aws-sdk-cloudfront 1.60.0 → 1.83.0

data/lib/aws-sdk-cloudfront/client.rb

@@ -27,7 +27,11 @@ require 'aws-sdk-core/plugins/client_metrics_plugin.rb'
 require 'aws-sdk-core/plugins/client_metrics_send_plugin.rb'
 require 'aws-sdk-core/plugins/transfer_encoding.rb'
 require 'aws-sdk-core/plugins/http_checksum.rb'
-require 'aws-sdk-core/plugins/signature_v4.rb'
+require 'aws-sdk-core/plugins/checksum_algorithm.rb'
+require 'aws-sdk-core/plugins/request_compression.rb'
+require 'aws-sdk-core/plugins/defaults_mode.rb'
+require 'aws-sdk-core/plugins/recursion_detection.rb'
+require 'aws-sdk-core/plugins/sign.rb'
 require 'aws-sdk-core/plugins/protocols/rest_xml.rb'
 
 Aws::Plugins::GlobalConfiguration.add_identifier(:cloudfront)
@@ -73,8 +77,13 @@ module Aws::CloudFront
     add_plugin(Aws::Plugins::ClientMetricsSendPlugin)
     add_plugin(Aws::Plugins::TransferEncoding)
     add_plugin(Aws::Plugins::HttpChecksum)
-    add_plugin(Aws::Plugins::SignatureV4)
+    add_plugin(Aws::Plugins::ChecksumAlgorithm)
+    add_plugin(Aws::Plugins::RequestCompression)
+    add_plugin(Aws::Plugins::DefaultsMode)
+    add_plugin(Aws::Plugins::RecursionDetection)
+    add_plugin(Aws::Plugins::Sign)
     add_plugin(Aws::Plugins::Protocols::RestXml)
+    add_plugin(Aws::CloudFront::Plugins::Endpoints)
 
     # @overload initialize(options)
     #   @param [Hash] options
@@ -175,10 +184,18 @@ module Aws::CloudFront
     #     Used only in `standard` and adaptive retry modes. Specifies whether to apply
     #     a clock skew correction and retry requests with skewed client clocks.
     #
+    #   @option options [String] :defaults_mode ("legacy")
+    #     See {Aws::DefaultsModeConfiguration} for a list of the
+    #     accepted modes and the configuration defaults that are included.
+    #
     #   @option options [Boolean] :disable_host_prefix_injection (false)
     #     Set to true to disable SDK automatically adding host prefix
     #     to default service endpoint when available.
     #
+    #   @option options [Boolean] :disable_request_compression (false)
+    #     When set to 'true' the request body will not be compressed
+    #     for supported operations.
+    #
     #   @option options [String] :endpoint
     #     The client endpoint is normally constructed from the `:region`
     #     option. You should only configure an `:endpoint` when connecting
@@ -199,6 +216,10 @@ module Aws::CloudFront
     #   @option options [Boolean] :endpoint_discovery (false)
     #     When set to `true`, endpoint discovery will be enabled for operations when available.
     #
+    #   @option options [Boolean] :ignore_configured_endpoint_urls
+    #     Setting to true disables use of endpoint URLs provided via environment
+    #     variables and the shared configuration file.
+    #
     #   @option options [Aws::Log::Formatter] :log_formatter (Aws::Log::Formatter.default)
     #     The log formatter.
     #
@@ -219,6 +240,11 @@ module Aws::CloudFront
     #     Used when loading credentials from the shared credentials file
     #     at HOME/.aws/credentials.  When not specified, 'default' is used.
     #
+    #   @option options [Integer] :request_min_compression_size_bytes (10240)
+    #     The minimum size in bytes that triggers compression for request
+    #     bodies. The value must be non-negative integer value between 0
+    #     and 10485780 bytes inclusive.
+    #
     #   @option options [Proc] :retry_backoff
     #     A proc or lambda used for backoff. Defaults to 2**retries * retry_base_delay.
     #     This option is only used in the `legacy` retry mode.
@@ -264,6 +290,11 @@ module Aws::CloudFront
     #       in the future.
     #
     #
+    #   @option options [String] :sdk_ua_app_id
+    #     A unique and opaque application ID that is appended to the
+    #     User-Agent header as app/<sdk_ua_app_id>. It should have a
+    #     maximum length of 50.
+    #
     #   @option options [String] :secret_access_key
     #
     #   @option options [String] :session_token
@@ -277,6 +308,19 @@ module Aws::CloudFront
     #     ** Please note ** When response stubbing is enabled, no HTTP
     #     requests are made, and retries are disabled.
     #
+    #   @option options [Aws::TokenProvider] :token_provider
+    #     A Bearer Token Provider. This can be an instance of any one of the
+    #     following classes:
+    #
+    #     * `Aws::StaticTokenProvider` - Used for configuring static, non-refreshing
+    #       tokens.
+    #
+    #     * `Aws::SSOTokenProvider` - Used for loading tokens from AWS SSO using an
+    #       access token generated from `aws login`.
+    #
+    #     When `:token_provider` is not configured directly, the `Aws::TokenProviderChain`
+    #     will be used to search for tokens configured for your profile in shared configuration files.
+    #
     #   @option options [Boolean] :use_dualstack_endpoint
     #     When set to `true`, dualstack enabled endpoints (with `.aws` TLD)
     #     will be used if available.
@@ -290,6 +334,9 @@ module Aws::CloudFront
     #     When `true`, request parameters are validated before
     #     sending the request.
     #
+    #   @option options [Aws::CloudFront::EndpointProvider] :endpoint_provider
+    #     The endpoint provider used to resolve endpoints. Any object that responds to `#resolve_endpoint(parameters)` where `parameters` is a Struct similar to `Aws::CloudFront::EndpointParameters`
+    #
     #   @option options [URI::HTTP,String] :http_proxy A proxy to send
     #     requests through.  Formatted like 'http://proxy.com:123'.
     #
@@ -297,7 +344,7 @@ module Aws::CloudFront
     #     seconds to wait when opening a HTTP session before raising a
     #     `Timeout::Error`.
     #
-    #   @option options [Integer] :http_read_timeout (60) The default
+    #   @option options [Float] :http_read_timeout (60) The default
     #     number of seconds to wait for response data.  This value can
     #     safely be set per-request on the session.
     #
@@ -313,6 +360,9 @@ module Aws::CloudFront
     #     disables this behaviour.  This value can safely be set per
     #     request on the session.
     #
+    #   @option options [Float] :ssl_timeout (nil) Sets the SSL timeout
+    #     in seconds.
+    #
     #   @option options [Boolean] :http_wire_trace (false) When `true`,
     #     HTTP debug output will be sent to the `:logger`.
     #
@@ -341,7 +391,7 @@ module Aws::CloudFront
     # Associates an alias (also known as a CNAME or an alternate domain
     # name) with a CloudFront distribution.
     #
-    # With this operation you can move an alias that’s already in use on a
+    # With this operation you can move an alias that's already in use on a
     # CloudFront distribution to a different distribution in one step. This
     # prevents the downtime that could occur if you first remove the alias
     # from one distribution and then separately add the alias to another
@@ -359,7 +409,7 @@ module Aws::CloudFront
     # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-move
     #
     # @option params [required, String] :target_distribution_id
-    #   The ID of the distribution that you’re associating the alias with.
+    #   The ID of the distribution that you're associating the alias with.
     #
     # @option params [required, String] :alias
     #   The alias (also known as a CNAME) to add to the target distribution.
@@ -382,10 +432,275 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Creates a staging distribution using the configuration of the provided
+    # primary distribution. A staging distribution is a copy of an existing
+    # distribution (called the primary distribution) that you can use in a
+    # continuous deployment workflow.
+    #
+    # After you create a staging distribution, you can use
+    # `UpdateDistribution` to modify the staging distribution's
+    # configuration. Then you can use `CreateContinuousDeploymentPolicy` to
+    # incrementally move traffic to the staging distribution.
+    #
+    # This API operation requires the following IAM permissions:
+    #
+    # * [GetDistribution][1]
+    #
+    # * [CreateDistribution][2]
+    #
+    # * [CopyDistribution][3]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistribution.html
+    # [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html
+    # [3]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CopyDistribution.html
+    #
+    # @option params [required, String] :primary_distribution_id
+    #   The identifier of the primary distribution whose configuration you are
+    #   copying. To get a distribution ID, use `ListDistributions`.
+    #
+    # @option params [Boolean] :staging
+    #   The type of distribution that your primary distribution will be copied
+    #   to. The only valid value is `True`, indicating that you are copying to
+    #   a staging distribution.
+    #
+    # @option params [String] :if_match
+    #   The version identifier of the primary distribution whose configuration
+    #   you are copying. This is the `ETag` value returned in the response to
+    #   `GetDistribution` and `GetDistributionConfig`.
+    #
+    # @option params [required, String] :caller_reference
+    #   A value that uniquely identifies a request to create a resource. This
+    #   helps to prevent CloudFront from creating a duplicate resource if you
+    #   accidentally resubmit an identical request.
+    #
+    # @option params [Boolean] :enabled
+    #   A Boolean flag to specify the state of the staging distribution when
+    #   it's created. When you set this value to `True`, the staging
+    #   distribution is enabled. When you set this value to `False`, the
+    #   staging distribution is disabled.
+    #
+    #   If you omit this field, the default value is `True`.
+    #
+    # @return [Types::CopyDistributionResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CopyDistributionResult#distribution #distribution} => Types::Distribution
+    #   * {Types::CopyDistributionResult#location #location} => String
+    #   * {Types::CopyDistributionResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.copy_distribution({
+    #     primary_distribution_id: "string", # required
+    #     staging: false,
+    #     if_match: "string",
+    #     caller_reference: "string", # required
+    #     enabled: false,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.distribution.id #=> String
+    #   resp.distribution.arn #=> String
+    #   resp.distribution.status #=> String
+    #   resp.distribution.last_modified_time #=> Time
+    #   resp.distribution.in_progress_invalidation_batches #=> Integer
+    #   resp.distribution.domain_name #=> String
+    #   resp.distribution.active_trusted_signers.enabled #=> Boolean
+    #   resp.distribution.active_trusted_signers.quantity #=> Integer
+    #   resp.distribution.active_trusted_signers.items #=> Array
+    #   resp.distribution.active_trusted_signers.items[0].aws_account_number #=> String
+    #   resp.distribution.active_trusted_signers.items[0].key_pair_ids.quantity #=> Integer
+    #   resp.distribution.active_trusted_signers.items[0].key_pair_ids.items #=> Array
+    #   resp.distribution.active_trusted_signers.items[0].key_pair_ids.items[0] #=> String
+    #   resp.distribution.active_trusted_key_groups.enabled #=> Boolean
+    #   resp.distribution.active_trusted_key_groups.quantity #=> Integer
+    #   resp.distribution.active_trusted_key_groups.items #=> Array
+    #   resp.distribution.active_trusted_key_groups.items[0].key_group_id #=> String
+    #   resp.distribution.active_trusted_key_groups.items[0].key_pair_ids.quantity #=> Integer
+    #   resp.distribution.active_trusted_key_groups.items[0].key_pair_ids.items #=> Array
+    #   resp.distribution.active_trusted_key_groups.items[0].key_pair_ids.items[0] #=> String
+    #   resp.distribution.distribution_config.caller_reference #=> String
+    #   resp.distribution.distribution_config.aliases.quantity #=> Integer
+    #   resp.distribution.distribution_config.aliases.items #=> Array
+    #   resp.distribution.distribution_config.aliases.items[0] #=> String
+    #   resp.distribution.distribution_config.default_root_object #=> String
+    #   resp.distribution.distribution_config.origins.quantity #=> Integer
+    #   resp.distribution.distribution_config.origins.items #=> Array
+    #   resp.distribution.distribution_config.origins.items[0].id #=> String
+    #   resp.distribution.distribution_config.origins.items[0].domain_name #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_path #=> String
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.quantity #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.items #=> Array
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_ssl_protocols.quantity #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_ssl_protocols.items #=> Array
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_ssl_protocols.items[0] #=> String, one of "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_read_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_keepalive_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
+    #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
+    #   resp.distribution.distribution_config.origin_groups.quantity #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items #=> Array
+    #   resp.distribution.distribution_config.origin_groups.items[0].id #=> String
+    #   resp.distribution.distribution_config.origin_groups.items[0].failover_criteria.status_codes.quantity #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items[0].failover_criteria.status_codes.items #=> Array
+    #   resp.distribution.distribution_config.origin_groups.items[0].failover_criteria.status_codes.items[0] #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items[0].members.quantity #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items[0].members.items #=> Array
+    #   resp.distribution.distribution_config.origin_groups.items[0].members.items[0].origin_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.target_origin_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.enabled #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.enabled #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.viewer_protocol_policy #=> String, one of "allow-all", "https-only", "redirect-to-https"
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.cached_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.cached_methods.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.cached_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.default_cache_behavior.smooth_streaming #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.compress #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items[0].lambda_function_arn #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items[0].include_body #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.items[0].function_arn #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.default_cache_behavior.field_level_encryption_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.realtime_log_config_arn #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.cache_policy_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.origin_request_policy_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.response_headers_policy_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.forward #=> String, one of "none", "whitelist", "all"
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.whitelisted_names.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.whitelisted_names.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.whitelisted_names.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.headers.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.headers.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.headers.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string_cache_keys.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string_cache_keys.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string_cache_keys.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.min_ttl #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.default_ttl #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.max_ttl #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].path_pattern #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].target_origin_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.enabled #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.enabled #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].viewer_protocol_policy #=> String, one of "allow-all", "https-only", "redirect-to-https"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.cached_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.cached_methods.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.cached_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].smooth_streaming #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].compress #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items[0].lambda_function_arn #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items[0].include_body #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.items[0].function_arn #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].field_level_encryption_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].realtime_log_config_arn #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].cache_policy_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].origin_request_policy_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].response_headers_policy_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.forward #=> String, one of "none", "whitelist", "all"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.whitelisted_names.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.whitelisted_names.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.whitelisted_names.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.headers.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.headers.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.headers.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string_cache_keys.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string_cache_keys.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string_cache_keys.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].min_ttl #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].default_ttl #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].max_ttl #=> Integer
+    #   resp.distribution.distribution_config.custom_error_responses.quantity #=> Integer
+    #   resp.distribution.distribution_config.custom_error_responses.items #=> Array
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].error_code #=> Integer
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].response_page_path #=> String
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].response_code #=> String
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].error_caching_min_ttl #=> Integer
+    #   resp.distribution.distribution_config.comment #=> String
+    #   resp.distribution.distribution_config.logging.enabled #=> Boolean
+    #   resp.distribution.distribution_config.logging.include_cookies #=> Boolean
+    #   resp.distribution.distribution_config.logging.bucket #=> String
+    #   resp.distribution.distribution_config.logging.prefix #=> String
+    #   resp.distribution.distribution_config.price_class #=> String, one of "PriceClass_100", "PriceClass_200", "PriceClass_All"
+    #   resp.distribution.distribution_config.enabled #=> Boolean
+    #   resp.distribution.distribution_config.viewer_certificate.cloud_front_default_certificate #=> Boolean
+    #   resp.distribution.distribution_config.viewer_certificate.iam_certificate_id #=> String
+    #   resp.distribution.distribution_config.viewer_certificate.acm_certificate_arn #=> String
+    #   resp.distribution.distribution_config.viewer_certificate.ssl_support_method #=> String, one of "sni-only", "vip", "static-ip"
+    #   resp.distribution.distribution_config.viewer_certificate.minimum_protocol_version #=> String, one of "SSLv3", "TLSv1", "TLSv1_2016", "TLSv1.1_2016", "TLSv1.2_2018", "TLSv1.2_2019", "TLSv1.2_2021"
+    #   resp.distribution.distribution_config.viewer_certificate.certificate #=> String
+    #   resp.distribution.distribution_config.viewer_certificate.certificate_source #=> String, one of "cloudfront", "iam", "acm"
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.restriction_type #=> String, one of "blacklist", "whitelist", "none"
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.quantity #=> Integer
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.items #=> Array
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.items[0] #=> String
+    #   resp.distribution.distribution_config.web_acl_id #=> String
+    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
+    #   resp.distribution.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution.distribution_config.staging #=> Boolean
+    #   resp.distribution.alias_icp_recordals #=> Array
+    #   resp.distribution.alias_icp_recordals[0].cname #=> String
+    #   resp.distribution.alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
+    #   resp.location #=> String
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CopyDistribution AWS API Documentation
+    #
+    # @overload copy_distribution(params = {})
+    # @param [Hash] params ({})
+    def copy_distribution(params = {}, options = {})
+      req = build_request(:copy_distribution, params)
+      req.send_request(options)
+    end
+
     # Creates a cache policy.
     #
     # After you create a cache policy, you can attach it to one or more
-    # cache behaviors. When it’s attached to a cache behavior, the cache
+    # cache behaviors. When it's attached to a cache behavior, the cache
     # policy determines the following:
     #
     # * The values that CloudFront includes in the *cache key*. These values
@@ -397,10 +712,10 @@ module Aws::CloudFront
     #   want objects to stay in the CloudFront cache.
     #
     # The headers, cookies, and query strings that are included in the cache
-    # key are automatically included in requests that CloudFront sends to
-    # the origin. CloudFront sends a request when it can’t find an object in
-    # its cache that matches the request’s cache key. If you want to send
-    # values to the origin but *not* include them in the cache key, use
+    # key are also included in requests that CloudFront sends to the origin.
+    # CloudFront sends a request when it can't find an object in its cache
+    # that matches the request's cache key. If you want to send values to
+    # the origin but *not* include them in the cache key, use
     # `OriginRequestPolicy`.
     #
     # For more information about cache policies, see [Controlling the cache
@@ -538,25 +853,81 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Creates a new web distribution. You create a CloudFront distribution
-    # to tell CloudFront where you want content to be delivered from, and
-    # the details about how to track and manage content delivery. Send a
-    # `POST` request to the `/CloudFront API
-    # version/distribution`/`distribution ID` resource.
-    #
-    # When you update a distribution, there are more required fields than
-    # when you create a distribution. When you update your distribution by
-    # using [UpdateDistribution][1], follow the steps included in the
-    # documentation to get the current configuration and then make your
-    # updates. This helps to make sure that you include all of the required
-    # fields. To view a summary, see [Required Fields for Create
-    # Distribution and Update Distribution][2] in the *Amazon CloudFront
-    # Developer Guide*.
+    # Creates a continuous deployment policy that distributes traffic for a
+    # custom domain name to two different CloudFront distributions.
+    #
+    # To use a continuous deployment policy, first use `CopyDistribution` to
+    # create a staging distribution, then use `UpdateDistribution` to modify
+    # the staging distribution's configuration.
+    #
+    # After you create and update a staging distribution, you can use a
+    # continuous deployment policy to incrementally move traffic to the
+    # staging distribution. This workflow enables you to test changes to a
+    # distribution's configuration before moving all of your domain's
+    # production traffic to the new configuration.
+    #
+    # @option params [required, Types::ContinuousDeploymentPolicyConfig] :continuous_deployment_policy_config
+    #   Contains the configuration for a continuous deployment policy.
+    #
+    # @return [Types::CreateContinuousDeploymentPolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
+    #   * {Types::CreateContinuousDeploymentPolicyResult#continuous_deployment_policy #continuous_deployment_policy} => Types::ContinuousDeploymentPolicy
+    #   * {Types::CreateContinuousDeploymentPolicyResult#location #location} => String
+    #   * {Types::CreateContinuousDeploymentPolicyResult#etag #etag} => String
     #
+    # @example Request syntax with placeholder values
     #
-    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html
-    # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-overview-required-fields.html
+    #   resp = client.create_continuous_deployment_policy({
+    #     continuous_deployment_policy_config: { # required
+    #       staging_distribution_dns_names: { # required
+    #         quantity: 1, # required
+    #         items: ["string"],
+    #       },
+    #       enabled: false, # required
+    #       traffic_config: {
+    #         single_weight_config: {
+    #           weight: 1.0, # required
+    #           session_stickiness_config: {
+    #             idle_ttl: 1, # required
+    #             maximum_ttl: 1, # required
+    #           },
+    #         },
+    #         single_header_config: {
+    #           header: "string", # required
+    #           value: "string", # required
+    #         },
+    #         type: "SingleWeight", # required, accepts SingleWeight, SingleHeader
+    #       },
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.continuous_deployment_policy.id #=> String
+    #   resp.continuous_deployment_policy.last_modified_time #=> Time
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.quantity #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items #=> Array
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items[0] #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.enabled #=> Boolean
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.weight #=> Float
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.idle_ttl #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.maximum_ttl #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.header #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.value #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.type #=> String, one of "SingleWeight", "SingleHeader"
+    #   resp.location #=> String
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateContinuousDeploymentPolicy AWS API Documentation
+    #
+    # @overload create_continuous_deployment_policy(params = {})
+    # @param [Hash] params ({})
+    def create_continuous_deployment_policy(params = {}, options = {})
+      req = build_request(:create_continuous_deployment_policy, params)
+      req.send_request(options)
+    end
+
+    # Creates a CloudFront distribution.
     #
     # @option params [required, Types::DistributionConfig] :distribution_config
     #   The distribution's configuration information.
@@ -613,6 +984,7 @@ module Aws::CloudFront
     #               enabled: false, # required
     #               origin_shield_region: "OriginShieldRegion",
     #             },
+    #             origin_access_control_id: "string",
     #           },
     #         ],
     #       },
@@ -819,8 +1191,10 @@ module Aws::CloudFront
     #         },
     #       },
     #       web_acl_id: "string",
-    #       http_version: "http1.1", # accepts http1.1, http2
+    #       http_version: "http1.1", # accepts http1.1, http2, http3, http2and3
     #       is_ipv6_enabled: false,
+    #       continuous_deployment_policy_id: "string",
+    #       staging: false,
     #     },
     #   })
     #
@@ -873,6 +1247,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
     #   resp.distribution.distribution_config.origin_groups.quantity #=> Integer
     #   resp.distribution.distribution_config.origin_groups.items #=> Array
     #   resp.distribution.distribution_config.origin_groups.items[0].id #=> String
@@ -1002,8 +1377,10 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items #=> Array
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution.distribution_config.web_acl_id #=> String
-    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution.distribution_config.staging #=> Boolean
     #   resp.distribution.alias_icp_recordals #=> Array
     #   resp.distribution.alias_icp_recordals[0].cname #=> String
     #   resp.distribution.alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
@@ -1019,7 +1396,17 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Create a new distribution with tags.
+    # Create a new distribution with tags. This API operation requires the
+    # following IAM permissions:
+    #
+    # * [CreateDistribution][1]
+    #
+    # * [TagResource][2]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_CreateDistribution.html
+    # [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_TagResource.html
     #
     # @option params [required, Types::DistributionConfigWithTags] :distribution_config_with_tags
     #   The distribution's configuration information.
@@ -1077,6 +1464,7 @@ module Aws::CloudFront
     #                 enabled: false, # required
     #                 origin_shield_region: "OriginShieldRegion",
     #               },
+    #               origin_access_control_id: "string",
     #             },
     #           ],
     #         },
@@ -1283,8 +1671,10 @@ module Aws::CloudFront
     #           },
     #         },
     #         web_acl_id: "string",
-    #         http_version: "http1.1", # accepts http1.1, http2
+    #         http_version: "http1.1", # accepts http1.1, http2, http3, http2and3
     #         is_ipv6_enabled: false,
+    #         continuous_deployment_policy_id: "string",
+    #         staging: false,
     #       },
     #       tags: { # required
     #         items: [
@@ -1346,6 +1736,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
     #   resp.distribution.distribution_config.origin_groups.quantity #=> Integer
     #   resp.distribution.distribution_config.origin_groups.items #=> Array
     #   resp.distribution.distribution_config.origin_groups.items[0].id #=> String
@@ -1475,8 +1866,10 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items #=> Array
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution.distribution_config.web_acl_id #=> String
-    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution.distribution_config.staging #=> Boolean
     #   resp.distribution.alias_icp_recordals #=> Array
     #   resp.distribution.alias_icp_recordals[0].cname #=> String
     #   resp.distribution.alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
@@ -1632,21 +2025,22 @@ module Aws::CloudFront
     # configuration information about the function. The response contains an
     # Amazon Resource Name (ARN) that uniquely identifies the function.
     #
-    # When you create a function, it’s in the `DEVELOPMENT` stage. In this
+    # When you create a function, it's in the `DEVELOPMENT` stage. In this
     # stage, you can test the function with `TestFunction`, and update it
     # with `UpdateFunction`.
     #
-    # When you’re ready to use your function with a CloudFront distribution,
-    # use `PublishFunction` to copy the function from the `DEVELOPMENT`
-    # stage to `LIVE`. When it’s live, you can attach the function to a
-    # distribution’s cache behavior, using the function’s ARN.
+    # When you're ready to use your function with a CloudFront
+    # distribution, use `PublishFunction` to copy the function from the
+    # `DEVELOPMENT` stage to `LIVE`. When it's live, you can attach the
+    # function to a distribution's cache behavior, using the function's
+    # ARN.
     #
     # @option params [required, String] :name
     #   A name to identify the function.
     #
     # @option params [required, Types::FunctionConfig] :function_config
     #   Configuration information about the function, including an optional
-    #   comment and the function’s runtime.
+    #   comment and the function's runtime.
     #
     # @option params [required, String, StringIO, File] :function_code
     #   The function code. For more information about writing a CloudFront
@@ -1669,7 +2063,7 @@ module Aws::CloudFront
     #     name: "FunctionName", # required
     #     function_config: { # required
     #       comment: "string", # required
-    #       runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0
+    #       runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0, cloudfront-js-2.0
     #     },
     #     function_code: "data", # required
     #   })
@@ -1679,7 +2073,7 @@ module Aws::CloudFront
     #   resp.function_summary.name #=> String
     #   resp.function_summary.status #=> String
     #   resp.function_summary.function_config.comment #=> String
-    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0"
+    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0", "cloudfront-js-2.0"
     #   resp.function_summary.function_metadata.function_arn #=> String
     #   resp.function_summary.function_metadata.stage #=> String, one of "DEVELOPMENT", "LIVE"
     #   resp.function_summary.function_metadata.created_time #=> Time
@@ -1845,10 +2239,68 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Creates a new origin access control in CloudFront. After you create an
+    # origin access control, you can add it to an origin in a CloudFront
+    # distribution so that CloudFront sends authenticated (signed) requests
+    # to the origin.
+    #
+    # This makes it possible to block public access to the origin, allowing
+    # viewers (users) to access the origin's content only through
+    # CloudFront.
+    #
+    # For more information about using a CloudFront origin access control,
+    # see [Restricting access to an Amazon Web Services origin][1] in the
+    # *Amazon CloudFront Developer Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-origin.html
+    #
+    # @option params [required, Types::OriginAccessControlConfig] :origin_access_control_config
+    #   Contains the origin access control.
+    #
+    # @return [Types::CreateOriginAccessControlResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::CreateOriginAccessControlResult#origin_access_control #origin_access_control} => Types::OriginAccessControl
+    #   * {Types::CreateOriginAccessControlResult#location #location} => String
+    #   * {Types::CreateOriginAccessControlResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.create_origin_access_control({
+    #     origin_access_control_config: { # required
+    #       name: "string", # required
+    #       description: "string",
+    #       signing_protocol: "sigv4", # required, accepts sigv4
+    #       signing_behavior: "never", # required, accepts never, always, no-override
+    #       origin_access_control_origin_type: "s3", # required, accepts s3, mediastore
+    #     },
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.origin_access_control.id #=> String
+    #   resp.origin_access_control.origin_access_control_config.name #=> String
+    #   resp.origin_access_control.origin_access_control_config.description #=> String
+    #   resp.origin_access_control.origin_access_control_config.signing_protocol #=> String, one of "sigv4"
+    #   resp.origin_access_control.origin_access_control_config.signing_behavior #=> String, one of "never", "always", "no-override"
+    #   resp.origin_access_control.origin_access_control_config.origin_access_control_origin_type #=> String, one of "s3", "mediastore"
+    #   resp.location #=> String
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/CreateOriginAccessControl AWS API Documentation
+    #
+    # @overload create_origin_access_control(params = {})
+    # @param [Hash] params ({})
+    def create_origin_access_control(params = {}, options = {})
+      req = build_request(:create_origin_access_control, params)
+      req.send_request(options)
+    end
+
     # Creates an origin request policy.
     #
     # After you create an origin request policy, you can attach it to one or
-    # more cache behaviors. When it’s attached to a cache behavior, the
+    # more cache behaviors. When it's attached to a cache behavior, the
     # origin request policy determines the values that CloudFront includes
     # in requests that it sends to the origin. Each request that CloudFront
     # sends to the origin includes the following:
@@ -1864,7 +2316,7 @@ module Aws::CloudFront
     #   items from the viewer request and, in the case of headers,
     #   additional ones that are added by CloudFront.
     #
-    # CloudFront sends a request when it can’t find a valid object in its
+    # CloudFront sends a request when it can't find a valid object in its
     # cache that matches the request. If you want to send values to the
     # origin and also include them in the cache key, use `CachePolicy`.
     #
@@ -1891,21 +2343,21 @@ module Aws::CloudFront
     #       comment: "string",
     #       name: "string", # required
     #       headers_config: { # required
-    #         header_behavior: "none", # required, accepts none, whitelist, allViewer, allViewerAndWhitelistCloudFront
+    #         header_behavior: "none", # required, accepts none, whitelist, allViewer, allViewerAndWhitelistCloudFront, allExcept
     #         headers: {
     #           quantity: 1, # required
     #           items: ["string"],
     #         },
     #       },
     #       cookies_config: { # required
-    #         cookie_behavior: "none", # required, accepts none, whitelist, all
+    #         cookie_behavior: "none", # required, accepts none, whitelist, all, allExcept
     #         cookies: {
     #           quantity: 1, # required
     #           items: ["string"],
     #         },
     #       },
     #       query_strings_config: { # required
-    #         query_string_behavior: "none", # required, accepts none, whitelist, all
+    #         query_string_behavior: "none", # required, accepts none, whitelist, all, allExcept
     #         query_strings: {
     #           quantity: 1, # required
     #           items: ["string"],
@@ -1920,15 +2372,15 @@ module Aws::CloudFront
     #   resp.origin_request_policy.last_modified_time #=> Time
     #   resp.origin_request_policy.origin_request_policy_config.comment #=> String
     #   resp.origin_request_policy.origin_request_policy_config.name #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront"
+    #   resp.origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.items[0] #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.items[0] #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items[0] #=> String
@@ -2073,19 +2525,28 @@ module Aws::CloudFront
     # Creates a response headers policy.
     #
     # A response headers policy contains information about a set of HTTP
-    # response headers and their values. To create a response headers
-    # policy, you provide some metadata about the policy, and a set of
-    # configurations that specify the response headers.
+    # headers. To create a response headers policy, you provide some
+    # metadata about the policy and a set of configurations that specify the
+    # headers.
     #
     # After you create a response headers policy, you can use its ID to
     # attach it to one or more cache behaviors in a CloudFront distribution.
-    # When it’s attached to a cache behavior, CloudFront adds the headers in
-    # the policy to HTTP responses that it sends for requests that match the
-    # cache behavior.
+    # When it's attached to a cache behavior, the response headers policy
+    # affects the HTTP headers that CloudFront includes in HTTP responses to
+    # requests that match the cache behavior. CloudFront adds or removes
+    # response headers according to the configuration of the response
+    # headers policy.
+    #
+    # For more information, see [Adding or removing HTTP headers in
+    # CloudFront responses][1] in the *Amazon CloudFront Developer Guide*.
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/modifying-response-headers.html
     #
     # @option params [required, Types::ResponseHeadersPolicyConfig] :response_headers_policy_config
     #   Contains metadata about the response headers policy, and a set of
-    #   configurations that specify the response headers.
+    #   configurations that specify the HTTP headers.
     #
     # @return [Types::CreateResponseHeadersPolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2149,6 +2610,10 @@ module Aws::CloudFront
     #           access_control_max_age_sec: 1, # required
     #         },
     #       },
+    #       server_timing_headers_config: {
+    #         enabled: false, # required
+    #         sampling_rate: 1.0,
+    #       },
     #       custom_headers_config: {
     #         quantity: 1, # required
     #         items: [
@@ -2159,6 +2624,14 @@ module Aws::CloudFront
     #           },
     #         ],
     #       },
+    #       remove_headers_config: {
+    #         quantity: 1, # required
+    #         items: [
+    #           {
+    #             header: "string", # required
+    #           },
+    #         ],
+    #       },
     #     },
     #   })
     #
@@ -2198,11 +2671,16 @@ module Aws::CloudFront
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.include_subdomains #=> Boolean
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.preload #=> Boolean
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.access_control_max_age_sec #=> Integer
+    #   resp.response_headers_policy.response_headers_policy_config.server_timing_headers_config.enabled #=> Boolean
+    #   resp.response_headers_policy.response_headers_policy_config.server_timing_headers_config.sampling_rate #=> Float
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.quantity #=> Integer
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items #=> Array
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].header #=> String
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].value #=> String
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].override #=> Boolean
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.quantity #=> Integer
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.items #=> Array
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.items[0].header #=> String
     #   resp.location #=> String
     #   resp.etag #=> String
     #
@@ -2405,12 +2883,12 @@ module Aws::CloudFront
 
     # Deletes a cache policy.
     #
-    # You cannot delete a cache policy if it’s attached to a cache behavior.
-    # First update your distributions to remove the cache policy from all
-    # cache behaviors, then delete the cache policy.
+    # You cannot delete a cache policy if it's attached to a cache
+    # behavior. First update your distributions to remove the cache policy
+    # from all cache behaviors, then delete the cache policy.
     #
-    # To delete a cache policy, you must provide the policy’s identifier and
-    # version. To get these values, you can use `ListCachePolicies` or
+    # To delete a cache policy, you must provide the policy's identifier
+    # and version. To get these values, you can use `ListCachePolicies` or
     # `GetCachePolicy`.
     #
     # @option params [required, String] :id
@@ -2419,7 +2897,7 @@ module Aws::CloudFront
     #
     # @option params [String] :if_match
     #   The version of the cache policy that you are deleting. The version is
-    #   the cache policy’s `ETag` value, which you can get using
+    #   the cache policy's `ETag` value, which you can get using
     #   `ListCachePolicies`, `GetCachePolicy`, or `GetCachePolicyConfig`.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
@@ -2467,6 +2945,38 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Deletes a continuous deployment policy.
+    #
+    # You cannot delete a continuous deployment policy that's attached to a
+    # primary distribution. First update your distribution to remove the
+    # continuous deployment policy, then you can delete the policy.
+    #
+    # @option params [required, String] :id
+    #   The identifier of the continuous deployment policy that you are
+    #   deleting.
+    #
+    # @option params [String] :if_match
+    #   The current version (`ETag` value) of the continuous deployment policy
+    #   that you are deleting.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_continuous_deployment_policy({
+    #     id: "string", # required
+    #     if_match: "string",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DeleteContinuousDeploymentPolicy AWS API Documentation
+    #
+    # @overload delete_continuous_deployment_policy(params = {})
+    # @param [Hash] params ({})
+    def delete_continuous_deployment_policy(params = {}, options = {})
+      req = build_request(:delete_continuous_deployment_policy, params)
+      req.send_request(options)
+    end
+
     # Delete a distribution.
     #
     # @option params [required, String] :id
@@ -2550,13 +3060,13 @@ module Aws::CloudFront
 
     # Deletes a CloudFront function.
     #
-    # You cannot delete a function if it’s associated with a cache behavior.
-    # First, update your distributions to remove the function association
-    # from all cache behaviors, then delete the function.
+    # You cannot delete a function if it's associated with a cache
+    # behavior. First, update your distributions to remove the function
+    # association from all cache behaviors, then delete the function.
     #
-    # To delete a function, you must provide the function’s name and version
-    # (`ETag` value). To get these values, you can use `ListFunctions` and
-    # `DescribeFunction`.
+    # To delete a function, you must provide the function's name and
+    # version (`ETag` value). To get these values, you can use
+    # `ListFunctions` and `DescribeFunction`.
     #
     # @option params [required, String] :name
     #   The name of the function that you are deleting.
@@ -2589,8 +3099,8 @@ module Aws::CloudFront
     # First update your distributions to remove the key group from all cache
     # behaviors, then delete the key group.
     #
-    # To delete a key group, you must provide the key group’s identifier and
-    # version. To get these values, use `ListKeyGroups` followed by
+    # To delete a key group, you must provide the key group's identifier
+    # and version. To get these values, use `ListKeyGroups` followed by
     # `GetKeyGroup` or `GetKeyGroupConfig`.
     #
     # @option params [required, String] :id
@@ -2599,7 +3109,7 @@ module Aws::CloudFront
     #
     # @option params [String] :if_match
     #   The version of the key group that you are deleting. The version is the
-    #   key group’s `ETag` value. To get the `ETag`, use `GetKeyGroup` or
+    #   key group's `ETag` value. To get the `ETag`, use `GetKeyGroup` or
     #   `GetKeyGroupConfig`.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
@@ -2643,14 +3153,46 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Deletes a CloudFront origin access control.
+    #
+    # You cannot delete an origin access control if it's in use. First,
+    # update all distributions to remove the origin access control from all
+    # origins, then delete the origin access control.
+    #
+    # @option params [required, String] :id
+    #   The unique identifier of the origin access control that you are
+    #   deleting.
+    #
+    # @option params [String] :if_match
+    #   The current version (`ETag` value) of the origin access control that
+    #   you are deleting.
+    #
+    # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.delete_origin_access_control({
+    #     id: "string", # required
+    #     if_match: "string",
+    #   })
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/DeleteOriginAccessControl AWS API Documentation
+    #
+    # @overload delete_origin_access_control(params = {})
+    # @param [Hash] params ({})
+    def delete_origin_access_control(params = {}, options = {})
+      req = build_request(:delete_origin_access_control, params)
+      req.send_request(options)
+    end
+
     # Deletes an origin request policy.
     #
-    # You cannot delete an origin request policy if it’s attached to any
+    # You cannot delete an origin request policy if it's attached to any
     # cache behaviors. First update your distributions to remove the origin
     # request policy from all cache behaviors, then delete the origin
     # request policy.
     #
-    # To delete an origin request policy, you must provide the policy’s
+    # To delete an origin request policy, you must provide the policy's
     # identifier and version. To get the identifier, you can use
     # `ListOriginRequestPolicies` or `GetOriginRequestPolicy`.
     #
@@ -2661,8 +3203,8 @@ module Aws::CloudFront
     #
     # @option params [String] :if_match
     #   The version of the origin request policy that you are deleting. The
-    #   version is the origin request policy’s `ETag` value, which you can get
-    #   using `ListOriginRequestPolicies`, `GetOriginRequestPolicy`, or
+    #   version is the origin request policy's `ETag` value, which you can
+    #   get using `ListOriginRequestPolicies`, `GetOriginRequestPolicy`, or
     #   `GetOriginRequestPolicyConfig`.
     #
     # @return [Struct] Returns an empty {Seahorse::Client::Response response}.
@@ -2712,13 +3254,13 @@ module Aws::CloudFront
 
     # Deletes a real-time log configuration.
     #
-    # You cannot delete a real-time log configuration if it’s attached to a
+    # You cannot delete a real-time log configuration if it's attached to a
     # cache behavior. First update your distributions to remove the
     # real-time log configuration from all cache behaviors, then delete the
     # real-time log configuration.
     #
     # To delete a real-time log configuration, you can provide the
-    # configuration’s name or its Amazon Resource Name (ARN). You must
+    # configuration's name or its Amazon Resource Name (ARN). You must
     # provide at least one. If you provide both, CloudFront uses the name to
     # identify the real-time log configuration to delete.
     #
@@ -2749,12 +3291,12 @@ module Aws::CloudFront
 
     # Deletes a response headers policy.
     #
-    # You cannot delete a response headers policy if it’s attached to a
+    # You cannot delete a response headers policy if it's attached to a
     # cache behavior. First update your distributions to remove the response
     # headers policy from all cache behaviors, then delete the response
     # headers policy.
     #
-    # To delete a response headers policy, you must provide the policy’s
+    # To delete a response headers policy, you must provide the policy's
     # identifier and version. To get these values, you can use
     # `ListResponseHeadersPolicies` or `GetResponseHeadersPolicy`.
     #
@@ -2766,7 +3308,7 @@ module Aws::CloudFront
     # @option params [String] :if_match
     #   The version of the response headers policy that you are deleting.
     #
-    #   The version is the response headers policy’s `ETag` value, which you
+    #   The version is the response headers policy's `ETag` value, which you
     #   can get using `ListResponseHeadersPolicies`,
     #   `GetResponseHeadersPolicy`, or `GetResponseHeadersPolicyConfig`.
     #
@@ -2791,7 +3333,7 @@ module Aws::CloudFront
     # Delete a streaming distribution. To delete an RTMP distribution using
     # the CloudFront API, perform the following steps.
     #
-    # **To delete an RTMP distribution using the CloudFront API**\:
+    # **To delete an RTMP distribution using the CloudFront API**:
     #
     # 1.  Disable the RTMP distribution.
     #
@@ -2859,18 +3401,18 @@ module Aws::CloudFront
     end
 
     # Gets configuration information and metadata about a CloudFront
-    # function, but not the function’s code. To get a function’s code, use
+    # function, but not the function's code. To get a function's code, use
     # `GetFunction`.
     #
     # To get configuration information and metadata about a function, you
-    # must provide the function’s name and stage. To get these values, you
+    # must provide the function's name and stage. To get these values, you
     # can use `ListFunctions`.
     #
     # @option params [required, String] :name
     #   The name of the function that you are getting information about.
     #
     # @option params [String] :stage
-    #   The function’s stage, either `DEVELOPMENT` or `LIVE`.
+    #   The function's stage, either `DEVELOPMENT` or `LIVE`.
     #
     # @return [Types::DescribeFunctionResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2889,7 +3431,7 @@ module Aws::CloudFront
     #   resp.function_summary.name #=> String
     #   resp.function_summary.status #=> String
     #   resp.function_summary.function_config.comment #=> String
-    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0"
+    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0", "cloudfront-js-2.0"
     #   resp.function_summary.function_metadata.function_arn #=> String
     #   resp.function_summary.function_metadata.stage #=> String, one of "DEVELOPMENT", "LIVE"
     #   resp.function_summary.function_metadata.created_time #=> Time
@@ -2907,22 +3449,22 @@ module Aws::CloudFront
 
     # Gets a cache policy, including the following metadata:
     #
-    # * The policy’s identifier.
+    # * The policy's identifier.
     #
     # * The date and time when the policy was last modified.
     #
-    # To get a cache policy, you must provide the policy’s identifier. If
-    # the cache policy is attached to a distribution’s cache behavior, you
-    # can get the policy’s identifier using `ListDistributions` or
+    # To get a cache policy, you must provide the policy's identifier. If
+    # the cache policy is attached to a distribution's cache behavior, you
+    # can get the policy's identifier using `ListDistributions` or
     # `GetDistribution`. If the cache policy is not attached to a cache
     # behavior, you can get the identifier using `ListCachePolicies`.
     #
     # @option params [required, String] :id
     #   The unique identifier for the cache policy. If the cache policy is
-    #   attached to a distribution’s cache behavior, you can get the policy’s
-    #   identifier using `ListDistributions` or `GetDistribution`. If the
-    #   cache policy is not attached to a cache behavior, you can get the
-    #   identifier using `ListCachePolicies`.
+    #   attached to a distribution's cache behavior, you can get the
+    #   policy's identifier using `ListDistributions` or `GetDistribution`.
+    #   If the cache policy is not attached to a cache behavior, you can get
+    #   the identifier using `ListCachePolicies`.
     #
     # @return [Types::GetCachePolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -2971,19 +3513,19 @@ module Aws::CloudFront
 
     # Gets a cache policy configuration.
     #
-    # To get a cache policy configuration, you must provide the policy’s
-    # identifier. If the cache policy is attached to a distribution’s cache
-    # behavior, you can get the policy’s identifier using
+    # To get a cache policy configuration, you must provide the policy's
+    # identifier. If the cache policy is attached to a distribution's cache
+    # behavior, you can get the policy's identifier using
     # `ListDistributions` or `GetDistribution`. If the cache policy is not
     # attached to a cache behavior, you can get the identifier using
     # `ListCachePolicies`.
     #
     # @option params [required, String] :id
     #   The unique identifier for the cache policy. If the cache policy is
-    #   attached to a distribution’s cache behavior, you can get the policy’s
-    #   identifier using `ListDistributions` or `GetDistribution`. If the
-    #   cache policy is not attached to a cache behavior, you can get the
-    #   identifier using `ListCachePolicies`.
+    #   attached to a distribution's cache behavior, you can get the
+    #   policy's identifier using `ListDistributions` or `GetDistribution`.
+    #   If the cache policy is not attached to a cache behavior, you can get
+    #   the identifier using `ListCachePolicies`.
     #
     # @return [Types::GetCachePolicyConfigResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -3092,6 +3634,89 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Gets a continuous deployment policy, including metadata (the policy's
+    # identifier and the date and time when the policy was last modified).
+    #
+    # @option params [required, String] :id
+    #   The identifier of the continuous deployment policy that you are
+    #   getting.
+    #
+    # @return [Types::GetContinuousDeploymentPolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetContinuousDeploymentPolicyResult#continuous_deployment_policy #continuous_deployment_policy} => Types::ContinuousDeploymentPolicy
+    #   * {Types::GetContinuousDeploymentPolicyResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_continuous_deployment_policy({
+    #     id: "string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.continuous_deployment_policy.id #=> String
+    #   resp.continuous_deployment_policy.last_modified_time #=> Time
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.quantity #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items #=> Array
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items[0] #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.enabled #=> Boolean
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.weight #=> Float
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.idle_ttl #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.maximum_ttl #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.header #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.value #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.type #=> String, one of "SingleWeight", "SingleHeader"
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetContinuousDeploymentPolicy AWS API Documentation
+    #
+    # @overload get_continuous_deployment_policy(params = {})
+    # @param [Hash] params ({})
+    def get_continuous_deployment_policy(params = {}, options = {})
+      req = build_request(:get_continuous_deployment_policy, params)
+      req.send_request(options)
+    end
+
+    # Gets configuration information about a continuous deployment policy.
+    #
+    # @option params [required, String] :id
+    #   The identifier of the continuous deployment policy whose configuration
+    #   you are getting.
+    #
+    # @return [Types::GetContinuousDeploymentPolicyConfigResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetContinuousDeploymentPolicyConfigResult#continuous_deployment_policy_config #continuous_deployment_policy_config} => Types::ContinuousDeploymentPolicyConfig
+    #   * {Types::GetContinuousDeploymentPolicyConfigResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_continuous_deployment_policy_config({
+    #     id: "string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.continuous_deployment_policy_config.staging_distribution_dns_names.quantity #=> Integer
+    #   resp.continuous_deployment_policy_config.staging_distribution_dns_names.items #=> Array
+    #   resp.continuous_deployment_policy_config.staging_distribution_dns_names.items[0] #=> String
+    #   resp.continuous_deployment_policy_config.enabled #=> Boolean
+    #   resp.continuous_deployment_policy_config.traffic_config.single_weight_config.weight #=> Float
+    #   resp.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.idle_ttl #=> Integer
+    #   resp.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.maximum_ttl #=> Integer
+    #   resp.continuous_deployment_policy_config.traffic_config.single_header_config.header #=> String
+    #   resp.continuous_deployment_policy_config.traffic_config.single_header_config.value #=> String
+    #   resp.continuous_deployment_policy_config.traffic_config.type #=> String, one of "SingleWeight", "SingleHeader"
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetContinuousDeploymentPolicyConfig AWS API Documentation
+    #
+    # @overload get_continuous_deployment_policy_config(params = {})
+    # @param [Hash] params ({})
+    def get_continuous_deployment_policy_config(params = {}, options = {})
+      req = build_request(:get_continuous_deployment_policy_config, params)
+      req.send_request(options)
+    end
+
     # Get the information about a distribution.
     #
     # @option params [required, String] :id
@@ -3158,6 +3783,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
     #   resp.distribution.distribution_config.origin_groups.quantity #=> Integer
     #   resp.distribution.distribution_config.origin_groups.items #=> Array
     #   resp.distribution.distribution_config.origin_groups.items[0].id #=> String
@@ -3287,8 +3913,10 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items #=> Array
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution.distribution_config.web_acl_id #=> String
-    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution.distribution_config.staging #=> Boolean
     #   resp.distribution.alias_icp_recordals #=> Array
     #   resp.distribution.alias_icp_recordals[0].cname #=> String
     #   resp.distribution.alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
@@ -3354,6 +3982,7 @@ module Aws::CloudFront
     #   resp.distribution_config.origins.items[0].connection_timeout #=> Integer
     #   resp.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution_config.origins.items[0].origin_access_control_id #=> String
     #   resp.distribution_config.origin_groups.quantity #=> Integer
     #   resp.distribution_config.origin_groups.items #=> Array
     #   resp.distribution_config.origin_groups.items[0].id #=> String
@@ -3483,8 +4112,10 @@ module Aws::CloudFront
     #   resp.distribution_config.restrictions.geo_restriction.items #=> Array
     #   resp.distribution_config.restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution_config.web_acl_id #=> String
-    #   resp.distribution_config.http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution_config.staging #=> Boolean
     #   resp.etag #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetDistributionConfig AWS API Documentation
@@ -3668,14 +4299,14 @@ module Aws::CloudFront
     # Gets the code of a CloudFront function. To get configuration
     # information and metadata about a function, use `DescribeFunction`.
     #
-    # To get a function’s code, you must provide the function’s name and
+    # To get a function's code, you must provide the function's name and
     # stage. To get these values, you can use `ListFunctions`.
     #
     # @option params [required, String] :name
     #   The name of the function whose code you are getting.
     #
     # @option params [String] :stage
-    #   The function’s stage, either `DEVELOPMENT` or `LIVE`.
+    #   The function's stage, either `DEVELOPMENT` or `LIVE`.
     #
     # @return [Types::GetFunctionResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -3752,9 +4383,9 @@ module Aws::CloudFront
     # Gets a key group, including the date and time when the key group was
     # last modified.
     #
-    # To get a key group, you must provide the key group’s identifier. If
-    # the key group is referenced in a distribution’s cache behavior, you
-    # can get the key group’s identifier using `ListDistributions` or
+    # To get a key group, you must provide the key group's identifier. If
+    # the key group is referenced in a distribution's cache behavior, you
+    # can get the key group's identifier using `ListDistributions` or
     # `GetDistribution`. If the key group is not referenced in a cache
     # behavior, you can get the identifier using `ListKeyGroups`.
     #
@@ -3794,9 +4425,9 @@ module Aws::CloudFront
 
     # Gets a key group configuration.
     #
-    # To get a key group configuration, you must provide the key group’s
-    # identifier. If the key group is referenced in a distribution’s cache
-    # behavior, you can get the key group’s identifier using
+    # To get a key group configuration, you must provide the key group's
+    # identifier. If the key group is referenced in a distribution's cache
+    # behavior, you can get the key group's identifier using
     # `ListDistributions` or `GetDistribution`. If the key group is not
     # referenced in a cache behavior, you can get the identifier using
     # `ListKeyGroups`.
@@ -3863,23 +4494,93 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Gets a CloudFront origin access control, including its unique
+    # identifier.
+    #
+    # @option params [required, String] :id
+    #   The unique identifier of the origin access control.
+    #
+    # @return [Types::GetOriginAccessControlResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetOriginAccessControlResult#origin_access_control #origin_access_control} => Types::OriginAccessControl
+    #   * {Types::GetOriginAccessControlResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_origin_access_control({
+    #     id: "string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.origin_access_control.id #=> String
+    #   resp.origin_access_control.origin_access_control_config.name #=> String
+    #   resp.origin_access_control.origin_access_control_config.description #=> String
+    #   resp.origin_access_control.origin_access_control_config.signing_protocol #=> String, one of "sigv4"
+    #   resp.origin_access_control.origin_access_control_config.signing_behavior #=> String, one of "never", "always", "no-override"
+    #   resp.origin_access_control.origin_access_control_config.origin_access_control_origin_type #=> String, one of "s3", "mediastore"
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetOriginAccessControl AWS API Documentation
+    #
+    # @overload get_origin_access_control(params = {})
+    # @param [Hash] params ({})
+    def get_origin_access_control(params = {}, options = {})
+      req = build_request(:get_origin_access_control, params)
+      req.send_request(options)
+    end
+
+    # Gets a CloudFront origin access control configuration.
+    #
+    # @option params [required, String] :id
+    #   The unique identifier of the origin access control.
+    #
+    # @return [Types::GetOriginAccessControlConfigResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::GetOriginAccessControlConfigResult#origin_access_control_config #origin_access_control_config} => Types::OriginAccessControlConfig
+    #   * {Types::GetOriginAccessControlConfigResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.get_origin_access_control_config({
+    #     id: "string", # required
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.origin_access_control_config.name #=> String
+    #   resp.origin_access_control_config.description #=> String
+    #   resp.origin_access_control_config.signing_protocol #=> String, one of "sigv4"
+    #   resp.origin_access_control_config.signing_behavior #=> String, one of "never", "always", "no-override"
+    #   resp.origin_access_control_config.origin_access_control_origin_type #=> String, one of "s3", "mediastore"
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetOriginAccessControlConfig AWS API Documentation
+    #
+    # @overload get_origin_access_control_config(params = {})
+    # @param [Hash] params ({})
+    def get_origin_access_control_config(params = {}, options = {})
+      req = build_request(:get_origin_access_control_config, params)
+      req.send_request(options)
+    end
+
     # Gets an origin request policy, including the following metadata:
     #
-    # * The policy’s identifier.
+    # * The policy's identifier.
     #
     # * The date and time when the policy was last modified.
     #
-    # To get an origin request policy, you must provide the policy’s
+    # To get an origin request policy, you must provide the policy's
     # identifier. If the origin request policy is attached to a
-    # distribution’s cache behavior, you can get the policy’s identifier
+    # distribution's cache behavior, you can get the policy's identifier
     # using `ListDistributions` or `GetDistribution`. If the origin request
     # policy is not attached to a cache behavior, you can get the identifier
     # using `ListOriginRequestPolicies`.
     #
     # @option params [required, String] :id
     #   The unique identifier for the origin request policy. If the origin
-    #   request policy is attached to a distribution’s cache behavior, you can
-    #   get the policy’s identifier using `ListDistributions` or
+    #   request policy is attached to a distribution's cache behavior, you
+    #   can get the policy's identifier using `ListDistributions` or
     #   `GetDistribution`. If the origin request policy is not attached to a
     #   cache behavior, you can get the identifier using
     #   `ListOriginRequestPolicies`.
@@ -3901,15 +4602,15 @@ module Aws::CloudFront
     #   resp.origin_request_policy.last_modified_time #=> Time
     #   resp.origin_request_policy.origin_request_policy_config.comment #=> String
     #   resp.origin_request_policy.origin_request_policy_config.name #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront"
+    #   resp.origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.items[0] #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.items[0] #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items[0] #=> String
@@ -3927,16 +4628,16 @@ module Aws::CloudFront
     # Gets an origin request policy configuration.
     #
     # To get an origin request policy configuration, you must provide the
-    # policy’s identifier. If the origin request policy is attached to a
-    # distribution’s cache behavior, you can get the policy’s identifier
+    # policy's identifier. If the origin request policy is attached to a
+    # distribution's cache behavior, you can get the policy's identifier
     # using `ListDistributions` or `GetDistribution`. If the origin request
     # policy is not attached to a cache behavior, you can get the identifier
     # using `ListOriginRequestPolicies`.
     #
     # @option params [required, String] :id
     #   The unique identifier for the origin request policy. If the origin
-    #   request policy is attached to a distribution’s cache behavior, you can
-    #   get the policy’s identifier using `ListDistributions` or
+    #   request policy is attached to a distribution's cache behavior, you
+    #   can get the policy's identifier using `ListDistributions` or
     #   `GetDistribution`. If the origin request policy is not attached to a
     #   cache behavior, you can get the identifier using
     #   `ListOriginRequestPolicies`.
@@ -3956,15 +4657,15 @@ module Aws::CloudFront
     #
     #   resp.origin_request_policy_config.comment #=> String
     #   resp.origin_request_policy_config.name #=> String
-    #   resp.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront"
+    #   resp.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront", "allExcept"
     #   resp.origin_request_policy_config.headers_config.headers.quantity #=> Integer
     #   resp.origin_request_policy_config.headers_config.headers.items #=> Array
     #   resp.origin_request_policy_config.headers_config.headers.items[0] #=> String
-    #   resp.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy_config.cookies_config.cookies.quantity #=> Integer
     #   resp.origin_request_policy_config.cookies_config.cookies.items #=> Array
     #   resp.origin_request_policy_config.cookies_config.cookies.items[0] #=> String
-    #   resp.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy_config.query_strings_config.query_strings.quantity #=> Integer
     #   resp.origin_request_policy_config.query_strings_config.query_strings.items #=> Array
     #   resp.origin_request_policy_config.query_strings_config.query_strings.items[0] #=> String
@@ -4050,7 +4751,7 @@ module Aws::CloudFront
     # Gets a real-time log configuration.
     #
     # To get a real-time log configuration, you can provide the
-    # configuration’s name or its Amazon Resource Name (ARN). You must
+    # configuration's name or its Amazon Resource Name (ARN). You must
     # provide at least one. If you provide both, CloudFront uses the name to
     # identify the real-time log configuration to get.
     #
@@ -4093,12 +4794,12 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Gets a response headers policy, including metadata (the policy’s
+    # Gets a response headers policy, including metadata (the policy's
     # identifier and the date and time when the policy was last modified).
     #
-    # To get a response headers policy, you must provide the policy’s
+    # To get a response headers policy, you must provide the policy's
     # identifier. If the response headers policy is attached to a
-    # distribution’s cache behavior, you can get the policy’s identifier
+    # distribution's cache behavior, you can get the policy's identifier
     # using `ListDistributions` or `GetDistribution`. If the response
     # headers policy is not attached to a cache behavior, you can get the
     # identifier using `ListResponseHeadersPolicies`.
@@ -4106,8 +4807,8 @@ module Aws::CloudFront
     # @option params [required, String] :id
     #   The identifier for the response headers policy.
     #
-    #   If the response headers policy is attached to a distribution’s cache
-    #   behavior, you can get the policy’s identifier using
+    #   If the response headers policy is attached to a distribution's cache
+    #   behavior, you can get the policy's identifier using
     #   `ListDistributions` or `GetDistribution`. If the response headers
     #   policy is not attached to a cache behavior, you can get the identifier
     #   using `ListResponseHeadersPolicies`.
@@ -4159,11 +4860,16 @@ module Aws::CloudFront
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.include_subdomains #=> Boolean
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.preload #=> Boolean
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.access_control_max_age_sec #=> Integer
+    #   resp.response_headers_policy.response_headers_policy_config.server_timing_headers_config.enabled #=> Boolean
+    #   resp.response_headers_policy.response_headers_policy_config.server_timing_headers_config.sampling_rate #=> Float
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.quantity #=> Integer
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items #=> Array
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].header #=> String
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].value #=> String
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].override #=> Boolean
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.quantity #=> Integer
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.items #=> Array
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.items[0].header #=> String
     #   resp.etag #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetResponseHeadersPolicy AWS API Documentation
@@ -4178,8 +4884,8 @@ module Aws::CloudFront
     # Gets a response headers policy configuration.
     #
     # To get a response headers policy configuration, you must provide the
-    # policy’s identifier. If the response headers policy is attached to a
-    # distribution’s cache behavior, you can get the policy’s identifier
+    # policy's identifier. If the response headers policy is attached to a
+    # distribution's cache behavior, you can get the policy's identifier
     # using `ListDistributions` or `GetDistribution`. If the response
     # headers policy is not attached to a cache behavior, you can get the
     # identifier using `ListResponseHeadersPolicies`.
@@ -4187,8 +4893,8 @@ module Aws::CloudFront
     # @option params [required, String] :id
     #   The identifier for the response headers policy.
     #
-    #   If the response headers policy is attached to a distribution’s cache
-    #   behavior, you can get the policy’s identifier using
+    #   If the response headers policy is attached to a distribution's cache
+    #   behavior, you can get the policy's identifier using
     #   `ListDistributions` or `GetDistribution`. If the response headers
     #   policy is not attached to a cache behavior, you can get the identifier
     #   using `ListResponseHeadersPolicies`.
@@ -4238,11 +4944,16 @@ module Aws::CloudFront
     #   resp.response_headers_policy_config.security_headers_config.strict_transport_security.include_subdomains #=> Boolean
     #   resp.response_headers_policy_config.security_headers_config.strict_transport_security.preload #=> Boolean
     #   resp.response_headers_policy_config.security_headers_config.strict_transport_security.access_control_max_age_sec #=> Integer
+    #   resp.response_headers_policy_config.server_timing_headers_config.enabled #=> Boolean
+    #   resp.response_headers_policy_config.server_timing_headers_config.sampling_rate #=> Float
     #   resp.response_headers_policy_config.custom_headers_config.quantity #=> Integer
     #   resp.response_headers_policy_config.custom_headers_config.items #=> Array
     #   resp.response_headers_policy_config.custom_headers_config.items[0].header #=> String
     #   resp.response_headers_policy_config.custom_headers_config.items[0].value #=> String
     #   resp.response_headers_policy_config.custom_headers_config.items[0].override #=> Boolean
+    #   resp.response_headers_policy_config.remove_headers_config.quantity #=> Integer
+    #   resp.response_headers_policy_config.remove_headers_config.items #=> Array
+    #   resp.response_headers_policy_config.remove_headers_config.items[0].header #=> String
     #   resp.etag #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/GetResponseHeadersPolicyConfig AWS API Documentation
@@ -4389,8 +5100,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of cache policies. The response includes cache policies in
     #   the list that occur after the marker. To get the next page of the
-    #   list, set this field’s value to the value of `NextMarker` from the
-    #   current page’s response.
+    #   list, set this field's value to the value of `NextMarker` from the
+    #   current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of cache policies that you want in the response.
@@ -4499,7 +5210,7 @@ module Aws::CloudFront
     # conflicting alias. In the returned list, the distribution and account
     # IDs are partially hidden, which allows you to identify the
     # distributions and accounts that you own, but helps to protect the
-    # information of ones that you don’t own.
+    # information of ones that you don't own.
     #
     # Use this operation to find aliases that are in use in CloudFront that
     # conflict or overlap with the provided alias. For example, if you
@@ -4539,8 +5250,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   the list of conflicting aliases. The response includes conflicting
     #   aliases in the list that occur after the marker. To get the next page
-    #   of the list, set this field’s value to the value of `NextMarker` from
-    #   the current page’s response.
+    #   of the list, set this field's value to the value of `NextMarker` from
+    #   the current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of conflicting aliases that you want in the
@@ -4578,6 +5289,66 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Gets a list of the continuous deployment policies in your Amazon Web
+    # Services account.
+    #
+    # You can optionally specify the maximum number of items to receive in
+    # the response. If the total number of items in the list exceeds the
+    # maximum that you specify, or the default maximum, the response is
+    # paginated. To get the next page of items, send a subsequent request
+    # that specifies the `NextMarker` value from the current response as the
+    # `Marker` value in the subsequent request.
+    #
+    # @option params [String] :marker
+    #   Use this field when paginating results to indicate where to begin in
+    #   your list of continuous deployment policies. The response includes
+    #   policies in the list that occur after the marker. To get the next page
+    #   of the list, set this field's value to the value of `NextMarker` from
+    #   the current page's response.
+    #
+    # @option params [Integer] :max_items
+    #   The maximum number of continuous deployment policies that you want
+    #   returned in the response.
+    #
+    # @return [Types::ListContinuousDeploymentPoliciesResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListContinuousDeploymentPoliciesResult#continuous_deployment_policy_list #continuous_deployment_policy_list} => Types::ContinuousDeploymentPolicyList
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_continuous_deployment_policies({
+    #     marker: "string",
+    #     max_items: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.continuous_deployment_policy_list.next_marker #=> String
+    #   resp.continuous_deployment_policy_list.max_items #=> Integer
+    #   resp.continuous_deployment_policy_list.quantity #=> Integer
+    #   resp.continuous_deployment_policy_list.items #=> Array
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.id #=> String
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.last_modified_time #=> Time
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.quantity #=> Integer
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items #=> Array
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items[0] #=> String
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.enabled #=> Boolean
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.weight #=> Float
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.idle_ttl #=> Integer
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.maximum_ttl #=> Integer
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.header #=> String
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.value #=> String
+    #   resp.continuous_deployment_policy_list.items[0].continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.type #=> String, one of "SingleWeight", "SingleHeader"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListContinuousDeploymentPolicies AWS API Documentation
+    #
+    # @overload list_continuous_deployment_policies(params = {})
+    # @param [Hash] params ({})
+    def list_continuous_deployment_policies(params = {}, options = {})
+      req = build_request(:list_continuous_deployment_policies, params)
+      req.send_request(options)
+    end
+
     # List CloudFront distributions.
     #
     # @option params [String] :marker
@@ -4641,6 +5412,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
     #   resp.distribution_list.items[0].origin_groups.quantity #=> Integer
     #   resp.distribution_list.items[0].origin_groups.items #=> Array
     #   resp.distribution_list.items[0].origin_groups.items[0].id #=> String
@@ -4766,11 +5538,12 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].restrictions.geo_restriction.items #=> Array
     #   resp.distribution_list.items[0].restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution_list.items[0].web_acl_id #=> String
-    #   resp.distribution_list.items[0].http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution_list.items[0].http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution_list.items[0].is_ipv6_enabled #=> Boolean
     #   resp.distribution_list.items[0].alias_icp_recordals #=> Array
     #   resp.distribution_list.items[0].alias_icp_recordals[0].cname #=> String
     #   resp.distribution_list.items[0].alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
+    #   resp.distribution_list.items[0].staging #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributions AWS API Documentation
     #
@@ -4782,7 +5555,7 @@ module Aws::CloudFront
     end
 
     # Gets a list of distribution IDs for distributions that have a cache
-    # behavior that’s associated with the specified cache policy.
+    # behavior that's associated with the specified cache policy.
     #
     # You can optionally specify the maximum number of items to receive in
     # the response. If the total number of items in the list exceeds the
@@ -4795,8 +5568,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of distribution IDs. The response includes distribution IDs
     #   in the list that occur after the marker. To get the next page of the
-    #   list, set this field’s value to the value of `NextMarker` from the
-    #   current page’s response.
+    #   list, set this field's value to the value of `NextMarker` from the
+    #   current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of distribution IDs that you want in the response.
@@ -4850,8 +5623,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of distribution IDs. The response includes distribution IDs
     #   in the list that occur after the marker. To get the next page of the
-    #   list, set this field’s value to the value of `NextMarker` from the
-    #   current page’s response.
+    #   list, set this field's value to the value of `NextMarker` from the
+    #   current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of distribution IDs that you want in the response.
@@ -4892,7 +5665,7 @@ module Aws::CloudFront
     end
 
     # Gets a list of distribution IDs for distributions that have a cache
-    # behavior that’s associated with the specified origin request policy.
+    # behavior that's associated with the specified origin request policy.
     #
     # You can optionally specify the maximum number of items to receive in
     # the response. If the total number of items in the list exceeds the
@@ -4905,8 +5678,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of distribution IDs. The response includes distribution IDs
     #   in the list that occur after the marker. To get the next page of the
-    #   list, set this field’s value to the value of `NextMarker` from the
-    #   current page’s response.
+    #   list, set this field's value to the value of `NextMarker` from the
+    #   current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of distribution IDs that you want in the response.
@@ -4946,7 +5719,7 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Gets a list of distributions that have a cache behavior that’s
+    # Gets a list of distributions that have a cache behavior that's
     # associated with the specified real-time log configuration.
     #
     # You can specify the real-time log configuration by its name or its
@@ -4965,8 +5738,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of distributions. The response includes distributions in the
     #   list that occur after the marker. To get the next page of the list,
-    #   set this field’s value to the value of `NextMarker` from the current
-    #   page’s response.
+    #   set this field's value to the value of `NextMarker` from the current
+    #   page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of distributions that you want in the response.
@@ -5030,6 +5803,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
     #   resp.distribution_list.items[0].origin_groups.quantity #=> Integer
     #   resp.distribution_list.items[0].origin_groups.items #=> Array
     #   resp.distribution_list.items[0].origin_groups.items[0].id #=> String
@@ -5155,11 +5929,12 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].restrictions.geo_restriction.items #=> Array
     #   resp.distribution_list.items[0].restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution_list.items[0].web_acl_id #=> String
-    #   resp.distribution_list.items[0].http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution_list.items[0].http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution_list.items[0].is_ipv6_enabled #=> Boolean
     #   resp.distribution_list.items[0].alias_icp_recordals #=> Array
     #   resp.distribution_list.items[0].alias_icp_recordals[0].cname #=> String
     #   resp.distribution_list.items[0].alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
+    #   resp.distribution_list.items[0].staging #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributionsByRealtimeLogConfig AWS API Documentation
     #
@@ -5171,7 +5946,8 @@ module Aws::CloudFront
     end
 
     # Gets a list of distribution IDs for distributions that have a cache
-    # behavior that’s associated with the specified response headers policy.
+    # behavior that's associated with the specified response headers
+    # policy.
     #
     # You can optionally specify the maximum number of items to receive in
     # the response. If the total number of items in the list exceeds the
@@ -5184,8 +5960,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of distribution IDs. The response includes distribution IDs
     #   in the list that occur after the marker. To get the next page of the
-    #   list, set this field’s value to the value of `NextMarker` from the
-    #   current page’s response.
+    #   list, set this field's value to the value of `NextMarker` from the
+    #   current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of distribution IDs that you want to get in the
@@ -5296,6 +6072,7 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].origins.items[0].connection_timeout #=> Integer
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution_list.items[0].origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution_list.items[0].origins.items[0].origin_access_control_id #=> String
     #   resp.distribution_list.items[0].origin_groups.quantity #=> Integer
     #   resp.distribution_list.items[0].origin_groups.items #=> Array
     #   resp.distribution_list.items[0].origin_groups.items[0].id #=> String
@@ -5421,11 +6198,12 @@ module Aws::CloudFront
     #   resp.distribution_list.items[0].restrictions.geo_restriction.items #=> Array
     #   resp.distribution_list.items[0].restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution_list.items[0].web_acl_id #=> String
-    #   resp.distribution_list.items[0].http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution_list.items[0].http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution_list.items[0].is_ipv6_enabled #=> Boolean
     #   resp.distribution_list.items[0].alias_icp_recordals #=> Array
     #   resp.distribution_list.items[0].alias_icp_recordals[0].cname #=> String
     #   resp.distribution_list.items[0].alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
+    #   resp.distribution_list.items[0].staging #=> Boolean
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListDistributionsByWebACLId AWS API Documentation
     #
@@ -5561,8 +6339,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of functions. The response includes functions in the list
     #   that occur after the marker. To get the next page of the list, set
-    #   this field’s value to the value of `NextMarker` from the current
-    #   page’s response.
+    #   this field's value to the value of `NextMarker` from the current
+    #   page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of functions that you want in the response.
@@ -5592,7 +6370,7 @@ module Aws::CloudFront
     #   resp.function_list.items[0].name #=> String
     #   resp.function_list.items[0].status #=> String
     #   resp.function_list.items[0].function_config.comment #=> String
-    #   resp.function_list.items[0].function_config.runtime #=> String, one of "cloudfront-js-1.0"
+    #   resp.function_list.items[0].function_config.runtime #=> String, one of "cloudfront-js-1.0", "cloudfront-js-2.0"
     #   resp.function_list.items[0].function_metadata.function_arn #=> String
     #   resp.function_list.items[0].function_metadata.stage #=> String, one of "DEVELOPMENT", "LIVE"
     #   resp.function_list.items[0].function_metadata.created_time #=> Time
@@ -5674,8 +6452,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of key groups. The response includes key groups in the list
     #   that occur after the marker. To get the next page of the list, set
-    #   this field’s value to the value of `NextMarker` from the current
-    #   page’s response.
+    #   this field's value to the value of `NextMarker` from the current
+    #   page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of key groups that you want in the response.
@@ -5713,6 +6491,62 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Gets the list of CloudFront origin access controls in this Amazon Web
+    # Services account.
+    #
+    # You can optionally specify the maximum number of items to receive in
+    # the response. If the total number of items in the list exceeds the
+    # maximum that you specify, or the default maximum, the response is
+    # paginated. To get the next page of items, send another request that
+    # specifies the `NextMarker` value from the current response as the
+    # `Marker` value in the next request.
+    #
+    # @option params [String] :marker
+    #   Use this field when paginating results to indicate where to begin in
+    #   your list of origin access controls. The response includes the items
+    #   in the list that occur after the marker. To get the next page of the
+    #   list, set this field's value to the value of `NextMarker` from the
+    #   current page's response.
+    #
+    # @option params [Integer] :max_items
+    #   The maximum number of origin access controls that you want in the
+    #   response.
+    #
+    # @return [Types::ListOriginAccessControlsResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::ListOriginAccessControlsResult#origin_access_control_list #origin_access_control_list} => Types::OriginAccessControlList
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.list_origin_access_controls({
+    #     marker: "string",
+    #     max_items: 1,
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.origin_access_control_list.marker #=> String
+    #   resp.origin_access_control_list.next_marker #=> String
+    #   resp.origin_access_control_list.max_items #=> Integer
+    #   resp.origin_access_control_list.is_truncated #=> Boolean
+    #   resp.origin_access_control_list.quantity #=> Integer
+    #   resp.origin_access_control_list.items #=> Array
+    #   resp.origin_access_control_list.items[0].id #=> String
+    #   resp.origin_access_control_list.items[0].description #=> String
+    #   resp.origin_access_control_list.items[0].name #=> String
+    #   resp.origin_access_control_list.items[0].signing_protocol #=> String, one of "sigv4"
+    #   resp.origin_access_control_list.items[0].signing_behavior #=> String, one of "never", "always", "no-override"
+    #   resp.origin_access_control_list.items[0].origin_access_control_origin_type #=> String, one of "s3", "mediastore"
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListOriginAccessControls AWS API Documentation
+    #
+    # @overload list_origin_access_controls(params = {})
+    # @param [Hash] params ({})
+    def list_origin_access_controls(params = {}, options = {})
+      req = build_request(:list_origin_access_controls, params)
+      req.send_request(options)
+    end
+
     # Gets a list of origin request policies.
     #
     # You can optionally apply a filter to return only the managed policies
@@ -5740,8 +6574,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of origin request policies. The response includes origin
     #   request policies in the list that occur after the marker. To get the
-    #   next page of the list, set this field’s value to the value of
-    #   `NextMarker` from the current page’s response.
+    #   next page of the list, set this field's value to the value of
+    #   `NextMarker` from the current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of origin request policies that you want in the
@@ -5770,15 +6604,15 @@ module Aws::CloudFront
     #   resp.origin_request_policy_list.items[0].origin_request_policy.last_modified_time #=> Time
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.comment #=> String
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.name #=> String
-    #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront"
+    #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront", "allExcept"
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.headers_config.headers.quantity #=> Integer
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.headers_config.headers.items #=> Array
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.headers_config.headers.items[0] #=> String
-    #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.cookies_config.cookies.quantity #=> Integer
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.cookies_config.cookies.items #=> Array
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.cookies_config.cookies.items[0] #=> String
-    #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.quantity #=> Integer
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items #=> Array
     #   resp.origin_request_policy_list.items[0].origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items[0] #=> String
@@ -5854,8 +6688,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of real-time log configurations. The response includes
     #   real-time log configurations in the list that occur after the marker.
-    #   To get the next page of the list, set this field’s value to the value
-    #   of `NextMarker` from the current page’s response.
+    #   To get the next page of the list, set this field's value to the value
+    #   of `NextMarker` from the current page's response.
     #
     # @return [Types::ListRealtimeLogConfigsResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -5921,8 +6755,8 @@ module Aws::CloudFront
     #   Use this field when paginating results to indicate where to begin in
     #   your list of response headers policies. The response includes response
     #   headers policies in the list that occur after the marker. To get the
-    #   next page of the list, set this field’s value to the value of
-    #   `NextMarker` from the current page’s response.
+    #   next page of the list, set this field's value to the value of
+    #   `NextMarker` from the current page's response.
     #
     # @option params [Integer] :max_items
     #   The maximum number of response headers policies that you want to get
@@ -5981,11 +6815,16 @@ module Aws::CloudFront
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.include_subdomains #=> Boolean
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.preload #=> Boolean
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.access_control_max_age_sec #=> Integer
+    #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.server_timing_headers_config.enabled #=> Boolean
+    #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.server_timing_headers_config.sampling_rate #=> Float
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.custom_headers_config.quantity #=> Integer
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.custom_headers_config.items #=> Array
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].header #=> String
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].value #=> String
     #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].override #=> Boolean
+    #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.remove_headers_config.quantity #=> Integer
+    #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.remove_headers_config.items #=> Array
+    #   resp.response_headers_policy_list.items[0].response_headers_policy.response_headers_policy_config.remove_headers_config.items[0].header #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/ListResponseHeadersPolicies AWS API Documentation
     #
@@ -6088,10 +6927,10 @@ module Aws::CloudFront
     # in the `LIVE` stage.
     #
     # When a function is published to the `LIVE` stage, you can attach the
-    # function to a distribution’s cache behavior, using the function’s
+    # function to a distribution's cache behavior, using the function's
     # Amazon Resource Name (ARN).
     #
-    # To publish a function, you must provide the function’s name and
+    # To publish a function, you must provide the function's name and
     # version (`ETag` value). To get these values, you can use
     # `ListFunctions` and `DescribeFunction`.
     #
@@ -6118,7 +6957,7 @@ module Aws::CloudFront
     #   resp.function_summary.name #=> String
     #   resp.function_summary.status #=> String
     #   resp.function_summary.function_config.comment #=> String
-    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0"
+    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0", "cloudfront-js-2.0"
     #   resp.function_summary.function_metadata.function_arn #=> String
     #   resp.function_summary.function_metadata.stage #=> String, one of "DEVELOPMENT", "LIVE"
     #   resp.function_summary.function_metadata.created_time #=> Time
@@ -6171,15 +7010,15 @@ module Aws::CloudFront
     # To test a function, you provide an *event object* that represents an
     # HTTP request or response that your CloudFront distribution could
     # receive in production. CloudFront runs the function, passing it the
-    # event object that you provided, and returns the function’s result (the
-    # modified event object) in the response. The response also contains
-    # function logs and error messages, if any exist. For more information
-    # about testing functions, see [Testing functions][1] in the *Amazon
-    # CloudFront Developer Guide*.
+    # event object that you provided, and returns the function's result
+    # (the modified event object) in the response. The response also
+    # contains function logs and error messages, if any exist. For more
+    # information about testing functions, see [Testing functions][1] in the
+    # *Amazon CloudFront Developer Guide*.
     #
-    # To test a function, you provide the function’s name and version
-    # (`ETag` value) along with the event object. To get the function’s name
-    # and version, you can use `ListFunctions` and `DescribeFunction`.
+    # To test a function, you provide the function's name and version
+    # (`ETag` value) along with the event object. To get the function's
+    # name and version, you can use `ListFunctions` and `DescribeFunction`.
     #
     #
     #
@@ -6223,7 +7062,7 @@ module Aws::CloudFront
     #   resp.test_result.function_summary.name #=> String
     #   resp.test_result.function_summary.status #=> String
     #   resp.test_result.function_summary.function_config.comment #=> String
-    #   resp.test_result.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0"
+    #   resp.test_result.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0", "cloudfront-js-2.0"
     #   resp.test_result.function_summary.function_metadata.function_arn #=> String
     #   resp.test_result.function_summary.function_metadata.stage #=> String, one of "DEVELOPMENT", "LIVE"
     #   resp.test_result.function_summary.function_metadata.created_time #=> Time
@@ -6285,19 +7124,19 @@ module Aws::CloudFront
     #
     # 3.  Call `UpdateCachePolicy` by providing the entire cache policy
     #     configuration, including the fields that you modified and those
-    #     that you didn’t.
+    #     that you didn't.
     #
     # @option params [required, Types::CachePolicyConfig] :cache_policy_config
     #   A cache policy configuration.
     #
     # @option params [required, String] :id
     #   The unique identifier for the cache policy that you are updating. The
-    #   identifier is returned in a cache behavior’s `CachePolicyId` field in
+    #   identifier is returned in a cache behavior's `CachePolicyId` field in
     #   the response to `GetDistributionConfig`.
     #
     # @option params [String] :if_match
     #   The version of the cache policy that you are updating. The version is
-    #   returned in the cache policy’s `ETag` field in the response to
+    #   returned in the cache policy's `ETag` field in the response to
     #   `GetCachePolicyConfig`.
     #
     # @return [Types::UpdateCachePolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -6423,82 +7262,122 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
-    # Updates the configuration for a web distribution.
-    #
-    # When you update a distribution, there are more required fields than
-    # when you create a distribution. When you update your distribution by
-    # using this API action, follow the steps here to get the current
-    # configuration and then make your updates, to make sure that you
-    # include all of the required fields. To view a summary, see [Required
-    # Fields for Create Distribution and Update Distribution][1] in the
-    # *Amazon CloudFront Developer Guide*.
+    # Updates a continuous deployment policy. You can update a continuous
+    # deployment policy to enable or disable it, to change the percentage of
+    # traffic that it sends to the staging distribution, or to change the
+    # staging distribution that it sends traffic to.
     #
-    # The update process includes getting the current distribution
-    # configuration, updating the XML document that is returned to make your
-    # changes, and then submitting an `UpdateDistribution` request to make
-    # the updates.
+    # When you update a continuous deployment policy configuration, all the
+    # fields are updated with the values that are provided in the request.
+    # You cannot update some fields independent of others. To update a
+    # continuous deployment policy configuration:
     #
-    # For information about updating a distribution using the CloudFront
-    # console instead, see [Creating a Distribution][2] in the *Amazon
-    # CloudFront Developer Guide*.
+    # 1.  Use `GetContinuousDeploymentPolicyConfig` to get the current
+    #     configuration.
     #
-    # **To update a web distribution using the CloudFront API**
+    # 2.  Locally modify the fields in the continuous deployment policy
+    #     configuration that you want to update.
+    #
+    # 3.  Use `UpdateContinuousDeploymentPolicy`, providing the entire
+    #     continuous deployment policy configuration, including the fields
+    #     that you modified and those that you didn't.
     #
-    # 1.  Submit a [GetDistributionConfig][3] request to get the current
-    #     configuration and an `Etag` header for the distribution.
+    # @option params [required, Types::ContinuousDeploymentPolicyConfig] :continuous_deployment_policy_config
+    #   The continuous deployment policy configuration.
+    #
+    # @option params [required, String] :id
+    #   The identifier of the continuous deployment policy that you are
+    #   updating.
     #
-    #     <note markdown="1"> If you update the distribution again, you must get a new `Etag`
-    #     header.
+    # @option params [String] :if_match
+    #   The current version (`ETag` value) of the continuous deployment policy
+    #   that you are updating.
     #
-    #      </note>
+    # @return [Types::UpdateContinuousDeploymentPolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
-    # 2.  Update the XML document that was returned in the response to your
-    #     `GetDistributionConfig` request to include your changes.
+    #   * {Types::UpdateContinuousDeploymentPolicyResult#continuous_deployment_policy #continuous_deployment_policy} => Types::ContinuousDeploymentPolicy
+    #   * {Types::UpdateContinuousDeploymentPolicyResult#etag #etag} => String
     #
-    #     When you edit the XML file, be aware of the following:
+    # @example Request syntax with placeholder values
     #
-    #      * You must strip out the ETag parameter that is returned.
+    #   resp = client.update_continuous_deployment_policy({
+    #     continuous_deployment_policy_config: { # required
+    #       staging_distribution_dns_names: { # required
+    #         quantity: 1, # required
+    #         items: ["string"],
+    #       },
+    #       enabled: false, # required
+    #       traffic_config: {
+    #         single_weight_config: {
+    #           weight: 1.0, # required
+    #           session_stickiness_config: {
+    #             idle_ttl: 1, # required
+    #             maximum_ttl: 1, # required
+    #           },
+    #         },
+    #         single_header_config: {
+    #           header: "string", # required
+    #           value: "string", # required
+    #         },
+    #         type: "SingleWeight", # required, accepts SingleWeight, SingleHeader
+    #       },
+    #     },
+    #     id: "string", # required
+    #     if_match: "string",
+    #   })
     #
-    #     * Additional fields are required when you update a distribution.
-    #       There may be fields included in the XML file for features that
-    #       you haven't configured for your distribution. This is expected
-    #       and required to successfully update the distribution.
+    # @example Response structure
     #
-    #     * You can't change the value of `CallerReference`. If you try to
-    #       change this value, CloudFront returns an `IllegalUpdate` error.
+    #   resp.continuous_deployment_policy.id #=> String
+    #   resp.continuous_deployment_policy.last_modified_time #=> Time
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.quantity #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items #=> Array
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.staging_distribution_dns_names.items[0] #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.enabled #=> Boolean
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.weight #=> Float
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.idle_ttl #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_weight_config.session_stickiness_config.maximum_ttl #=> Integer
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.header #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.single_header_config.value #=> String
+    #   resp.continuous_deployment_policy.continuous_deployment_policy_config.traffic_config.type #=> String, one of "SingleWeight", "SingleHeader"
+    #   resp.etag #=> String
     #
-    #     * The new configuration replaces the existing configuration; the
-    #       values that you specify in an `UpdateDistribution` request are
-    #       not merged into your existing configuration. When you add,
-    #       delete, or replace values in an element that allows multiple
-    #       values (for example, `CNAME`), you must specify all of the
-    #       values that you want to appear in the updated distribution. In
-    #       addition, you must update the corresponding `Quantity` element.
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateContinuousDeploymentPolicy AWS API Documentation
     #
-    # 3.  Submit an `UpdateDistribution` request to update the configuration
-    #     for your distribution:
+    # @overload update_continuous_deployment_policy(params = {})
+    # @param [Hash] params ({})
+    def update_continuous_deployment_policy(params = {}, options = {})
+      req = build_request(:update_continuous_deployment_policy, params)
+      req.send_request(options)
+    end
+
+    # Updates the configuration for a CloudFront distribution.
     #
-    #     * In the request body, include the XML document that you updated
-    #       in Step 2. The request body must include an XML document with a
-    #       `DistributionConfig` element.
+    # The update process includes getting the current distribution
+    # configuration, updating it to make your changes, and then submitting
+    # an `UpdateDistribution` request to make the updates.
     #
-    #     * Set the value of the HTTP `If-Match` header to the value of the
-    #       `ETag` header that CloudFront returned when you submitted the
-    #       `GetDistributionConfig` request in Step 1.
+    # **To update a web distribution using the CloudFront API**
     #
-    # 4.  Review the response to the `UpdateDistribution` request to confirm
-    #     that the configuration was successfully updated.
+    # 1.  Use `GetDistributionConfig` to get the current configuration,
+    #     including the version identifier (`ETag`).
     #
-    # 5.  Optional: Submit a [GetDistribution][4] request to confirm that
-    #     your changes have propagated. When propagation is complete, the
-    #     value of `Status` is `Deployed`.
+    # 2.  Update the distribution configuration that was returned in the
+    #     response. Note the following important requirements and
+    #     restrictions:
     #
+    #     * You must rename the `ETag` field to `IfMatch`, leaving the value
+    #       unchanged. (Set the value of `IfMatch` to the value of `ETag`,
+    #       then remove the `ETag` field.)
     #
+    #     * You can't change the value of `CallerReference`.
     #
-    # [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-overview-required-fields.html
-    # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-creating-console.html
-    # [3]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistributionConfig.html
-    # [4]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistribution.html
+    # 3.  Submit an `UpdateDistribution` request, providing the distribution
+    #     configuration. The new configuration replaces the existing
+    #     configuration. The values that you specify in an
+    #     `UpdateDistribution` request are not merged into your existing
+    #     configuration. Make sure to include all fields: the ones that you
+    #     modified and also the ones that you didn't.
     #
     # @option params [required, Types::DistributionConfig] :distribution_config
     #   The distribution's configuration information.
@@ -6561,6 +7440,7 @@ module Aws::CloudFront
     #               enabled: false, # required
     #               origin_shield_region: "OriginShieldRegion",
     #             },
+    #             origin_access_control_id: "string",
     #           },
     #         ],
     #       },
@@ -6767,8 +7647,10 @@ module Aws::CloudFront
     #         },
     #       },
     #       web_acl_id: "string",
-    #       http_version: "http1.1", # accepts http1.1, http2
+    #       http_version: "http1.1", # accepts http1.1, http2, http3, http2and3
     #       is_ipv6_enabled: false,
+    #       continuous_deployment_policy_id: "string",
+    #       staging: false,
     #     },
     #     id: "string", # required
     #     if_match: "string",
@@ -6823,6 +7705,7 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
     #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
     #   resp.distribution.distribution_config.origin_groups.quantity #=> Integer
     #   resp.distribution.distribution_config.origin_groups.items #=> Array
     #   resp.distribution.distribution_config.origin_groups.items[0].id #=> String
@@ -6952,8 +7835,10 @@ module Aws::CloudFront
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items #=> Array
     #   resp.distribution.distribution_config.restrictions.geo_restriction.items[0] #=> String
     #   resp.distribution.distribution_config.web_acl_id #=> String
-    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2"
+    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
     #   resp.distribution.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution.distribution_config.staging #=> Boolean
     #   resp.distribution.alias_icp_recordals #=> Array
     #   resp.distribution.alias_icp_recordals[0].cname #=> String
     #   resp.distribution.alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
@@ -6968,6 +7853,256 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Copies the staging distribution's configuration to its corresponding
+    # primary distribution. The primary distribution retains its `Aliases`
+    # (also known as alternate domain names or CNAMEs) and
+    # `ContinuousDeploymentPolicyId` value, but otherwise its configuration
+    # is overwritten to match the staging distribution.
+    #
+    # You can use this operation in a continuous deployment workflow after
+    # you have tested configuration changes on the staging distribution.
+    # After using a continuous deployment policy to move a portion of your
+    # domain name's traffic to the staging distribution and verifying that
+    # it works as intended, you can use this operation to copy the staging
+    # distribution's configuration to the primary distribution. This action
+    # will disable the continuous deployment policy and move your domain's
+    # traffic back to the primary distribution.
+    #
+    # This API operation requires the following IAM permissions:
+    #
+    # * [GetDistribution][1]
+    #
+    # * [UpdateDistribution][2]
+    #
+    #
+    #
+    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_GetDistribution.html
+    # [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_UpdateDistribution.html
+    #
+    # @option params [required, String] :id
+    #   The identifier of the primary distribution to which you are copying a
+    #   staging distribution's configuration.
+    #
+    # @option params [String] :staging_distribution_id
+    #   The identifier of the staging distribution whose configuration you are
+    #   copying to the primary distribution.
+    #
+    # @option params [String] :if_match
+    #   The current versions (`ETag` values) of both primary and staging
+    #   distributions. Provide these in the following format:
+    #
+    #   `<primary ETag>, <staging ETag>`
+    #
+    # @return [Types::UpdateDistributionWithStagingConfigResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::UpdateDistributionWithStagingConfigResult#distribution #distribution} => Types::Distribution
+    #   * {Types::UpdateDistributionWithStagingConfigResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_distribution_with_staging_config({
+    #     id: "string", # required
+    #     staging_distribution_id: "string",
+    #     if_match: "string",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.distribution.id #=> String
+    #   resp.distribution.arn #=> String
+    #   resp.distribution.status #=> String
+    #   resp.distribution.last_modified_time #=> Time
+    #   resp.distribution.in_progress_invalidation_batches #=> Integer
+    #   resp.distribution.domain_name #=> String
+    #   resp.distribution.active_trusted_signers.enabled #=> Boolean
+    #   resp.distribution.active_trusted_signers.quantity #=> Integer
+    #   resp.distribution.active_trusted_signers.items #=> Array
+    #   resp.distribution.active_trusted_signers.items[0].aws_account_number #=> String
+    #   resp.distribution.active_trusted_signers.items[0].key_pair_ids.quantity #=> Integer
+    #   resp.distribution.active_trusted_signers.items[0].key_pair_ids.items #=> Array
+    #   resp.distribution.active_trusted_signers.items[0].key_pair_ids.items[0] #=> String
+    #   resp.distribution.active_trusted_key_groups.enabled #=> Boolean
+    #   resp.distribution.active_trusted_key_groups.quantity #=> Integer
+    #   resp.distribution.active_trusted_key_groups.items #=> Array
+    #   resp.distribution.active_trusted_key_groups.items[0].key_group_id #=> String
+    #   resp.distribution.active_trusted_key_groups.items[0].key_pair_ids.quantity #=> Integer
+    #   resp.distribution.active_trusted_key_groups.items[0].key_pair_ids.items #=> Array
+    #   resp.distribution.active_trusted_key_groups.items[0].key_pair_ids.items[0] #=> String
+    #   resp.distribution.distribution_config.caller_reference #=> String
+    #   resp.distribution.distribution_config.aliases.quantity #=> Integer
+    #   resp.distribution.distribution_config.aliases.items #=> Array
+    #   resp.distribution.distribution_config.aliases.items[0] #=> String
+    #   resp.distribution.distribution_config.default_root_object #=> String
+    #   resp.distribution.distribution_config.origins.quantity #=> Integer
+    #   resp.distribution.distribution_config.origins.items #=> Array
+    #   resp.distribution.distribution_config.origins.items[0].id #=> String
+    #   resp.distribution.distribution_config.origins.items[0].domain_name #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_path #=> String
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.quantity #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.items #=> Array
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_name #=> String
+    #   resp.distribution.distribution_config.origins.items[0].custom_headers.items[0].header_value #=> String
+    #   resp.distribution.distribution_config.origins.items[0].s3_origin_config.origin_access_identity #=> String
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.http_port #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.https_port #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_protocol_policy #=> String, one of "http-only", "match-viewer", "https-only"
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_ssl_protocols.quantity #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_ssl_protocols.items #=> Array
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_ssl_protocols.items[0] #=> String, one of "SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_read_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].custom_origin_config.origin_keepalive_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].connection_attempts #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].connection_timeout #=> Integer
+    #   resp.distribution.distribution_config.origins.items[0].origin_shield.enabled #=> Boolean
+    #   resp.distribution.distribution_config.origins.items[0].origin_shield.origin_shield_region #=> String
+    #   resp.distribution.distribution_config.origins.items[0].origin_access_control_id #=> String
+    #   resp.distribution.distribution_config.origin_groups.quantity #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items #=> Array
+    #   resp.distribution.distribution_config.origin_groups.items[0].id #=> String
+    #   resp.distribution.distribution_config.origin_groups.items[0].failover_criteria.status_codes.quantity #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items[0].failover_criteria.status_codes.items #=> Array
+    #   resp.distribution.distribution_config.origin_groups.items[0].failover_criteria.status_codes.items[0] #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items[0].members.quantity #=> Integer
+    #   resp.distribution.distribution_config.origin_groups.items[0].members.items #=> Array
+    #   resp.distribution.distribution_config.origin_groups.items[0].members.items[0].origin_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.target_origin_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.enabled #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_signers.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.enabled #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.trusted_key_groups.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.viewer_protocol_policy #=> String, one of "allow-all", "https-only", "redirect-to-https"
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.cached_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.cached_methods.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.allowed_methods.cached_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.default_cache_behavior.smooth_streaming #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.compress #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items[0].lambda_function_arn #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.default_cache_behavior.lambda_function_associations.items[0].include_body #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.items[0].function_arn #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.default_cache_behavior.field_level_encryption_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.realtime_log_config_arn #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.cache_policy_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.origin_request_policy_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.response_headers_policy_id #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string #=> Boolean
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.forward #=> String, one of "none", "whitelist", "all"
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.whitelisted_names.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.whitelisted_names.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.cookies.whitelisted_names.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.headers.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.headers.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.headers.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string_cache_keys.quantity #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string_cache_keys.items #=> Array
+    #   resp.distribution.distribution_config.default_cache_behavior.forwarded_values.query_string_cache_keys.items[0] #=> String
+    #   resp.distribution.distribution_config.default_cache_behavior.min_ttl #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.default_ttl #=> Integer
+    #   resp.distribution.distribution_config.default_cache_behavior.max_ttl #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].path_pattern #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].target_origin_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.enabled #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_signers.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.enabled #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].trusted_key_groups.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].viewer_protocol_policy #=> String, one of "allow-all", "https-only", "redirect-to-https"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.cached_methods.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.cached_methods.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].allowed_methods.cached_methods.items[0] #=> String, one of "GET", "HEAD", "POST", "PUT", "PATCH", "OPTIONS", "DELETE"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].smooth_streaming #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].compress #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items[0].lambda_function_arn #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].lambda_function_associations.items[0].include_body #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.items[0].function_arn #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].function_associations.items[0].event_type #=> String, one of "viewer-request", "viewer-response", "origin-request", "origin-response"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].field_level_encryption_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].realtime_log_config_arn #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].cache_policy_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].origin_request_policy_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].response_headers_policy_id #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string #=> Boolean
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.forward #=> String, one of "none", "whitelist", "all"
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.whitelisted_names.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.whitelisted_names.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.cookies.whitelisted_names.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.headers.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.headers.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.headers.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string_cache_keys.quantity #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string_cache_keys.items #=> Array
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].forwarded_values.query_string_cache_keys.items[0] #=> String
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].min_ttl #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].default_ttl #=> Integer
+    #   resp.distribution.distribution_config.cache_behaviors.items[0].max_ttl #=> Integer
+    #   resp.distribution.distribution_config.custom_error_responses.quantity #=> Integer
+    #   resp.distribution.distribution_config.custom_error_responses.items #=> Array
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].error_code #=> Integer
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].response_page_path #=> String
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].response_code #=> String
+    #   resp.distribution.distribution_config.custom_error_responses.items[0].error_caching_min_ttl #=> Integer
+    #   resp.distribution.distribution_config.comment #=> String
+    #   resp.distribution.distribution_config.logging.enabled #=> Boolean
+    #   resp.distribution.distribution_config.logging.include_cookies #=> Boolean
+    #   resp.distribution.distribution_config.logging.bucket #=> String
+    #   resp.distribution.distribution_config.logging.prefix #=> String
+    #   resp.distribution.distribution_config.price_class #=> String, one of "PriceClass_100", "PriceClass_200", "PriceClass_All"
+    #   resp.distribution.distribution_config.enabled #=> Boolean
+    #   resp.distribution.distribution_config.viewer_certificate.cloud_front_default_certificate #=> Boolean
+    #   resp.distribution.distribution_config.viewer_certificate.iam_certificate_id #=> String
+    #   resp.distribution.distribution_config.viewer_certificate.acm_certificate_arn #=> String
+    #   resp.distribution.distribution_config.viewer_certificate.ssl_support_method #=> String, one of "sni-only", "vip", "static-ip"
+    #   resp.distribution.distribution_config.viewer_certificate.minimum_protocol_version #=> String, one of "SSLv3", "TLSv1", "TLSv1_2016", "TLSv1.1_2016", "TLSv1.2_2018", "TLSv1.2_2019", "TLSv1.2_2021"
+    #   resp.distribution.distribution_config.viewer_certificate.certificate #=> String
+    #   resp.distribution.distribution_config.viewer_certificate.certificate_source #=> String, one of "cloudfront", "iam", "acm"
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.restriction_type #=> String, one of "blacklist", "whitelist", "none"
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.quantity #=> Integer
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.items #=> Array
+    #   resp.distribution.distribution_config.restrictions.geo_restriction.items[0] #=> String
+    #   resp.distribution.distribution_config.web_acl_id #=> String
+    #   resp.distribution.distribution_config.http_version #=> String, one of "http1.1", "http2", "http3", "http2and3"
+    #   resp.distribution.distribution_config.is_ipv6_enabled #=> Boolean
+    #   resp.distribution.distribution_config.continuous_deployment_policy_id #=> String
+    #   resp.distribution.distribution_config.staging #=> Boolean
+    #   resp.distribution.alias_icp_recordals #=> Array
+    #   resp.distribution.alias_icp_recordals[0].cname #=> String
+    #   resp.distribution.alias_icp_recordals[0].icp_recordal_status #=> String, one of "APPROVED", "SUSPENDED", "PENDING"
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateDistributionWithStagingConfig AWS API Documentation
+    #
+    # @overload update_distribution_with_staging_config(params = {})
+    # @param [Hash] params ({})
+    def update_distribution_with_staging_config(params = {}, options = {})
+      req = build_request(:update_distribution_with_staging_config, params)
+      req.send_request(options)
+    end
+
     # Update a field-level encryption configuration.
     #
     # @option params [required, Types::FieldLevelEncryptionConfig] :field_level_encryption_config
@@ -7118,10 +8253,10 @@ module Aws::CloudFront
 
     # Updates a CloudFront function.
     #
-    # You can update a function’s code or the comment that describes the
-    # function. You cannot update a function’s name.
+    # You can update a function's code or the comment that describes the
+    # function. You cannot update a function's name.
     #
-    # To update a function, you provide the function’s name and version
+    # To update a function, you provide the function's name and version
     # (`ETag` value) along with the updated function code. To get the name
     # and version, you can use `ListFunctions` and `DescribeFunction`.
     #
@@ -7156,7 +8291,7 @@ module Aws::CloudFront
     #     if_match: "string", # required
     #     function_config: { # required
     #       comment: "string", # required
-    #       runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0
+    #       runtime: "cloudfront-js-1.0", # required, accepts cloudfront-js-1.0, cloudfront-js-2.0
     #     },
     #     function_code: "data", # required
     #   })
@@ -7166,7 +8301,7 @@ module Aws::CloudFront
     #   resp.function_summary.name #=> String
     #   resp.function_summary.status #=> String
     #   resp.function_summary.function_config.comment #=> String
-    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0"
+    #   resp.function_summary.function_config.runtime #=> String, one of "cloudfront-js-1.0", "cloudfront-js-2.0"
     #   resp.function_summary.function_metadata.function_arn #=> String
     #   resp.function_summary.function_metadata.stage #=> String, one of "DEVELOPMENT", "LIVE"
     #   resp.function_summary.function_metadata.created_time #=> Time
@@ -7195,7 +8330,7 @@ module Aws::CloudFront
     #     update. For example, add or remove public key IDs.
     #
     # 3.  Call `UpdateKeyGroup` with the entire key group object, including
-    #     the fields that you modified and those that you didn’t.
+    #     the fields that you modified and those that you didn't.
     #
     # @option params [required, Types::KeyGroupConfig] :key_group_config
     #   The key group configuration.
@@ -7205,7 +8340,7 @@ module Aws::CloudFront
     #
     # @option params [String] :if_match
     #   The version of the key group that you are updating. The version is the
-    #   key group’s `ETag` value.
+    #   key group's `ETag` value.
     #
     # @return [Types::UpdateKeyGroupResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -7243,6 +8378,57 @@ module Aws::CloudFront
       req.send_request(options)
     end
 
+    # Updates a CloudFront origin access control.
+    #
+    # @option params [required, Types::OriginAccessControlConfig] :origin_access_control_config
+    #   An origin access control.
+    #
+    # @option params [required, String] :id
+    #   The unique identifier of the origin access control that you are
+    #   updating.
+    #
+    # @option params [String] :if_match
+    #   The current version (`ETag` value) of the origin access control that
+    #   you are updating.
+    #
+    # @return [Types::UpdateOriginAccessControlResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
+    #
+    #   * {Types::UpdateOriginAccessControlResult#origin_access_control #origin_access_control} => Types::OriginAccessControl
+    #   * {Types::UpdateOriginAccessControlResult#etag #etag} => String
+    #
+    # @example Request syntax with placeholder values
+    #
+    #   resp = client.update_origin_access_control({
+    #     origin_access_control_config: { # required
+    #       name: "string", # required
+    #       description: "string",
+    #       signing_protocol: "sigv4", # required, accepts sigv4
+    #       signing_behavior: "never", # required, accepts never, always, no-override
+    #       origin_access_control_origin_type: "s3", # required, accepts s3, mediastore
+    #     },
+    #     id: "string", # required
+    #     if_match: "string",
+    #   })
+    #
+    # @example Response structure
+    #
+    #   resp.origin_access_control.id #=> String
+    #   resp.origin_access_control.origin_access_control_config.name #=> String
+    #   resp.origin_access_control.origin_access_control_config.description #=> String
+    #   resp.origin_access_control.origin_access_control_config.signing_protocol #=> String, one of "sigv4"
+    #   resp.origin_access_control.origin_access_control_config.signing_behavior #=> String, one of "never", "always", "no-override"
+    #   resp.origin_access_control.origin_access_control_config.origin_access_control_origin_type #=> String, one of "s3", "mediastore"
+    #   resp.etag #=> String
+    #
+    # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateOriginAccessControl AWS API Documentation
+    #
+    # @overload update_origin_access_control(params = {})
+    # @param [Hash] params ({})
+    def update_origin_access_control(params = {}, options = {})
+      req = build_request(:update_origin_access_control, params)
+      req.send_request(options)
+    end
+
     # Updates an origin request policy configuration.
     #
     # When you update an origin request policy configuration, all the fields
@@ -7258,21 +8444,21 @@ module Aws::CloudFront
     #
     # 3.  Call `UpdateOriginRequestPolicy` by providing the entire origin
     #     request policy configuration, including the fields that you
-    #     modified and those that you didn’t.
+    #     modified and those that you didn't.
     #
     # @option params [required, Types::OriginRequestPolicyConfig] :origin_request_policy_config
     #   An origin request policy configuration.
     #
     # @option params [required, String] :id
     #   The unique identifier for the origin request policy that you are
-    #   updating. The identifier is returned in a cache behavior’s
+    #   updating. The identifier is returned in a cache behavior's
     #   `OriginRequestPolicyId` field in the response to
     #   `GetDistributionConfig`.
     #
     # @option params [String] :if_match
     #   The version of the origin request policy that you are updating. The
-    #   version is returned in the origin request policy’s `ETag` field in the
-    #   response to `GetOriginRequestPolicyConfig`.
+    #   version is returned in the origin request policy's `ETag` field in
+    #   the response to `GetOriginRequestPolicyConfig`.
     #
     # @return [Types::UpdateOriginRequestPolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
     #
@@ -7286,21 +8472,21 @@ module Aws::CloudFront
     #       comment: "string",
     #       name: "string", # required
     #       headers_config: { # required
-    #         header_behavior: "none", # required, accepts none, whitelist, allViewer, allViewerAndWhitelistCloudFront
+    #         header_behavior: "none", # required, accepts none, whitelist, allViewer, allViewerAndWhitelistCloudFront, allExcept
     #         headers: {
     #           quantity: 1, # required
     #           items: ["string"],
     #         },
     #       },
     #       cookies_config: { # required
-    #         cookie_behavior: "none", # required, accepts none, whitelist, all
+    #         cookie_behavior: "none", # required, accepts none, whitelist, all, allExcept
     #         cookies: {
     #           quantity: 1, # required
     #           items: ["string"],
     #         },
     #       },
     #       query_strings_config: { # required
-    #         query_string_behavior: "none", # required, accepts none, whitelist, all
+    #         query_string_behavior: "none", # required, accepts none, whitelist, all, allExcept
     #         query_strings: {
     #           quantity: 1, # required
     #           items: ["string"],
@@ -7317,15 +8503,15 @@ module Aws::CloudFront
     #   resp.origin_request_policy.last_modified_time #=> Time
     #   resp.origin_request_policy.origin_request_policy_config.comment #=> String
     #   resp.origin_request_policy.origin_request_policy_config.name #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront"
+    #   resp.origin_request_policy.origin_request_policy_config.headers_config.header_behavior #=> String, one of "none", "whitelist", "allViewer", "allViewerAndWhitelistCloudFront", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.headers_config.headers.items[0] #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookie_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.cookies_config.cookies.items[0] #=> String
-    #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all"
+    #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_string_behavior #=> String, one of "none", "whitelist", "all", "allExcept"
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.quantity #=> Integer
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items #=> Array
     #   resp.origin_request_policy.origin_request_policy_config.query_strings_config.query_strings.items[0] #=> String
@@ -7405,9 +8591,9 @@ module Aws::CloudFront
     #
     # 3.  Call this API (`UpdateRealtimeLogConfig`) by providing the entire
     #     real-time log configuration, including the parameters that you
-    #     modified and those that you didn’t.
+    #     modified and those that you didn't.
     #
-    # You cannot update a real-time log configuration’s `Name` or `ARN`.
+    # You cannot update a real-time log configuration's `Name` or `ARN`.
     #
     # @option params [Array<Types::EndPoint>] :end_points
     #   Contains information about the Amazon Kinesis data stream where you
@@ -7484,7 +8670,7 @@ module Aws::CloudFront
     # replaced. You cannot update some policy fields independent of others.
     # To update a response headers policy configuration:
     #
-    # 1.  Use `GetResponseHeadersPolicyConfig` to get the current policy’s
+    # 1.  Use `GetResponseHeadersPolicyConfig` to get the current policy's
     #     configuration.
     #
     # 2.  Modify the fields in the response headers policy configuration
@@ -7492,7 +8678,7 @@ module Aws::CloudFront
     #
     # 3.  Call `UpdateResponseHeadersPolicy`, providing the entire response
     #     headers policy configuration, including the fields that you
-    #     modified and those that you didn’t.
+    #     modified and those that you didn't.
     #
     # @option params [required, Types::ResponseHeadersPolicyConfig] :response_headers_policy_config
     #   A response headers policy configuration.
@@ -7503,7 +8689,7 @@ module Aws::CloudFront
     # @option params [String] :if_match
     #   The version of the response headers policy that you are updating.
     #
-    #   The version is returned in the cache policy’s `ETag` field in the
+    #   The version is returned in the cache policy's `ETag` field in the
     #   response to `GetResponseHeadersPolicyConfig`.
     #
     # @return [Types::UpdateResponseHeadersPolicyResult] Returns a {Seahorse::Client::Response response} object which responds to the following methods:
@@ -7567,6 +8753,10 @@ module Aws::CloudFront
     #           access_control_max_age_sec: 1, # required
     #         },
     #       },
+    #       server_timing_headers_config: {
+    #         enabled: false, # required
+    #         sampling_rate: 1.0,
+    #       },
     #       custom_headers_config: {
     #         quantity: 1, # required
     #         items: [
@@ -7577,6 +8767,14 @@ module Aws::CloudFront
     #           },
     #         ],
     #       },
+    #       remove_headers_config: {
+    #         quantity: 1, # required
+    #         items: [
+    #           {
+    #             header: "string", # required
+    #           },
+    #         ],
+    #       },
     #     },
     #     id: "string", # required
     #     if_match: "string",
@@ -7618,11 +8816,16 @@ module Aws::CloudFront
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.include_subdomains #=> Boolean
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.preload #=> Boolean
     #   resp.response_headers_policy.response_headers_policy_config.security_headers_config.strict_transport_security.access_control_max_age_sec #=> Integer
+    #   resp.response_headers_policy.response_headers_policy_config.server_timing_headers_config.enabled #=> Boolean
+    #   resp.response_headers_policy.response_headers_policy_config.server_timing_headers_config.sampling_rate #=> Float
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.quantity #=> Integer
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items #=> Array
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].header #=> String
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].value #=> String
     #   resp.response_headers_policy.response_headers_policy_config.custom_headers_config.items[0].override #=> Boolean
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.quantity #=> Integer
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.items #=> Array
+    #   resp.response_headers_policy.response_headers_policy_config.remove_headers_config.items[0].header #=> String
     #   resp.etag #=> String
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2020-05-31/UpdateResponseHeadersPolicy AWS API Documentation
@@ -7737,7 +8940,7 @@ module Aws::CloudFront
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudfront'
-      context[:gem_version] = '1.60.0'
+      context[:gem_version] = '1.83.0'
       Seahorse::Client::Request.new(handlers, context)
     end