aws-sdk-cloudfront 1.24.0 → 1.25.0

checksums.yaml

@@ -1,7 +1,7 @@
 ---
 SHA1:
-  metadata.gz: a7d27319d68933acfe3149f779227a6f27d59075
-  data.tar.gz: cb4f27e38200cf08e6e2c8f093f3d9f80b7a2f8f
+  metadata.gz: 18f551d3625a8d4fc592f416820df772ab86dae7
+  data.tar.gz: 11f278ead4f265d0c5836f27fb29ad2b4375fc49
 SHA512:
-  metadata.gz: 293b0b3c6baef3f4c5441d168a90da09cd413f01fe555886c83a1c701dc0f83daedb64875b80df03195c0e6da41777ce5a5b47572c9e3ca7b928410b067c0eac
-  data.tar.gz: b211e2993c85dab4f3917a3603829f0553481681c54e7f84e73973fcca7c244c7b664e613fcf8f2ba45ca5a2a330937952f41df894ed8e9b89007d6aa0f3d962
+  metadata.gz: 2b430df798fd88ed2e7d62e2fa3edf147223a615341024f62925d25286b0e4e9c14a82a8fdf5ec57fe197616e1aab8c27a8b5c6954eb14c0206a860629bc222a
+  data.tar.gz: 769ea5e2ef6d5f9efd6118b7ffc56f029d5dc0dfb74341ec68ead3232526b1f151a49aaf4af23abb24aa0b8120e8626be26be67e8e10957ccb8f881ff626103d

data/lib/aws-sdk-cloudfront.rb

@@ -43,6 +43,6 @@ require_relative 'aws-sdk-cloudfront/customizations'
 # @service
 module Aws::CloudFront
 
-  GEM_VERSION = '1.24.0'
+  GEM_VERSION = '1.25.0'
 
 end

data/lib/aws-sdk-cloudfront/client.rb

@@ -4081,7 +4081,7 @@ module Aws::CloudFront
         params: params,
         config: config)
       context[:gem_name] = 'aws-sdk-cloudfront'
-      context[:gem_version] = '1.24.0'
+      context[:gem_version] = '1.25.0'
       Seahorse::Client::Request.new(handlers, context)
     end
 

data/lib/aws-sdk-cloudfront/types.rb

@@ -980,13 +980,21 @@ module Aws::CloudFront
     #
     # @!attribute [rw] quantity
     #   The number of different cookies that you want CloudFront to forward
-    #   to the origin for this cache behavior.
+    #   to the origin for this cache behavior. The value must equal the
+    #   number of items that are in the `Items` field.
+    #
+    #   When you set `Forward = whitelist` (in the `CookiePreferences`
+    #   object), this value must be `1` or higher.
     #   @return [Integer]
     #
     # @!attribute [rw] items
     #   A complex type that contains one `Name` element for each cookie that
     #   you want CloudFront to forward to the origin for this cache
-    #   behavior.
+    #   behavior. It must contain the same number of items that is specified
+    #   in the `Quantity` field.
+    #
+    #   When you set `Forward = whitelist` (in the `CookiePreferences`
+    #   object), this field must contain at least one item.
     #   @return [Array<String>]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2019-03-26/CookieNames AWS API Documentation
@@ -1028,14 +1036,14 @@ module Aws::CloudFront
     #   @return [String]
     #
     # @!attribute [rw] whitelisted_names
-    #   Required if you specify `whitelist` for the value of `Forward:`. A
+    #   Required if you specify `whitelist` for the value of `Forward`. A
     #   complex type that specifies how many different cookies you want
     #   CloudFront to forward to the origin for this cache behavior and, if
     #   you want to forward selected cookies, the names of those cookies.
     #
-    #   If you specify `all` or none for the value of `Forward`, omit
+    #   If you specify `all` or `none` for the value of `Forward`, omit
     #   `WhitelistedNames`. If you change the value of `Forward` from
-    #   `whitelist` to all or none and you don't delete the
+    #   `whitelist` to `all` or `none` and you don't delete the
     #   `WhitelistedNames` element and its child elements, CloudFront
     #   deletes them automatically.
     #
@@ -3171,10 +3179,8 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] viewer_certificate
-    #   A complex type that specifies whether you want viewers to use HTTP
-    #   or HTTPS to request your objects, whether you're using an alternate
-    #   domain name with HTTPS, and if so, if you're using AWS Certificate
-    #   Manager (ACM) or a third-party certificate authority.
+    #   A complex type that determines the distribution’s SSL/TLS
+    #   configuration for communicating with viewers.
     #   @return [Types::ViewerCertificate]
     #
     # @!attribute [rw] restrictions
@@ -3660,10 +3666,8 @@ module Aws::CloudFront
     #   @return [Boolean]
     #
     # @!attribute [rw] viewer_certificate
-    #   A complex type that specifies whether you want viewers to use HTTP
-    #   or HTTPS to request your objects, whether you're using an alternate
-    #   domain name with HTTPS, and if so, if you're using AWS Certificate
-    #   Manager (ACM) or a third-party certificate authority.
+    #   A complex type that determines the distribution’s SSL/TLS
+    #   configuration for communicating with viewers.
     #   @return [Types::ViewerCertificate]
     #
     # @!attribute [rw] restrictions
@@ -5159,7 +5163,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # Query string parameters specified in the response body are not valid.
+    # The query string parameters specified are not valid.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -5198,7 +5202,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A response code specified in the response body is not valid.
+    # A response code is not valid.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -5210,7 +5214,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # TTL order specified in the response body is not valid.
+    # The TTL order specified is not valid.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -5222,7 +5226,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # Tagging specified in the response body is not valid.
+    # The tagging specified is not valid.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -5234,7 +5238,7 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A viewer certificate specified in the response body is not valid.
+    # A viewer certificate specified is not valid.
     #
     # @!attribute [rw] message
     #   @return [String]
@@ -5246,9 +5250,8 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A web ACL ID specified in the response body is not valid. To specify a
-    # web ACL created using the latest version of AWS WAF, use the ACL ARN,
-    # for example
+    # A web ACL ID specified is not valid. To specify a web ACL created
+    # using the latest version of AWS WAF, use the ACL ARN, for example
     # `arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`.
     # To specify a web ACL created using AWS WAF Classic, use the ACL ID,
     # for example `473e64fd-f30b-4765-81a0-62ad96dd167a`.
@@ -8664,37 +8667,64 @@ module Aws::CloudFront
       include Aws::Structure
     end
 
-    # A complex type that specifies the following:
+    # A complex type that determines the distribution’s SSL/TLS
+    # configuration for communicating with viewers.
     #
-    # * Whether you want viewers to use HTTP or HTTPS to request your
-    #   objects.
+    # If the distribution doesn’t use `Aliases` (also known as alternate
+    # domain names or CNAMEs)—that is, if the distribution uses the
+    # CloudFront domain name such as `d111111abcdef8.cloudfront.net`—set
+    # `CloudFrontDefaultCertificate` to `true` and leave all other fields
+    # empty.
     #
-    # * If you want viewers to use HTTPS, whether you're using an alternate
-    #   domain name, such as `example.com`, or the CloudFront domain name
-    #   for your distribution, such as `d111111abcdef8.cloudfront.net`.
+    # If the distribution uses `Aliases` (alternate domain names or CNAMEs),
+    # use the fields in this type to specify the following settings:
     #
-    # * If you're using an alternate domain name, whether AWS Certificate
-    #   Manager (ACM) provided the certificate, or you purchased a
-    #   certificate from a third-party certificate authority and imported it
-    #   into ACM or uploaded it to the IAM certificate store.
+    # * Which viewers the distribution accepts HTTPS connections from: only
+    #   viewers that support [server name indication (SNI)][1]
+    #   (recommended), or all viewers including those that don’t support
+    #   SNI.
     #
-    # Specify only one of the following values:
+    #   * To accept HTTPS connections from only viewers that support SNI,
+    #     set `SSLSupportMethod` to `sni-only`. This is recommended. Most
+    #     browsers and clients released after 2010 support SNI.
     #
-    # * [ACMCertificateArn][1]
+    #   * To accept HTTPS connections from all viewers, including those that
+    #     don’t support SNI, set `SSLSupportMethod` to `vip`. This is not
+    #     recommended, and results in additional monthly charges from
+    #     CloudFront.
     #
-    # * [IAMCertificateId][2]
+    # * The minimum SSL/TLS protocol version that the distribution can use
+    #   to communicate with viewers. To specify a minimum version, choose a
+    #   value for `MinimumProtocolVersion`. For more information, see
+    #   [Security Policy][2] in the *Amazon CloudFront Developer Guide*.
     #
-    # * [CloudFrontDefaultCertificate][3]
+    # * The location of the SSL/TLS certificate, [AWS Certificate Manager
+    #   (ACM)][3] (recommended) or [AWS Identity and Access Management (AWS
+    #   IAM)][4]. You specify the location by setting a value in one of the
+    #   following fields (not both):
     #
-    # For more information, see [ Using Alternate Domain Names and HTTPS][4]
-    # in the *Amazon CloudFront Developer Guide*.
+    #   * `ACMCertificateArn`
+    #
+    #   * `IAMCertificateId`
+    #
+    # All distributions support HTTPS connections from viewers. To require
+    # viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use
+    # `ViewerProtocolPolicy` in the `CacheBehavior` or
+    # `DefaultCacheBehavior`. To specify how CloudFront should use SSL/TLS
+    # to communicate with your custom origin, use `CustomOriginConfig`.
+    #
+    # For more information, see [Using HTTPS with CloudFront][5] and [ Using
+    # Alternate Domain Names and HTTPS][6] in the *Amazon CloudFront
+    # Developer Guide*.
     #
     #
     #
-    # [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn
-    # [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId
-    # [3]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-CloudFrontDefaultCertificate
-    # [4]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/SecureConnections.html#CNAMEsAndHTTPS
+    # [1]: https://en.wikipedia.org/wiki/Server_Name_Indication
+    # [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy
+    # [3]: https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html
+    # [4]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html
+    # [5]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https.html
+    # [6]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-alternate-domain-names.html
     #
     # @note When making an API call, you may pass ViewerCertificate
     #   data as a hash:
@@ -8710,145 +8740,130 @@ module Aws::CloudFront
     #       }
     #
     # @!attribute [rw] cloud_front_default_certificate
-    #   If you're using the CloudFront domain name for your distribution,
-    #   such as `d111111abcdef8.cloudfront.net`, specify this value as
-    #   `true`.
+    #   If the distribution uses the CloudFront domain name such as
+    #   `d111111abcdef8.cloudfront.net`, set this field to `true`.
+    #
+    #   If the distribution uses `Aliases` (alternate domain names or
+    #   CNAMEs), set this field to `false` and specify values for the
+    #   following fields:
+    #
+    #   * `ACMCertificateArn` or `IAMCertificateId` (specify a value for
+    #     one, not both)
+    #
+    #   * `MinimumProtocolVersion`
+    #
+    #   * `SSLSupportMethod`
     #   @return [Boolean]
     #
     # @!attribute [rw] iam_certificate_id
-    #   If you want viewers to use HTTPS to request your objects and you're
-    #   using an alternate domain name, you must choose the type of
-    #   certificate that you want to use. If you purchased your certificate
-    #   from a third-party certificate authority and uploaded it to the IAM
-    #   certificate store, specify the certificate ID that you want to use
-    #   for this distribution.
+    #   If the distribution uses `Aliases` (alternate domain names or
+    #   CNAMEs) and the SSL/TLS certificate is stored in [AWS Identity and
+    #   Access Management (AWS IAM)][1], provide the ID of the IAM
+    #   certificate.
     #
-    #   If you specify a certificate ID, you must also specify an SSL
-    #   support method (`sni-only` or `vip`).
+    #   If you specify an IAM certificate ID, you must also specify values
+    #   for `MinimumProtocolVerison` and `SSLSupportMethod`.
+    #
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_credentials_server-certs.html
     #   @return [String]
     #
     # @!attribute [rw] acm_certificate_arn
-    #   If you want viewers to use HTTPS to request your objects and you're
-    #   using an alternate domain name, you must choose the type of
-    #   certificate that you want to use. If ACM provided your certificate,
-    #   specify the Amazon Resource Name (ARN) for the ACM certificate that
-    #   you want to use for this distribution. CloudFront only supports ACM
-    #   certificates in the US East (N. Virginia) Region (us-east-1).
+    #   If the distribution uses `Aliases` (alternate domain names or
+    #   CNAMEs) and the SSL/TLS certificate is stored in [AWS Certificate
+    #   Manager (ACM)][1], provide the Amazon Resource Name (ARN) of the ACM
+    #   certificate. CloudFront only supports ACM certificates in the US
+    #   East (N. Virginia) Region (`us-east-1`).
+    #
+    #   If you specify an ACM certificate ARN, you must also specify values
+    #   for `MinimumProtocolVerison` and `SSLSupportMethod`.
     #
-    #   If you specify an ACM certificate ARN, you must also specify an SSL
-    #   support method (`sni-only` or `vip`).
+    #
+    #
+    #   [1]: https://docs.aws.amazon.com/acm/latest/userguide/acm-overview.html
     #   @return [String]
     #
     # @!attribute [rw] ssl_support_method
-    #   If you specify a value for [ACMCertificateArn][1] or for
-    #   [IAMCertificateId][2], you must also specify how you want CloudFront
-    #   to serve HTTPS requests: using a method that works for browsers and
-    #   clients released after 2010, or one that works for all clients.
+    #   If the distribution uses `Aliases` (alternate domain names or
+    #   CNAMEs), specify which viewers the distribution accepts HTTPS
+    #   connections from.
     #
-    #   * `sni-only`\: CloudFront can respond to HTTPS requests from viewers
-    #     that support Server Name Indication (SNI). All modern browsers
-    #     support SNI, but there are a few that don't. For a current list
-    #     of the browsers that support SNI, see the [Wikipedia entry Server
-    #     Name Indication][3]. To learn about options to explore if you have
-    #     viewers with browsers that don't include SNI support, see
-    #     [Choosing How CloudFront Serves HTTPS Requests][4] in the *Amazon
-    #     CloudFront Developer Guide*.
+    #   * `sni-only` – The distribution accepts HTTPS connections from only
+    #     viewers that support [server name indication (SNI)][1]. This is
+    #     recommended. Most browsers and clients released after 2010 support
+    #     SNI.
     #
-    #   * `vip`\: CloudFront uses dedicated IP addresses for your content
-    #     and can respond to HTTPS requests from any viewer. However, there
-    #     are additional monthly charges. For details, including specific
-    #     pricing information, see [Custom SSL options for Amazon
-    #     CloudFront][5] on the AWS marketing site.
+    #   * `vip` – The distribution accepts HTTPS connections from all
+    #     viewers including those that don’t support SNI. This is not
+    #     recommended, and results in additional monthly charges from
+    #     CloudFront.
     #
-    #   Don't specify a value here if you specified
-    #   `CloudFrontDefaultCertificate` as `true`.
+    #   If the distribution uses the CloudFront domain name such as
+    #   `d111111abcdef8.cloudfront.net`, don’t set a value for this field.
     #
-    #   For more information, see [Choosing How CloudFront Serves HTTPS
-    #   Requests][4] in the *Amazon CloudFront Developer Guide*.
     #
     #
-    #
-    #   [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn
-    #   [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId
-    #   [3]: http://en.wikipedia.org/wiki/Server_Name_Indication
-    #   [4]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cnames-https-dedicated-ip-or-sni.html
-    #   [5]: http://aws.amazon.com/cloudfront/custom-ssl-domains/
+    #   [1]: https://en.wikipedia.org/wiki/Server_Name_Indication
     #   @return [String]
     #
     # @!attribute [rw] minimum_protocol_version
-    #   Specify the security policy that you want CloudFront to use for
-    #   HTTPS connections. A security policy determines two settings:
+    #   If the distribution uses `Aliases` (alternate domain names or
+    #   CNAMEs), specify the security policy that you want CloudFront to use
+    #   for HTTPS connections with viewers. The security policy determines
+    #   two settings:
     #
-    #   * The minimum SSL/TLS protocol that CloudFront uses to communicate
-    #     with viewers.
+    #   * The minimum SSL/TLS protocol that CloudFront can use to
+    #     communicate with viewers.
     #
-    #   * The cipher that CloudFront uses to encrypt the content that it
+    #   * The ciphers that CloudFront can use to encrypt the content that it
     #     returns to viewers.
     #
+    #   For more information, see [Security Policy][1] and [Supported
+    #   Protocols and Ciphers Between Viewers and CloudFront][2] in the
+    #   *Amazon CloudFront Developer Guide*.
+    #
     #   <note markdown="1"> On the CloudFront console, this setting is called **Security
     #   Policy**.
     #
     #    </note>
     #
-    #   We recommend that you specify `TLSv1.1_2016` unless your viewers are
-    #   using browsers or devices that do not support TLSv1.1 or later.
-    #
-    #   When both of the following are true, you must specify `TLSv1` or
-    #   later for the security policy:
+    #   We recommend that you specify `TLSv1.2_2018` unless your viewers are
+    #   using browsers or devices that don’t support TLSv1.2.
     #
-    #   * You're using a custom certificate; that is, you specified a value
-    #     for `ACMCertificateArn` or for `IAMCertificateId`.
+    #   When you’re using SNI only (you set `SSLSupportMethod` to
+    #   `sni-only`), you must specify `TLSv1` or higher.
     #
-    #   * You're using SNI; that is, you specified `sni-only` for
-    #     `SSLSupportMethod`.
+    #   If the distribution uses the CloudFront domain name such as
+    #   `d111111abcdef8.cloudfront.net` (you set
+    #   `CloudFrontDefaultCertificate` to `true`), CloudFront automatically
+    #   sets the security policy to `TLSv1` regardless of the value that you
+    #   set here.
     #
-    #   If you specify `true` for `CloudFrontDefaultCertificate`, CloudFront
-    #   automatically sets the security policy to `TLSv1` regardless of the
-    #   value that you specify here.
-    #
-    #   For information about the relationship between the security policy
-    #   that you choose and the protocols and ciphers that CloudFront uses
-    #   to communicate with viewers, see [ Supported SSL/TLS Protocols and
-    #   Ciphers for Communication Between Viewers and CloudFront][1] in the
-    #   *Amazon CloudFront Developer Guide*.
     #
     #
-    #
-    #   [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
+    #   [1]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValues-security-policy
+    #   [2]: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/secure-connections-supported-viewer-protocols-ciphers.html#secure-connections-supported-ciphers
     #   @return [String]
     #
     # @!attribute [rw] certificate
-    #   This field is no longer used. Use one of the following fields
-    #   instead:
-    #
-    #   * [ACMCertificateArn][1]
-    #
-    #   * [IAMCertificateId][2]
-    #
-    #   * [CloudFrontDefaultCertificate][3]
+    #   This field is deprecated. Use one of the following fields instead:
     #
+    #   * `ACMCertificateArn`
     #
+    #   * `IAMCertificateId`
     #
-    #   [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn
-    #   [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId
-    #   [3]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-CloudFrontDefaultCertificate
+    #   * `CloudFrontDefaultCertificate`
     #   @return [String]
     #
     # @!attribute [rw] certificate_source
-    #   This field is no longer used. Use one of the following fields
-    #   instead:
-    #
-    #   * [ACMCertificateArn][1]
-    #
-    #   * [IAMCertificateId][2]
-    #
-    #   * [CloudFrontDefaultCertificate][3]
+    #   This field is deprecated. Use one of the following fields instead:
     #
+    #   * `ACMCertificateArn`
     #
+    #   * `IAMCertificateId`
     #
-    #   [1]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-ACMCertificateArn
-    #   [2]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-IAMCertificateId
-    #   [3]: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_ViewerCertificate.html#cloudfront-Type-ViewerCertificate-CloudFrontDefaultCertificate
+    #   * `CloudFrontDefaultCertificate`
     #   @return [String]
     #
     # @see http://docs.aws.amazon.com/goto/WebAPI/cloudfront-2019-03-26/ViewerCertificate AWS API Documentation

metadata

@@ -1,14 +1,14 @@
 --- !ruby/object:Gem::Specification
 name: aws-sdk-cloudfront
 version: !ruby/object:Gem::Version
-  version: 1.24.0
+  version: 1.25.0
 platform: ruby
 authors:
 - Amazon Web Services
 autorequire: 
 bindir: bin
 cert_chain: []
-date: 2019-12-18 00:00:00.000000000 Z
+date: 2020-02-04 00:00:00.000000000 Z
 dependencies:
 - !ruby/object:Gem::Dependency
   name: aws-sdk-core