Class: Aws::CloudFront::Types::DistributionConfig

Inherits:

Struct

• Object
• Struct
• Aws::CloudFront::Types::DistributionConfig

Includes:

Structure

Defined in:

lib/aws-sdk-cloudfront/types.rb

Overview

Note:

When making an API call, you may pass DistributionConfig data as a hash:

{
  caller_reference: "string", # required
  aliases: {
    quantity: 1, # required
    items: ["string"],
  },
  default_root_object: "string",
  origins: { # required
    quantity: 1, # required
    items: [ # required
      {
        id: "string", # required
        domain_name: "string", # required
        origin_path: "string",
        custom_headers: {
          quantity: 1, # required
          items: [
            {
              header_name: "string", # required
              header_value: "string", # required
            },
          ],
        },
        s3_origin_config: {
          origin_access_identity: "string", # required
        },
        custom_origin_config: {
          http_port: 1, # required
          https_port: 1, # required
          origin_protocol_policy: "http-only", # required, accepts http-only, match-viewer, https-only
          origin_ssl_protocols: {
            quantity: 1, # required
            items: ["SSLv3"], # required, accepts SSLv3, TLSv1, TLSv1.1, TLSv1.2
          },
          origin_read_timeout: 1,
          origin_keepalive_timeout: 1,
        },
        connection_attempts: 1,
        connection_timeout: 1,
        origin_shield: {
          enabled: false, # required
          origin_shield_region: "OriginShieldRegion",
        },
      },
    ],
  },
  origin_groups: {
    quantity: 1, # required
    items: [
      {
        id: "string", # required
        failover_criteria: { # required
          status_codes: { # required
            quantity: 1, # required
            items: [1], # required
          },
        },
        members: { # required
          quantity: 1, # required
          items: [ # required
            {
              origin_id: "string", # required
            },
          ],
        },
      },
    ],
  },
  default_cache_behavior: { # required
    target_origin_id: "string", # required
    trusted_signers: {
      enabled: false, # required
      quantity: 1, # required
      items: ["string"],
    },
    trusted_key_groups: {
      enabled: false, # required
      quantity: 1, # required
      items: ["string"],
    },
    viewer_protocol_policy: "allow-all", # required, accepts allow-all, https-only, redirect-to-https
    allowed_methods: {
      quantity: 1, # required
      items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
      cached_methods: {
        quantity: 1, # required
        items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
      },
    },
    smooth_streaming: false,
    compress: false,
    lambda_function_associations: {
      quantity: 1, # required
      items: [
        {
          lambda_function_arn: "LambdaFunctionARN", # required
          event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
          include_body: false,
        },
      ],
    },
    function_associations: {
      quantity: 1, # required
      items: [
        {
          function_arn: "FunctionARN", # required
          event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
        },
      ],
    },
    field_level_encryption_id: "string",
    realtime_log_config_arn: "string",
    cache_policy_id: "string",
    origin_request_policy_id: "string",
    forwarded_values: {
      query_string: false, # required
      cookies: { # required
        forward: "none", # required, accepts none, whitelist, all
        whitelisted_names: {
          quantity: 1, # required
          items: ["string"],
        },
      },
      headers: {
        quantity: 1, # required
        items: ["string"],
      },
      query_string_cache_keys: {
        quantity: 1, # required
        items: ["string"],
      },
    },
    min_ttl: 1,
    default_ttl: 1,
    max_ttl: 1,
  },
  cache_behaviors: {
    quantity: 1, # required
    items: [
      {
        path_pattern: "string", # required
        target_origin_id: "string", # required
        trusted_signers: {
          enabled: false, # required
          quantity: 1, # required
          items: ["string"],
        },
        trusted_key_groups: {
          enabled: false, # required
          quantity: 1, # required
          items: ["string"],
        },
        viewer_protocol_policy: "allow-all", # required, accepts allow-all, https-only, redirect-to-https
        allowed_methods: {
          quantity: 1, # required
          items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
          cached_methods: {
            quantity: 1, # required
            items: ["GET"], # required, accepts GET, HEAD, POST, PUT, PATCH, OPTIONS, DELETE
          },
        },
        smooth_streaming: false,
        compress: false,
        lambda_function_associations: {
          quantity: 1, # required
          items: [
            {
              lambda_function_arn: "LambdaFunctionARN", # required
              event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
              include_body: false,
            },
          ],
        },
        function_associations: {
          quantity: 1, # required
          items: [
            {
              function_arn: "FunctionARN", # required
              event_type: "viewer-request", # required, accepts viewer-request, viewer-response, origin-request, origin-response
            },
          ],
        },
        field_level_encryption_id: "string",
        realtime_log_config_arn: "string",
        cache_policy_id: "string",
        origin_request_policy_id: "string",
        forwarded_values: {
          query_string: false, # required
          cookies: { # required
            forward: "none", # required, accepts none, whitelist, all
            whitelisted_names: {
              quantity: 1, # required
              items: ["string"],
            },
          },
          headers: {
            quantity: 1, # required
            items: ["string"],
          },
          query_string_cache_keys: {
            quantity: 1, # required
            items: ["string"],
          },
        },
        min_ttl: 1,
        default_ttl: 1,
        max_ttl: 1,
      },
    ],
  },
  custom_error_responses: {
    quantity: 1, # required
    items: [
      {
        error_code: 1, # required
        response_page_path: "string",
        response_code: "string",
        error_caching_min_ttl: 1,
      },
    ],
  },
  comment: "CommentType", # required
  logging: {
    enabled: false, # required
    include_cookies: false, # required
    bucket: "string", # required
    prefix: "string", # required
  },
  price_class: "PriceClass_100", # accepts PriceClass_100, PriceClass_200, PriceClass_All
  enabled: false, # required
  viewer_certificate: {
    cloud_front_default_certificate: false,
    iam_certificate_id: "string",
    acm_certificate_arn: "string",
    ssl_support_method: "sni-only", # accepts sni-only, vip, static-ip
    minimum_protocol_version: "SSLv3", # accepts SSLv3, TLSv1, TLSv1_2016, TLSv1.1_2016, TLSv1.2_2018, TLSv1.2_2019, TLSv1.2_2021
    certificate: "string",
    certificate_source: "cloudfront", # accepts cloudfront, iam, acm
  },
  restrictions: {
    geo_restriction: { # required
      restriction_type: "blacklist", # required, accepts blacklist, whitelist, none
      quantity: 1, # required
      items: ["string"],
    },
  },
  web_acl_id: "string",
  http_version: "http1.1", # accepts http1.1, http2
  is_ipv6_enabled: false,
}

A distribution configuration.

See Also:

• AWS API Documentation

Constant Summary

SENSITIVE =

[:comment]

Instance Attribute Summary

• #aliases ⇒ Types::Aliases

  A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.

• #cache_behaviors ⇒ Types::CacheBehaviors

  A complex type that contains zero or more ‘CacheBehavior` elements.

• #caller_reference ⇒ String

  A unique value (for example, a date-time stamp) that ensures that the request can’t be replayed.

• #comment ⇒ String

  An optional comment to describe the distribution.

• #custom_error_responses ⇒ Types::CustomErrorResponses

  A complex type that controls the following:.

• #default_cache_behavior ⇒ Types::DefaultCacheBehavior

  A complex type that describes the default cache behavior if you don’t specify a ‘CacheBehavior` element or if files don’t match any of the values of ‘PathPattern` in `CacheBehavior` elements.

• #default_root_object ⇒ String

  The object that you want CloudFront to request from your origin (for example, ‘index.html`) when a viewer requests the root URL for your distribution (`www.example.com`) instead of an object in your distribution (`www.example.com/product-description.html`).

• #enabled ⇒ Boolean

  From this field, you can enable or disable the selected distribution.

• #http_version ⇒ String

  (Optional) Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront.

• #is_ipv6_enabled ⇒ Boolean

  If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify ‘true`.

• #logging ⇒ Types::LoggingConfig

  A complex type that controls whether access logs are written for the distribution.

• #origin_groups ⇒ Types::OriginGroups

  A complex type that contains information about origin groups for this distribution.

• #origins ⇒ Types::Origins

  A complex type that contains information about origins for this distribution.

• #price_class ⇒ String

  The price class that corresponds with the maximum price that you want to pay for CloudFront service.

• #restrictions ⇒ Types::Restrictions

  A complex type that identifies ways in which you want to restrict distribution of your content.

• #viewer_certificate ⇒ Types::ViewerCertificate

  A complex type that determines the distribution’s SSL/TLS configuration for communicating with viewers.

• #web_acl_id ⇒ String

  A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution.

Instance Attribute Details

#aliases ⇒ Types::Aliases

A complex type that contains information about CNAMEs (alternate domain names), if any, for this distribution.

Returns:

• (Types::Aliases)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#cache_behaviors ⇒ Types::CacheBehaviors

A complex type that contains zero or more ‘CacheBehavior` elements.

Returns:

• (Types::CacheBehaviors)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#caller_reference ⇒ String

A unique value (for example, a date-time stamp) that ensures that the request can’t be replayed.

If the value of ‘CallerReference` is new (regardless of the content of the `DistributionConfig` object), CloudFront creates a new distribution.

If ‘CallerReference` is a value that you already sent in a previous request to create a distribution, CloudFront returns a `DistributionAlreadyExists` error.

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#comment ⇒ String

An optional comment to describe the distribution. The comment cannot be longer than 128 characters.

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#custom_error_responses ⇒ Types::CustomErrorResponses

A complex type that controls the following:

• Whether CloudFront replaces HTTP status codes in the 4xx and 5xx range with custom error messages before returning the response to the viewer.

• How long CloudFront caches HTTP status codes in the 4xx and 5xx range.

For more information about custom error pages, see [Customizing Error Responses] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-error-pages.html

Returns:

• (Types::CustomErrorResponses)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#default_cache_behavior ⇒ Types::DefaultCacheBehavior

A complex type that describes the default cache behavior if you don’t specify a ‘CacheBehavior` element or if files don’t match any of the values of ‘PathPattern` in `CacheBehavior` elements. You must create exactly one default cache behavior.

Returns:

• (Types::DefaultCacheBehavior)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#default_root_object ⇒ String

The object that you want CloudFront to request from your origin (for example, ‘index.html`) when a viewer requests the root URL for your distribution (`www.example.com`) instead of an object in your distribution (`www.example.com/product-description.html`). Specifying a default root object avoids exposing the contents of your distribution.

Specify only the object name, for example, ‘index.html`. Don’t add a ‘/` before the object name.

If you don’t want to specify a default root object when you create a distribution, include an empty ‘DefaultRootObject` element.

To delete the default root object from an existing distribution, update the distribution configuration and include an empty ‘DefaultRootObject` element.

To replace the default root object, update the distribution configuration and specify the new object.

For more information about the default root object, see [Creating a Default Root Object] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/DefaultRootObject.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#enabled ⇒ Boolean

From this field, you can enable or disable the selected distribution.

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#http_version ⇒ String

(Optional) Specify the maximum HTTP version that you want viewers to use to communicate with CloudFront. The default value for new web distributions is http2. Viewers that don’t support HTTP/2 automatically use an earlier HTTP version.

For viewers and CloudFront to use HTTP/2, viewers must support TLS 1.2 or later, and must support Server Name Identification (SNI).

In general, configuring CloudFront to communicate with viewers using HTTP/2 reduces latency. You can improve performance by optimizing for HTTP/2. For more information, do an Internet search for “http/2 optimization.”

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#is_ipv6_enabled ⇒ Boolean

If you want CloudFront to respond to IPv6 DNS requests with an IPv6 address for your distribution, specify ‘true`. If you specify `false`, CloudFront responds to IPv6 DNS requests with the DNS response code `NOERROR` and with no IP addresses. This allows viewers to submit a second request, for an IPv4 address for your distribution.

In general, you should enable IPv6 if you have users on IPv6 networks who want to access your content. However, if you’re using signed URLs or signed cookies to restrict access to your content, and if you’re using a custom policy that includes the ‘IpAddress` parameter to restrict the IP addresses that can access your content, don’t enable IPv6. If you want to restrict access to some content by IP address and not restrict access to other content (or restrict access but not by IP address), you can create two distributions. For more information, see [Creating a Signed URL Using a Custom Policy] in the *Amazon CloudFront Developer Guide*.

If you’re using an Amazon Route 53 alias resource record set to route traffic to your CloudFront distribution, you need to create a second alias resource record set when both of the following are true:

• You enable IPv6 for the distribution

• You’re using alternate domain names in the URLs for your objects

For more information, see [Routing Traffic to an Amazon CloudFront Web Distribution by Using Your Domain Name] in the *Amazon Route 53 Developer Guide*.

If you created a CNAME resource record set, either with Amazon Route 53 or with another DNS service, you don’t need to make any changes. A CNAME record will route traffic to your distribution regardless of the IP address format of the viewer request.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-creating-signed-url-custom-policy.html [2]: docs.aws.amazon.com/Route53/latest/DeveloperGuide/routing-to-cloudfront-distribution.html

Returns:

• (Boolean)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#logging ⇒ Types::LoggingConfig

A complex type that controls whether access logs are written for the distribution.

For more information about logging, see [Access Logs] in the *Amazon CloudFront Developer Guide*.

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/AccessLogs.html

Returns:

• (Types::LoggingConfig)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#origin_groups ⇒ Types::OriginGroups

A complex type that contains information about origin groups for this distribution.

Returns:

• (Types::OriginGroups)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#origins ⇒ Types::Origins

A complex type that contains information about origins for this distribution.

Returns:

• (Types::Origins)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#price_class ⇒ String

The price class that corresponds with the maximum price that you want to pay for CloudFront service. If you specify ‘PriceClass_All`, CloudFront responds to requests for your objects from all CloudFront edge locations.

If you specify a price class other than ‘PriceClass_All`, CloudFront serves your objects from the CloudFront edge location that has the lowest latency among the edge locations in your price class. Viewers who are in or near regions that are excluded from your specified price class may encounter slower performance.

For more information about price classes, see [Choosing the Price Class for a CloudFront Distribution] in the *Amazon CloudFront Developer Guide*. For information about CloudFront pricing, including how price classes (such as Price Class 100) map to CloudFront regions, see [Amazon CloudFront Pricing].

[1]: docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PriceClass.html [2]: aws.amazon.com/cloudfront/pricing/

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#restrictions ⇒ Types::Restrictions

A complex type that identifies ways in which you want to restrict distribution of your content.

Returns:

• (Types::Restrictions)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#viewer_certificate ⇒ Types::ViewerCertificate

A complex type that determines the distribution’s SSL/TLS configuration for communicating with viewers.

Returns:

• (Types::ViewerCertificate)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end

#web_acl_id ⇒ String

A unique identifier that specifies the AWS WAF web ACL, if any, to associate with this distribution. To specify a web ACL created using the latest version of AWS WAF, use the ACL ARN, for example ‘arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a`. To specify a web ACL created using AWS WAF Classic, use the ACL ID, for example `473e64fd-f30b-4765-81a0-62ad96dd167a`.

AWS WAF is a web application firewall that lets you monitor the HTTP and HTTPS requests that are forwarded to CloudFront, and lets you control access to your content. Based on conditions that you specify, such as the IP addresses that requests originate from or the values of query strings, CloudFront responds to requests either with the requested content or with an HTTP 403 status code (Forbidden). You can also configure CloudFront to return a custom error page when a request is blocked. For more information about AWS WAF, see the [AWS WAF Developer Guide].

[1]: docs.aws.amazon.com/waf/latest/developerguide/what-is-aws-waf.html

Returns:

• (String)

# File 'lib/aws-sdk-cloudfront/types.rb', line 4741

class DistributionConfig < Struct.new(
  :caller_reference,
  :aliases,
  :default_root_object,
  :origins,
  :origin_groups,
  :default_cache_behavior,
  :cache_behaviors,
  :custom_error_responses,
  :comment,
  :logging,
  :price_class,
  :enabled,
  :viewer_certificate,
  :restrictions,
  :web_acl_id,
  :http_version,
  :is_ipv6_enabled)
  SENSITIVE = [:comment]
  include Aws::Structure
end