aws-sdk-cloudfront 1.51.0 → 1.55.0

data/lib/aws-sdk-cloudfront/types.rb

@@ -53,23 +53,23 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A list of AWS accounts and the active CloudFront key pairs in each
-    # account that CloudFront can use to verify the signatures of signed
-    # URLs and signed cookies.
+    # A list of accounts and the active CloudFront key pairs in each account
+    # that CloudFront can use to verify the signatures of signed URLs and
+    # signed cookies.
     #
     # @!attribute [rw] enabled
-    #   This field is `true` if any of the AWS accounts in the list have
-    #   active CloudFront key pairs that CloudFront can use to verify the
+    #   This field is `true` if any of the accounts in the list have active
+    #   CloudFront key pairs that CloudFront can use to verify the
     #   signatures of signed URLs and signed cookies. If not, this field is
     #   `false`.
     #   @return [Boolean]
     #
     # @!attribute [rw] quantity
-    #   The number of AWS accounts in the list.
+    #   The number of accounts in the list.
     #   @return [Integer]
     #
     # @!attribute [rw] items
-    #   A list of AWS accounts and the identifiers of active CloudFront key
+    #   A list of accounts and the identifiers of active CloudFront key
     #   pairs in each account that CloudFront can use to verify the
     #   signatures of signed URLs and signed cookies.
     #   @return [Array<Types::Signer>]
@@ -84,15 +84,17 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # AWS services in China customers must file for an Internet Content
-    # Provider (ICP) recordal if they want to serve content publicly on an
-    # alternate domain name, also known as a CNAME, that they've added to
-    # CloudFront. AliasICPRecordal provides the ICP recordal status for
-    # CNAMEs associated with distributions. The status is returned in the
-    # CloudFront response; you can't configure it yourself.
+    # Amazon Web Services services in China customers must file for an
+    # Internet Content Provider (ICP) recordal if they want to serve content
+    # publicly on an alternate domain name, also known as a CNAME, that
+    # they've added to CloudFront. AliasICPRecordal provides the ICP
+    # recordal status for CNAMEs associated with distributions. The status
+    # is returned in the CloudFront response; you can't configure it
+    # yourself.
     #
     # For more information about ICP recordals, see [ Signup, Accounts, and
-    # Credentials][1] in *Getting Started with AWS services in China*.
+    # Credentials][1] in *Getting Started with Amazon Web Services services
+    # in China*.
     #
     #
     #
@@ -230,6 +232,31 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass AssociateAliasRequest
+    #   data as a hash:
+    #
+    #       {
+    #         target_distribution_id: "string", # required
+    #         alias: "string", # required
+    #       }
+    #
+    # @!attribute [rw] target_distribution_id
+    #   The ID of the distribution that you’re associating the alias with.
+    #   @return [String]
+    #
+    # @!attribute [rw] alias
+    #   The alias (also known as a CNAME) to add to the target distribution.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/AssociateAliasRequest AWS API Documentation
+    #
+    class AssociateAliasRequest < Struct.new(
+      :target_distribution_id,
+      :alias)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # Invalidation batch specified is too large.
     #
     # @!attribute [rw] message
@@ -396,16 +423,16 @@ module Aws::CloudFront
     # @!attribute [rw] trusted_signers
     #   We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
     #
-    #   A list of AWS account IDs whose public keys CloudFront can use to
+    #   A list of account IDs whose public keys CloudFront can use to
     #   validate signed URLs or signed cookies.
     #
     #   When a cache behavior contains trusted signers, CloudFront requires
     #   signed URLs or signed cookies for all requests that match the cache
     #   behavior. The URLs or cookies must be signed with the private key of
-    #   a CloudFront key pair in the trusted signer’s AWS account. The
-    #   signed URL or cookie contains information about which public key
-    #   CloudFront should use to verify the signature. For more information,
-    #   see [Serving private content][1] in the *Amazon CloudFront Developer
+    #   a CloudFront key pair in the trusted signer’s account. The signed
+    #   URL or cookie contains information about which public key CloudFront
+    #   should use to verify the signature. For more information, see
+    #   [Serving private content][1] in the *Amazon CloudFront Developer
     #   Guide*.
     #
     #
@@ -508,7 +535,7 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] lambda_function_associations
-    #   A complex type that contains zero or more Lambda function
+    #   A complex type that contains zero or more Lambda@Edge function
     #   associations for a cache behavior.
     #   @return [Types::LambdaFunctionAssociations]
     #
@@ -1181,8 +1208,8 @@ module Aws::CloudFront
     # Contains a cache policy.
     #
     # @!attribute [rw] type
-    #   The type of cache policy, either `managed` (created by AWS) or
-    #   `custom` (created in this AWS account).
+    #   The type of cache policy, either `managed` (created by Amazon Web
+    #   Services) or `custom` (created in this account).
     #   @return [String]
     #
     # @!attribute [rw] cache_policy
@@ -1393,13 +1420,13 @@ module Aws::CloudFront
     #
     # @!attribute [rw] quantity
     #   The number of CloudFront origin access identities that were created
-    #   by the current AWS account.
+    #   by the current account.
     #   @return [Integer]
     #
     # @!attribute [rw] items
     #   A complex type that contains one
     #   `CloudFrontOriginAccessIdentitySummary` element for each origin
-    #   access identity that was created by the current AWS account.
+    #   access identity that was created by the current account.
     #   @return [Array<Types::CloudFrontOriginAccessIdentitySummary>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CloudFrontOriginAccessIdentityList AWS API Documentation
@@ -1443,6 +1470,73 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
+    # An alias (also called a CNAME) and the CloudFront distribution and
+    # Amazon Web Services account ID that it’s associated with. The
+    # distribution and account IDs are partially hidden, which allows you to
+    # identify the distributions and accounts that you own, but helps to
+    # protect the information of ones that you don’t own.
+    #
+    # @!attribute [rw] alias
+    #   An alias (also called a CNAME).
+    #   @return [String]
+    #
+    # @!attribute [rw] distribution_id
+    #   The (partially hidden) ID of the CloudFront distribution associated
+    #   with the alias.
+    #   @return [String]
+    #
+    # @!attribute [rw] account_id
+    #   The (partially hidden) ID of the Amazon Web Services account that
+    #   owns the distribution that’s associated with the alias.
+    #   @return [String]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ConflictingAlias AWS API Documentation
+    #
+    class ConflictingAlias < Struct.new(
+      :alias,
+      :distribution_id,
+      :account_id)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # A list of aliases (also called CNAMEs) and the CloudFront
+    # distributions and Amazon Web Services accounts that they are
+    # associated with. In the list, the distribution and account IDs are
+    # partially hidden, which allows you to identify the distributions and
+    # accounts that you own, but helps to protect the information of ones
+    # that you don’t own.
+    #
+    # @!attribute [rw] next_marker
+    #   If there are more items in the list than are in this response, this
+    #   element is present. It contains the value that you should use in the
+    #   `Marker` field of a subsequent request to continue listing
+    #   conflicting aliases where you left off.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_items
+    #   The maximum number of conflicting aliases requested.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] quantity
+    #   The number of conflicting aliases returned in the response.
+    #   @return [Integer]
+    #
+    # @!attribute [rw] items
+    #   Contains the conflicting aliases in the list.
+    #   @return [Array<Types::ConflictingAlias>]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ConflictingAliasesList AWS API Documentation
+    #
+    class ConflictingAliasesList < Struct.new(
+      :next_marker,
+      :max_items,
+      :quantity,
+      :items)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # A field-level encryption content type profile.
     #
     # @note When making an API call, you may pass ContentTypeProfile
@@ -1663,7 +1757,7 @@ module Aws::CloudFront
     #
     #   For the current limit on the number of cookie names that you can
     #   whitelist for each cache behavior, see [ CloudFront Limits][3] in
-    #   the *AWS General Reference*.
+    #   the *Amazon Web Services General Reference*.
     #
     #
     #
@@ -2052,7 +2146,7 @@ module Aws::CloudFront
     #             iam_certificate_id: "string",
     #             acm_certificate_arn: "string",
     #             ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
-    #             minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
+    #             minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
     #             certificate: "string",
     #             certificate_source: "cloudfront", # accepts cloudfront, iam, acm
     #           },
@@ -2348,7 +2442,7 @@ module Aws::CloudFront
     #               iam_certificate_id: "string",
     #               acm_certificate_arn: "string",
     #               ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
-    #               minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
+    #               minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
     #               certificate: "string",
     #               certificate_source: "cloudfront", # accepts cloudfront, iam, acm
     #             },
@@ -3458,14 +3552,14 @@ module Aws::CloudFront
     # @!attribute [rw] trusted_signers
     #   We recommend using `TrustedKeyGroups` instead of `TrustedSigners`.
     #
-    #   A list of AWS account IDs whose public keys CloudFront can use to
+    #   A list of account IDs whose public keys CloudFront can use to
     #   validate signed URLs or signed cookies.
     #
     #   When a cache behavior contains trusted signers, CloudFront requires
     #   signed URLs or signed cookies for all requests that match the cache
     #   behavior. The URLs or cookies must be signed with the private key of
-    #   a CloudFront key pair in a trusted signer’s AWS account. The signed
-    #   URL or cookie contains information about which public key CloudFront
+    #   a CloudFront key pair in a trusted signer’s account. The signed URL
+    #   or cookie contains information about which public key CloudFront
     #   should use to verify the signature. For more information, see
     #   [Serving private content][1] in the *Amazon CloudFront Developer
     #   Guide*.
@@ -3570,7 +3664,7 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] lambda_function_associations
-    #   A complex type that contains zero or more Lambda function
+    #   A complex type that contains zero or more Lambda@Edge function
     #   associations for a cache behavior.
     #   @return [Types::LambdaFunctionAssociations]
     #
@@ -4164,7 +4258,7 @@ module Aws::CloudFront
     # @!attribute [rw] arn
     #   The ARN (Amazon Resource Name) for the distribution. For example:
     #   `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
-    #   where `123456789012` is your AWS account ID.
+    #   where `123456789012` is your account ID.
     #   @return [String]
     #
     # @!attribute [rw] status
@@ -4191,8 +4285,8 @@ module Aws::CloudFront
     #
     #   CloudFront automatically adds this field to the response if you’ve
     #   configured a cache behavior in this distribution to serve private
-    #   content using trusted signers. This field contains a list of AWS
-    #   account IDs and the active CloudFront key pairs in each account that
+    #   content using trusted signers. This field contains a list of account
+    #   IDs and the active CloudFront key pairs in each account that
     #   CloudFront can use to verify the signatures of signed URLs or signed
     #   cookies.
     #   @return [Types::ActiveTrustedSigners]
@@ -4212,14 +4306,15 @@ module Aws::CloudFront
     #   @return [Types::DistributionConfig]
     #
     # @!attribute [rw] alias_icp_recordals
-    #   AWS services in China customers must file for an Internet Content
-    #   Provider (ICP) recordal if they want to serve content publicly on an
-    #   alternate domain name, also known as a CNAME, that they've added to
-    #   CloudFront. AliasICPRecordal provides the ICP recordal status for
-    #   CNAMEs associated with distributions.
+    #   Amazon Web Services services in China customers must file for an
+    #   Internet Content Provider (ICP) recordal if they want to serve
+    #   content publicly on an alternate domain name, also known as a CNAME,
+    #   that they've added to CloudFront. AliasICPRecordal provides the ICP
+    #   recordal status for CNAMEs associated with distributions.
     #
     #   For more information about ICP recordals, see [ Signup, Accounts,
-    #   and Credentials][1] in *Getting Started with AWS services in China*.
+    #   and Credentials][1] in *Getting Started with Amazon Web Services
+    #   services in China*.
     #
     #
     #
@@ -4497,7 +4592,7 @@ module Aws::CloudFront
     #           iam_certificate_id: "string",
     #           acm_certificate_arn: "string",
     #           ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
-    #           minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
+    #           minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
     #           certificate: "string",
     #           certificate_source: "cloudfront", # accepts cloudfront, iam, acm
     #         },
@@ -4656,22 +4751,22 @@ module Aws::CloudFront
     #   @return [Types::Restrictions]
     #
     # @!attribute [rw] web_acl_id
-    #   A unique identifier that specifies the AWS WAF web ACL, if any, to
+    #   A unique identifier that specifies the WAF web ACL, if any, to
     #   associate with this distribution. To specify a web ACL created using
-    #   the latest version of AWS WAF, use the ACL ARN, for example
+    #   the latest version of WAF, use the ACL ARN, for example
     #   `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`.
-    #   To specify a web ACL created using AWS WAF Classic, use the ACL ID,
-    #   for example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
+    #   To specify a web ACL created using WAF Classic, use the ACL ID, for
+    #   example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
     #
-    #   AWS WAF is a web application firewall that lets you monitor the HTTP
-    #   and HTTPS requests that are forwarded to CloudFront, and lets you
+    #   WAF is a web application firewall that lets you monitor the HTTP and
+    #   HTTPS requests that are forwarded to CloudFront, and lets you
     #   control access to your content. Based on conditions that you
     #   specify, such as the IP addresses that requests originate from or
     #   the values of query strings, CloudFront responds to requests either
     #   with the requested content or with an HTTP 403 status code
     #   (Forbidden). You can also configure CloudFront to return a custom
-    #   error page when a request is blocked. For more information about AWS
-    #   WAF, see the [AWS WAF Developer Guide][1].
+    #   error page when a request is blocked. For more information about
+    #   WAF, see the [WAF Developer Guide][1].
     #
     #
     #
@@ -4712,23 +4807,24 @@ module Aws::CloudFront
     #   more information, see [Creating a Signed URL Using a Custom
     #   Policy][1] in the *Amazon CloudFront Developer Guide*.
     #
-    #   If you're using an Amazon Route 53 alias resource record set to
-    #   route traffic to your CloudFront distribution, you need to create a
-    #   second alias resource record set when both of the following are
-    #   true:
+    #   If you're using an Route 53 Amazon Web Services Integration alias
+    #   resource record set to route traffic to your CloudFront
+    #   distribution, you need to create a second alias resource record set
+    #   when both of the following are true:
     #
     #   * You enable IPv6 for the distribution
     #
     #   * You're using alternate domain names in the URLs for your objects
     #
     #   For more information, see [Routing Traffic to an Amazon CloudFront
-    #   Web Distribution by Using Your Domain Name][2] in the *Amazon Route
-    #   53 Developer Guide*.
+    #   Web Distribution by Using Your Domain Name][2] in the *Route 53
+    #   Amazon Web Services Integration Developer Guide*.
     #
-    #   If you created a CNAME resource record set, either with Amazon Route
-    #   53 or with another DNS service, you don't need to make any changes.
-    #   A CNAME record will route traffic to your distribution regardless of
-    #   the IP address format of the viewer request.
+    #   If you created a CNAME resource record set, either with Route 53
+    #   Amazon Web Services Integration or with another DNS service, you
+    #   don't need to make any changes. A CNAME record will route traffic
+    #   to your distribution regardless of the IP address format of the
+    #   viewer request.
     #
     #
     #
@@ -5002,7 +5098,7 @@ module Aws::CloudFront
     #             iam_certificate_id: "string",
     #             acm_certificate_arn: "string",
     #             ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
-    #             minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
+    #             minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
     #             certificate: "string",
     #             certificate_source: "cloudfront", # accepts cloudfront, iam, acm
     #           },
@@ -5112,13 +5208,13 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] quantity
-    #   The number of distributions that were created by the current AWS
+    #   The number of distributions that were created by the current
     #   account.
     #   @return [Integer]
     #
     # @!attribute [rw] items
     #   A complex type that contains one `DistributionSummary` element for
-    #   each distribution that was created by the current AWS account.
+    #   each distribution that was created by the current account.
     #   @return [Array<Types::DistributionSummary>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DistributionList AWS API Documentation
@@ -5157,7 +5253,7 @@ module Aws::CloudFront
     # @!attribute [rw] arn
     #   The ARN (Amazon Resource Name) for the distribution. For example:
     #   `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
-    #   where `123456789012` is your AWS account ID.
+    #   where `123456789012` is your account ID.
     #   @return [String]
     #
     # @!attribute [rw] status
@@ -5247,14 +5343,15 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] alias_icp_recordals
-    #   AWS services in China customers must file for an Internet Content
-    #   Provider (ICP) recordal if they want to serve content publicly on an
-    #   alternate domain name, also known as a CNAME, that they've added to
-    #   CloudFront. AliasICPRecordal provides the ICP recordal status for
-    #   CNAMEs associated with distributions.
+    #   Amazon Web Services services in China customers must file for an
+    #   Internet Content Provider (ICP) recordal if they want to serve
+    #   content publicly on an alternate domain name, also known as a CNAME,
+    #   that they've added to CloudFront. AliasICPRecordal provides the ICP
+    #   recordal status for CNAMEs associated with distributions.
     #
     #   For more information about ICP recordals, see [ Signup, Accounts,
-    #   and Credentials][1] in *Getting Started with AWS services in China*.
+    #   and Credentials][1] in *Getting Started with Amazon Web Services
+    #   services in China*.
     #
     #
     #
@@ -5991,7 +6088,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A function with the same name already exists in this AWS account. To
+    # A function with the same name already exists in this account. To
     # create a function, you must provide a unique name. To update an
     # existing function, use `UpdateFunction`.
     #
@@ -7357,7 +7454,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # The specified Lambda function association is invalid.
+    # The specified Lambda@Edge function association is invalid.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -7559,10 +7656,10 @@ module Aws::CloudFront
     end
 
     # A web ACL ID specified is not valid. To specify a web ACL created
-    # using the latest version of AWS WAF, use the ACL ARN, for example
+    # using the latest version of WAF, use the ACL ARN, for example
     # `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`.
-    # To specify a web ACL created using AWS WAF Classic, use the ACL ID,
-    # for example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
+    # To specify a web ACL created using WAF Classic, use the ACL ID, for
+    # example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -7692,12 +7789,12 @@ module Aws::CloudFront
     #
     # @!attribute [rw] quantity
     #   The number of invalidation batches that were created by the current
-    #   AWS account.
+    #   account.
     #   @return [Integer]
     #
     # @!attribute [rw] items
     #   A complex type that contains one `InvalidationSummary` element for
-    #   each invalidation batch created by the current AWS account.
+    #   each invalidation batch created by the current account.
     #   @return [Array<Types::InvalidationSummary>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/InvalidationList AWS API Documentation
@@ -7920,9 +8017,9 @@ module Aws::CloudFront
     #       }
     #
     # @!attribute [rw] role_arn
-    #   The Amazon Resource Name (ARN) of an AWS Identity and Access
-    #   Management (IAM) role that CloudFront can use to send real-time log
-    #   data to your Kinesis data stream.
+    #   The Amazon Resource Name (ARN) of an Identity and Access Management
+    #   (IAM) role that CloudFront can use to send real-time log data to
+    #   your Kinesis data stream.
     #
     #   For more information the IAM role, see [Real-time log configuration
     #   IAM role][1] in the *Amazon CloudFront Developer Guide*.
@@ -7946,7 +8043,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A complex type that contains a Lambda function association.
+    # A complex type that contains a Lambda@Edge function association.
     #
     # @note When making an API call, you may pass LambdaFunctionAssociation
     #   data as a hash:
@@ -7958,13 +8055,13 @@ module Aws::CloudFront
     #       }
     #
     # @!attribute [rw] lambda_function_arn
-    #   The ARN of the Lambda function. You must specify the ARN of a
-    #   function version; you can't specify a Lambda alias or $LATEST.
+    #   The ARN of the Lambda@Edge function. You must specify the ARN of a
+    #   function version; you can't specify an alias or $LATEST.
     #   @return [String]
     #
     # @!attribute [rw] event_type
-    #   Specifies the event type that triggers a Lambda function invocation.
-    #   You can specify the following values:
+    #   Specifies the event type that triggers a Lambda@Edge function
+    #   invocation. You can specify the following values:
     #
     #   * `viewer-request`\: The function executes when CloudFront receives
     #     a request from a viewer and before it checks to see whether the
@@ -7988,9 +8085,9 @@ module Aws::CloudFront
     #   @return [String]
     #
     # @!attribute [rw] include_body
-    #   A flag that allows a Lambda function to have read access to the body
-    #   content. For more information, see [Accessing the Request Body by
-    #   Choosing the Include Body Option][1] in the Amazon CloudFront
+    #   A flag that allows a Lambda@Edge function to have read access to the
+    #   body content. For more information, see [Accessing the Request Body
+    #   by Choosing the Include Body Option][1] in the Amazon CloudFront
     #   Developer Guide.
     #
     #
@@ -8008,18 +8105,19 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A complex type that specifies a list of Lambda functions associations
-    # for a cache behavior.
+    # A complex type that specifies a list of Lambda@Edge functions
+    # associations for a cache behavior.
     #
-    # If you want to invoke one or more Lambda functions triggered by
+    # If you want to invoke one or more Lambda@Edge functions triggered by
     # requests that match the `PathPattern` of the cache behavior, specify
     # the applicable values for `Quantity` and `Items`. Note that there can
     # be up to 4 `LambdaFunctionAssociation` items in this list (one for
     # each possible value of `EventType`) and each `EventType` can be
-    # associated with the Lambda function only once.
+    # associated with only one function.
     #
-    # If you don't want to invoke any Lambda functions for the requests
-    # that match `PathPattern`, specify `0` for `Quantity` and omit `Items`.
+    # If you don't want to invoke any Lambda@Edge functions for the
+    # requests that match `PathPattern`, specify `0` for `Quantity` and omit
+    # `Items`.
     #
     # @note When making an API call, you may pass LambdaFunctionAssociations
     #   data as a hash:
@@ -8036,7 +8134,8 @@ module Aws::CloudFront
     #       }
     #
     # @!attribute [rw] quantity
-    #   The number of Lambda function associations for this cache behavior.
+    #   The number of Lambda@Edge function associations for this cache
+    #   behavior.
     #   @return [Integer]
     #
     # @!attribute [rw] items
@@ -8067,9 +8166,10 @@ module Aws::CloudFront
     #   A filter to return only the specified kinds of cache policies. Valid
     #   values are:
     #
-    #   * `managed` – Returns only the managed policies created by AWS.
+    #   * `managed` – Returns only the managed policies created by Amazon
+    #     Web Services.
     #
-    #   * `custom` – Returns only the custom policies created in your AWS
+    #   * `custom` – Returns only the custom policies created in your
     #     account.
     #   @return [String]
     #
@@ -8154,6 +8254,61 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
+    # @note When making an API call, you may pass ListConflictingAliasesRequest
+    #   data as a hash:
+    #
+    #       {
+    #         distribution_id: "distributionIdString", # required
+    #         alias: "aliasString", # required
+    #         marker: "string",
+    #         max_items: 1,
+    #       }
+    #
+    # @!attribute [rw] distribution_id
+    #   The ID of a distribution in your account that has an attached
+    #   SSL/TLS certificate that includes the provided alias.
+    #   @return [String]
+    #
+    # @!attribute [rw] alias
+    #   The alias (also called a CNAME) to search for conflicting aliases.
+    #   @return [String]
+    #
+    # @!attribute [rw] marker
+    #   Use this field when paginating results to indicate where to begin in
+    #   the list of conflicting aliases. The response includes conflicting
+    #   aliases in the list that occur after the marker. To get the next
+    #   page of the list, set this field’s value to the value of
+    #   `NextMarker` from the current page’s response.
+    #   @return [String]
+    #
+    # @!attribute [rw] max_items
+    #   The maximum number of conflicting aliases that you want in the
+    #   response.
+    #   @return [Integer]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListConflictingAliasesRequest AWS API Documentation
+    #
+    class ListConflictingAliasesRequest < Struct.new(
+      :distribution_id,
+      :alias,
+      :marker,
+      :max_items)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
+    # @!attribute [rw] conflicting_aliases_list
+    #   A list of conflicting aliases.
+    #   @return [Types::ConflictingAliasesList]
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListConflictingAliasesResult AWS API Documentation
+    #
+    class ListConflictingAliasesResult < Struct.new(
+      :conflicting_aliases_list)
+      SENSITIVE = []
+      include Aws::Structure
+    end
+
     # @note When making an API call, you may pass ListDistributionsByCachePolicyIdRequest
     #   data as a hash:
     #
@@ -8357,7 +8512,7 @@ module Aws::CloudFront
     end
 
     # The request to list distributions that are associated with a specified
-    # AWS WAF web ACL.
+    # WAF web ACL.
     #
     # @note When making an API call, you may pass ListDistributionsByWebACLIdRequest
     #   data as a hash:
@@ -8384,7 +8539,7 @@ module Aws::CloudFront
     #   @return [Integer]
     #
     # @!attribute [rw] web_acl_id
-    #   The ID of the AWS WAF web ACL that you want to list the associated
+    #   The ID of the WAF web ACL that you want to list the associated
     #   distributions. If you specify "null" for the ID, the request
     #   returns a list of the distributions that aren't associated with a
     #   web ACL.
@@ -8401,7 +8556,7 @@ module Aws::CloudFront
     end
 
     # The response to a request to list the distributions that are
-    # associated with a specified AWS WAF web ACL.
+    # associated with a specified WAF web ACL.
     #
     # @!attribute [rw] distribution_list
     #   The `DistributionList` type.
@@ -8705,9 +8860,10 @@ module Aws::CloudFront
     #   A filter to return only the specified kinds of origin request
     #   policies. Valid values are:
     #
-    #   * `managed` – Returns only the managed policies created by AWS.
+    #   * `managed` – Returns only the managed policies created by Amazon
+    #     Web Services.
     #
-    #   * `custom` – Returns only the custom policies created in your AWS
+    #   * `custom` – Returns only the custom policies created in your
     #     account.
     #   @return [String]
     #
@@ -9909,8 +10065,8 @@ module Aws::CloudFront
     # Contains an origin request policy.
     #
     # @!attribute [rw] type
-    #   The type of origin request policy, either `managed` (created by AWS)
-    #   or `custom` (created in this AWS account).
+    #   The type of origin request policy, either `managed` (created by
+    #   Amazon Web Services) or `custom` (created in this account).
     #   @return [String]
     #
     # @!attribute [rw] origin_request_policy
@@ -9954,17 +10110,17 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] origin_shield_region
-    #   The AWS Region for Origin Shield.
+    #   The Region for Origin Shield.
     #
-    #   Specify the AWS Region that has the lowest latency to your origin.
-    #   To specify a region, use the region code, not the region name. For
+    #   Specify the Region that has the lowest latency to your origin. To
+    #   specify a region, use the region code, not the region name. For
     #   example, specify the US East (Ohio) region as `us-east-2`.
     #
-    #   When you enable CloudFront Origin Shield, you must specify the AWS
-    #   Region for Origin Shield. For the list of AWS Regions that you can
+    #   When you enable CloudFront Origin Shield, you must specify the
+    #   Region for Origin Shield. For the list of Regions that you can
     #   specify, and for help choosing the best Region for your origin, see
-    #   [Choosing the AWS Region for Origin Shield][1] in the *Amazon
-    #   CloudFront Developer Guide*.
+    #   [Choosing the Region for Origin Shield][1] in the *Amazon CloudFront
+    #   Developer Guide*.
     #
     #
     #
@@ -10761,7 +10917,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # The specified real-time log configuration belongs to a different AWS
+    # The specified real-time log configuration belongs to a different
     # account.
     #
     # @!attribute [rw] message
@@ -10980,16 +11136,16 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A list of AWS accounts and the active CloudFront key pairs in each
-    # account that CloudFront can use to verify the signatures of signed
-    # URLs and signed cookies.
+    # A list of accounts and the active CloudFront key pairs in each account
+    # that CloudFront can use to verify the signatures of signed URLs and
+    # signed cookies.
     #
     # @!attribute [rw] aws_account_number
-    #   An AWS account number that contains active CloudFront key pairs that
+    #   An account number that contains active CloudFront key pairs that
     #   CloudFront can use to verify the signatures of signed URLs and
-    #   signed cookies. If the AWS account that owns the key pairs is the
-    #   same account that owns the CloudFront distribution, the value of
-    #   this field is `self`.
+    #   signed cookies. If the account that owns the key pairs is the same
+    #   account that owns the CloudFront distribution, the value of this
+    #   field is `self`.
     #   @return [String]
     #
     # @!attribute [rw] key_pair_ids
@@ -11046,7 +11202,7 @@ module Aws::CloudFront
     # @!attribute [rw] arn
     #   The ARN (Amazon Resource Name) for the distribution. For example:
     #   `arn:aws:cloudfront::123456789012:distribution/EDFDVBD632BHDS5`,
-    #   where `123456789012` is your AWS account ID.
+    #   where `123456789012` is your account ID.
     #   @return [String]
     #
     # @!attribute [rw] status
@@ -11065,17 +11221,17 @@ module Aws::CloudFront
     #   @return [String]
     #
     # @!attribute [rw] active_trusted_signers
-    #   A complex type that lists the AWS accounts, if any, that you
-    #   included in the `TrustedSigners` complex type for this distribution.
-    #   These are the accounts that you want to allow to create signed URLs
-    #   for private content.
-    #
-    #   The `Signer` complex type lists the AWS account number of the
-    #   trusted signer or `self` if the signer is the AWS account that
-    #   created the distribution. The `Signer` element also includes the IDs
-    #   of any active CloudFront key pairs that are associated with the
-    #   trusted signer's AWS account. If no `KeyPairId` element appears for
-    #   a `Signer`, that signer can't create signed URLs.
+    #   A complex type that lists the accounts, if any, that you included in
+    #   the `TrustedSigners` complex type for this distribution. These are
+    #   the accounts that you want to allow to create signed URLs for
+    #   private content.
+    #
+    #   The `Signer` complex type lists the account number of the trusted
+    #   signer or `self` if the signer is the account that created the
+    #   distribution. The `Signer` element also includes the IDs of any
+    #   active CloudFront key pairs that are associated with the trusted
+    #   signer's account. If no `KeyPairId` element appears for a `Signer`,
+    #   that signer can't create signed URLs.
     #
     #   For more information, see [Serving Private Content through
     #   CloudFront][1] in the *Amazon CloudFront Developer Guide*.
@@ -11181,8 +11337,8 @@ module Aws::CloudFront
     #   @return [Types::StreamingLoggingConfig]
     #
     # @!attribute [rw] trusted_signers
-    #   A complex type that specifies any AWS accounts that you want to
-    #   permit to create signed URLs for private content. If you want the
+    #   A complex type that specifies any accounts that you want to permit
+    #   to create signed URLs for private content. If you want the
     #   distribution to use signed URLs, include this element; if you want
     #   the distribution to use public URLs, remove this element. For more
     #   information, see [Serving Private Content through CloudFront][1] in
@@ -11301,12 +11457,12 @@ module Aws::CloudFront
     #
     # @!attribute [rw] quantity
     #   The number of streaming distributions that were created by the
-    #   current AWS account.
+    #   current account.
     #   @return [Integer]
     #
     # @!attribute [rw] items
     #   A complex type that contains one `StreamingDistributionSummary`
-    #   element for each distribution that was created by the current AWS
+    #   element for each distribution that was created by the current
     #   account.
     #   @return [Array<Types::StreamingDistributionSummary>]
     #
@@ -11347,7 +11503,7 @@ module Aws::CloudFront
     #   The ARN (Amazon Resource Name) for the streaming distribution. For
     #   example:
     #   `arn:aws:cloudfront::123456789012:streaming-distribution/EDFDVBD632BHDS5`,
-    #   where `123456789012` is your AWS account ID.
+    #   where `123456789012` is your account ID.
     #   @return [String]
     #
     # @!attribute [rw] status
@@ -11377,9 +11533,9 @@ module Aws::CloudFront
     #   @return [Types::Aliases]
     #
     # @!attribute [rw] trusted_signers
-    #   A complex type that specifies the AWS accounts, if any, that you
-    #   want to allow to create signed URLs for private content. If you want
-    #   to require signed URLs in requests for objects in the target origin
+    #   A complex type that specifies the accounts, if any, that you want to
+    #   allow to create signed URLs for private content. If you want to
+    #   require signed URLs in requests for objects in the target origin
     #   that match the `PathPattern` for this cache behavior, specify `true`
     #   for `Enabled`, and specify the applicable values for `Quantity` and
     #   `Items`.If you don't want to require signed URLs in requests for
@@ -11722,7 +11878,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # You have reached the maximum number of cache policies for this AWS
+    # You have reached the maximum number of cache policies for this
     # account. For more information, see [Quotas][1] (formerly known as
     # limits) in the *Amazon CloudFront Developer Guide*.
     #
@@ -11939,7 +12095,7 @@ module Aws::CloudFront
     end
 
     # Processing your request would cause the maximum number of
-    # distributions with Lambda function associations per owner to be
+    # distributions with Lambda@Edge function associations per owner to be
     # exceeded.
     #
     # @!attribute [rw] message
@@ -11954,7 +12110,7 @@ module Aws::CloudFront
     end
 
     # The maximum number of distributions have been associated with the
-    # specified Lambda function.
+    # specified Lambda@Edge function.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -12072,7 +12228,7 @@ module Aws::CloudFront
     end
 
     # You have reached the maximum number of CloudFront functions for this
-    # AWS account. For more information, see [Quotas][1] (formerly known as
+    # account. For more information, see [Quotas][1] (formerly known as
     # limits) in the *Amazon CloudFront Developer Guide*.
     #
     #
@@ -12155,9 +12311,9 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # You have reached the maximum number of key groups for this AWS
-    # account. For more information, see [Quotas][1] (formerly known as
-    # limits) in the *Amazon CloudFront Developer Guide*.
+    # You have reached the maximum number of key groups for this account.
+    # For more information, see [Quotas][1] (formerly known as limits) in
+    # the *Amazon CloudFront Developer Guide*.
     #
     #
     #
@@ -12193,7 +12349,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # Your request contains more Lambda function associations than are
+    # Your request contains more Lambda@Edge function associations than are
     # allowed per distribution.
     #
     # @!attribute [rw] message
@@ -12235,8 +12391,8 @@ module Aws::CloudFront
     end
 
     # You have reached the maximum number of origin request policies for
-    # this AWS account. For more information, see [Quotas][1] (formerly
-    # known as limits) in the *Amazon CloudFront Developer Guide*.
+    # this account. For more information, see [Quotas][1] (formerly known as
+    # limits) in the *Amazon CloudFront Developer Guide*.
     #
     #
     #
@@ -12351,7 +12507,7 @@ module Aws::CloudFront
     end
 
     # You have reached the maximum number of real-time log configurations
-    # for this AWS account. For more information, see [Quotas][1] (formerly
+    # for this account. For more information, see [Quotas][1] (formerly
     # known as limits) in the *Amazon CloudFront Developer Guide*.
     #
     #
@@ -12472,8 +12628,8 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A list of AWS accounts whose public keys CloudFront can use to verify
-    # the signatures of signed URLs and signed cookies.
+    # A list of accounts whose public keys CloudFront can use to verify the
+    # signatures of signed URLs and signed cookies.
     #
     # @note When making an API call, you may pass TrustedSigners
     #   data as a hash:
@@ -12485,17 +12641,17 @@ module Aws::CloudFront
     #       }
     #
     # @!attribute [rw] enabled
-    #   This field is `true` if any of the AWS accounts have public keys
-    #   that CloudFront can use to verify the signatures of signed URLs and
+    #   This field is `true` if any of the accounts have public keys that
+    #   CloudFront can use to verify the signatures of signed URLs and
     #   signed cookies. If not, this field is `false`.
     #   @return [Boolean]
     #
     # @!attribute [rw] quantity
-    #   The number of AWS accounts in the list.
+    #   The number of accounts in the list.
     #   @return [Integer]
     #
     # @!attribute [rw] items
-    #   A list of AWS account identifiers.
+    #   A list of account identifiers.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/TrustedSigners AWS API Documentation
@@ -12931,7 +13087,7 @@ module Aws::CloudFront
     #             iam_certificate_id: "string",
     #             acm_certificate_arn: "string",
     #             ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
-    #             minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
+    #             minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
     #             certificate: "string",
     #             certificate_source: "cloudfront", # accepts cloudfront, iam, acm
     #           },
@@ -13570,9 +13726,9 @@ module Aws::CloudFront
     #   value for `MinimumProtocolVersion`. For more information, see
     #   [Security Policy][2] in the *Amazon CloudFront Developer Guide*.
     #
-    # * The location of the SSL/TLS certificate, [AWS Certificate Manager
-    #   (ACM)][3] (recommended) or [AWS Identity and Access Management (AWS
-    #   IAM)][4]. You specify the location by setting a value in one of the
+    # * The location of the SSL/TLS certificate, [Certificate Manager
+    #   (ACM)][3] (recommended) or [Identity and Access Management
+    #   (IAM)][4]. You specify the location by setting a value in one of the
     #   following fields (not both):
     #
     #   * `ACMCertificateArn`
@@ -13606,7 +13762,7 @@ module Aws::CloudFront
     #         iam_certificate_id: "string",
     #         acm_certificate_arn: "string",
     #         ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
-    #         minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019
+    #         minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
     #         certificate: "string",
     #         certificate_source: "cloudfront", # accepts cloudfront, iam, acm
     #       }
@@ -13629,9 +13785,8 @@ module Aws::CloudFront
     #
     # @!attribute [rw] iam_certificate_id
     #   If the distribution uses `Aliases` (alternate domain names or
-    #   CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and
-    #   Access Management (AWS IAM)][1], provide the ID of the IAM
-    #   certificate.
+    #   CNAMEs) and the SSL/TLS certificate is stored in [Identity and
+    #   Access Management (IAM)][1], provide the ID of the IAM certificate.
     #
     #   If you specify an IAM certificate ID, you must also specify values
     #   for `MinimumProtocolVersion` and `SSLSupportMethod`.
@@ -13643,7 +13798,7 @@ module Aws::CloudFront
     #
     # @!attribute [rw] acm_certificate_arn
     #   If the distribution uses `Aliases` (alternate domain names or
-    #   CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate
+    #   CNAMEs) and the SSL/TLS certificate is stored in [Certificate
     #   Manager (ACM)][1], provide the Amazon Resource Name (ARN) of the ACM
     #   certificate. CloudFront only supports ACM certificates in the US
     #   East (N. Virginia) Region (`us-east-1`).
@@ -13673,8 +13828,8 @@ module Aws::CloudFront
     #   * `static-ip` - Do not specify this value unless your distribution
     #     has been enabled for this feature by the CloudFront team. If you
     #     have a use case that requires static IP addresses for a
-    #     distribution, contact CloudFront through the [AWS Support
-    #     Center][2].
+    #     distribution, contact CloudFront through the [Amazon Web Services
+    #     Support Center][2].
     #
     #   If the distribution uses the CloudFront domain name such as
     #   `d111111abcdef8.cloudfront.net`, don’t set a value for this field.