Class: Aws::CloudFront::Types::CacheBehavior

Inherits:

Struct

• Object
• Struct
• Aws::CloudFront::Types::CacheBehavior

Includes:

Structure

Defined in:

lib/aws-sdk-cloudfront/types.rb

Overview

Note:

When making an API call, you may pass CacheBehavior data as a hash:

{
  path_pattern: "string", # required
  target_origin_id: "string", # required
  trusted_signers: {
    enabled: false, # required
    quantity: 1, # required
    items: ["string"],
  },
  trusted_key_groups: {
    enabled: false, # required
    quantity: 1, # required
    items: ["string"],
  },
  viewer_protocol_policy: "allow-all", # required, accepts allow-all, https-only, redirect-to-https
  allowed_methods: {
    quantity: 1, # required
    items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
    cached_methods: {
      quantity: 1, # required
      items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
    },
  },
  smooth_streaming: false,
  compress: false,
  lambda_function_associations: {
    quantity: 1, # required
    items: [
      {
        lambda_function_arn: "LambdaFunctionARN", # required
        event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
        include_body: false,
      },
    ],
  },
  function_associations: {
    quantity: 1, # required
    items: [
      {
        function_arn: "FunctionARN", # required
        event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
      },
    ],
  },
  field_level_encryption_id: "string",
  realtime_log_config_arn: "string",
  cache_policy_id: "string",
  origin_request_policy_id: "string",
  forwarded_values: {
    query_string: false, # required
    cookies: { # required
      forward: "none", # required, accepts none, whitelist, all
      whitelisted_names: {
        quantity: 1, # required
        items: ["string"],
      },
    },
    headers: {
      quantity: 1, # required
      items: ["string"],
    },
    query_string_cache_keys: {
      quantity: 1, # required
      items: ["string"],
    },
  },
  min_ttl: 1,
  default_ttl: 1,
  max_ttl: 1,
}

A complex type that describes how CloudFront processes requests.

You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.

For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see [Quotas] in the *Amazon CloudFront Developer Guide*.

If you don’t want to specify any cache behaviors, include only an empty ‘CacheBehaviors` element. Don’t include an empty `CacheBehavior` element because this is invalid.

To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty ‘CacheBehaviors` element.

To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.

For more information about cache behaviors, see [Cache Behavior Settings] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/cloudfront-limits.html [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesCacheBehavior

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[]

Instance Attribute Summary

• #allowed_methods ⇒ Types::AllowedMethods

  A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.

• #cache_policy_id ⇒ String

  The unique identifier of the cache policy that is attached to this cache behavior.

• #compress ⇒ Boolean

  Whether you want CloudFront to automatically compress certain files for this cache behavior.

• #default_ttl ⇒ Integer

  This field is deprecated.

• #field_level_encryption_id ⇒ String

  The value of ‘ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.

• #forwarded_values ⇒ Types::ForwardedValues

  This field is deprecated.

• #function_associations ⇒ Types::FunctionAssociations

  A list of CloudFront functions that are associated with this cache behavior.

• #lambda_function_associations ⇒ Types::LambdaFunctionAssociations

  A complex type that contains zero or more Lambda function associations for a cache behavior.

• #max_ttl ⇒ Integer

  This field is deprecated.

• #min_ttl ⇒ Integer

  This field is deprecated.

• #origin_request_policy_id ⇒ String

  The unique identifier of the origin request policy that is attached to this cache behavior.

• #path_pattern ⇒ String

  The pattern (for example, ‘images/*.jpg`) that specifies which requests to apply the behavior to.

• #realtime_log_config_arn ⇒ String

  The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior.

• #smooth_streaming ⇒ Boolean

  Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.

• #target_origin_id ⇒ String

  The value of ‘ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.

• #trusted_key_groups ⇒ Types::TrustedKeyGroups

  A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

• #trusted_signers ⇒ Types::TrustedSigners

  We recommend using ‘TrustedKeyGroups` instead of `TrustedSigners`.

• #viewer_protocol_policy ⇒ String

  The protocol that viewers can use to access the files in the origin specified by ‘TargetOriginId` when a request matches the path pattern in `PathPattern`.

Instance Attribute Details

#allowed_methods ⇒ Types::AllowedMethods

A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:

• CloudFront forwards only ‘GET` and `HEAD` requests.

• CloudFront forwards only ‘GET`, `HEAD`, and `OPTIONS` requests.

• CloudFront forwards ‘GET, HEAD, OPTIONS, PUT, PATCH, POST`, and `DELETE` requests.

If you pick the third choice, you may need to restrict access to your Amazon S3 bucket or to your custom origin so users can’t perform operations that you don’t want them to. For example, you might not want users to have permissions to delete objects from your origin.

Returns:

• (Types::AllowedMethods)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#cache_policy_id ⇒ String

The unique identifier of the cache policy that is attached to this cache behavior. For more information, see [Creating cache policies] or [Using the managed cache policies] in the *Amazon CloudFront Developer Guide*.

A ‘CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues`. We recommend that you use a `CachePolicyId`.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#compress ⇒ Boolean

Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see [Serving Compressed Files] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/ServingCompressedFiles.html

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#default_ttl ⇒ Integer

This field is deprecated. We recommend that you use the ‘DefaultTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies] or [Using the managed cache policies] in the *Amazon CloudFront Developer Guide*.

The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as ‘Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html [3]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#field_level_encryption_id ⇒ String

The value of ‘ID` for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#forwarded_values ⇒ Types::ForwardedValues

This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see [Working with policies] in the *Amazon CloudFront Developer Guide*.

If you want to include values in the cache key, use a cache policy. For more information, see [Creating cache policies] or [Using the managed cache policies] in the *Amazon CloudFront Developer Guide*.

If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see

Creating origin request policies][4

or [Using the managed origin

request policies] in the *Amazon CloudFront Developer Guide*.

A ‘CacheBehavior` must include either a `CachePolicyId` or `ForwardedValues`. We recommend that you use a `CachePolicyId`.

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/working-with-policies.html [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy [3]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html [4]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy [5]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html

Returns:

• (Types::ForwardedValues)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#function_associations ⇒ Types::FunctionAssociations

A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the ‘LIVE` stage to associate them with a cache behavior.

Returns:

• (Types::FunctionAssociations)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#lambda_function_associations ⇒ Types::LambdaFunctionAssociations

A complex type that contains zero or more Lambda function associations for a cache behavior.

Returns:

• (Types::LambdaFunctionAssociations)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#max_ttl ⇒ Integer

This field is deprecated. We recommend that you use the ‘MaxTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies] or [Using the managed cache policies] in the *Amazon CloudFront Developer Guide*.

The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as ‘Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` to objects. For more information, see [Managing How Long Content Stays in an Edge Cache (Expiration)] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html [3]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#min_ttl ⇒ Integer

This field is deprecated. We recommend that you use the ‘MinTTL` field in a cache policy instead of this field. For more information, see [Creating cache policies] or [Using the managed cache policies] in the *Amazon CloudFront Developer Guide*.

The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see [ Managing How Long Content Stays in an Edge Cache (Expiration)] in the Amazon CloudFront Developer Guide.

You must specify ‘0` for `MinTTL` if you configure CloudFront to forward all headers to your origin (under `Headers`, if you specify `1` for `Quantity` and `*` for `Name`).

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html#cache-key-create-cache-policy [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-cache-policies.html [3]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html

Returns:

• (Integer)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#origin_request_policy_id ⇒ String

The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see [Creating origin request policies] or [Using the managed origin request policies] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-origin-requests.html#origin-request-create-origin-request-policy [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-managed-origin-request-policies.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#path_pattern ⇒ String

The pattern (for example, ‘images/*.jpg`) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.

<note markdown=“1”> You can optionally include a slash (‘/`) at the beginning of the path pattern. For example, `/images/*.jpg`. CloudFront behavior is the same with or without the leading `/`.

</note>

The path pattern for the default cache behavior is ‘*` and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.

For more information, see [Path Pattern] in the Amazon CloudFront Developer Guide.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-values-specify.html#DownloadDistValuesPathPattern

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#realtime_log_config_arn ⇒ String

The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see

Real-time logs][1

in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/real-time-logs.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#smooth_streaming ⇒ Boolean

Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify ‘true`; if not, specify `false`. If you specify `true` for `SmoothStreaming`, you can still distribute other content using this cache behavior if the content matches the value of `PathPattern`.

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#target_origin_id ⇒ String

The value of ‘ID` for the origin that you want CloudFront to route requests to when they match this cache behavior.

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#trusted_key_groups ⇒ Types::TrustedKeyGroups

A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

Returns:

• (Types::TrustedKeyGroups)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#trusted_signers ⇒ Types::TrustedSigners

We recommend using ‘TrustedKeyGroups` instead of `TrustedSigners`.

A list of AWS account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer’s AWS account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see [Serving private content] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html

Returns:

• (Types::TrustedSigners)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end

#viewer_protocol_policy ⇒ String

The protocol that viewers can use to access the files in the origin specified by ‘TargetOriginId` when a request matches the path pattern in `PathPattern`. You can specify the following options:

• ‘allow-all`: Viewers can use HTTP or HTTPS.

• ‘redirect-to-https`: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.

• ‘https-only`: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).

For more information about requiring the HTTPS protocol, see

Requiring HTTPS Between Viewers and CloudFront][1

in the *Amazon

CloudFront Developer Guide*.

<note markdown=“1”> The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects’ cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see [Managing Cache Expiration] in the *Amazon CloudFront Developer Guide*.

</note>

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/using-https-viewers-to-cloudfront.html [2]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Expiration.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 664

class CacheBehavior < Struct.new(
  :path_pattern,
  :target_origin_id,
  :trusted_signers,
  :trusted_key_groups,
  :viewer_protocol_policy,
  :allowed_methods,
  :smooth_streaming,
  :compress,
  :lambda_function_associations,
  :function_associations,
  :field_level_encryption_id,
  :realtime_log_config_arn,
  :cache_policy_id,
  :origin_request_policy_id,
  :forwarded_values,
  :min_ttl,
  :default_ttl,
  :max_ttl)
  SENSITIVE = []
  include Aws::Structure
end