aws-sdk-cloudfront 1.48.0 → 1.53.0

This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -42,6 +42,9 @@ module Aws::CloudFront
42
42
  # * {FieldLevelEncryptionProfileAlreadyExists}
43
43
  # * {FieldLevelEncryptionProfileInUse}
44
44
  # * {FieldLevelEncryptionProfileSizeExceeded}
45
+ # * {FunctionAlreadyExists}
46
+ # * {FunctionInUse}
47
+ # * {FunctionSizeLimitExceeded}
45
48
  # * {IllegalDelete}
46
49
  # * {IllegalFieldLevelEncryptionConfigAssociationWithCacheBehavior}
47
50
  # * {IllegalUpdate}
@@ -50,6 +53,7 @@ module Aws::CloudFront
50
53
  # * {InvalidDefaultRootObject}
51
54
  # * {InvalidErrorCode}
52
55
  # * {InvalidForwardCookies}
56
+ # * {InvalidFunctionAssociation}
53
57
  # * {InvalidGeoRestrictionParameter}
54
58
  # * {InvalidHeadersForS3Origin}
55
59
  # * {InvalidIfMatchVersion}
@@ -76,6 +80,7 @@ module Aws::CloudFront
76
80
  # * {NoSuchDistribution}
77
81
  # * {NoSuchFieldLevelEncryptionConfig}
78
82
  # * {NoSuchFieldLevelEncryptionProfile}
83
+ # * {NoSuchFunctionExists}
79
84
  # * {NoSuchInvalidation}
80
85
  # * {NoSuchOrigin}
81
86
  # * {NoSuchOriginRequestPolicy}
@@ -91,9 +96,11 @@ module Aws::CloudFront
91
96
  # * {QueryArgProfileEmpty}
92
97
  # * {RealtimeLogConfigAlreadyExists}
93
98
  # * {RealtimeLogConfigInUse}
99
+ # * {RealtimeLogConfigOwnerMismatch}
94
100
  # * {ResourceInUse}
95
101
  # * {StreamingDistributionAlreadyExists}
96
102
  # * {StreamingDistributionNotDisabled}
103
+ # * {TestFunctionFailed}
97
104
  # * {TooManyCacheBehaviors}
98
105
  # * {TooManyCachePolicies}
99
106
  # * {TooManyCertificates}
@@ -107,6 +114,7 @@ module Aws::CloudFront
107
114
  # * {TooManyDistributionsAssociatedToFieldLevelEncryptionConfig}
108
115
  # * {TooManyDistributionsAssociatedToKeyGroup}
109
116
  # * {TooManyDistributionsAssociatedToOriginRequestPolicy}
117
+ # * {TooManyDistributionsWithFunctionAssociations}
110
118
  # * {TooManyDistributionsWithLambdaAssociations}
111
119
  # * {TooManyDistributionsWithSingleFunctionARN}
112
120
  # * {TooManyFieldLevelEncryptionConfigs}
@@ -115,6 +123,8 @@ module Aws::CloudFront
115
123
  # * {TooManyFieldLevelEncryptionFieldPatterns}
116
124
  # * {TooManyFieldLevelEncryptionProfiles}
117
125
  # * {TooManyFieldLevelEncryptionQueryArgProfiles}
126
+ # * {TooManyFunctionAssociations}
127
+ # * {TooManyFunctions}
118
128
  # * {TooManyHeadersInCachePolicy}
119
129
  # * {TooManyHeadersInForwardedValues}
120
130
  # * {TooManyHeadersInOriginRequestPolicy}
@@ -137,6 +147,7 @@ module Aws::CloudFront
137
147
  # * {TooManyTrustedSigners}
138
148
  # * {TrustedKeyGroupDoesNotExist}
139
149
  # * {TrustedSignerDoesNotExist}
150
+ # * {UnsupportedOperation}
140
151
  #
141
152
  # Additionally, error classes are dynamically generated for service errors based on the error code
142
153
  # if they are not defined above.
@@ -369,6 +380,51 @@ module Aws::CloudFront
369
380
  end
370
381
  end
371
382
 
383
+ class FunctionAlreadyExists < ServiceError
384
+
385
+ # @param [Seahorse::Client::RequestContext] context
386
+ # @param [String] message
387
+ # @param [Aws::CloudFront::Types::FunctionAlreadyExists] data
388
+ def initialize(context, message, data = Aws::EmptyStructure.new)
389
+ super(context, message, data)
390
+ end
391
+
392
+ # @return [String]
393
+ def message
394
+ @message || @data[:message]
395
+ end
396
+ end
397
+
398
+ class FunctionInUse < ServiceError
399
+
400
+ # @param [Seahorse::Client::RequestContext] context
401
+ # @param [String] message
402
+ # @param [Aws::CloudFront::Types::FunctionInUse] data
403
+ def initialize(context, message, data = Aws::EmptyStructure.new)
404
+ super(context, message, data)
405
+ end
406
+
407
+ # @return [String]
408
+ def message
409
+ @message || @data[:message]
410
+ end
411
+ end
412
+
413
+ class FunctionSizeLimitExceeded < ServiceError
414
+
415
+ # @param [Seahorse::Client::RequestContext] context
416
+ # @param [String] message
417
+ # @param [Aws::CloudFront::Types::FunctionSizeLimitExceeded] data
418
+ def initialize(context, message, data = Aws::EmptyStructure.new)
419
+ super(context, message, data)
420
+ end
421
+
422
+ # @return [String]
423
+ def message
424
+ @message || @data[:message]
425
+ end
426
+ end
427
+
372
428
  class IllegalDelete < ServiceError
373
429
 
374
430
  # @param [Seahorse::Client::RequestContext] context
@@ -489,6 +545,21 @@ module Aws::CloudFront
489
545
  end
490
546
  end
491
547
 
548
+ class InvalidFunctionAssociation < ServiceError
549
+
550
+ # @param [Seahorse::Client::RequestContext] context
551
+ # @param [String] message
552
+ # @param [Aws::CloudFront::Types::InvalidFunctionAssociation] data
553
+ def initialize(context, message, data = Aws::EmptyStructure.new)
554
+ super(context, message, data)
555
+ end
556
+
557
+ # @return [String]
558
+ def message
559
+ @message || @data[:message]
560
+ end
561
+ end
562
+
492
563
  class InvalidGeoRestrictionParameter < ServiceError
493
564
 
494
565
  # @param [Seahorse::Client::RequestContext] context
@@ -879,6 +950,21 @@ module Aws::CloudFront
879
950
  end
880
951
  end
881
952
 
953
+ class NoSuchFunctionExists < ServiceError
954
+
955
+ # @param [Seahorse::Client::RequestContext] context
956
+ # @param [String] message
957
+ # @param [Aws::CloudFront::Types::NoSuchFunctionExists] data
958
+ def initialize(context, message, data = Aws::EmptyStructure.new)
959
+ super(context, message, data)
960
+ end
961
+
962
+ # @return [String]
963
+ def message
964
+ @message || @data[:message]
965
+ end
966
+ end
967
+
882
968
  class NoSuchInvalidation < ServiceError
883
969
 
884
970
  # @param [Seahorse::Client::RequestContext] context
@@ -1104,6 +1190,21 @@ module Aws::CloudFront
1104
1190
  end
1105
1191
  end
1106
1192
 
1193
+ class RealtimeLogConfigOwnerMismatch < ServiceError
1194
+
1195
+ # @param [Seahorse::Client::RequestContext] context
1196
+ # @param [String] message
1197
+ # @param [Aws::CloudFront::Types::RealtimeLogConfigOwnerMismatch] data
1198
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1199
+ super(context, message, data)
1200
+ end
1201
+
1202
+ # @return [String]
1203
+ def message
1204
+ @message || @data[:message]
1205
+ end
1206
+ end
1207
+
1107
1208
  class ResourceInUse < ServiceError
1108
1209
 
1109
1210
  # @param [Seahorse::Client::RequestContext] context
@@ -1149,6 +1250,21 @@ module Aws::CloudFront
1149
1250
  end
1150
1251
  end
1151
1252
 
1253
+ class TestFunctionFailed < ServiceError
1254
+
1255
+ # @param [Seahorse::Client::RequestContext] context
1256
+ # @param [String] message
1257
+ # @param [Aws::CloudFront::Types::TestFunctionFailed] data
1258
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1259
+ super(context, message, data)
1260
+ end
1261
+
1262
+ # @return [String]
1263
+ def message
1264
+ @message || @data[:message]
1265
+ end
1266
+ end
1267
+
1152
1268
  class TooManyCacheBehaviors < ServiceError
1153
1269
 
1154
1270
  # @param [Seahorse::Client::RequestContext] context
@@ -1344,6 +1460,21 @@ module Aws::CloudFront
1344
1460
  end
1345
1461
  end
1346
1462
 
1463
+ class TooManyDistributionsWithFunctionAssociations < ServiceError
1464
+
1465
+ # @param [Seahorse::Client::RequestContext] context
1466
+ # @param [String] message
1467
+ # @param [Aws::CloudFront::Types::TooManyDistributionsWithFunctionAssociations] data
1468
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1469
+ super(context, message, data)
1470
+ end
1471
+
1472
+ # @return [String]
1473
+ def message
1474
+ @message || @data[:message]
1475
+ end
1476
+ end
1477
+
1347
1478
  class TooManyDistributionsWithLambdaAssociations < ServiceError
1348
1479
 
1349
1480
  # @param [Seahorse::Client::RequestContext] context
@@ -1464,6 +1595,36 @@ module Aws::CloudFront
1464
1595
  end
1465
1596
  end
1466
1597
 
1598
+ class TooManyFunctionAssociations < ServiceError
1599
+
1600
+ # @param [Seahorse::Client::RequestContext] context
1601
+ # @param [String] message
1602
+ # @param [Aws::CloudFront::Types::TooManyFunctionAssociations] data
1603
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1604
+ super(context, message, data)
1605
+ end
1606
+
1607
+ # @return [String]
1608
+ def message
1609
+ @message || @data[:message]
1610
+ end
1611
+ end
1612
+
1613
+ class TooManyFunctions < ServiceError
1614
+
1615
+ # @param [Seahorse::Client::RequestContext] context
1616
+ # @param [String] message
1617
+ # @param [Aws::CloudFront::Types::TooManyFunctions] data
1618
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1619
+ super(context, message, data)
1620
+ end
1621
+
1622
+ # @return [String]
1623
+ def message
1624
+ @message || @data[:message]
1625
+ end
1626
+ end
1627
+
1467
1628
  class TooManyHeadersInCachePolicy < ServiceError
1468
1629
 
1469
1630
  # @param [Seahorse::Client::RequestContext] context
@@ -1794,5 +1955,20 @@ module Aws::CloudFront
1794
1955
  end
1795
1956
  end
1796
1957
 
1958
+ class UnsupportedOperation < ServiceError
1959
+
1960
+ # @param [Seahorse::Client::RequestContext] context
1961
+ # @param [String] message
1962
+ # @param [Aws::CloudFront::Types::UnsupportedOperation] data
1963
+ def initialize(context, message, data = Aws::EmptyStructure.new)
1964
+ super(context, message, data)
1965
+ end
1966
+
1967
+ # @return [String]
1968
+ def message
1969
+ @message || @data[:message]
1970
+ end
1971
+ end
1972
+
1797
1973
  end
1798
1974
  end
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -3,7 +3,7 @@
3
3
  # WARNING ABOUT GENERATED CODE
4
4
  #
5
5
  # This file is generated. See the contributing guide for more information:
6
- # https://github.com/aws/aws-sdk-ruby/blob/master/CONTRIBUTING.md
6
+ # https://github.com/aws/aws-sdk-ruby/blob/version-3/CONTRIBUTING.md
7
7
  #
8
8
  # WARNING ABOUT GENERATED CODE
9
9
 
@@ -53,23 +53,23 @@ module Aws::CloudFront
53
53
  include Aws::Structure
54
54
  end
55
55
 
56
- # A list of AWS accounts and the active CloudFront key pairs in each
57
- # account that CloudFront can use to verify the signatures of signed
58
- # URLs and signed cookies.
56
+ # A list of accounts and the active CloudFront key pairs in each account
57
+ # that CloudFront can use to verify the signatures of signed URLs and
58
+ # signed cookies.
59
59
  #
60
60
  # @!attribute [rw] enabled
61
- # This field is `true` if any of the AWS accounts in the list have
62
- # active CloudFront key pairs that CloudFront can use to verify the
61
+ # This field is `true` if any of the accounts in the list have active
62
+ # CloudFront key pairs that CloudFront can use to verify the
63
63
  # signatures of signed URLs and signed cookies. If not, this field is
64
64
  # `false`.
65
65
  # @return [Boolean]
66
66
  #
67
67
  # @!attribute [rw] quantity
68
- # The number of AWS accounts in the list.
68
+ # The number of accounts in the list.
69
69
  # @return [Integer]
70
70
  #
71
71
  # @!attribute [rw] items
72
- # A list of AWS accounts and the identifiers of active CloudFront key
72
+ # A list of accounts and the identifiers of active CloudFront key
73
73
  # pairs in each account that CloudFront can use to verify the
74
74
  # signatures of signed URLs and signed cookies.
75
75
  # @return [Array<Types::Signer>]
@@ -84,15 +84,17 @@ module Aws::CloudFront
84
84
  include Aws::Structure
85
85
  end
86
86
 
87
- # AWS services in China customers must file for an Internet Content
88
- # Provider (ICP) recordal if they want to serve content publicly on an
89
- # alternate domain name, also known as a CNAME, that they've added to
90
- # CloudFront. AliasICPRecordal provides the ICP recordal status for
91
- # CNAMEs associated with distributions. The status is returned in the
92
- # CloudFront response; you can't configure it yourself.
87
+ # Amazon Web Services services in China customers must file for an
88
+ # Internet Content Provider (ICP) recordal if they want to serve content
89
+ # publicly on an alternate domain name, also known as a CNAME, that
90
+ # they've added to CloudFront. AliasICPRecordal provides the ICP
91
+ # recordal status for CNAMEs associated with distributions. The status
92
+ # is returned in the CloudFront response; you can't configure it
93
+ # yourself.
93
94
  #
94
95
  # For more information about ICP recordals, see [ Signup, Accounts, and
95
- # Credentials][1] in *Getting Started with AWS services in China*.
96
+ # Credentials][1] in *Getting Started with Amazon Web Services services
97
+ # in China*.
96
98
  #
97
99
  #
98
100
  #
@@ -230,6 +232,31 @@ module Aws::CloudFront
230
232
  include Aws::Structure
231
233
  end
232
234
 
235
+ # @note When making an API call, you may pass AssociateAliasRequest
236
+ # data as a hash:
237
+ #
238
+ # {
239
+ # target_distribution_id: "string", # required
240
+ # alias: "string", # required
241
+ # }
242
+ #
243
+ # @!attribute [rw] target_distribution_id
244
+ # The ID of the distribution that you’re associating the alias with.
245
+ # @return [String]
246
+ #
247
+ # @!attribute [rw] alias
248
+ # The alias (also known as a CNAME) to add to the target distribution.
249
+ # @return [String]
250
+ #
251
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/AssociateAliasRequest AWS API Documentation
252
+ #
253
+ class AssociateAliasRequest < Struct.new(
254
+ :target_distribution_id,
255
+ :alias)
256
+ SENSITIVE = []
257
+ include Aws::Structure
258
+ end
259
+
233
260
  # Invalidation batch specified is too large.
234
261
  #
235
262
  # @!attribute [rw] message
@@ -327,6 +354,15 @@ module Aws::CloudFront
327
354
  # },
328
355
  # ],
329
356
  # },
357
+ # function_associations: {
358
+ # quantity: 1, # required
359
+ # items: [
360
+ # {
361
+ # function_arn: "FunctionARN", # required
362
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
363
+ # },
364
+ # ],
365
+ # },
330
366
  # field_level_encryption_id: "string",
331
367
  # realtime_log_config_arn: "string",
332
368
  # cache_policy_id: "string",
@@ -387,16 +423,16 @@ module Aws::CloudFront
387
423
  # @!attribute [rw] trusted_signers
388
424
  # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
389
425
  #
390
- # A list of AWS account IDs whose public keys CloudFront can use to
426
+ # A list of account IDs whose public keys CloudFront can use to
391
427
  # validate signed URLs or signed cookies.
392
428
  #
393
429
  # When a cache behavior contains trusted signers, CloudFront requires
394
430
  # signed URLs or signed cookies for all requests that match the cache
395
431
  # behavior. The URLs or cookies must be signed with the private key of
396
- # a CloudFront key pair in the trusted signer’s AWS account. The
397
- # signed URL or cookie contains information about which public key
398
- # CloudFront should use to verify the signature. For more information,
399
- # see [Serving private content][1] in the *Amazon CloudFront Developer
432
+ # a CloudFront key pair in the trusted signer’s account. The signed
433
+ # URL or cookie contains information about which public key CloudFront
434
+ # should use to verify the signature. For more information, see
435
+ # [Serving private content][1] in the *Amazon CloudFront Developer
400
436
  # Guide*.
401
437
  #
402
438
  #
@@ -499,10 +535,16 @@ module Aws::CloudFront
499
535
  # @return [Boolean]
500
536
  #
501
537
  # @!attribute [rw] lambda_function_associations
502
- # A complex type that contains zero or more Lambda function
538
+ # A complex type that contains zero or more Lambda@Edge function
503
539
  # associations for a cache behavior.
504
540
  # @return [Types::LambdaFunctionAssociations]
505
541
  #
542
+ # @!attribute [rw] function_associations
543
+ # A list of CloudFront functions that are associated with this cache
544
+ # behavior. CloudFront functions must be published to the `LIVE` stage
545
+ # to associate them with a cache behavior.
546
+ # @return [Types::FunctionAssociations]
547
+ #
506
548
  # @!attribute [rw] field_level_encryption_id
507
549
  # The value of `ID` for the field-level encryption configuration that
508
550
  # you want CloudFront to use for encrypting specific fields of data
@@ -525,6 +567,9 @@ module Aws::CloudFront
525
567
  # policies][1] or [Using the managed cache policies][2] in the *Amazon
526
568
  # CloudFront Developer Guide*.
527
569
  #
570
+ # A `CacheBehavior` must include either a `CachePolicyId` or
571
+ # `ForwardedValues`. We recommend that you use a `CachePolicyId`.
572
+ #
528
573
  #
529
574
  #
530
575
  # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
@@ -559,6 +604,9 @@ module Aws::CloudFront
559
604
  # [Creating origin request policies][4] or [Using the managed origin
560
605
  # request policies][5] in the *Amazon CloudFront Developer Guide*.
561
606
  #
607
+ # A `CacheBehavior` must include either a `CachePolicyId` or
608
+ # `ForwardedValues`. We recommend that you use a `CachePolicyId`.
609
+ #
562
610
  # A complex type that specifies how CloudFront handles query strings,
563
611
  # cookies, and HTTP headers.
564
612
  #
@@ -650,6 +698,7 @@ module Aws::CloudFront
650
698
  :smooth_streaming,
651
699
  :compress,
652
700
  :lambda_function_associations,
701
+ :function_associations,
653
702
  :field_level_encryption_id,
654
703
  :realtime_log_config_arn,
655
704
  :cache_policy_id,
@@ -704,6 +753,15 @@ module Aws::CloudFront
704
753
  # },
705
754
  # ],
706
755
  # },
756
+ # function_associations: {
757
+ # quantity: 1, # required
758
+ # items: [
759
+ # {
760
+ # function_arn: "FunctionARN", # required
761
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
762
+ # },
763
+ # ],
764
+ # },
707
765
  # field_level_encryption_id: "string",
708
766
  # realtime_log_config_arn: "string",
709
767
  # cache_policy_id: "string",
@@ -864,7 +922,8 @@ module Aws::CloudFront
864
922
  # }
865
923
  #
866
924
  # @!attribute [rw] comment
867
- # A comment to describe the cache policy.
925
+ # A comment to describe the cache policy. The comment cannot be longer
926
+ # than 128 characters.
868
927
  # @return [String]
869
928
  #
870
929
  # @!attribute [rw] name
@@ -1149,8 +1208,8 @@ module Aws::CloudFront
1149
1208
  # Contains a cache policy.
1150
1209
  #
1151
1210
  # @!attribute [rw] type
1152
- # The type of cache policy, either `managed` (created by AWS) or
1153
- # `custom` (created in this AWS account).
1211
+ # The type of cache policy, either `managed` (created by Amazon Web
1212
+ # Services) or `custom` (created in this account).
1154
1213
  # @return [String]
1155
1214
  #
1156
1215
  # @!attribute [rw] cache_policy
@@ -1298,7 +1357,8 @@ module Aws::CloudFront
1298
1357
  # @return [String]
1299
1358
  #
1300
1359
  # @!attribute [rw] comment
1301
- # Any comments you want to include about the origin access identity.
1360
+ # A comment to describe the origin access identity. The comment cannot
1361
+ # be longer than 128 characters.
1302
1362
  # @return [String]
1303
1363
  #
1304
1364
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CloudFrontOriginAccessIdentityConfig AWS API Documentation
@@ -1360,13 +1420,13 @@ module Aws::CloudFront
1360
1420
  #
1361
1421
  # @!attribute [rw] quantity
1362
1422
  # The number of CloudFront origin access identities that were created
1363
- # by the current AWS account.
1423
+ # by the current account.
1364
1424
  # @return [Integer]
1365
1425
  #
1366
1426
  # @!attribute [rw] items
1367
1427
  # A complex type that contains one
1368
1428
  # `CloudFrontOriginAccessIdentitySummary` element for each origin
1369
- # access identity that was created by the current AWS account.
1429
+ # access identity that was created by the current account.
1370
1430
  # @return [Array<Types::CloudFrontOriginAccessIdentitySummary>]
1371
1431
  #
1372
1432
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CloudFrontOriginAccessIdentityList AWS API Documentation
@@ -1410,6 +1470,73 @@ module Aws::CloudFront
1410
1470
  include Aws::Structure
1411
1471
  end
1412
1472
 
1473
+ # An alias (also called a CNAME) and the CloudFront distribution and
1474
+ # Amazon Web Services account ID that it’s associated with. The
1475
+ # distribution and account IDs are partially hidden, which allows you to
1476
+ # identify the distributions and accounts that you own, but helps to
1477
+ # protect the information of ones that you don’t own.
1478
+ #
1479
+ # @!attribute [rw] alias
1480
+ # An alias (also called a CNAME).
1481
+ # @return [String]
1482
+ #
1483
+ # @!attribute [rw] distribution_id
1484
+ # The (partially hidden) ID of the CloudFront distribution associated
1485
+ # with the alias.
1486
+ # @return [String]
1487
+ #
1488
+ # @!attribute [rw] account_id
1489
+ # The (partially hidden) ID of the Amazon Web Services account that
1490
+ # owns the distribution that’s associated with the alias.
1491
+ # @return [String]
1492
+ #
1493
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ConflictingAlias AWS API Documentation
1494
+ #
1495
+ class ConflictingAlias < Struct.new(
1496
+ :alias,
1497
+ :distribution_id,
1498
+ :account_id)
1499
+ SENSITIVE = []
1500
+ include Aws::Structure
1501
+ end
1502
+
1503
+ # A list of aliases (also called CNAMEs) and the CloudFront
1504
+ # distributions and Amazon Web Services accounts that they are
1505
+ # associated with. In the list, the distribution and account IDs are
1506
+ # partially hidden, which allows you to identify the distributions and
1507
+ # accounts that you own, but helps to protect the information of ones
1508
+ # that you don’t own.
1509
+ #
1510
+ # @!attribute [rw] next_marker
1511
+ # If there are more items in the list than are in this response, this
1512
+ # element is present. It contains the value that you should use in the
1513
+ # `Marker` field of a subsequent request to continue listing
1514
+ # conflicting aliases where you left off.
1515
+ # @return [String]
1516
+ #
1517
+ # @!attribute [rw] max_items
1518
+ # The maximum number of conflicting aliases requested.
1519
+ # @return [Integer]
1520
+ #
1521
+ # @!attribute [rw] quantity
1522
+ # The number of conflicting aliases returned in the response.
1523
+ # @return [Integer]
1524
+ #
1525
+ # @!attribute [rw] items
1526
+ # Contains the conflicting aliases in the list.
1527
+ # @return [Array<Types::ConflictingAlias>]
1528
+ #
1529
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ConflictingAliasesList AWS API Documentation
1530
+ #
1531
+ class ConflictingAliasesList < Struct.new(
1532
+ :next_marker,
1533
+ :max_items,
1534
+ :quantity,
1535
+ :items)
1536
+ SENSITIVE = []
1537
+ include Aws::Structure
1538
+ end
1539
+
1413
1540
  # A field-level encryption content type profile.
1414
1541
  #
1415
1542
  # @note When making an API call, you may pass ContentTypeProfile
@@ -1630,7 +1757,7 @@ module Aws::CloudFront
1630
1757
  #
1631
1758
  # For the current limit on the number of cookie names that you can
1632
1759
  # whitelist for each cache behavior, see [ CloudFront Limits][3] in
1633
- # the *AWS General Reference*.
1760
+ # the *Amazon Web Services General Reference*.
1634
1761
  #
1635
1762
  #
1636
1763
  #
@@ -1885,6 +2012,15 @@ module Aws::CloudFront
1885
2012
  # },
1886
2013
  # ],
1887
2014
  # },
2015
+ # function_associations: {
2016
+ # quantity: 1, # required
2017
+ # items: [
2018
+ # {
2019
+ # function_arn: "FunctionARN", # required
2020
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
2021
+ # },
2022
+ # ],
2023
+ # },
1888
2024
  # field_level_encryption_id: "string",
1889
2025
  # realtime_log_config_arn: "string",
1890
2026
  # cache_policy_id: "string",
@@ -1948,6 +2084,15 @@ module Aws::CloudFront
1948
2084
  # },
1949
2085
  # ],
1950
2086
  # },
2087
+ # function_associations: {
2088
+ # quantity: 1, # required
2089
+ # items: [
2090
+ # {
2091
+ # function_arn: "FunctionARN", # required
2092
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
2093
+ # },
2094
+ # ],
2095
+ # },
1951
2096
  # field_level_encryption_id: "string",
1952
2097
  # realtime_log_config_arn: "string",
1953
2098
  # cache_policy_id: "string",
@@ -2001,7 +2146,7 @@ module Aws::CloudFront
2001
2146
  # iam_certificate_id: "string",
2002
2147
  # acm_certificate_arn: "string",
2003
2148
  # ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
2004
- # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
2149
+ # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
2005
2150
  # certificate: "string",
2006
2151
  # certificate_source: "cloudfront", # accepts cloudfront, iam, acm
2007
2152
  # },
@@ -2163,6 +2308,15 @@ module Aws::CloudFront
2163
2308
  # },
2164
2309
  # ],
2165
2310
  # },
2311
+ # function_associations: {
2312
+ # quantity: 1, # required
2313
+ # items: [
2314
+ # {
2315
+ # function_arn: "FunctionARN", # required
2316
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
2317
+ # },
2318
+ # ],
2319
+ # },
2166
2320
  # field_level_encryption_id: "string",
2167
2321
  # realtime_log_config_arn: "string",
2168
2322
  # cache_policy_id: "string",
@@ -2226,6 +2380,15 @@ module Aws::CloudFront
2226
2380
  # },
2227
2381
  # ],
2228
2382
  # },
2383
+ # function_associations: {
2384
+ # quantity: 1, # required
2385
+ # items: [
2386
+ # {
2387
+ # function_arn: "FunctionARN", # required
2388
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
2389
+ # },
2390
+ # ],
2391
+ # },
2229
2392
  # field_level_encryption_id: "string",
2230
2393
  # realtime_log_config_arn: "string",
2231
2394
  # cache_policy_id: "string",
@@ -2279,7 +2442,7 @@ module Aws::CloudFront
2279
2442
  # iam_certificate_id: "string",
2280
2443
  # acm_certificate_arn: "string",
2281
2444
  # ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
2282
- # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
2445
+ # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
2283
2446
  # certificate: "string",
2284
2447
  # certificate_source: "cloudfront", # accepts cloudfront, iam, acm
2285
2448
  # },
@@ -2472,6 +2635,72 @@ module Aws::CloudFront
2472
2635
  include Aws::Structure
2473
2636
  end
2474
2637
 
2638
+ # @note When making an API call, you may pass CreateFunctionRequest
2639
+ # data as a hash:
2640
+ #
2641
+ # {
2642
+ # name: "FunctionName", # required
2643
+ # function_config: { # required
2644
+ # comment: "string", # required
2645
+ # runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0
2646
+ # },
2647
+ # function_code: "data", # required
2648
+ # }
2649
+ #
2650
+ # @!attribute [rw] name
2651
+ # A name to identify the function.
2652
+ # @return [String]
2653
+ #
2654
+ # @!attribute [rw] function_config
2655
+ # Configuration information about the function, including an optional
2656
+ # comment and the function’s runtime.
2657
+ # @return [Types::FunctionConfig]
2658
+ #
2659
+ # @!attribute [rw] function_code
2660
+ # The function code. For more information about writing a CloudFront
2661
+ # function, see [Writing function code for CloudFront Functions][1] in
2662
+ # the *Amazon CloudFront Developer Guide*.
2663
+ #
2664
+ #
2665
+ #
2666
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html
2667
+ # @return [String]
2668
+ #
2669
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateFunctionRequest AWS API Documentation
2670
+ #
2671
+ class CreateFunctionRequest < Struct.new(
2672
+ :name,
2673
+ :function_config,
2674
+ :function_code)
2675
+ SENSITIVE = [:function_code]
2676
+ include Aws::Structure
2677
+ end
2678
+
2679
+ # @!attribute [rw] function_summary
2680
+ # Contains configuration information and metadata about a CloudFront
2681
+ # function.
2682
+ # @return [Types::FunctionSummary]
2683
+ #
2684
+ # @!attribute [rw] location
2685
+ # The URL of the CloudFront function. Use the URL to manage the
2686
+ # function with the CloudFront API.
2687
+ # @return [String]
2688
+ #
2689
+ # @!attribute [rw] etag
2690
+ # The version identifier for the current version of the CloudFront
2691
+ # function.
2692
+ # @return [String]
2693
+ #
2694
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateFunctionResult AWS API Documentation
2695
+ #
2696
+ class CreateFunctionResult < Struct.new(
2697
+ :function_summary,
2698
+ :location,
2699
+ :etag)
2700
+ SENSITIVE = []
2701
+ include Aws::Structure
2702
+ end
2703
+
2475
2704
  # The request to create an invalidation.
2476
2705
  #
2477
2706
  # @note When making an API call, you may pass CreateInvalidationRequest
@@ -3279,6 +3508,15 @@ module Aws::CloudFront
3279
3508
  # },
3280
3509
  # ],
3281
3510
  # },
3511
+ # function_associations: {
3512
+ # quantity: 1, # required
3513
+ # items: [
3514
+ # {
3515
+ # function_arn: "FunctionARN", # required
3516
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
3517
+ # },
3518
+ # ],
3519
+ # },
3282
3520
  # field_level_encryption_id: "string",
3283
3521
  # realtime_log_config_arn: "string",
3284
3522
  # cache_policy_id: "string",
@@ -3314,14 +3552,14 @@ module Aws::CloudFront
3314
3552
  # @!attribute [rw] trusted_signers
3315
3553
  # We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
3316
3554
  #
3317
- # A list of AWS account IDs whose public keys CloudFront can use to
3555
+ # A list of account IDs whose public keys CloudFront can use to
3318
3556
  # validate signed URLs or signed cookies.
3319
3557
  #
3320
3558
  # When a cache behavior contains trusted signers, CloudFront requires
3321
3559
  # signed URLs or signed cookies for all requests that match the cache
3322
3560
  # behavior. The URLs or cookies must be signed with the private key of
3323
- # a CloudFront key pair in a trusted signer’s AWS account. The signed
3324
- # URL or cookie contains information about which public key CloudFront
3561
+ # a CloudFront key pair in a trusted signer’s account. The signed URL
3562
+ # or cookie contains information about which public key CloudFront
3325
3563
  # should use to verify the signature. For more information, see
3326
3564
  # [Serving private content][1] in the *Amazon CloudFront Developer
3327
3565
  # Guide*.
@@ -3426,10 +3664,16 @@ module Aws::CloudFront
3426
3664
  # @return [Boolean]
3427
3665
  #
3428
3666
  # @!attribute [rw] lambda_function_associations
3429
- # A complex type that contains zero or more Lambda function
3667
+ # A complex type that contains zero or more Lambda@Edge function
3430
3668
  # associations for a cache behavior.
3431
3669
  # @return [Types::LambdaFunctionAssociations]
3432
3670
  #
3671
+ # @!attribute [rw] function_associations
3672
+ # A list of CloudFront functions that are associated with this cache
3673
+ # behavior. CloudFront functions must be published to the `LIVE` stage
3674
+ # to associate them with a cache behavior.
3675
+ # @return [Types::FunctionAssociations]
3676
+ #
3433
3677
  # @!attribute [rw] field_level_encryption_id
3434
3678
  # The value of `ID` for the field-level encryption configuration that
3435
3679
  # you want CloudFront to use for encrypting specific fields of data
@@ -3452,6 +3696,9 @@ module Aws::CloudFront
3452
3696
  # policies][1] or [Using the managed cache policies][2] in the *Amazon
3453
3697
  # CloudFront Developer Guide*.
3454
3698
  #
3699
+ # A `DefaultCacheBehavior` must include either a `CachePolicyId` or
3700
+ # `ForwardedValues`. We recommend that you use a `CachePolicyId`.
3701
+ #
3455
3702
  #
3456
3703
  #
3457
3704
  # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy
@@ -3486,6 +3733,9 @@ module Aws::CloudFront
3486
3733
  # [Creating origin request policies][4] or [Using the managed origin
3487
3734
  # request policies][5] in the *Amazon CloudFront Developer Guide*.
3488
3735
  #
3736
+ # A `DefaultCacheBehavior` must include either a `CachePolicyId` or
3737
+ # `ForwardedValues`. We recommend that you use a `CachePolicyId`.
3738
+ #
3489
3739
  # A complex type that specifies how CloudFront handles query strings,
3490
3740
  # cookies, and HTTP headers.
3491
3741
  #
@@ -3576,6 +3826,7 @@ module Aws::CloudFront
3576
3826
  :smooth_streaming,
3577
3827
  :compress,
3578
3828
  :lambda_function_associations,
3829
+ :function_associations,
3579
3830
  :field_level_encryption_id,
3580
3831
  :realtime_log_config_arn,
3581
3832
  :cache_policy_id,
@@ -3766,6 +4017,32 @@ module Aws::CloudFront
3766
4017
  include Aws::Structure
3767
4018
  end
3768
4019
 
4020
+ # @note When making an API call, you may pass DeleteFunctionRequest
4021
+ # data as a hash:
4022
+ #
4023
+ # {
4024
+ # name: "string", # required
4025
+ # if_match: "string", # required
4026
+ # }
4027
+ #
4028
+ # @!attribute [rw] name
4029
+ # The name of the function that you are deleting.
4030
+ # @return [String]
4031
+ #
4032
+ # @!attribute [rw] if_match
4033
+ # The current version (`ETag` value) of the function that you are
4034
+ # deleting, which you can get using `DescribeFunction`.
4035
+ # @return [String]
4036
+ #
4037
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DeleteFunctionRequest AWS API Documentation
4038
+ #
4039
+ class DeleteFunctionRequest < Struct.new(
4040
+ :name,
4041
+ :if_match)
4042
+ SENSITIVE = []
4043
+ include Aws::Structure
4044
+ end
4045
+
3769
4046
  # @note When making an API call, you may pass DeleteKeyGroupRequest
3770
4047
  # data as a hash:
3771
4048
  #
@@ -3927,6 +4204,50 @@ module Aws::CloudFront
3927
4204
  include Aws::Structure
3928
4205
  end
3929
4206
 
4207
+ # @note When making an API call, you may pass DescribeFunctionRequest
4208
+ # data as a hash:
4209
+ #
4210
+ # {
4211
+ # name: "string", # required
4212
+ # stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
4213
+ # }
4214
+ #
4215
+ # @!attribute [rw] name
4216
+ # The name of the function that you are getting information about.
4217
+ # @return [String]
4218
+ #
4219
+ # @!attribute [rw] stage
4220
+ # The function’s stage, either `DEVELOPMENT` or `LIVE`.
4221
+ # @return [String]
4222
+ #
4223
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DescribeFunctionRequest AWS API Documentation
4224
+ #
4225
+ class DescribeFunctionRequest < Struct.new(
4226
+ :name,
4227
+ :stage)
4228
+ SENSITIVE = []
4229
+ include Aws::Structure
4230
+ end
4231
+
4232
+ # @!attribute [rw] function_summary
4233
+ # Contains configuration information and metadata about a CloudFront
4234
+ # function.
4235
+ # @return [Types::FunctionSummary]
4236
+ #
4237
+ # @!attribute [rw] etag
4238
+ # The version identifier for the current version of the CloudFront
4239
+ # function.
4240
+ # @return [String]
4241
+ #
4242
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DescribeFunctionResult AWS API Documentation
4243
+ #
4244
+ class DescribeFunctionResult < Struct.new(
4245
+ :function_summary,
4246
+ :etag)
4247
+ SENSITIVE = []
4248
+ include Aws::Structure
4249
+ end
4250
+
3930
4251
  # A distribution tells CloudFront where you want content to be delivered
3931
4252
  # from, and the details about how to track and manage content delivery.
3932
4253
  #
@@ -3937,7 +4258,7 @@ module Aws::CloudFront
3937
4258
  # @!attribute [rw] arn
3938
4259
  # The ARN (Amazon Resource Name) for the distribution. For example:
3939
4260
  # `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
3940
- # where `123456789012` is your AWS account ID.
4261
+ # where `123456789012` is your account ID.
3941
4262
  # @return [String]
3942
4263
  #
3943
4264
  # @!attribute [rw] status
@@ -3964,8 +4285,8 @@ module Aws::CloudFront
3964
4285
  #
3965
4286
  # CloudFront automatically adds this field to the response if you’ve
3966
4287
  # configured a cache behavior in this distribution to serve private
3967
- # content using trusted signers. This field contains a list of AWS
3968
- # account IDs and the active CloudFront key pairs in each account that
4288
+ # content using trusted signers. This field contains a list of account
4289
+ # IDs and the active CloudFront key pairs in each account that
3969
4290
  # CloudFront can use to verify the signatures of signed URLs or signed
3970
4291
  # cookies.
3971
4292
  # @return [Types::ActiveTrustedSigners]
@@ -3985,14 +4306,15 @@ module Aws::CloudFront
3985
4306
  # @return [Types::DistributionConfig]
3986
4307
  #
3987
4308
  # @!attribute [rw] alias_icp_recordals
3988
- # AWS services in China customers must file for an Internet Content
3989
- # Provider (ICP) recordal if they want to serve content publicly on an
3990
- # alternate domain name, also known as a CNAME, that they've added to
3991
- # CloudFront. AliasICPRecordal provides the ICP recordal status for
3992
- # CNAMEs associated with distributions.
4309
+ # Amazon Web Services services in China customers must file for an
4310
+ # Internet Content Provider (ICP) recordal if they want to serve
4311
+ # content publicly on an alternate domain name, also known as a CNAME,
4312
+ # that they've added to CloudFront. AliasICPRecordal provides the ICP
4313
+ # recordal status for CNAMEs associated with distributions.
3993
4314
  #
3994
4315
  # For more information about ICP recordals, see [ Signup, Accounts,
3995
- # and Credentials][1] in *Getting Started with AWS services in China*.
4316
+ # and Credentials][1] in *Getting Started with Amazon Web Services
4317
+ # services in China*.
3996
4318
  #
3997
4319
  #
3998
4320
  #
@@ -4136,6 +4458,15 @@ module Aws::CloudFront
4136
4458
  # },
4137
4459
  # ],
4138
4460
  # },
4461
+ # function_associations: {
4462
+ # quantity: 1, # required
4463
+ # items: [
4464
+ # {
4465
+ # function_arn: "FunctionARN", # required
4466
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
4467
+ # },
4468
+ # ],
4469
+ # },
4139
4470
  # field_level_encryption_id: "string",
4140
4471
  # realtime_log_config_arn: "string",
4141
4472
  # cache_policy_id: "string",
@@ -4199,6 +4530,15 @@ module Aws::CloudFront
4199
4530
  # },
4200
4531
  # ],
4201
4532
  # },
4533
+ # function_associations: {
4534
+ # quantity: 1, # required
4535
+ # items: [
4536
+ # {
4537
+ # function_arn: "FunctionARN", # required
4538
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
4539
+ # },
4540
+ # ],
4541
+ # },
4202
4542
  # field_level_encryption_id: "string",
4203
4543
  # realtime_log_config_arn: "string",
4204
4544
  # cache_policy_id: "string",
@@ -4252,7 +4592,7 @@ module Aws::CloudFront
4252
4592
  # iam_certificate_id: "string",
4253
4593
  # acm_certificate_arn: "string",
4254
4594
  # ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
4255
- # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
4595
+ # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
4256
4596
  # certificate: "string",
4257
4597
  # certificate_source: "cloudfront", # accepts cloudfront, iam, acm
4258
4598
  # },
@@ -4355,16 +4695,8 @@ module Aws::CloudFront
4355
4695
  # @return [Types::CustomErrorResponses]
4356
4696
  #
4357
4697
  # @!attribute [rw] comment
4358
- # Any comments you want to include about the distribution.
4359
- #
4360
- # If you don't want to specify a comment, include an empty `Comment`
4361
- # element.
4362
- #
4363
- # To delete an existing comment, update the distribution configuration
4364
- # and include an empty `Comment` element.
4365
- #
4366
- # To add or change a comment, update the distribution configuration
4367
- # and specify the new comment.
4698
+ # An optional comment to describe the distribution. The comment cannot
4699
+ # be longer than 128 characters.
4368
4700
  # @return [String]
4369
4701
  #
4370
4702
  # @!attribute [rw] logging
@@ -4419,22 +4751,22 @@ module Aws::CloudFront
4419
4751
  # @return [Types::Restrictions]
4420
4752
  #
4421
4753
  # @!attribute [rw] web_acl_id
4422
- # A unique identifier that specifies the AWS WAF web ACL, if any, to
4754
+ # A unique identifier that specifies the WAF web ACL, if any, to
4423
4755
  # associate with this distribution. To specify a web ACL created using
4424
- # the latest version of AWS WAF, use the ACL ARN, for example
4756
+ # the latest version of WAF, use the ACL ARN, for example
4425
4757
  # `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`.
4426
- # To specify a web ACL created using AWS WAF Classic, use the ACL ID,
4427
- # for example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
4758
+ # To specify a web ACL created using WAF Classic, use the ACL ID, for
4759
+ # example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
4428
4760
  #
4429
- # AWS WAF is a web application firewall that lets you monitor the HTTP
4430
- # and HTTPS requests that are forwarded to CloudFront, and lets you
4761
+ # WAF is a web application firewall that lets you monitor the HTTP and
4762
+ # HTTPS requests that are forwarded to CloudFront, and lets you
4431
4763
  # control access to your content. Based on conditions that you
4432
4764
  # specify, such as the IP addresses that requests originate from or
4433
4765
  # the values of query strings, CloudFront responds to requests either
4434
4766
  # with the requested content or with an HTTP 403 status code
4435
4767
  # (Forbidden). You can also configure CloudFront to return a custom
4436
- # error page when a request is blocked. For more information about AWS
4437
- # WAF, see the [AWS WAF Developer Guide][1].
4768
+ # error page when a request is blocked. For more information about
4769
+ # WAF, see the [WAF Developer Guide][1].
4438
4770
  #
4439
4771
  #
4440
4772
  #
@@ -4475,23 +4807,24 @@ module Aws::CloudFront
4475
4807
  # more information, see [Creating a Signed URL Using a Custom
4476
4808
  # Policy][1] in the *Amazon CloudFront Developer Guide*.
4477
4809
  #
4478
- # If you're using an Amazon Route 53 alias resource record set to
4479
- # route traffic to your CloudFront distribution, you need to create a
4480
- # second alias resource record set when both of the following are
4481
- # true:
4810
+ # If you're using an Route 53 Amazon Web Services Integration alias
4811
+ # resource record set to route traffic to your CloudFront
4812
+ # distribution, you need to create a second alias resource record set
4813
+ # when both of the following are true:
4482
4814
  #
4483
4815
  # * You enable IPv6 for the distribution
4484
4816
  #
4485
4817
  # * You're using alternate domain names in the URLs for your objects
4486
4818
  #
4487
4819
  # For more information, see [Routing Traffic to an Amazon CloudFront
4488
- # Web Distribution by Using Your Domain Name][2] in the *Amazon Route
4489
- # 53 Developer Guide*.
4820
+ # Web Distribution by Using Your Domain Name][2] in the *Route 53
4821
+ # Amazon Web Services Integration Developer Guide*.
4490
4822
  #
4491
- # If you created a CNAME resource record set, either with Amazon Route
4492
- # 53 or with another DNS service, you don't need to make any changes.
4493
- # A CNAME record will route traffic to your distribution regardless of
4494
- # the IP address format of the viewer request.
4823
+ # If you created a CNAME resource record set, either with Route 53
4824
+ # Amazon Web Services Integration or with another DNS service, you
4825
+ # don't need to make any changes. A CNAME record will route traffic
4826
+ # to your distribution regardless of the IP address format of the
4827
+ # viewer request.
4495
4828
  #
4496
4829
  #
4497
4830
  #
@@ -4631,6 +4964,15 @@ module Aws::CloudFront
4631
4964
  # },
4632
4965
  # ],
4633
4966
  # },
4967
+ # function_associations: {
4968
+ # quantity: 1, # required
4969
+ # items: [
4970
+ # {
4971
+ # function_arn: "FunctionARN", # required
4972
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
4973
+ # },
4974
+ # ],
4975
+ # },
4634
4976
  # field_level_encryption_id: "string",
4635
4977
  # realtime_log_config_arn: "string",
4636
4978
  # cache_policy_id: "string",
@@ -4694,6 +5036,15 @@ module Aws::CloudFront
4694
5036
  # },
4695
5037
  # ],
4696
5038
  # },
5039
+ # function_associations: {
5040
+ # quantity: 1, # required
5041
+ # items: [
5042
+ # {
5043
+ # function_arn: "FunctionARN", # required
5044
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
5045
+ # },
5046
+ # ],
5047
+ # },
4697
5048
  # field_level_encryption_id: "string",
4698
5049
  # realtime_log_config_arn: "string",
4699
5050
  # cache_policy_id: "string",
@@ -4747,7 +5098,7 @@ module Aws::CloudFront
4747
5098
  # iam_certificate_id: "string",
4748
5099
  # acm_certificate_arn: "string",
4749
5100
  # ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
4750
- # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
5101
+ # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
4751
5102
  # certificate: "string",
4752
5103
  # certificate_source: "cloudfront", # accepts cloudfront, iam, acm
4753
5104
  # },
@@ -4857,13 +5208,13 @@ module Aws::CloudFront
4857
5208
  # @return [Boolean]
4858
5209
  #
4859
5210
  # @!attribute [rw] quantity
4860
- # The number of distributions that were created by the current AWS
5211
+ # The number of distributions that were created by the current
4861
5212
  # account.
4862
5213
  # @return [Integer]
4863
5214
  #
4864
5215
  # @!attribute [rw] items
4865
5216
  # A complex type that contains one `DistributionSummary` element for
4866
- # each distribution that was created by the current AWS account.
5217
+ # each distribution that was created by the current account.
4867
5218
  # @return [Array<Types::DistributionSummary>]
4868
5219
  #
4869
5220
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DistributionList AWS API Documentation
@@ -4902,7 +5253,7 @@ module Aws::CloudFront
4902
5253
  # @!attribute [rw] arn
4903
5254
  # The ARN (Amazon Resource Name) for the distribution. For example:
4904
5255
  # `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
4905
- # where `123456789012` is your AWS account ID.
5256
+ # where `123456789012` is your account ID.
4906
5257
  # @return [String]
4907
5258
  #
4908
5259
  # @!attribute [rw] status
@@ -4992,14 +5343,15 @@ module Aws::CloudFront
4992
5343
  # @return [Boolean]
4993
5344
  #
4994
5345
  # @!attribute [rw] alias_icp_recordals
4995
- # AWS services in China customers must file for an Internet Content
4996
- # Provider (ICP) recordal if they want to serve content publicly on an
4997
- # alternate domain name, also known as a CNAME, that they've added to
4998
- # CloudFront. AliasICPRecordal provides the ICP recordal status for
4999
- # CNAMEs associated with distributions.
5346
+ # Amazon Web Services services in China customers must file for an
5347
+ # Internet Content Provider (ICP) recordal if they want to serve
5348
+ # content publicly on an alternate domain name, also known as a CNAME,
5349
+ # that they've added to CloudFront. AliasICPRecordal provides the ICP
5350
+ # recordal status for CNAMEs associated with distributions.
5000
5351
  #
5001
5352
  # For more information about ICP recordals, see [ Signup, Accounts,
5002
- # and Credentials][1] in *Getting Started with AWS services in China*.
5353
+ # and Credentials][1] in *Getting Started with Amazon Web Services
5354
+ # services in China*.
5003
5355
  #
5004
5356
  #
5005
5357
  #
@@ -5220,7 +5572,8 @@ module Aws::CloudFront
5220
5572
  # @return [String]
5221
5573
  #
5222
5574
  # @!attribute [rw] comment
5223
- # An optional comment about the configuration.
5575
+ # An optional comment about the configuration. The comment cannot be
5576
+ # longer than 128 characters.
5224
5577
  # @return [String]
5225
5578
  #
5226
5579
  # @!attribute [rw] query_arg_profile_config
@@ -5377,7 +5730,8 @@ module Aws::CloudFront
5377
5730
  # @return [String]
5378
5731
  #
5379
5732
  # @!attribute [rw] comment
5380
- # An optional comment for the field-level encryption profile.
5733
+ # An optional comment for the field-level encryption profile. The
5734
+ # comment cannot be longer than 128 characters.
5381
5735
  # @return [String]
5382
5736
  #
5383
5737
  # @!attribute [rw] encryption_entities
@@ -5478,6 +5832,7 @@ module Aws::CloudFront
5478
5832
  #
5479
5833
  # @!attribute [rw] comment
5480
5834
  # An optional comment for the field-level encryption profile summary.
5835
+ # The comment cannot be longer than 128 characters.
5481
5836
  # @return [String]
5482
5837
  #
5483
5838
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FieldLevelEncryptionProfileSummary AWS API Documentation
@@ -5504,7 +5859,8 @@ module Aws::CloudFront
5504
5859
  # @return [Time]
5505
5860
  #
5506
5861
  # @!attribute [rw] comment
5507
- # An optional comment about the field-level encryption item.
5862
+ # An optional comment about the field-level encryption item. The
5863
+ # comment cannot be longer than 128 characters.
5508
5864
  # @return [String]
5509
5865
  #
5510
5866
  # @!attribute [rw] query_arg_profile_config
@@ -5732,27 +6088,266 @@ module Aws::CloudFront
5732
6088
  include Aws::Structure
5733
6089
  end
5734
6090
 
5735
- # A complex type that controls the countries in which your content is
5736
- # distributed. CloudFront determines the location of your users using
5737
- # `MaxMind` GeoIP databases.
6091
+ # A function with the same name already exists in this account. To
6092
+ # create a function, you must provide a unique name. To update an
6093
+ # existing function, use `UpdateFunction`.
5738
6094
  #
5739
- # @note When making an API call, you may pass GeoRestriction
6095
+ # @!attribute [rw] message
6096
+ # @return [String]
6097
+ #
6098
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionAlreadyExists AWS API Documentation
6099
+ #
6100
+ class FunctionAlreadyExists < Struct.new(
6101
+ :message)
6102
+ SENSITIVE = []
6103
+ include Aws::Structure
6104
+ end
6105
+
6106
+ # A CloudFront function that is associated with a cache behavior in a
6107
+ # CloudFront distribution.
6108
+ #
6109
+ # @note When making an API call, you may pass FunctionAssociation
5740
6110
  # data as a hash:
5741
6111
  #
5742
6112
  # {
5743
- # restriction_type: "blacklist", # required, accepts blacklist, whitelist, none
5744
- # quantity: 1, # required
5745
- # items: ["string"],
6113
+ # function_arn: "FunctionARN", # required
6114
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
5746
6115
  # }
5747
6116
  #
5748
- # @!attribute [rw] restriction_type
5749
- # The method that you want to use to restrict distribution of your
5750
- # content by country:
6117
+ # @!attribute [rw] function_arn
6118
+ # The Amazon Resource Name (ARN) of the function.
6119
+ # @return [String]
5751
6120
  #
5752
- # * `none`\: No geo restriction is enabled, meaning access to content
5753
- # is not restricted by client geo location.
6121
+ # @!attribute [rw] event_type
6122
+ # The event type of the function, either `viewer-request` or
6123
+ # `viewer-response`. You cannot use origin-facing event types
6124
+ # (`origin-request` and `origin-response`) with a CloudFront function.
6125
+ # @return [String]
5754
6126
  #
5755
- # * `blacklist`\: The `Location` elements specify the countries in
6127
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionAssociation AWS API Documentation
6128
+ #
6129
+ class FunctionAssociation < Struct.new(
6130
+ :function_arn,
6131
+ :event_type)
6132
+ SENSITIVE = []
6133
+ include Aws::Structure
6134
+ end
6135
+
6136
+ # A list of CloudFront functions that are associated with a cache
6137
+ # behavior in a CloudFront distribution. CloudFront functions must be
6138
+ # published to the `LIVE` stage to associate them with a cache behavior.
6139
+ #
6140
+ # @note When making an API call, you may pass FunctionAssociations
6141
+ # data as a hash:
6142
+ #
6143
+ # {
6144
+ # quantity: 1, # required
6145
+ # items: [
6146
+ # {
6147
+ # function_arn: "FunctionARN", # required
6148
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
6149
+ # },
6150
+ # ],
6151
+ # }
6152
+ #
6153
+ # @!attribute [rw] quantity
6154
+ # The number of CloudFront functions in the list.
6155
+ # @return [Integer]
6156
+ #
6157
+ # @!attribute [rw] items
6158
+ # The CloudFront functions that are associated with a cache behavior
6159
+ # in a CloudFront distribution. CloudFront functions must be published
6160
+ # to the `LIVE` stage to associate them with a cache behavior.
6161
+ # @return [Array<Types::FunctionAssociation>]
6162
+ #
6163
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionAssociations AWS API Documentation
6164
+ #
6165
+ class FunctionAssociations < Struct.new(
6166
+ :quantity,
6167
+ :items)
6168
+ SENSITIVE = []
6169
+ include Aws::Structure
6170
+ end
6171
+
6172
+ # Contains configuration information about a CloudFront function.
6173
+ #
6174
+ # @note When making an API call, you may pass FunctionConfig
6175
+ # data as a hash:
6176
+ #
6177
+ # {
6178
+ # comment: "string", # required
6179
+ # runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0
6180
+ # }
6181
+ #
6182
+ # @!attribute [rw] comment
6183
+ # A comment to describe the function.
6184
+ # @return [String]
6185
+ #
6186
+ # @!attribute [rw] runtime
6187
+ # The function’s runtime environment. The only valid value is
6188
+ # `cloudfront-js-1.0`.
6189
+ # @return [String]
6190
+ #
6191
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionConfig AWS API Documentation
6192
+ #
6193
+ class FunctionConfig < Struct.new(
6194
+ :comment,
6195
+ :runtime)
6196
+ SENSITIVE = []
6197
+ include Aws::Structure
6198
+ end
6199
+
6200
+ # Cannot delete the function because it’s attached to one or more cache
6201
+ # behaviors.
6202
+ #
6203
+ # @!attribute [rw] message
6204
+ # @return [String]
6205
+ #
6206
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionInUse AWS API Documentation
6207
+ #
6208
+ class FunctionInUse < Struct.new(
6209
+ :message)
6210
+ SENSITIVE = []
6211
+ include Aws::Structure
6212
+ end
6213
+
6214
+ # A list of CloudFront functions.
6215
+ #
6216
+ # @!attribute [rw] next_marker
6217
+ # If there are more items in the list than are in this response, this
6218
+ # element is present. It contains the value that you should use in the
6219
+ # `Marker` field of a subsequent request to continue listing functions
6220
+ # where you left off.
6221
+ # @return [String]
6222
+ #
6223
+ # @!attribute [rw] max_items
6224
+ # The maximum number of functions requested.
6225
+ # @return [Integer]
6226
+ #
6227
+ # @!attribute [rw] quantity
6228
+ # The number of functions returned in the response.
6229
+ # @return [Integer]
6230
+ #
6231
+ # @!attribute [rw] items
6232
+ # Contains the functions in the list.
6233
+ # @return [Array<Types::FunctionSummary>]
6234
+ #
6235
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionList AWS API Documentation
6236
+ #
6237
+ class FunctionList < Struct.new(
6238
+ :next_marker,
6239
+ :max_items,
6240
+ :quantity,
6241
+ :items)
6242
+ SENSITIVE = []
6243
+ include Aws::Structure
6244
+ end
6245
+
6246
+ # Contains metadata about a CloudFront function.
6247
+ #
6248
+ # @!attribute [rw] function_arn
6249
+ # The Amazon Resource Name (ARN) of the function. The ARN uniquely
6250
+ # identifies the function.
6251
+ # @return [String]
6252
+ #
6253
+ # @!attribute [rw] stage
6254
+ # The stage that the function is in, either `DEVELOPMENT` or `LIVE`.
6255
+ #
6256
+ # When a function is in the `DEVELOPMENT` stage, you can test the
6257
+ # function with `TestFunction`, and update it with `UpdateFunction`.
6258
+ #
6259
+ # When a function is in the `LIVE` stage, you can attach the function
6260
+ # to a distribution’s cache behavior, using the function’s ARN.
6261
+ # @return [String]
6262
+ #
6263
+ # @!attribute [rw] created_time
6264
+ # The date and time when the function was created.
6265
+ # @return [Time]
6266
+ #
6267
+ # @!attribute [rw] last_modified_time
6268
+ # The date and time when the function was most recently updated.
6269
+ # @return [Time]
6270
+ #
6271
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionMetadata AWS API Documentation
6272
+ #
6273
+ class FunctionMetadata < Struct.new(
6274
+ :function_arn,
6275
+ :stage,
6276
+ :created_time,
6277
+ :last_modified_time)
6278
+ SENSITIVE = []
6279
+ include Aws::Structure
6280
+ end
6281
+
6282
+ # The function is too large. For more information, see [Quotas][1]
6283
+ # (formerly known as limits) in the *Amazon CloudFront Developer Guide*.
6284
+ #
6285
+ #
6286
+ #
6287
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
6288
+ #
6289
+ # @!attribute [rw] message
6290
+ # @return [String]
6291
+ #
6292
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionSizeLimitExceeded AWS API Documentation
6293
+ #
6294
+ class FunctionSizeLimitExceeded < Struct.new(
6295
+ :message)
6296
+ SENSITIVE = []
6297
+ include Aws::Structure
6298
+ end
6299
+
6300
+ # Contains configuration information and metadata about a CloudFront
6301
+ # function.
6302
+ #
6303
+ # @!attribute [rw] name
6304
+ # The name of the CloudFront function.
6305
+ # @return [String]
6306
+ #
6307
+ # @!attribute [rw] status
6308
+ # The status of the CloudFront function.
6309
+ # @return [String]
6310
+ #
6311
+ # @!attribute [rw] function_config
6312
+ # Contains configuration information about a CloudFront function.
6313
+ # @return [Types::FunctionConfig]
6314
+ #
6315
+ # @!attribute [rw] function_metadata
6316
+ # Contains metadata about a CloudFront function.
6317
+ # @return [Types::FunctionMetadata]
6318
+ #
6319
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/FunctionSummary AWS API Documentation
6320
+ #
6321
+ class FunctionSummary < Struct.new(
6322
+ :name,
6323
+ :status,
6324
+ :function_config,
6325
+ :function_metadata)
6326
+ SENSITIVE = []
6327
+ include Aws::Structure
6328
+ end
6329
+
6330
+ # A complex type that controls the countries in which your content is
6331
+ # distributed. CloudFront determines the location of your users using
6332
+ # `MaxMind` GeoIP databases.
6333
+ #
6334
+ # @note When making an API call, you may pass GeoRestriction
6335
+ # data as a hash:
6336
+ #
6337
+ # {
6338
+ # restriction_type: "blacklist", # required, accepts blacklist, whitelist, none
6339
+ # quantity: 1, # required
6340
+ # items: ["string"],
6341
+ # }
6342
+ #
6343
+ # @!attribute [rw] restriction_type
6344
+ # The method that you want to use to restrict distribution of your
6345
+ # content by country:
6346
+ #
6347
+ # * `none`\: No geo restriction is enabled, meaning access to content
6348
+ # is not restricted by client geo location.
6349
+ #
6350
+ # * `blacklist`\: The `Location` elements specify the countries in
5756
6351
  # which you don't want CloudFront to distribute your content.
5757
6352
  #
5758
6353
  # * `whitelist`\: The `Location` elements specify the countries in
@@ -6193,6 +6788,54 @@ module Aws::CloudFront
6193
6788
  include Aws::Structure
6194
6789
  end
6195
6790
 
6791
+ # @note When making an API call, you may pass GetFunctionRequest
6792
+ # data as a hash:
6793
+ #
6794
+ # {
6795
+ # name: "string", # required
6796
+ # stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
6797
+ # }
6798
+ #
6799
+ # @!attribute [rw] name
6800
+ # The name of the function whose code you are getting.
6801
+ # @return [String]
6802
+ #
6803
+ # @!attribute [rw] stage
6804
+ # The function’s stage, either `DEVELOPMENT` or `LIVE`.
6805
+ # @return [String]
6806
+ #
6807
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetFunctionRequest AWS API Documentation
6808
+ #
6809
+ class GetFunctionRequest < Struct.new(
6810
+ :name,
6811
+ :stage)
6812
+ SENSITIVE = []
6813
+ include Aws::Structure
6814
+ end
6815
+
6816
+ # @!attribute [rw] function_code
6817
+ # The function code of a CloudFront function.
6818
+ # @return [String]
6819
+ #
6820
+ # @!attribute [rw] etag
6821
+ # The version identifier for the current version of the CloudFront
6822
+ # function.
6823
+ # @return [String]
6824
+ #
6825
+ # @!attribute [rw] content_type
6826
+ # The content type (media type) of the response.
6827
+ # @return [String]
6828
+ #
6829
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetFunctionResult AWS API Documentation
6830
+ #
6831
+ class GetFunctionResult < Struct.new(
6832
+ :function_code,
6833
+ :etag,
6834
+ :content_type)
6835
+ SENSITIVE = [:function_code]
6836
+ include Aws::Structure
6837
+ end
6838
+
6196
6839
  # The request to get an invalidation's information.
6197
6840
  #
6198
6841
  # @note When making an API call, you may pass GetInvalidationRequest
@@ -6759,6 +7402,19 @@ module Aws::CloudFront
6759
7402
  include Aws::Structure
6760
7403
  end
6761
7404
 
7405
+ # A CloudFront function association is invalid.
7406
+ #
7407
+ # @!attribute [rw] message
7408
+ # @return [String]
7409
+ #
7410
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/InvalidFunctionAssociation AWS API Documentation
7411
+ #
7412
+ class InvalidFunctionAssociation < Struct.new(
7413
+ :message)
7414
+ SENSITIVE = []
7415
+ include Aws::Structure
7416
+ end
7417
+
6762
7418
  # The specified geo restriction parameter is not valid.
6763
7419
  #
6764
7420
  # @!attribute [rw] message
@@ -6798,7 +7454,7 @@ module Aws::CloudFront
6798
7454
  include Aws::Structure
6799
7455
  end
6800
7456
 
6801
- # The specified Lambda function association is invalid.
7457
+ # The specified Lambda@Edge function association is invalid.
6802
7458
  #
6803
7459
  # @!attribute [rw] message
6804
7460
  # @return [String]
@@ -7000,10 +7656,10 @@ module Aws::CloudFront
7000
7656
  end
7001
7657
 
7002
7658
  # A web ACL ID specified is not valid. To specify a web ACL created
7003
- # using the latest version of AWS WAF, use the ACL ARN, for example
7659
+ # using the latest version of WAF, use the ACL ARN, for example
7004
7660
  # `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`.
7005
- # To specify a web ACL created using AWS WAF Classic, use the ACL ID,
7006
- # for example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
7661
+ # To specify a web ACL created using WAF Classic, use the ACL ID, for
7662
+ # example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
7007
7663
  #
7008
7664
  # @!attribute [rw] message
7009
7665
  # @return [String]
@@ -7133,12 +7789,12 @@ module Aws::CloudFront
7133
7789
  #
7134
7790
  # @!attribute [rw] quantity
7135
7791
  # The number of invalidation batches that were created by the current
7136
- # AWS account.
7792
+ # account.
7137
7793
  # @return [Integer]
7138
7794
  #
7139
7795
  # @!attribute [rw] items
7140
7796
  # A complex type that contains one `InvalidationSummary` element for
7141
- # each invalidation batch created by the current AWS account.
7797
+ # each invalidation batch created by the current account.
7142
7798
  # @return [Array<Types::InvalidationSummary>]
7143
7799
  #
7144
7800
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/InvalidationList AWS API Documentation
@@ -7270,7 +7926,8 @@ module Aws::CloudFront
7270
7926
  # @return [Array<String>]
7271
7927
  #
7272
7928
  # @!attribute [rw] comment
7273
- # A comment to describe the key group.
7929
+ # A comment to describe the key group. The comment cannot be longer
7930
+ # than 128 characters.
7274
7931
  # @return [String]
7275
7932
  #
7276
7933
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/KeyGroupConfig AWS API Documentation
@@ -7360,9 +8017,9 @@ module Aws::CloudFront
7360
8017
  # }
7361
8018
  #
7362
8019
  # @!attribute [rw] role_arn
7363
- # The Amazon Resource Name (ARN) of an AWS Identity and Access
7364
- # Management (IAM) role that CloudFront can use to send real-time log
7365
- # data to your Kinesis data stream.
8020
+ # The Amazon Resource Name (ARN) of an Identity and Access Management
8021
+ # (IAM) role that CloudFront can use to send real-time log data to
8022
+ # your Kinesis data stream.
7366
8023
  #
7367
8024
  # For more information the IAM role, see [Real-time log configuration
7368
8025
  # IAM role][1] in the *Amazon CloudFront Developer Guide*.
@@ -7386,7 +8043,7 @@ module Aws::CloudFront
7386
8043
  include Aws::Structure
7387
8044
  end
7388
8045
 
7389
- # A complex type that contains a Lambda function association.
8046
+ # A complex type that contains a Lambda@Edge function association.
7390
8047
  #
7391
8048
  # @note When making an API call, you may pass LambdaFunctionAssociation
7392
8049
  # data as a hash:
@@ -7398,13 +8055,13 @@ module Aws::CloudFront
7398
8055
  # }
7399
8056
  #
7400
8057
  # @!attribute [rw] lambda_function_arn
7401
- # The ARN of the Lambda function. You must specify the ARN of a
7402
- # function version; you can't specify a Lambda alias or $LATEST.
8058
+ # The ARN of the Lambda@Edge function. You must specify the ARN of a
8059
+ # function version; you can't specify an alias or $LATEST.
7403
8060
  # @return [String]
7404
8061
  #
7405
8062
  # @!attribute [rw] event_type
7406
- # Specifies the event type that triggers a Lambda function invocation.
7407
- # You can specify the following values:
8063
+ # Specifies the event type that triggers a Lambda@Edge function
8064
+ # invocation. You can specify the following values:
7408
8065
  #
7409
8066
  # * `viewer-request`\: The function executes when CloudFront receives
7410
8067
  # a request from a viewer and before it checks to see whether the
@@ -7428,9 +8085,9 @@ module Aws::CloudFront
7428
8085
  # @return [String]
7429
8086
  #
7430
8087
  # @!attribute [rw] include_body
7431
- # A flag that allows a Lambda function to have read access to the body
7432
- # content. For more information, see [Accessing the Request Body by
7433
- # Choosing the Include Body Option][1] in the Amazon CloudFront
8088
+ # A flag that allows a Lambda@Edge function to have read access to the
8089
+ # body content. For more information, see [Accessing the Request Body
8090
+ # by Choosing the Include Body Option][1] in the Amazon CloudFront
7434
8091
  # Developer Guide.
7435
8092
  #
7436
8093
  #
@@ -7448,18 +8105,19 @@ module Aws::CloudFront
7448
8105
  include Aws::Structure
7449
8106
  end
7450
8107
 
7451
- # A complex type that specifies a list of Lambda functions associations
7452
- # for a cache behavior.
8108
+ # A complex type that specifies a list of Lambda@Edge functions
8109
+ # associations for a cache behavior.
7453
8110
  #
7454
- # If you want to invoke one or more Lambda functions triggered by
8111
+ # If you want to invoke one or more Lambda@Edge functions triggered by
7455
8112
  # requests that match the `PathPattern` of the cache behavior, specify
7456
8113
  # the applicable values for `Quantity` and `Items`. Note that there can
7457
8114
  # be up to 4 `LambdaFunctionAssociation` items in this list (one for
7458
8115
  # each possible value of `EventType`) and each `EventType` can be
7459
- # associated with the Lambda function only once.
8116
+ # associated with only one function.
7460
8117
  #
7461
- # If you don't want to invoke any Lambda functions for the requests
7462
- # that match `PathPattern`, specify `0` for `Quantity` and omit `Items`.
8118
+ # If you don't want to invoke any Lambda@Edge functions for the
8119
+ # requests that match `PathPattern`, specify `0` for `Quantity` and omit
8120
+ # `Items`.
7463
8121
  #
7464
8122
  # @note When making an API call, you may pass LambdaFunctionAssociations
7465
8123
  # data as a hash:
@@ -7476,7 +8134,8 @@ module Aws::CloudFront
7476
8134
  # }
7477
8135
  #
7478
8136
  # @!attribute [rw] quantity
7479
- # The number of Lambda function associations for this cache behavior.
8137
+ # The number of Lambda@Edge function associations for this cache
8138
+ # behavior.
7480
8139
  # @return [Integer]
7481
8140
  #
7482
8141
  # @!attribute [rw] items
@@ -7507,9 +8166,10 @@ module Aws::CloudFront
7507
8166
  # A filter to return only the specified kinds of cache policies. Valid
7508
8167
  # values are:
7509
8168
  #
7510
- # * `managed` – Returns only the managed policies created by AWS.
8169
+ # * `managed` – Returns only the managed policies created by Amazon
8170
+ # Web Services.
7511
8171
  #
7512
- # * `custom` – Returns only the custom policies created in your AWS
8172
+ # * `custom` – Returns only the custom policies created in your
7513
8173
  # account.
7514
8174
  # @return [String]
7515
8175
  #
@@ -7594,6 +8254,61 @@ module Aws::CloudFront
7594
8254
  include Aws::Structure
7595
8255
  end
7596
8256
 
8257
+ # @note When making an API call, you may pass ListConflictingAliasesRequest
8258
+ # data as a hash:
8259
+ #
8260
+ # {
8261
+ # distribution_id: "distributionIdString", # required
8262
+ # alias: "aliasString", # required
8263
+ # marker: "string",
8264
+ # max_items: 1,
8265
+ # }
8266
+ #
8267
+ # @!attribute [rw] distribution_id
8268
+ # The ID of a distribution in your account that has an attached
8269
+ # SSL/TLS certificate that includes the provided alias.
8270
+ # @return [String]
8271
+ #
8272
+ # @!attribute [rw] alias
8273
+ # The alias (also called a CNAME) to search for conflicting aliases.
8274
+ # @return [String]
8275
+ #
8276
+ # @!attribute [rw] marker
8277
+ # Use this field when paginating results to indicate where to begin in
8278
+ # the list of conflicting aliases. The response includes conflicting
8279
+ # aliases in the list that occur after the marker. To get the next
8280
+ # page of the list, set this field’s value to the value of
8281
+ # `NextMarker` from the current page’s response.
8282
+ # @return [String]
8283
+ #
8284
+ # @!attribute [rw] max_items
8285
+ # The maximum number of conflicting aliases that you want in the
8286
+ # response.
8287
+ # @return [Integer]
8288
+ #
8289
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListConflictingAliasesRequest AWS API Documentation
8290
+ #
8291
+ class ListConflictingAliasesRequest < Struct.new(
8292
+ :distribution_id,
8293
+ :alias,
8294
+ :marker,
8295
+ :max_items)
8296
+ SENSITIVE = []
8297
+ include Aws::Structure
8298
+ end
8299
+
8300
+ # @!attribute [rw] conflicting_aliases_list
8301
+ # A list of conflicting aliases.
8302
+ # @return [Types::ConflictingAliasesList]
8303
+ #
8304
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListConflictingAliasesResult AWS API Documentation
8305
+ #
8306
+ class ListConflictingAliasesResult < Struct.new(
8307
+ :conflicting_aliases_list)
8308
+ SENSITIVE = []
8309
+ include Aws::Structure
8310
+ end
8311
+
7597
8312
  # @note When making an API call, you may pass ListDistributionsByCachePolicyIdRequest
7598
8313
  # data as a hash:
7599
8314
  #
@@ -7797,7 +8512,7 @@ module Aws::CloudFront
7797
8512
  end
7798
8513
 
7799
8514
  # The request to list distributions that are associated with a specified
7800
- # AWS WAF web ACL.
8515
+ # WAF web ACL.
7801
8516
  #
7802
8517
  # @note When making an API call, you may pass ListDistributionsByWebACLIdRequest
7803
8518
  # data as a hash:
@@ -7824,7 +8539,7 @@ module Aws::CloudFront
7824
8539
  # @return [Integer]
7825
8540
  #
7826
8541
  # @!attribute [rw] web_acl_id
7827
- # The ID of the AWS WAF web ACL that you want to list the associated
8542
+ # The ID of the WAF web ACL that you want to list the associated
7828
8543
  # distributions. If you specify "null" for the ID, the request
7829
8544
  # returns a list of the distributions that aren't associated with a
7830
8545
  # web ACL.
@@ -7841,7 +8556,7 @@ module Aws::CloudFront
7841
8556
  end
7842
8557
 
7843
8558
  # The response to a request to list the distributions that are
7844
- # associated with a specified AWS WAF web ACL.
8559
+ # associated with a specified WAF web ACL.
7845
8560
  #
7846
8561
  # @!attribute [rw] distribution_list
7847
8562
  # The `DistributionList` type.
@@ -7988,6 +8703,54 @@ module Aws::CloudFront
7988
8703
  include Aws::Structure
7989
8704
  end
7990
8705
 
8706
+ # @note When making an API call, you may pass ListFunctionsRequest
8707
+ # data as a hash:
8708
+ #
8709
+ # {
8710
+ # marker: "string",
8711
+ # max_items: 1,
8712
+ # stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
8713
+ # }
8714
+ #
8715
+ # @!attribute [rw] marker
8716
+ # Use this field when paginating results to indicate where to begin in
8717
+ # your list of functions. The response includes functions in the list
8718
+ # that occur after the marker. To get the next page of the list, set
8719
+ # this field’s value to the value of `NextMarker` from the current
8720
+ # page’s response.
8721
+ # @return [String]
8722
+ #
8723
+ # @!attribute [rw] max_items
8724
+ # The maximum number of functions that you want in the response.
8725
+ # @return [Integer]
8726
+ #
8727
+ # @!attribute [rw] stage
8728
+ # An optional filter to return only the functions that are in the
8729
+ # specified stage, either `DEVELOPMENT` or `LIVE`.
8730
+ # @return [String]
8731
+ #
8732
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListFunctionsRequest AWS API Documentation
8733
+ #
8734
+ class ListFunctionsRequest < Struct.new(
8735
+ :marker,
8736
+ :max_items,
8737
+ :stage)
8738
+ SENSITIVE = []
8739
+ include Aws::Structure
8740
+ end
8741
+
8742
+ # @!attribute [rw] function_list
8743
+ # A list of CloudFront functions.
8744
+ # @return [Types::FunctionList]
8745
+ #
8746
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListFunctionsResult AWS API Documentation
8747
+ #
8748
+ class ListFunctionsResult < Struct.new(
8749
+ :function_list)
8750
+ SENSITIVE = []
8751
+ include Aws::Structure
8752
+ end
8753
+
7991
8754
  # The request to list invalidations.
7992
8755
  #
7993
8756
  # @note When making an API call, you may pass ListInvalidationsRequest
@@ -8097,9 +8860,10 @@ module Aws::CloudFront
8097
8860
  # A filter to return only the specified kinds of origin request
8098
8861
  # policies. Valid values are:
8099
8862
  #
8100
- # * `managed` – Returns only the managed policies created by AWS.
8863
+ # * `managed` – Returns only the managed policies created by Amazon
8864
+ # Web Services.
8101
8865
  #
8102
- # * `custom` – Returns only the custom policies created in your AWS
8866
+ # * `custom` – Returns only the custom policies created in your
8103
8867
  # account.
8104
8868
  # @return [String]
8105
8869
  #
@@ -8460,6 +9224,19 @@ module Aws::CloudFront
8460
9224
  include Aws::Structure
8461
9225
  end
8462
9226
 
9227
+ # The function does not exist.
9228
+ #
9229
+ # @!attribute [rw] message
9230
+ # @return [String]
9231
+ #
9232
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/NoSuchFunctionExists AWS API Documentation
9233
+ #
9234
+ class NoSuchFunctionExists < Struct.new(
9235
+ :message)
9236
+ SENSITIVE = []
9237
+ include Aws::Structure
9238
+ end
9239
+
8463
9240
  # The specified invalidation does not exist.
8464
9241
  #
8465
9242
  # @!attribute [rw] message
@@ -9063,7 +9840,8 @@ module Aws::CloudFront
9063
9840
  # }
9064
9841
  #
9065
9842
  # @!attribute [rw] comment
9066
- # A comment to describe the origin request policy.
9843
+ # A comment to describe the origin request policy. The comment cannot
9844
+ # be longer than 128 characters.
9067
9845
  # @return [String]
9068
9846
  #
9069
9847
  # @!attribute [rw] name
@@ -9287,8 +10065,8 @@ module Aws::CloudFront
9287
10065
  # Contains an origin request policy.
9288
10066
  #
9289
10067
  # @!attribute [rw] type
9290
- # The type of origin request policy, either `managed` (created by AWS)
9291
- # or `custom` (created in this AWS account).
10068
+ # The type of origin request policy, either `managed` (created by
10069
+ # Amazon Web Services) or `custom` (created in this account).
9292
10070
  # @return [String]
9293
10071
  #
9294
10072
  # @!attribute [rw] origin_request_policy
@@ -9332,17 +10110,17 @@ module Aws::CloudFront
9332
10110
  # @return [Boolean]
9333
10111
  #
9334
10112
  # @!attribute [rw] origin_shield_region
9335
- # The AWS Region for Origin Shield.
10113
+ # The Region for Origin Shield.
9336
10114
  #
9337
- # Specify the AWS Region that has the lowest latency to your origin.
9338
- # To specify a region, use the region code, not the region name. For
10115
+ # Specify the Region that has the lowest latency to your origin. To
10116
+ # specify a region, use the region code, not the region name. For
9339
10117
  # example, specify the US East (Ohio) region as `us-east-2`.
9340
10118
  #
9341
- # When you enable CloudFront Origin Shield, you must specify the AWS
9342
- # Region for Origin Shield. For the list of AWS Regions that you can
10119
+ # When you enable CloudFront Origin Shield, you must specify the
10120
+ # Region for Origin Shield. For the list of Regions that you can
9343
10121
  # specify, and for help choosing the best Region for your origin, see
9344
- # [Choosing the AWS Region for Origin Shield][1] in the *Amazon
9345
- # CloudFront Developer Guide*.
10122
+ # [Choosing the Region for Origin Shield][1] in the *Amazon CloudFront
10123
+ # Developer Guide*.
9346
10124
  #
9347
10125
  #
9348
10126
  #
@@ -9637,8 +10415,8 @@ module Aws::CloudFront
9637
10415
  include Aws::Structure
9638
10416
  end
9639
10417
 
9640
- # The precondition given in one or more of the request header fields
9641
- # evaluated to `false`.
10418
+ # The precondition in one or more of the request fields evaluated to
10419
+ # `false`.
9642
10420
  #
9643
10421
  # @!attribute [rw] message
9644
10422
  # @return [String]
@@ -9740,7 +10518,8 @@ module Aws::CloudFront
9740
10518
  # @return [String]
9741
10519
  #
9742
10520
  # @!attribute [rw] comment
9743
- # A comment to describe the public key.
10521
+ # A comment to describe the public key. The comment cannot be longer
10522
+ # than 128 characters.
9744
10523
  # @return [String]
9745
10524
  #
9746
10525
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublicKeyConfig AWS API Documentation
@@ -9823,7 +10602,8 @@ module Aws::CloudFront
9823
10602
  # @return [String]
9824
10603
  #
9825
10604
  # @!attribute [rw] comment
9826
- # A comment to describe the public key.
10605
+ # A comment to describe the public key. The comment cannot be longer
10606
+ # than 128 characters.
9827
10607
  # @return [String]
9828
10608
  #
9829
10609
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublicKeySummary AWS API Documentation
@@ -9838,6 +10618,45 @@ module Aws::CloudFront
9838
10618
  include Aws::Structure
9839
10619
  end
9840
10620
 
10621
+ # @note When making an API call, you may pass PublishFunctionRequest
10622
+ # data as a hash:
10623
+ #
10624
+ # {
10625
+ # name: "string", # required
10626
+ # if_match: "string", # required
10627
+ # }
10628
+ #
10629
+ # @!attribute [rw] name
10630
+ # The name of the function that you are publishing.
10631
+ # @return [String]
10632
+ #
10633
+ # @!attribute [rw] if_match
10634
+ # The current version (`ETag` value) of the function that you are
10635
+ # publishing, which you can get using `DescribeFunction`.
10636
+ # @return [String]
10637
+ #
10638
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublishFunctionRequest AWS API Documentation
10639
+ #
10640
+ class PublishFunctionRequest < Struct.new(
10641
+ :name,
10642
+ :if_match)
10643
+ SENSITIVE = []
10644
+ include Aws::Structure
10645
+ end
10646
+
10647
+ # @!attribute [rw] function_summary
10648
+ # Contains configuration information and metadata about a CloudFront
10649
+ # function.
10650
+ # @return [Types::FunctionSummary]
10651
+ #
10652
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/PublishFunctionResult AWS API Documentation
10653
+ #
10654
+ class PublishFunctionResult < Struct.new(
10655
+ :function_summary)
10656
+ SENSITIVE = []
10657
+ include Aws::Structure
10658
+ end
10659
+
9841
10660
  # Query argument-profile mapping for field-level encryption.
9842
10661
  #
9843
10662
  # @note When making an API call, you may pass QueryArgProfile
@@ -10098,6 +10917,20 @@ module Aws::CloudFront
10098
10917
  include Aws::Structure
10099
10918
  end
10100
10919
 
10920
+ # The specified real-time log configuration belongs to a different
10921
+ # account.
10922
+ #
10923
+ # @!attribute [rw] message
10924
+ # @return [String]
10925
+ #
10926
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/RealtimeLogConfigOwnerMismatch AWS API Documentation
10927
+ #
10928
+ class RealtimeLogConfigOwnerMismatch < Struct.new(
10929
+ :message)
10930
+ SENSITIVE = []
10931
+ include Aws::Structure
10932
+ end
10933
+
10101
10934
  # A list of real-time log configurations.
10102
10935
  #
10103
10936
  # @!attribute [rw] max_items
@@ -10303,16 +11136,16 @@ module Aws::CloudFront
10303
11136
  include Aws::Structure
10304
11137
  end
10305
11138
 
10306
- # A list of AWS accounts and the active CloudFront key pairs in each
10307
- # account that CloudFront can use to verify the signatures of signed
10308
- # URLs and signed cookies.
11139
+ # A list of accounts and the active CloudFront key pairs in each account
11140
+ # that CloudFront can use to verify the signatures of signed URLs and
11141
+ # signed cookies.
10309
11142
  #
10310
11143
  # @!attribute [rw] aws_account_number
10311
- # An AWS account number that contains active CloudFront key pairs that
11144
+ # An account number that contains active CloudFront key pairs that
10312
11145
  # CloudFront can use to verify the signatures of signed URLs and
10313
- # signed cookies. If the AWS account that owns the key pairs is the
10314
- # same account that owns the CloudFront distribution, the value of
10315
- # this field is `self`.
11146
+ # signed cookies. If the account that owns the key pairs is the same
11147
+ # account that owns the CloudFront distribution, the value of this
11148
+ # field is `self`.
10316
11149
  # @return [String]
10317
11150
  #
10318
11151
  # @!attribute [rw] key_pair_ids
@@ -10369,7 +11202,7 @@ module Aws::CloudFront
10369
11202
  # @!attribute [rw] arn
10370
11203
  # The ARN (Amazon Resource Name) for the distribution. For example:
10371
11204
  # `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
10372
- # where `123456789012` is your AWS account ID.
11205
+ # where `123456789012` is your account ID.
10373
11206
  # @return [String]
10374
11207
  #
10375
11208
  # @!attribute [rw] status
@@ -10388,17 +11221,17 @@ module Aws::CloudFront
10388
11221
  # @return [String]
10389
11222
  #
10390
11223
  # @!attribute [rw] active_trusted_signers
10391
- # A complex type that lists the AWS accounts, if any, that you
10392
- # included in the `TrustedSigners` complex type for this distribution.
10393
- # These are the accounts that you want to allow to create signed URLs
10394
- # for private content.
10395
- #
10396
- # The `Signer` complex type lists the AWS account number of the
10397
- # trusted signer or `self` if the signer is the AWS account that
10398
- # created the distribution. The `Signer` element also includes the IDs
10399
- # of any active CloudFront key pairs that are associated with the
10400
- # trusted signer's AWS account. If no `KeyPairId` element appears for
10401
- # a `Signer`, that signer can't create signed URLs.
11224
+ # A complex type that lists the accounts, if any, that you included in
11225
+ # the `TrustedSigners` complex type for this distribution. These are
11226
+ # the accounts that you want to allow to create signed URLs for
11227
+ # private content.
11228
+ #
11229
+ # The `Signer` complex type lists the account number of the trusted
11230
+ # signer or `self` if the signer is the account that created the
11231
+ # distribution. The `Signer` element also includes the IDs of any
11232
+ # active CloudFront key pairs that are associated with the trusted
11233
+ # signer's account. If no `KeyPairId` element appears for a `Signer`,
11234
+ # that signer can't create signed URLs.
10402
11235
  #
10403
11236
  # For more information, see [Serving Private Content through
10404
11237
  # CloudFront][1] in the *Amazon CloudFront Developer Guide*.
@@ -10504,8 +11337,8 @@ module Aws::CloudFront
10504
11337
  # @return [Types::StreamingLoggingConfig]
10505
11338
  #
10506
11339
  # @!attribute [rw] trusted_signers
10507
- # A complex type that specifies any AWS accounts that you want to
10508
- # permit to create signed URLs for private content. If you want the
11340
+ # A complex type that specifies any accounts that you want to permit
11341
+ # to create signed URLs for private content. If you want the
10509
11342
  # distribution to use signed URLs, include this element; if you want
10510
11343
  # the distribution to use public URLs, remove this element. For more
10511
11344
  # information, see [Serving Private Content through CloudFront][1] in
@@ -10624,12 +11457,12 @@ module Aws::CloudFront
10624
11457
  #
10625
11458
  # @!attribute [rw] quantity
10626
11459
  # The number of streaming distributions that were created by the
10627
- # current AWS account.
11460
+ # current account.
10628
11461
  # @return [Integer]
10629
11462
  #
10630
11463
  # @!attribute [rw] items
10631
11464
  # A complex type that contains one `StreamingDistributionSummary`
10632
- # element for each distribution that was created by the current AWS
11465
+ # element for each distribution that was created by the current
10633
11466
  # account.
10634
11467
  # @return [Array<Types::StreamingDistributionSummary>]
10635
11468
  #
@@ -10670,7 +11503,7 @@ module Aws::CloudFront
10670
11503
  # The ARN (Amazon Resource Name) for the streaming distribution. For
10671
11504
  # example:
10672
11505
  # `arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5`,
10673
- # where `123456789012` is your AWS account ID.
11506
+ # where `123456789012` is your account ID.
10674
11507
  # @return [String]
10675
11508
  #
10676
11509
  # @!attribute [rw] status
@@ -10700,9 +11533,9 @@ module Aws::CloudFront
10700
11533
  # @return [Types::Aliases]
10701
11534
  #
10702
11535
  # @!attribute [rw] trusted_signers
10703
- # A complex type that specifies the AWS accounts, if any, that you
10704
- # want to allow to create signed URLs for private content. If you want
10705
- # to require signed URLs in requests for objects in the target origin
11536
+ # A complex type that specifies the accounts, if any, that you want to
11537
+ # allow to create signed URLs for private content. If you want to
11538
+ # require signed URLs in requests for objects in the target origin
10706
11539
  # that match the `PathPattern` for this cache behavior, specify `true`
10707
11540
  # for `Enabled`, and specify the applicable values for `Quantity` and
10708
11541
  # `Items`.If you don't want to require signed URLs in requests for
@@ -10914,6 +11747,124 @@ module Aws::CloudFront
10914
11747
  include Aws::Structure
10915
11748
  end
10916
11749
 
11750
+ # The CloudFront function failed.
11751
+ #
11752
+ # @!attribute [rw] message
11753
+ # @return [String]
11754
+ #
11755
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TestFunctionFailed AWS API Documentation
11756
+ #
11757
+ class TestFunctionFailed < Struct.new(
11758
+ :message)
11759
+ SENSITIVE = []
11760
+ include Aws::Structure
11761
+ end
11762
+
11763
+ # @note When making an API call, you may pass TestFunctionRequest
11764
+ # data as a hash:
11765
+ #
11766
+ # {
11767
+ # name: "string", # required
11768
+ # if_match: "string", # required
11769
+ # stage: "DEVELOPMENT", # accepts DEVELOPMENT, LIVE
11770
+ # event_object: "data", # required
11771
+ # }
11772
+ #
11773
+ # @!attribute [rw] name
11774
+ # The name of the function that you are testing.
11775
+ # @return [String]
11776
+ #
11777
+ # @!attribute [rw] if_match
11778
+ # The current version (`ETag` value) of the function that you are
11779
+ # testing, which you can get using `DescribeFunction`.
11780
+ # @return [String]
11781
+ #
11782
+ # @!attribute [rw] stage
11783
+ # The stage of the function that you are testing, either `DEVELOPMENT`
11784
+ # or `LIVE`.
11785
+ # @return [String]
11786
+ #
11787
+ # @!attribute [rw] event_object
11788
+ # The event object to test the function with. For more information
11789
+ # about the structure of the event object, see [Testing functions][1]
11790
+ # in the *Amazon CloudFront Developer Guide*.
11791
+ #
11792
+ #
11793
+ #
11794
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/managing-functions.html#test-function
11795
+ # @return [String]
11796
+ #
11797
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TestFunctionRequest AWS API Documentation
11798
+ #
11799
+ class TestFunctionRequest < Struct.new(
11800
+ :name,
11801
+ :if_match,
11802
+ :stage,
11803
+ :event_object)
11804
+ SENSITIVE = [:event_object]
11805
+ include Aws::Structure
11806
+ end
11807
+
11808
+ # @!attribute [rw] test_result
11809
+ # An object that represents the result of running the function with
11810
+ # the provided event object.
11811
+ # @return [Types::TestResult]
11812
+ #
11813
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TestFunctionResult AWS API Documentation
11814
+ #
11815
+ class TestFunctionResult < Struct.new(
11816
+ :test_result)
11817
+ SENSITIVE = []
11818
+ include Aws::Structure
11819
+ end
11820
+
11821
+ # Contains the result of testing a CloudFront function with
11822
+ # `TestFunction`.
11823
+ #
11824
+ # @!attribute [rw] function_summary
11825
+ # Contains configuration information and metadata about the CloudFront
11826
+ # function that was tested.
11827
+ # @return [Types::FunctionSummary]
11828
+ #
11829
+ # @!attribute [rw] compute_utilization
11830
+ # The amount of time that the function took to run as a percentage of
11831
+ # the maximum allowed time. For example, a compute utilization of 35
11832
+ # means that the function completed in 35% of the maximum allowed
11833
+ # time.
11834
+ # @return [String]
11835
+ #
11836
+ # @!attribute [rw] function_execution_logs
11837
+ # Contains the log lines that the function wrote (if any) when running
11838
+ # the test.
11839
+ # @return [Array<String>]
11840
+ #
11841
+ # @!attribute [rw] function_error_message
11842
+ # If the result of testing the function was an error, this field
11843
+ # contains the error message.
11844
+ # @return [String]
11845
+ #
11846
+ # @!attribute [rw] function_output
11847
+ # The event object returned by the function. For more information
11848
+ # about the structure of the event object, see [Event object
11849
+ # structure][1] in the *Amazon CloudFront Developer Guide*.
11850
+ #
11851
+ #
11852
+ #
11853
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/functions-event-structure.html
11854
+ # @return [String]
11855
+ #
11856
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TestResult AWS API Documentation
11857
+ #
11858
+ class TestResult < Struct.new(
11859
+ :function_summary,
11860
+ :compute_utilization,
11861
+ :function_execution_logs,
11862
+ :function_error_message,
11863
+ :function_output)
11864
+ SENSITIVE = []
11865
+ include Aws::Structure
11866
+ end
11867
+
10917
11868
  # You cannot create more cache behaviors for the distribution.
10918
11869
  #
10919
11870
  # @!attribute [rw] message
@@ -10927,7 +11878,7 @@ module Aws::CloudFront
10927
11878
  include Aws::Structure
10928
11879
  end
10929
11880
 
10930
- # You have reached the maximum number of cache policies for this AWS
11881
+ # You have reached the maximum number of cache policies for this
10931
11882
  # account. For more information, see [Quotas][1] (formerly known as
10932
11883
  # limits) in the *Amazon CloudFront Developer Guide*.
10933
11884
  #
@@ -11123,8 +12074,28 @@ module Aws::CloudFront
11123
12074
  include Aws::Structure
11124
12075
  end
11125
12076
 
12077
+ # You have reached the maximum number of distributions that are
12078
+ # associated with a CloudFront function. For more information, see
12079
+ # [Quotas][1] (formerly known as limits) in the *Amazon CloudFront
12080
+ # Developer Guide*.
12081
+ #
12082
+ #
12083
+ #
12084
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
12085
+ #
12086
+ # @!attribute [rw] message
12087
+ # @return [String]
12088
+ #
12089
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyDistributionsWithFunctionAssociations AWS API Documentation
12090
+ #
12091
+ class TooManyDistributionsWithFunctionAssociations < Struct.new(
12092
+ :message)
12093
+ SENSITIVE = []
12094
+ include Aws::Structure
12095
+ end
12096
+
11126
12097
  # Processing your request would cause the maximum number of
11127
- # distributions with Lambda function associations per owner to be
12098
+ # distributions with Lambda@Edge function associations per owner to be
11128
12099
  # exceeded.
11129
12100
  #
11130
12101
  # @!attribute [rw] message
@@ -11139,7 +12110,7 @@ module Aws::CloudFront
11139
12110
  end
11140
12111
 
11141
12112
  # The maximum number of distributions have been associated with the
11142
- # specified Lambda function.
12113
+ # specified Lambda@Edge function.
11143
12114
  #
11144
12115
  # @!attribute [rw] message
11145
12116
  # @return [String]
@@ -11236,6 +12207,45 @@ module Aws::CloudFront
11236
12207
  include Aws::Structure
11237
12208
  end
11238
12209
 
12210
+ # You have reached the maximum number of CloudFront function
12211
+ # associations for this distribution. For more information, see
12212
+ # [Quotas][1] (formerly known as limits) in the *Amazon CloudFront
12213
+ # Developer Guide*.
12214
+ #
12215
+ #
12216
+ #
12217
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
12218
+ #
12219
+ # @!attribute [rw] message
12220
+ # @return [String]
12221
+ #
12222
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyFunctionAssociations AWS API Documentation
12223
+ #
12224
+ class TooManyFunctionAssociations < Struct.new(
12225
+ :message)
12226
+ SENSITIVE = []
12227
+ include Aws::Structure
12228
+ end
12229
+
12230
+ # You have reached the maximum number of CloudFront functions for this
12231
+ # account. For more information, see [Quotas][1] (formerly known as
12232
+ # limits) in the *Amazon CloudFront Developer Guide*.
12233
+ #
12234
+ #
12235
+ #
12236
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html
12237
+ #
12238
+ # @!attribute [rw] message
12239
+ # @return [String]
12240
+ #
12241
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TooManyFunctions AWS API Documentation
12242
+ #
12243
+ class TooManyFunctions < Struct.new(
12244
+ :message)
12245
+ SENSITIVE = []
12246
+ include Aws::Structure
12247
+ end
12248
+
11239
12249
  # The number of headers in the cache policy exceeds the maximum. For
11240
12250
  # more information, see [Quotas][1] (formerly known as limits) in the
11241
12251
  # *Amazon CloudFront Developer Guide*.
@@ -11301,9 +12311,9 @@ module Aws::CloudFront
11301
12311
  include Aws::Structure
11302
12312
  end
11303
12313
 
11304
- # You have reached the maximum number of key groups for this AWS
11305
- # account. For more information, see [Quotas][1] (formerly known as
11306
- # limits) in the *Amazon CloudFront Developer Guide*.
12314
+ # You have reached the maximum number of key groups for this account.
12315
+ # For more information, see [Quotas][1] (formerly known as limits) in
12316
+ # the *Amazon CloudFront Developer Guide*.
11307
12317
  #
11308
12318
  #
11309
12319
  #
@@ -11339,7 +12349,7 @@ module Aws::CloudFront
11339
12349
  include Aws::Structure
11340
12350
  end
11341
12351
 
11342
- # Your request contains more Lambda function associations than are
12352
+ # Your request contains more Lambda@Edge function associations than are
11343
12353
  # allowed per distribution.
11344
12354
  #
11345
12355
  # @!attribute [rw] message
@@ -11381,8 +12391,8 @@ module Aws::CloudFront
11381
12391
  end
11382
12392
 
11383
12393
  # You have reached the maximum number of origin request policies for
11384
- # this AWS account. For more information, see [Quotas][1] (formerly
11385
- # known as limits) in the *Amazon CloudFront Developer Guide*.
12394
+ # this account. For more information, see [Quotas][1] (formerly known as
12395
+ # limits) in the *Amazon CloudFront Developer Guide*.
11386
12396
  #
11387
12397
  #
11388
12398
  #
@@ -11497,7 +12507,7 @@ module Aws::CloudFront
11497
12507
  end
11498
12508
 
11499
12509
  # You have reached the maximum number of real-time log configurations
11500
- # for this AWS account. For more information, see [Quotas][1] (formerly
12510
+ # for this account. For more information, see [Quotas][1] (formerly
11501
12511
  # known as limits) in the *Amazon CloudFront Developer Guide*.
11502
12512
  #
11503
12513
  #
@@ -11618,8 +12628,8 @@ module Aws::CloudFront
11618
12628
  include Aws::Structure
11619
12629
  end
11620
12630
 
11621
- # A list of AWS accounts whose public keys CloudFront can use to verify
11622
- # the signatures of signed URLs and signed cookies.
12631
+ # A list of accounts whose public keys CloudFront can use to verify the
12632
+ # signatures of signed URLs and signed cookies.
11623
12633
  #
11624
12634
  # @note When making an API call, you may pass TrustedSigners
11625
12635
  # data as a hash:
@@ -11631,17 +12641,17 @@ module Aws::CloudFront
11631
12641
  # }
11632
12642
  #
11633
12643
  # @!attribute [rw] enabled
11634
- # This field is `true` if any of the AWS accounts have public keys
11635
- # that CloudFront can use to verify the signatures of signed URLs and
12644
+ # This field is `true` if any of the accounts have public keys that
12645
+ # CloudFront can use to verify the signatures of signed URLs and
11636
12646
  # signed cookies. If not, this field is `false`.
11637
12647
  # @return [Boolean]
11638
12648
  #
11639
12649
  # @!attribute [rw] quantity
11640
- # The number of AWS accounts in the list.
12650
+ # The number of accounts in the list.
11641
12651
  # @return [Integer]
11642
12652
  #
11643
12653
  # @!attribute [rw] items
11644
- # A list of AWS account identifiers.
12654
+ # A list of account identifiers.
11645
12655
  # @return [Array<String>]
11646
12656
  #
11647
12657
  # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedSigners AWS API Documentation
@@ -11654,6 +12664,19 @@ module Aws::CloudFront
11654
12664
  include Aws::Structure
11655
12665
  end
11656
12666
 
12667
+ # This operation is not supported in this region.
12668
+ #
12669
+ # @!attribute [rw] message
12670
+ # @return [String]
12671
+ #
12672
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UnsupportedOperation AWS API Documentation
12673
+ #
12674
+ class UnsupportedOperation < Struct.new(
12675
+ :message)
12676
+ SENSITIVE = []
12677
+ include Aws::Structure
12678
+ end
12679
+
11657
12680
  # The request to remove tags from a CloudFront resource.
11658
12681
  #
11659
12682
  # @note When making an API call, you may pass UntagResourceRequest
@@ -11930,6 +12953,15 @@ module Aws::CloudFront
11930
12953
  # },
11931
12954
  # ],
11932
12955
  # },
12956
+ # function_associations: {
12957
+ # quantity: 1, # required
12958
+ # items: [
12959
+ # {
12960
+ # function_arn: "FunctionARN", # required
12961
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
12962
+ # },
12963
+ # ],
12964
+ # },
11933
12965
  # field_level_encryption_id: "string",
11934
12966
  # realtime_log_config_arn: "string",
11935
12967
  # cache_policy_id: "string",
@@ -11993,6 +13025,15 @@ module Aws::CloudFront
11993
13025
  # },
11994
13026
  # ],
11995
13027
  # },
13028
+ # function_associations: {
13029
+ # quantity: 1, # required
13030
+ # items: [
13031
+ # {
13032
+ # function_arn: "FunctionARN", # required
13033
+ # event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
13034
+ # },
13035
+ # ],
13036
+ # },
11996
13037
  # field_level_encryption_id: "string",
11997
13038
  # realtime_log_config_arn: "string",
11998
13039
  # cache_policy_id: "string",
@@ -12046,7 +13087,7 @@ module Aws::CloudFront
12046
13087
  # iam_certificate_id: "string",
12047
13088
  # acm_certificate_arn: "string",
12048
13089
  # ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
12049
- # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
13090
+ # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
12050
13091
  # certificate: "string",
12051
13092
  # certificate_source: "cloudfront", # accepts cloudfront, iam, acm
12052
13093
  # },
@@ -12252,6 +13293,72 @@ module Aws::CloudFront
12252
13293
  include Aws::Structure
12253
13294
  end
12254
13295
 
13296
+ # @note When making an API call, you may pass UpdateFunctionRequest
13297
+ # data as a hash:
13298
+ #
13299
+ # {
13300
+ # name: "string", # required
13301
+ # if_match: "string", # required
13302
+ # function_config: { # required
13303
+ # comment: "string", # required
13304
+ # runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0
13305
+ # },
13306
+ # function_code: "data", # required
13307
+ # }
13308
+ #
13309
+ # @!attribute [rw] name
13310
+ # The name of the function that you are updating.
13311
+ # @return [String]
13312
+ #
13313
+ # @!attribute [rw] if_match
13314
+ # The current version (`ETag` value) of the function that you are
13315
+ # updating, which you can get using `DescribeFunction`.
13316
+ # @return [String]
13317
+ #
13318
+ # @!attribute [rw] function_config
13319
+ # Configuration information about the function.
13320
+ # @return [Types::FunctionConfig]
13321
+ #
13322
+ # @!attribute [rw] function_code
13323
+ # The function code. For more information about writing a CloudFront
13324
+ # function, see [Writing function code for CloudFront Functions][1] in
13325
+ # the *Amazon CloudFront Developer Guide*.
13326
+ #
13327
+ #
13328
+ #
13329
+ # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/writing-function-code.html
13330
+ # @return [String]
13331
+ #
13332
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateFunctionRequest AWS API Documentation
13333
+ #
13334
+ class UpdateFunctionRequest < Struct.new(
13335
+ :name,
13336
+ :if_match,
13337
+ :function_config,
13338
+ :function_code)
13339
+ SENSITIVE = [:function_code]
13340
+ include Aws::Structure
13341
+ end
13342
+
13343
+ # @!attribute [rw] function_summary
13344
+ # Contains configuration information and metadata about a CloudFront
13345
+ # function.
13346
+ # @return [Types::FunctionSummary]
13347
+ #
13348
+ # @!attribute [rw] etag
13349
+ # The version identifier for the current version of the CloudFront
13350
+ # function.
13351
+ # @return [String]
13352
+ #
13353
+ # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateFunctionResult AWS API Documentation
13354
+ #
13355
+ class UpdateFunctionResult < Struct.new(
13356
+ :function_summary,
13357
+ :etag)
13358
+ SENSITIVE = []
13359
+ include Aws::Structure
13360
+ end
13361
+
12255
13362
  # @note When making an API call, you may pass UpdateKeyGroupRequest
12256
13363
  # data as a hash:
12257
13364
  #
@@ -12619,9 +13726,9 @@ module Aws::CloudFront
12619
13726
  # value for `MinimumProtocolVersion`. For more information, see
12620
13727
  # [Security Policy][2] in the *Amazon CloudFront Developer Guide*.
12621
13728
  #
12622
- # * The location of the SSL/TLS certificate, [AWS Certificate Manager
12623
- # (ACM)][3] (recommended) or [AWS Identity and Access Management (AWS
12624
- # IAM)][4]. You specify the location by setting a value in one of the
13729
+ # * The location of the SSL/TLS certificate, [Certificate Manager
13730
+ # (ACM)][3] (recommended) or [Identity and Access Management
13731
+ # (IAM)][4]. You specify the location by setting a value in one of the
12625
13732
  # following fields (not both):
12626
13733
  #
12627
13734
  # * `ACMCertificateArn`
@@ -12655,7 +13762,7 @@ module Aws::CloudFront
12655
13762
  # iam_certificate_id: "string",
12656
13763
  # acm_certificate_arn: "string",
12657
13764
  # ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
12658
- # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
13765
+ # minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
12659
13766
  # certificate: "string",
12660
13767
  # certificate_source: "cloudfront", # accepts cloudfront, iam, acm
12661
13768
  # }
@@ -12678,9 +13785,8 @@ module Aws::CloudFront
12678
13785
  #
12679
13786
  # @!attribute [rw] iam_certificate_id
12680
13787
  # If the distribution uses `Aliases` (alternate domain names or
12681
- # CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and
12682
- # Access Management (AWS IAM)][1], provide the ID of the IAM
12683
- # certificate.
13788
+ # CNAMEs) and the SSL/TLS certificate is stored in [Identity and
13789
+ # Access Management (IAM)][1], provide the ID of the IAM certificate.
12684
13790
  #
12685
13791
  # If you specify an IAM certificate ID, you must also specify values
12686
13792
  # for `MinimumProtocolVersion` and `SSLSupportMethod`.
@@ -12692,7 +13798,7 @@ module Aws::CloudFront
12692
13798
  #
12693
13799
  # @!attribute [rw] acm_certificate_arn
12694
13800
  # If the distribution uses `Aliases` (alternate domain names or
12695
- # CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate
13801
+ # CNAMEs) and the SSL/TLS certificate is stored in [Certificate
12696
13802
  # Manager (ACM)][1], provide the Amazon Resource Name (ARN) of the ACM
12697
13803
  # certificate. CloudFront only supports ACM certificates in the US
12698
13804
  # East (N. Virginia) Region (`us-east-1`).
@@ -12722,8 +13828,8 @@ module Aws::CloudFront
12722
13828
  # * `static-ip` - Do not specify this value unless your distribution
12723
13829
  # has been enabled for this feature by the CloudFront team. If you
12724
13830
  # have a use case that requires static IP addresses for a
12725
- # distribution, contact CloudFront through the [AWS Support
12726
- # Center][2].
13831
+ # distribution, contact CloudFront through the [Amazon Web Services
13832
+ # Support Center][2].
12727
13833
  #
12728
13834
  # If the distribution uses the CloudFront domain name such as
12729
13835
  # `d111111abcdef8.cloudfront.net`, don’t set a value for this field.