From 4c03cfab1948dad50b655fdccd707e93720e803a Mon Sep 17 00:00:00 2001 From: Ricardo Wurmus Date: Tue, 7 Jul 2020 22:45:47 +0200 Subject: aws/api: Update Cloudfront API. * aws/api/cloudfront-2019-03-26.normal.json: Replace with version v2.680.0. --- aws/api/cloudfront-2019-03-26.normal.json | 44 +++++++++++++++---------------- 1 file changed, 22 insertions(+), 22 deletions(-) diff --git a/aws/api/cloudfront-2019-03-26.normal.json b/aws/api/cloudfront-2019-03-26.normal.json index ab547c7..bd7c01f 100644 --- a/aws/api/cloudfront-2019-03-26.normal.json +++ b/aws/api/cloudfront-2019-03-26.normal.json @@ -1718,7 +1718,7 @@ }, "ICPRecordalStatus": { "shape": "ICPRecordalStatus", - "documentation": "

The Internet Content Provider (ICP) recordal status for a CNAME. The ICPRecordalStatus is set to APPROVED for all CNAMEs (aliases) in regions outside of China.

The status values returned are the following:

" + "documentation": "

The Internet Content Provider (ICP) recordal status for a CNAME. The ICPRecordalStatus is set to APPROVED for all CNAMEs (aliases) in regions outside of China.

The status values returned are the following:

" } }, "documentation": "

AWS services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions. The status is returned in the CloudFront response; you can't configure it yourself.

For more information about ICP recordals, see Signup, Accounts, and Credentials in Getting Started with AWS services in China.

" @@ -1803,7 +1803,7 @@ }, "ForwardedValues": { "shape": "ForwardedValues", - "documentation": "

A complex type that specifies how CloudFront handles query strings and cookies.

" + "documentation": "

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

" }, "TrustedSigners": { "shape": "TrustedSigners", @@ -2085,11 +2085,11 @@ "members": { "Quantity": { "shape": "integer", - "documentation": "

The number of different cookies that you want CloudFront to forward to the origin for this cache behavior.

" + "documentation": "

The number of different cookies that you want CloudFront to forward to the origin for this cache behavior. The value must equal the number of items that are in the Items field.

When you set Forward = whitelist (in the CookiePreferences object), this value must be 1 or higher.

" }, "Items": { "shape": "CookieNameList", - "documentation": "

A complex type that contains one Name element for each cookie that you want CloudFront to forward to the origin for this cache behavior.

" + "documentation": "

A complex type that contains one Name element for each cookie that you want CloudFront to forward to the origin for this cache behavior. It must contain the same number of items that is specified in the Quantity field.

When you set Forward = whitelist (in the CookiePreferences object), this field must contain at least one item.

" } }, "documentation": "

A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see Caching Content Based on Request Headers in the Amazon CloudFront Developer Guide.

" @@ -2102,11 +2102,11 @@ "members": { "Forward": { "shape": "ItemSelection", - "documentation": "

Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the WhitelistedNames complex type.

Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the Forward element.

" + "documentation": "

Specifies which cookies to forward to the origin for this cache behavior: all, none, or the list of cookies specified in the WhitelistedNames complex type.

Amazon S3 doesn't process cookies. When the cache behavior is forwarding requests to an Amazon S3 origin, specify none for the Forward element.

" }, "WhitelistedNames": { "shape": "CookieNames", - "documentation": "

Required if you specify whitelist for the value of Forward:. A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.

If you specify all or none for the value of Forward, omit WhitelistedNames. If you change the value of Forward from whitelist to all or none and you don't delete the WhitelistedNames element and its child elements, CloudFront deletes them automatically.

For the current limit on the number of cookie names that you can whitelist for each cache behavior, see CloudFront Limits in the AWS General Reference.

" + "documentation": "

Required if you specify whitelist for the value of Forward. A complex type that specifies how many different cookies you want CloudFront to forward to the origin for this cache behavior and, if you want to forward selected cookies, the names of those cookies.

If you specify all or none for the value of Forward, omit WhitelistedNames. If you change the value of Forward from whitelist to all or none and you don't delete the WhitelistedNames element and its child elements, CloudFront deletes them automatically.

For the current limit on the number of cookie names that you can whitelist for each cache behavior, see CloudFront Limits in the AWS General Reference.

" } }, "documentation": "

A complex type that specifies whether you want CloudFront to forward cookies to the origin and, if so, which ones. For more information about forwarding cookies to the origin, see Caching Content Based on Cookies in the Amazon CloudFront Developer Guide.

" @@ -2487,15 +2487,15 @@ }, "ResponsePagePath": { "shape": "string", - "documentation": "

The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by ErrorCode, for example, /4xx-errors/403-forbidden.html. If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:

If you specify a value for ResponsePagePath, you must also specify a value for ResponseCode. If you don't want to specify a value, include an empty element, <ResponsePagePath>, in the XML document.

We recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.

" + "documentation": "

The path to the custom error page that you want CloudFront to return to a viewer when your origin returns the HTTP status code specified by ErrorCode, for example, /4xx-errors/403-forbidden.html. If you want to store your objects and your custom error pages in different locations, your distribution must include a cache behavior for which the following is true:

If you specify a value for ResponsePagePath, you must also specify a value for ResponseCode.

We recommend that you store custom error pages in an Amazon S3 bucket. If you store custom error pages on an HTTP server and the server starts to return 5xx errors, CloudFront can't get the files that you want to return to viewers because the origin server is unavailable.

" }, "ResponseCode": { "shape": "string", - "documentation": "

The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:

If you specify a value for ResponseCode, you must also specify a value for ResponsePagePath. If you don't want to specify a value, include an empty element, <ResponseCode>, in the XML document.

" + "documentation": "

The HTTP status code that you want CloudFront to return to the viewer along with the custom error page. There are a variety of reasons that you might want CloudFront to return a status code different from the status code that your origin returned to CloudFront, for example:

If you specify a value for ResponseCode, you must also specify a value for ResponsePagePath.

" }, "ErrorCachingMinTTL": { "shape": "long", - "documentation": "

The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ErrorCode. When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.

If you don't want to specify a value, include an empty element, <ErrorCachingMinTTL>, in the XML document.

For more information, see Customizing Error Responses in the Amazon CloudFront Developer Guide.

" + "documentation": "

The minimum amount of time, in seconds, that you want CloudFront to cache the HTTP status code specified in ErrorCode. When this time period has elapsed, CloudFront queries your origin to see whether the problem that caused the error has been resolved and the requested object is now available.

For more information, see Customizing Error Responses in the Amazon CloudFront Developer Guide.

" } }, "documentation": "

A complex type that controls:

For more information about custom error pages, see Customizing Error Responses in the Amazon CloudFront Developer Guide.

" @@ -2592,7 +2592,7 @@ }, "ForwardedValues": { "shape": "ForwardedValues", - "documentation": "

A complex type that specifies how CloudFront handles query strings and cookies.

" + "documentation": "

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

" }, "TrustedSigners": { "shape": "TrustedSigners", @@ -2871,7 +2871,7 @@ }, "ViewerCertificate": { "shape": "ViewerCertificate", - "documentation": "

A complex type that specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.

" + "documentation": "

A complex type that determines the distribution’s SSL/TLS configuration for communicating with viewers.

" }, "Restrictions": { "shape": "Restrictions", @@ -2879,7 +2879,7 @@ }, "WebACLId": { "shape": "string", - "documentation": "

A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF, see the AWS WAF Developer Guide.

" + "documentation": "

A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF, see the AWS WAF Developer Guide.

" }, "HttpVersion": { "shape": "HttpVersion", @@ -3027,7 +3027,7 @@ }, "ViewerCertificate": { "shape": "ViewerCertificate", - "documentation": "

A complex type that specifies whether you want viewers to use HTTP or HTTPS to request your objects, whether you're using an alternate domain name with HTTPS, and if so, if you're using AWS Certificate Manager (ACM) or a third-party certificate authority.

" + "documentation": "

A complex type that determines the distribution’s SSL/TLS configuration for communicating with viewers.

" }, "Restrictions": { "shape": "Restrictions", @@ -3395,7 +3395,7 @@ "documentation": "

A complex type that contains information about the query string parameters that you want CloudFront to use for caching for this cache behavior.

" } }, - "documentation": "

A complex type that specifies how CloudFront handles query strings and cookies.

" + "documentation": "

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

" }, "GeoRestriction": { "type": "structure", @@ -5620,36 +5620,36 @@ "members": { "CloudFrontDefaultCertificate": { "shape": "boolean", - "documentation": "

If you're using the CloudFront domain name for your distribution, such as d111111abcdef8.cloudfront.net, specify the following value:

" + "documentation": "

If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net, set this field to true.

If the distribution uses Aliases (alternate domain names or CNAMEs), set this field to false and specify values for the following fields:

" }, "IAMCertificateId": { "shape": "string", - "documentation": "

If you want viewers to use HTTPS to request your objects and you're using an alternate domain name, you must choose the type of certificate that you want to use. Specify the following value if you purchased your certificate from a third-party certificate authority:

If you specify IAMCertificateId, you must also specify a value for SSLSupportMethod.

" + "documentation": "

If the distribution uses Aliases (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in AWS Identity and Access Management (AWS IAM), provide the ID of the IAM certificate.

If you specify an IAM certificate ID, you must also specify values for MinimumProtocolVerison and SSLSupportMethod.

" }, "ACMCertificateArn": { "shape": "string", - "documentation": "

If you want viewers to use HTTPS to request your objects and you're using an alternate domain name, you must choose the type of certificate that you want to use. Specify the following value if ACM provided your certificate:

If you specify ACMCertificateArn, you must also specify a value for SSLSupportMethod.

" + "documentation": "

If the distribution uses Aliases (alternate domain names or CNAMEs) and the SSL/TLS certificate is stored in AWS Certificate Manager (ACM), provide the Amazon Resource Name (ARN) of the ACM certificate. CloudFront only supports ACM certificates in the US East (N. Virginia) Region (us-east-1).

If you specify an ACM certificate ARN, you must also specify values for MinimumProtocolVerison and SSLSupportMethod.

" }, "SSLSupportMethod": { "shape": "SSLSupportMethod", - "documentation": "

If you specify a value for ACMCertificateArn or for IAMCertificateId, you must also specify how you want CloudFront to serve HTTPS requests: using a method that works for browsers and clients released after 2010 or one that works for all clients.

Don't specify a value for SSLSupportMethod if you specified <CloudFrontDefaultCertificate>true<CloudFrontDefaultCertificate>.

For more information, see Choosing How CloudFront Serves HTTPS Requests in the Amazon CloudFront Developer Guide.

" + "documentation": "

If the distribution uses Aliases (alternate domain names or CNAMEs), specify which viewers the distribution accepts HTTPS connections from.

If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net, don’t set a value for this field.

" }, "MinimumProtocolVersion": { "shape": "MinimumProtocolVersion", - "documentation": "

Specify the security policy that you want CloudFront to use for HTTPS connections. A security policy determines two settings:

On the CloudFront console, this setting is called Security policy.

We recommend that you specify TLSv1.1_2016 unless your users are using browsers or devices that do not support TLSv1.1 or later.

When both of the following are true, you must specify TLSv1 or later for the security policy:

If you specify true for CloudFrontDefaultCertificate, CloudFront automatically sets the security policy to TLSv1 regardless of the value that you specify for MinimumProtocolVersion.

For information about the relationship between the security policy that you choose and the protocols and ciphers that CloudFront uses to communicate with viewers, see Supported SSL/TLS Protocols and Ciphers for Communication Between Viewers and CloudFront in the Amazon CloudFront Developer Guide.

" + "documentation": "

If the distribution uses Aliases (alternate domain names or CNAMEs), specify the security policy that you want CloudFront to use for HTTPS connections with viewers. The security policy determines two settings:

For more information, see Security Policy and Supported Protocols and Ciphers Between Viewers and CloudFront in the Amazon CloudFront Developer Guide.

On the CloudFront console, this setting is called Security Policy.

We recommend that you specify TLSv1.2_2018 unless your viewers are using browsers or devices that don’t support TLSv1.2.

When you’re using SNI only (you set SSLSupportMethod to sni-only), you must specify TLSv1 or higher.

If the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net (you set CloudFrontDefaultCertificate to true), CloudFront automatically sets the security policy to TLSv1 regardless of the value that you set here.

" }, "Certificate": { "shape": "string", - "documentation": "

This field is no longer used. Use one of the following fields instead:

", + "documentation": "

This field is deprecated. Use one of the following fields instead:

", "deprecated": true }, "CertificateSource": { "shape": "CertificateSource", - "documentation": "

This field is no longer used. Use one of the following fields instead:

", + "documentation": "

This field is deprecated. Use one of the following fields instead:

", "deprecated": true } }, - "documentation": "

A complex type that specifies the following:

Specify only one of the following values:

For more information, see Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.

" + "documentation": "

A complex type that determines the distribution’s SSL/TLS configuration for communicating with viewers.

If the distribution doesn’t use Aliases (also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such as d111111abcdef8.cloudfront.net—set CloudFrontDefaultCertificate to true and leave all other fields empty.

If the distribution uses Aliases (alternate domain names or CNAMEs), use the fields in this type to specify the following settings:

All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use ViewerProtocolPolicy in the CacheBehavior or DefaultCacheBehavior. To specify how CloudFront should use SSL/TLS to communicate with your custom origin, use CustomOriginConfig.

For more information, see Using HTTPS with CloudFront and Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.

" }, "ViewerProtocolPolicy": { "type": "string", -- cgit v1.2.3