity
7335
+ # The number of key pair identifiers in the list.
7336
+ # @return [Integer]
7337
+ #
7338
+ # @!attribute [rw] items
7339
+ # A list of CloudFront key pair identifiers.
7340
+ # @return [Array<String>]
7341
+ #
7342
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyPairIds AWS API Documentation
7343
+ #
7344
+ class KeyPairIds < Struct.new(
7345
+ :quantity,
7346
+ :items)
7347
+ SENSITIVE = []
7348
+ include Aws::Structure
7349
+ end
7350
+
7351
+ # Contains information about the Amazon Kinesis data stream where you
7352
+ # are sending real-time log data.
7353
+ #
7354
+ # @note When making an API call, you may pass KinesisStreamConfig
7355
+ # data as a hash:
7356
+ #
7357
+ # {
7358
+ # role_arn: "string", # required
7359
+ # stream_arn: "string", # required
7360
+ # }
7361
+ #
7362
+ # @!attribute [rw] role_arn
7363
+ # The Amazon Resource Name (ARN) of an AWS Identity and Access
7364
+ # Management (IAM) role that CloudFront can use to send real-time log
7365
+ # data to your Kinesis data stream.
7366
+ #
7367
+ # For more information the IAM role, see [Real-time log configuration
7368
+ # IAM role][1] in the *Amazon CloudFront Developer Guide*.
7369
+ #
7370
+ #
7371
+ #
7372
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html#understand-real-time-log-config-iam-role
7373
+ # @return [String]
7374
+ #
7375
+ # @!attribute [rw] stream_arn
7376
+ # The Amazon Resource Name (ARN) of the Kinesis data stream where you
7377
+ # are sending real-time log data.
7378
+ # @return [String]
7379
+ #
7380
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KinesisStreamConfig AWS API Documentation
7381
+ #
7382
+ class KinesisStreamConfig < Struct.new(
7383
+ :role_arn,
7384
+ :stream_arn)
7385
+ SENSITIVE = []
7386
+ include Aws::Structure
7387
+ end
7388
+
7389
+ # A complex type that contains a Lambda function association.
7390
+ #
7391
+ # @note When making an API call, you may pass LambdaFunctionAssociation
7392
+ # data as a hash:
7393
+ #
7394
+ # {
7395
+ # lambda_function_arn: "LambdaFunctionARN", # required
7014
7396
  # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
7015
7397
  # include_body: false,
7016
7398
  # }
@@ -7261,6 +7643,55 @@ module Aws::CloudFront
7261
7643
  include Aws::Structure
7262
7644
  end
7263
7645
 
7646
+ # @note When making an API call, you may pass ListDistributionsByKeyGroupRequest
7647
+ # data as a hash:
7648
+ #
7649
+ # {
7650
+ # marker: "string",
7651
+ # max_items: 1,
7652
+ # key_group_id: "string", # required
7653
+ # }
7654
+ #
7655
+ # @!attribute [rw] marker
7656
+ # Use this field when paginating results to indicate where to begin in
7657
+ # your list of distribution IDs. The response includes distribution
7658
+ # IDs in the list that occur after the marker. To get the next page of
7659
+ # the list, set this field’s value to the value of `NextMarker` from
7660
+ # the current page’s response.
7661
+ # @return [String]
7662
+ #
7663
+ # @!attribute [rw] max_items
7664
+ # The maximum number of distribution IDs that you want in the
7665
+ # response.
7666
+ # @return [Integer]
7667
+ #
7668
+ # @!attribute [rw] key_group_id
7669
+ # The ID of the key group whose associated distribution IDs you are
7670
+ # listing.
7671
+ # @return [String]
7672
+ #
7673
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributionsByKeyGroupRequest AWS API Documentation
7674
+ #
7675
+ class ListDistributionsByKeyGroupRequest < Struct.new(
7676
+ :marker,
7677
+ :max_items,
7678
+ :key_group_id)
7679
+ SENSITIVE = []
7680
+ include Aws::Structure
7681
+ end
7682
+
7683
+ # @!attribute [rw] distribution_id_list
7684
+ # A list of distribution IDs.
7685
+ # @return [Types::DistributionIdList]
7686
+ #
7687
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributionsByKeyGroupResult AWS API Documentation
7688
+ #
7689
+ class ListDistributionsByKeyGroupResult < Struct.new(
7690
+ :distribution_id_list)
7691
+ SENSITIVE = []
7692
+ include Aws::Structure
7693
+ end
7694
+
7264
7695
  # @note When making an API call, you may pass ListDistributionsByOriginRequestPolicyIdRequest
7265
7696
  # data as a hash:
7266
7697
  #
@@ -7612,6 +8043,47 @@ module Aws::CloudFront
7612
8043
  include Aws::Structure
7613
8044
  end
7614
8045
 
8046
+ # @note When making an API call, you may pass ListKeyGroupsRequest
8047
+ # data as a hash:
8048
+ #
8049
+ # {
8050
+ # marker: "string",
8051
+ # max_items: 1,
8052
+ # }
8053
+ #
8054
+ # @!attribute [rw] marker
8055
+ # Use this field when paginating results to indicate where to begin in
8056
+ # your list of key groups. The response includes key groups in the
8057
+ # list that occur after the marker. To get the next page of the list,
8058
+ # set this field’s value to the value of `NextMarker` from the current
8059
+ # page’s response.
8060
+ # @return [String]
8061
+ #
8062
+ # @!attribute [rw] max_items
8063
+ # The maximum number of key groups that you want in the response.
8064
+ # @return [Integer]
8065
+ #
8066
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListKeyGroupsRequest AWS API Documentation
8067
+ #
8068
+ class ListKeyGroupsRequest < Struct.new(
8069
+ :marker,
8070
+ :max_items)
8071
+ SENSITIVE = []
8072
+ include Aws::Structure
8073
+ end
8074
+
8075
+ # @!attribute [rw] key_group_list
8076
+ # A list of key groups.
8077
+ # @return [Types::KeyGroupList]
8078
+ #
8079
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListKeyGroupsResult AWS API Documentation
8080
+ #
8081
+ class ListKeyGroupsResult < Struct.new(
8082
+ :key_group_list)
8083
+ SENSITIVE = []
8084
+ include Aws::Structure
8085
+ end
8086
+
7615
8087
  # @note When making an API call, you may pass ListOriginRequestPoliciesRequest
7616
8088
  # data as a hash:
7617
8089
  #
@@ -9179,20 +9651,31 @@ module Aws::CloudFront
9179
9651
  include Aws::Structure
9180
9652
  end
9181
9653
 
9182
- # A complex data type of public keys you add to CloudFront to use with
9183
- # features like field-level encryption.
9654
+ # A public key that you can use with [signed URLs and signed
9655
+ # cookies][1], or with [field-level encryption][2].
9656
+ #
9657
+ #
9658
+ #
9659
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
9660
+ # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html
9184
9661
  #
9185
9662
  # @!attribute [rw] id
9186
- # A unique ID assigned to a public key you've added to CloudFront.
9663
+ # The identifier of the public key.
9187
9664
  # @return [String]
9188
9665
  #
9189
9666
  # @!attribute [rw] created_time
9190
- # A time you added a public key to CloudFront.
9667
+ # The date and time when the public key was uploaded.
9191
9668
  # @return [Time]
9192
9669
  #
9193
9670
  # @!attribute [rw] public_key_config
9194
- # A complex data type for a public key you add to CloudFront to use
9195
- # with features like field-level encryption.
9671
+ # Configuration information about a public key that you can use with
9672
+ # [signed URLs and signed cookies][1], or with [field-level
9673
+ # encryption][2].
9674
+ #
9675
+ #
9676
+ #
9677
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
9678
+ # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html
9196
9679
  # @return [Types::PublicKeyConfig]
9197
9680
  #
9198
9681
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublicKey AWS API Documentation
@@ -9218,8 +9701,14 @@ module Aws::CloudFront
9218
9701
  include Aws::Structure
9219
9702
  end
9220
9703
 
9221
- # Information about a public key you add to CloudFront to use with
9222
- # features like field-level encryption.
9704
+ # Configuration information about a public key that you can use with
9705
+ # [signed URLs and signed cookies][1], or with [field-level
9706
+ # encryption][2].
9707
+ #
9708
+ #
9709
+ #
9710
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
9711
+ # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html
9223
9712
  #
9224
9713
  # @note When making an API call, you may pass PublicKeyConfig
9225
9714
  # data as a hash:
@@ -9232,21 +9721,26 @@ module Aws::CloudFront
9232
9721
  # }
9233
9722
  #
9234
9723
  # @!attribute [rw] caller_reference
9235
- # A unique number that ensures that the request can't be replayed.
9724
+ # A string included in the request to help make sure that the request
9725
+ # can’t be replayed.
9236
9726
  # @return [String]
9237
9727
  #
9238
9728
  # @!attribute [rw] name
9239
- # The name for a public key you add to CloudFront to use with features
9240
- # like field-level encryption.
9729
+ # A name to help identify the public key.
9241
9730
  # @return [String]
9242
9731
  #
9243
9732
  # @!attribute [rw] encoded_key
9244
- # The encoded public key that you want to add to CloudFront to use
9245
- # with features like field-level encryption.
9733
+ # The public key that you can use with [signed URLs and signed
9734
+ # cookies][1], or with [field-level encryption][2].
9735
+ #
9736
+ #
9737
+ #
9738
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
9739
+ # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html
9246
9740
  # @return [String]
9247
9741
  #
9248
9742
  # @!attribute [rw] comment
9249
- # An optional comment about a public key.
9743
+ # A comment to describe the public key.
9250
9744
  # @return [String]
9251
9745
  #
9252
9746
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublicKeyConfig AWS API Documentation
@@ -9273,8 +9767,13 @@ module Aws::CloudFront
9273
9767
  include Aws::Structure
9274
9768
  end
9275
9769
 
9276
- # A list of public keys you've added to CloudFront to use with features
9277
- # like field-level encryption.
9770
+ # A list of public keys that you can use with [signed URLs and signed
9771
+ # cookies][1], or with [field-level encryption][2].
9772
+ #
9773
+ #
9774
+ #
9775
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
9776
+ # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html
9278
9777
  #
9279
9778
  # @!attribute [rw] next_marker
9280
9779
  # If there are more elements to be listed, this element is present and
@@ -9283,17 +9782,15 @@ module Aws::CloudFront
9283
9782
  # @return [String]
9284
9783
  #
9285
9784
  # @!attribute [rw] max_items
9286
- # The maximum number of public keys you want in the response body.
9785
+ # The maximum number of public keys you want in the response.
9287
9786
  # @return [Integer]
9288
9787
  #
9289
9788
  # @!attribute [rw] quantity
9290
- # The number of public keys you added to CloudFront to use with
9291
- # features like field-level encryption.
9789
+ # The number of public keys in the list.
9292
9790
  # @return [Integer]
9293
9791
  #
9294
9792
  # @!attribute [rw] items
9295
- # An array of information about a public key you add to CloudFront to
9296
- # use with features like field-level encryption.
9793
+ # A list of public keys.
9297
9794
  # @return [Array<Types::PublicKeySummary>]
9298
9795
  #
9299
9796
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublicKeyList AWS API Documentation
@@ -9307,26 +9804,26 @@ module Aws::CloudFront
9307
9804
  include Aws::Structure
9308
9805
  end
9309
9806
 
9310
- # A complex data type for public key information.
9807
+ # Contains information about a public key.
9311
9808
  #
9312
9809
  # @!attribute [rw] id
9313
- # ID for public key information summary.
9810
+ # The identifier of the public key.
9314
9811
  # @return [String]
9315
9812
  #
9316
9813
  # @!attribute [rw] name
9317
- # Name for public key information summary.
9814
+ # A name to help identify the public key.
9318
9815
  # @return [String]
9319
9816
  #
9320
9817
  # @!attribute [rw] created_time
9321
- # Creation time for public key information summary.
9818
+ # The date and time when the public key was uploaded.
9322
9819
  # @return [Time]
9323
9820
  #
9324
9821
  # @!attribute [rw] encoded_key
9325
- # Encoded key for public key information summary.
9822
+ # The public key.
9326
9823
  # @return [String]
9327
9824
  #
9328
9825
  # @!attribute [rw] comment
9329
- # Comment for public key information summary.
9826
+ # A comment to describe the public key.
9330
9827
  # @return [String]
9331
9828
  #
9332
9829
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublicKeySummary AWS API Documentation
@@ -9663,6 +10160,19 @@ module Aws::CloudFront
9663
10160
  include Aws::Structure
9664
10161
  end
9665
10162
 
10163
+ # Cannot delete this resource because it is in use.
10164
+ #
10165
+ # @!attribute [rw] message
10166
+ # @return [String]
10167
+ #
10168
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ResourceInUse AWS API Documentation
10169
+ #
10170
+ class ResourceInUse < Struct.new(
10171
+ :message)
10172
+ SENSITIVE = []
10173
+ include Aws::Structure
10174
+ end
10175
+
9666
10176
  # A complex type that identifies ways in which you want to restrict
9667
10177
  # distribution of your content.
9668
10178
  #
@@ -9793,22 +10303,20 @@ module Aws::CloudFront
9793
10303
  include Aws::Structure
9794
10304
  end
9795
10305
 
9796
- # A complex type that lists the AWS accounts that were included in the
9797
- # `TrustedSigners` complex type, as well as their active CloudFront key
9798
- # pair IDs, if any.
10306
+ # A list of AWS accounts and the active CloudFront key pairs in each
10307
+ # account that CloudFront can use to verify the signatures of signed
10308
+ # URLs and signed cookies.
9799
10309
  #
9800
10310
  # @!attribute [rw] aws_account_number
9801
- # An AWS account that is included in the `TrustedSigners` complex type
9802
- # for this distribution. Valid values include:
9803
- #
9804
- # * `self`, which is the AWS account used to create the distribution.
9805
- #
9806
- # * An AWS account number.
10311
+ # An AWS account number that contains active CloudFront key pairs that
10312
+ # CloudFront can use to verify the signatures of signed URLs and
10313
+ # signed cookies. If the AWS account that owns the key pairs is the
10314
+ # same account that owns the CloudFront distribution, the value of
10315
+ # this field is `self`.
9807
10316
  # @return [String]
9808
10317
  #
9809
10318
  # @!attribute [rw] key_pair_ids
9810
- # A complex type that lists the active CloudFront key pairs, if any,
9811
- # that are associated with `AwsAccountNumber`.
10319
+ # A list of CloudFront key pair identifiers.
9812
10320
  # @return [Types::KeyPairIds]
9813
10321
  #
9814
10322
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/Signer AWS API Documentation
@@ -10577,6 +11085,25 @@ module Aws::CloudFront
10577
11085
  include Aws::Structure
10578
11086
  end
10579
11087
 
11088
+ # The number of distributions that reference this key group is more than
11089
+ # the maximum allowed. For more information, see [Quotas][1] (formerly
11090
+ # known as limits) in the *Amazon CloudFront Developer Guide*.
11091
+ #
11092
+ #
11093
+ #
11094
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
11095
+ #
11096
+ # @!attribute [rw] message
11097
+ # @return [String]
11098
+ #
11099
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyDistributionsAssociatedToKeyGroup AWS API Documentation
11100
+ #
11101
+ class TooManyDistributionsAssociatedToKeyGroup < Struct.new(
11102
+ :message)
11103
+ SENSITIVE = []
11104
+ include Aws::Structure
11105
+ end
11106
+
10580
11107
  # The maximum number of distributions have been associated with the
10581
11108
  # specified origin request policy. For more information, see [Quotas][1]
10582
11109
  # (formerly known as limits) in the *Amazon CloudFront Developer Guide*.
@@ -10774,6 +11301,44 @@ module Aws::CloudFront
10774
11301
  include Aws::Structure
10775
11302
  end
10776
11303
 
11304
+ # You have reached the maximum number of key groups for this AWS
11305
+ # account. For more information, see [Quotas][1] (formerly known as
11306
+ # limits) in the *Amazon CloudFront Developer Guide*.
11307
+ #
11308
+ #
11309
+ #
11310
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
11311
+ #
11312
+ # @!attribute [rw] message
11313
+ # @return [String]
11314
+ #
11315
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyKeyGroups AWS API Documentation
11316
+ #
11317
+ class TooManyKeyGroups < Struct.new(
11318
+ :message)
11319
+ SENSITIVE = []
11320
+ include Aws::Structure
11321
+ end
11322
+
11323
+ # The number of key groups referenced by this distribution is more than
11324
+ # the maximum allowed. For more information, see [Quotas][1] (formerly
11325
+ # known as limits) in the *Amazon CloudFront Developer Guide*.
11326
+ #
11327
+ #
11328
+ #
11329
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
11330
+ #
11331
+ # @!attribute [rw] message
11332
+ # @return [String]
11333
+ #
11334
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyKeyGroupsAssociatedToDistribution AWS API Documentation
11335
+ #
11336
+ class TooManyKeyGroupsAssociatedToDistribution < Struct.new(
11337
+ :message)
11338
+ SENSITIVE = []
11339
+ include Aws::Structure
11340
+ end
11341
+
10777
11342
  # Your request contains more Lambda function associations than are
10778
11343
  # allowed per distribution.
10779
11344
  #
@@ -10861,6 +11426,25 @@ module Aws::CloudFront
10861
11426
  include Aws::Structure
10862
11427
  end
10863
11428
 
11429
+ # The number of public keys in this key group is more than the maximum
11430
+ # allowed. For more information, see [Quotas][1] (formerly known as
11431
+ # limits) in the *Amazon CloudFront Developer Guide*.
11432
+ #
11433
+ #
11434
+ #
11435
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
11436
+ #
11437
+ # @!attribute [rw] message
11438
+ # @return [String]
11439
+ #
11440
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyPublicKeysInKeyGroup AWS API Documentation
11441
+ #
11442
+ class TooManyPublicKeysInKeyGroup < Struct.new(
11443
+ :message)
11444
+ SENSITIVE = []
11445
+ include Aws::Structure
11446
+ end
11447
+
10864
11448
  # Your request contains too many query string parameters.
10865
11449
  #
10866
11450
  # @!attribute [rw] message
@@ -10972,45 +11556,70 @@ module Aws::CloudFront
10972
11556
  include Aws::Structure
10973
11557
  end
10974
11558
 
10975
- # One or more of your trusted signers don't exist.
11559
+ # The specified key group does not exist.
10976
11560
  #
10977
11561
  # @!attribute [rw] message
10978
11562
  # @return [String]
10979
11563
  #
10980
- # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedSignerDoesNotExist AWS API Documentation
11564
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedKeyGroupDoesNotExist AWS API Documentation
10981
11565
  #
10982
- class TrustedSignerDoesNotExist < Struct.new(
11566
+ class TrustedKeyGroupDoesNotExist < Struct.new(
10983
11567
  :message)
10984
11568
  SENSITIVE = []
10985
11569
  include Aws::Structure
10986
11570
  end
10987
11571
 
10988
- # A complex type that specifies the AWS accounts, if any, that you want
10989
- # to allow to create signed URLs for private content.
11572
+ # A list of key groups whose public keys CloudFront can use to verify
11573
+ # the signatures of signed URLs and signed cookies.
10990
11574
  #
10991
- # If you want to require signed URLs in requests for objects in the
10992
- # target origin that match the `PathPattern` for this cache behavior,
10993
- # specify `true` for `Enabled`, and specify the applicable values for
10994
- # `Quantity` and `Items`. For more information, see [Serving Private
10995
- # Content through CloudFront][1] in the <i> Amazon CloudFront Developer
10996
- # Guide</i>.
11575
+ # @note When making an API call, you may pass TrustedKeyGroups
11576
+ # data as a hash:
10997
11577
  #
10998
- # If you don't want to require signed URLs in requests for objects that
10999
- # match `PathPattern`, specify `false` for `Enabled` and `0` for
11000
- # `Quantity`. Omit `Items`.
11578
+ # {
11579
+ # enabled: false, # required
11580
+ # quantity: 1, # required
11581
+ # items: ["string"],
11582
+ # }
11001
11583
  #
11002
- # To add, change, or remove one or more trusted signers, change
11003
- # `Enabled` to `true` (if it's currently `false`), change `Quantity` as
11004
- # applicable, and specify all of the trusted signers that you want to
11005
- # include in the updated distribution.
11584
+ # @!attribute [rw] enabled
11585
+ # This field is `true` if any of the key groups in the list have
11586
+ # public keys that CloudFront can use to verify the signatures of
11587
+ # signed URLs and signed cookies. If not, this field is `false`.
11588
+ # @return [Boolean]
11006
11589
  #
11007
- # For more information about updating the distribution configuration,
11008
- # see [DistributionConfig][2] in the *Amazon CloudFront API Reference*.
11590
+ # @!attribute [rw] quantity
11591
+ # The number of key groups in the list.
11592
+ # @return [Integer]
11009
11593
  #
11594
+ # @!attribute [rw] items
11595
+ # A list of key groups identifiers.
11596
+ # @return [Array<String>]
11010
11597
  #
11598
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedKeyGroups AWS API Documentation
11011
11599
  #
11012
- # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html
11013
- # [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/DistributionConfig.html
11600
+ class TrustedKeyGroups < Struct.new(
11601
+ :enabled,
11602
+ :quantity,
11603
+ :items)
11604
+ SENSITIVE = []
11605
+ include Aws::Structure
11606
+ end
11607
+
11608
+ # One or more of your trusted signers don't exist.
11609
+ #
11610
+ # @!attribute [rw] message
11611
+ # @return [String]
11612
+ #
11613
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedSignerDoesNotExist AWS API Documentation
11614
+ #
11615
+ class TrustedSignerDoesNotExist < Struct.new(
11616
+ :message)
11617
+ SENSITIVE = []
11618
+ include Aws::Structure
11619
+ end
11620
+
11621
+ # A list of AWS accounts whose public keys CloudFront can use to verify
11622
+ # the signatures of signed URLs and signed cookies.
11014
11623
  #
11015
11624
  # @note When making an API call, you may pass TrustedSigners
11016
11625
  # data as a hash:
@@ -11022,17 +11631,17 @@ module Aws::CloudFront
11022
11631
  # }
11023
11632
  #
11024
11633
  # @!attribute [rw] enabled
11025
- # Specifies whether you want to require viewers to use signed URLs to
11026
- # access the files specified by `PathPattern` and `TargetOriginId`.
11634
+ # This field is `true` if any of the AWS accounts have public keys
11635
+ # that CloudFront can use to verify the signatures of signed URLs and
11636
+ # signed cookies. If not, this field is `false`.
11027
11637
  # @return [Boolean]
11028
11638
  #
11029
11639
  # @!attribute [rw] quantity
11030
- # The number of trusted signers for this cache behavior.
11640
+ # The number of AWS accounts in the list.
11031
11641
  # @return [Integer]
11032
11642
  #
11033
11643
  # @!attribute [rw] items
11034
- # **Optional**\: A complex type that contains trusted signers for this
11035
- # cache behavior. If `Quantity` is `0`, you can omit `Items`.
11644
+ # A list of AWS account identifiers.
11036
11645
  # @return [Array<String>]
11037
11646
  #
11038
11647
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedSigners AWS API Documentation
@@ -11290,7 +11899,12 @@ module Aws::CloudFront
11290
11899
  # },
11291
11900
  # default_cache_behavior: { # required
11292
11901
  # target_origin_id: "string", # required
11293
- # trusted_signers: { # required
11902
+ # trusted_signers: {
11903
+ # enabled: false, # required
11904
+ # quantity: 1, # required
11905
+ # items: ["string"],
11906
+ # },
11907
+ # trusted_key_groups: {
11294
11908
  # enabled: false, # required
11295
11909
  # quantity: 1, # required
11296
11910
  # items: ["string"],
@@ -11348,7 +11962,12 @@ module Aws::CloudFront
11348
11962
  # {
11349
11963
  # path_pattern: "string", # required
11350
11964
  # target_origin_id: "string", # required
11351
- # trusted_signers: { # required
11965
+ # trusted_signers: {
11966
+ # enabled: false, # required
11967
+ # quantity: 1, # required
11968
+ # items: ["string"],
11969
+ # },
11970
+ # trusted_key_groups: {
11352
11971
  # enabled: false, # required
11353
11972
  # quantity: 1, # required
11354
11973
  # items: ["string"],
@@ -11633,6 +12252,59 @@ module Aws::CloudFront
11633
12252
  include Aws::Structure
11634
12253
  end
11635
12254
 
12255
+ # @note When making an API call, you may pass UpdateKeyGroupRequest
12256
+ # data as a hash:
12257
+ #
12258
+ # {
12259
+ # key_group_config: { # required
12260
+ # name: "string", # required
12261
+ # items: ["string"], # required
12262
+ # comment: "string",
12263
+ # },
12264
+ # id: "string", # required
12265
+ # if_match: "string",
12266
+ # }
12267
+ #
12268
+ # @!attribute [rw] key_group_config
12269
+ # The key group configuration.
12270
+ # @return [Types::KeyGroupConfig]
12271
+ #
12272
+ # @!attribute [rw] id
12273
+ # The identifier of the key group that you are updating.
12274
+ # @return [String]
12275
+ #
12276
+ # @!attribute [rw] if_match
12277
+ # The version of the key group that you are updating. The version is
12278
+ # the key group’s `ETag` value.
12279
+ # @return [String]
12280
+ #
12281
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateKeyGroupRequest AWS API Documentation
12282
+ #
12283
+ class UpdateKeyGroupRequest < Struct.new(
12284
+ :key_group_config,
12285
+ :id,
12286
+ :if_match)
12287
+ SENSITIVE = []
12288
+ include Aws::Structure
12289
+ end
12290
+
12291
+ # @!attribute [rw] key_group
12292
+ # The key group that was just updated.
12293
+ # @return [Types::KeyGroup]
12294
+ #
12295
+ # @!attribute [rw] etag
12296
+ # The identifier for this version of the key group.
12297
+ # @return [String]
12298
+ #
12299
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateKeyGroupResult AWS API Documentation
12300
+ #
12301
+ class UpdateKeyGroupResult < Struct.new(
12302
+ :key_group,
12303
+ :etag)
12304
+ SENSITIVE = []
12305
+ include Aws::Structure
12306
+ end
12307
+
11636
12308
  # @note When making an API call, you may pass UpdateOriginRequestPolicyRequest
11637
12309
  # data as a hash:
11638
12310
  #
@@ -11725,11 +12397,11 @@ module Aws::CloudFront
11725
12397
  # }
11726
12398
  #
11727
12399
  # @!attribute [rw] public_key_config
11728
- # Request to update public key information.
12400
+ # A public key configuration.
11729
12401
  # @return [Types::PublicKeyConfig]
11730
12402
  #
11731
12403
  # @!attribute [rw] id
11732
- # ID of the public key to be updated.
12404
+ # The identifier of the public key that you are updating.
11733
12405
  # @return [String]
11734
12406
  #
11735
12407
  # @!attribute [rw] if_match
@@ -11748,12 +12420,11 @@ module Aws::CloudFront
11748
12420
  end
11749
12421
 
11750
12422
  # @!attribute [rw] public_key
11751
- # Return the results of updating the public key.
12423
+ # The public key.
11752
12424
  # @return [Types::PublicKey]
11753
12425
  #
11754
12426
  # @!attribute [rw] etag
11755
- # The current version of the update public key result. For example:
11756
- # `E2QWRUHAPOMQZL`.
12427
+ # The identifier of the current version of the public key.
11757
12428
  # @return [String]
11758
12429
  #
11759
12430
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdatePublicKeyResult AWS API Documentation