libZSservicesZSamazonka-cloudfrontZSamazonka-cloudfront
Copyright(c) 2013-2021 Brendan Hay
LicenseMozilla Public License, v. 2.0.
MaintainerBrendan Hay <brendan.g.hay+amazonka@gmail.com>
Stabilityauto-generated
Portabilitynon-portable (GHC extensions)
Safe HaskellNone

Amazonka.CloudFront.Types.CacheBehavior

Description

 
Synopsis

Documentation

data CacheBehavior Source #

A complex type that describes how CloudFront processes requests.

You must create at least as many cache behaviors (including the default cache behavior) as you have origins if you want CloudFront to serve objects from all of the origins. Each cache behavior specifies the one origin from which you want CloudFront to get objects. If you have two origins and only the default cache behavior, the default cache behavior will cause CloudFront to get objects from one of the origins, but the other origin is never used.

For the current quota (formerly known as limit) on the number of cache behaviors that you can add to a distribution, see Quotas in the Amazon CloudFront Developer Guide.

If you don’t want to specify any cache behaviors, include only an empty CacheBehaviors element. Don’t include an empty CacheBehavior element because this is invalid.

To delete all cache behaviors in an existing distribution, update the distribution configuration and include only an empty CacheBehaviors element.

To add, change, or remove one or more cache behaviors, update the distribution configuration and specify all of the cache behaviors that you want to include in the updated distribution.

For more information about cache behaviors, see Cache Behavior Settings in the Amazon CloudFront Developer Guide.

See: newCacheBehavior smart constructor.

Constructors

CacheBehavior' 

Fields

  • allowedMethods :: Maybe AllowedMethods
     
  • lambdaFunctionAssociations :: Maybe LambdaFunctionAssociations

    A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.

  • maxTTL :: Maybe Integer

    This field is deprecated. We recommend that you use the MaxTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

    The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

  • minTTL :: Maybe Integer

    This field is deprecated. We recommend that you use the MinTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

    The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

    You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin (under Headers, if you specify 1 for Quantity and * for Name).

  • compress :: Maybe Bool

    Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see Serving Compressed Files in the Amazon CloudFront Developer Guide.

  • smoothStreaming :: Maybe Bool

    Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify true; if not, specify false. If you specify true for SmoothStreaming, you can still distribute other content using this cache behavior if the content matches the value of PathPattern.

  • trustedKeyGroups :: Maybe TrustedKeyGroups

    A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

    When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide.

  • realtimeLogConfigArn :: Maybe Text

    The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.

  • defaultTTL :: Maybe Integer

    This field is deprecated. We recommend that you use the DefaultTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

    The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

  • forwardedValues :: Maybe ForwardedValues

    This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see Working with policies in the Amazon CloudFront Developer Guide.

    If you want to include values in the cache key, use a cache policy. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

    If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide.

    A CacheBehavior must include either a CachePolicyId or ForwardedValues. We recommend that you use a CachePolicyId.

    A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

  • trustedSigners :: Maybe TrustedSigners

    We recommend using TrustedKeyGroups instead of TrustedSigners.

    A list of account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.

    When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer’s account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide.

  • functionAssociations :: Maybe FunctionAssociations

    A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the LIVE stage to associate them with a cache behavior.

  • originRequestPolicyId :: Maybe Text

    The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide.

  • fieldLevelEncryptionId :: Maybe Text

    The value of ID for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.

  • cachePolicyId :: Maybe Text

    The unique identifier of the cache policy that is attached to this cache behavior. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

    A CacheBehavior must include either a CachePolicyId or ForwardedValues. We recommend that you use a CachePolicyId.

  • pathPattern :: Text

    The pattern (for example, images/*.jpg) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.

    You can optionally include a slash (/) at the beginning of the path pattern. For example, /images/*.jpg. CloudFront behavior is the same with or without the leading /.

    The path pattern for the default cache behavior is * and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.

    For more information, see Path Pattern in the Amazon CloudFront Developer Guide.

  • targetOriginId :: Text

    The value of ID for the origin that you want CloudFront to route requests to when they match this cache behavior.

  • viewerProtocolPolicy :: ViewerProtocolPolicy

    The protocol that viewers can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. You can specify the following options:

    • allow-all: Viewers can use HTTP or HTTPS.
    • redirect-to-https: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.
    • https-only: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).

    For more information about requiring the HTTPS protocol, see Requiring HTTPS Between Viewers and CloudFront in the Amazon CloudFront Developer Guide.

    The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects’ cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see Managing Cache Expiration in the Amazon CloudFront Developer Guide.

Instances

Instances details
Eq CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

Read CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

Show CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

Generic CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

Associated Types

type Rep CacheBehavior :: Type -> Type #

NFData CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

Methods

rnf :: CacheBehavior -> () #

Hashable CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

FromXML CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

ToXML CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

Methods

toXML :: CacheBehavior -> XML #

type Rep CacheBehavior Source # 
Instance details

Defined in Amazonka.CloudFront.Types.CacheBehavior

type Rep CacheBehavior = D1 ('MetaData "CacheBehavior" "Amazonka.CloudFront.Types.CacheBehavior" "libZSservicesZSamazonka-cloudfrontZSamazonka-cloudfront" 'False) (C1 ('MetaCons "CacheBehavior'" 'PrefixI 'True) ((((S1 ('MetaSel ('Just "allowedMethods") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe AllowedMethods)) :*: S1 ('MetaSel ('Just "lambdaFunctionAssociations") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe LambdaFunctionAssociations))) :*: (S1 ('MetaSel ('Just "maxTTL") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Integer)) :*: S1 ('MetaSel ('Just "minTTL") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Integer)))) :*: ((S1 ('MetaSel ('Just "compress") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool)) :*: S1 ('MetaSel ('Just "smoothStreaming") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Bool))) :*: (S1 ('MetaSel ('Just "trustedKeyGroups") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe TrustedKeyGroups)) :*: (S1 ('MetaSel ('Just "realtimeLogConfigArn") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "defaultTTL") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Integer)))))) :*: (((S1 ('MetaSel ('Just "forwardedValues") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe ForwardedValues)) :*: S1 ('MetaSel ('Just "trustedSigners") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe TrustedSigners))) :*: (S1 ('MetaSel ('Just "functionAssociations") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe FunctionAssociations)) :*: S1 ('MetaSel ('Just "originRequestPolicyId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)))) :*: ((S1 ('MetaSel ('Just "fieldLevelEncryptionId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text)) :*: S1 ('MetaSel ('Just "cachePolicyId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 (Maybe Text))) :*: (S1 ('MetaSel ('Just "pathPattern") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: (S1 ('MetaSel ('Just "targetOriginId") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 Text) :*: S1 ('MetaSel ('Just "viewerProtocolPolicy") 'NoSourceUnpackedness 'NoSourceStrictness 'DecidedStrict) (Rec0 ViewerProtocolPolicy)))))))

newCacheBehavior Source #

Create a value of CacheBehavior with all optional fields omitted.

Use generic-lens or optics to modify other optional fields.

The following record fields are available, with the corresponding lenses provided for backwards compatibility:

$sel:allowedMethods:CacheBehavior', cacheBehavior_allowedMethods - Undocumented member.

$sel:lambdaFunctionAssociations:CacheBehavior', cacheBehavior_lambdaFunctionAssociations - A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.

$sel:maxTTL:CacheBehavior', cacheBehavior_maxTTL - This field is deprecated. We recommend that you use the MaxTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

$sel:minTTL:CacheBehavior', cacheBehavior_minTTL - This field is deprecated. We recommend that you use the MinTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin (under Headers, if you specify 1 for Quantity and * for Name).

$sel:compress:CacheBehavior', cacheBehavior_compress - Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see Serving Compressed Files in the Amazon CloudFront Developer Guide.

$sel:smoothStreaming:CacheBehavior', cacheBehavior_smoothStreaming - Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify true; if not, specify false. If you specify true for SmoothStreaming, you can still distribute other content using this cache behavior if the content matches the value of PathPattern.

$sel:trustedKeyGroups:CacheBehavior', cacheBehavior_trustedKeyGroups - A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide.

$sel:realtimeLogConfigArn:CacheBehavior', cacheBehavior_realtimeLogConfigArn - The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.

$sel:defaultTTL:CacheBehavior', cacheBehavior_defaultTTL - This field is deprecated. We recommend that you use the DefaultTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

$sel:forwardedValues:CacheBehavior', cacheBehavior_forwardedValues - This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see Working with policies in the Amazon CloudFront Developer Guide.

If you want to include values in the cache key, use a cache policy. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide.

A CacheBehavior must include either a CachePolicyId or ForwardedValues. We recommend that you use a CachePolicyId.

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

$sel:trustedSigners:CacheBehavior', cacheBehavior_trustedSigners - We recommend using TrustedKeyGroups instead of TrustedSigners.

A list of account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer’s account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide.

$sel:functionAssociations:CacheBehavior', cacheBehavior_functionAssociations - A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the LIVE stage to associate them with a cache behavior.

$sel:originRequestPolicyId:CacheBehavior', cacheBehavior_originRequestPolicyId - The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide.

$sel:fieldLevelEncryptionId:CacheBehavior', cacheBehavior_fieldLevelEncryptionId - The value of ID for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.

$sel:cachePolicyId:CacheBehavior', cacheBehavior_cachePolicyId - The unique identifier of the cache policy that is attached to this cache behavior. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

A CacheBehavior must include either a CachePolicyId or ForwardedValues. We recommend that you use a CachePolicyId.

$sel:pathPattern:CacheBehavior', cacheBehavior_pathPattern - The pattern (for example, images/*.jpg) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.

You can optionally include a slash (/) at the beginning of the path pattern. For example, /images/*.jpg. CloudFront behavior is the same with or without the leading /.

The path pattern for the default cache behavior is * and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.

For more information, see Path Pattern in the Amazon CloudFront Developer Guide.

$sel:targetOriginId:CacheBehavior', cacheBehavior_targetOriginId - The value of ID for the origin that you want CloudFront to route requests to when they match this cache behavior.

$sel:viewerProtocolPolicy:CacheBehavior', cacheBehavior_viewerProtocolPolicy - The protocol that viewers can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. You can specify the following options:

  • allow-all: Viewers can use HTTP or HTTPS.
  • redirect-to-https: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.
  • https-only: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).

For more information about requiring the HTTPS protocol, see Requiring HTTPS Between Viewers and CloudFront in the Amazon CloudFront Developer Guide.

The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects’ cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see Managing Cache Expiration in the Amazon CloudFront Developer Guide.

cacheBehavior_lambdaFunctionAssociations :: Lens' CacheBehavior (Maybe LambdaFunctionAssociations) Source #

A complex type that contains zero or more Lambda@Edge function associations for a cache behavior.

cacheBehavior_maxTTL :: Lens' CacheBehavior (Maybe Integer) Source #

This field is deprecated. We recommend that you use the MaxTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

The maximum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

cacheBehavior_minTTL :: Lens' CacheBehavior (Maybe Integer) Source #

This field is deprecated. We recommend that you use the MinTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

You must specify 0 for MinTTL if you configure CloudFront to forward all headers to your origin (under Headers, if you specify 1 for Quantity and * for Name).

cacheBehavior_compress :: Lens' CacheBehavior (Maybe Bool) Source #

Whether you want CloudFront to automatically compress certain files for this cache behavior. If so, specify true; if not, specify false. For more information, see Serving Compressed Files in the Amazon CloudFront Developer Guide.

cacheBehavior_smoothStreaming :: Lens' CacheBehavior (Maybe Bool) Source #

Indicates whether you want to distribute media files in the Microsoft Smooth Streaming format using the origin that is associated with this cache behavior. If so, specify true; if not, specify false. If you specify true for SmoothStreaming, you can still distribute other content using this cache behavior if the content matches the value of PathPattern.

cacheBehavior_trustedKeyGroups :: Lens' CacheBehavior (Maybe TrustedKeyGroups) Source #

A list of key groups that CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted key groups, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with a private key whose corresponding public key is in the key group. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide.

cacheBehavior_realtimeLogConfigArn :: Lens' CacheBehavior (Maybe Text) Source #

The Amazon Resource Name (ARN) of the real-time log configuration that is attached to this cache behavior. For more information, see Real-time logs in the Amazon CloudFront Developer Guide.

cacheBehavior_defaultTTL :: Lens' CacheBehavior (Maybe Integer) Source #

This field is deprecated. We recommend that you use the DefaultTTL field in a cache policy instead of this field. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

The default amount of time that you want objects to stay in CloudFront caches before CloudFront forwards another request to your origin to determine whether the object has been updated. The value that you specify applies only when your origin does not add HTTP headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires to objects. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide.

cacheBehavior_forwardedValues :: Lens' CacheBehavior (Maybe ForwardedValues) Source #

This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field. For more information, see Working with policies in the Amazon CloudFront Developer Guide.

If you want to include values in the cache key, use a cache policy. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

If you want to send values to the origin but not include them in the cache key, use an origin request policy. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide.

A CacheBehavior must include either a CachePolicyId or ForwardedValues. We recommend that you use a CachePolicyId.

A complex type that specifies how CloudFront handles query strings, cookies, and HTTP headers.

cacheBehavior_trustedSigners :: Lens' CacheBehavior (Maybe TrustedSigners) Source #

We recommend using TrustedKeyGroups instead of TrustedSigners.

A list of account IDs whose public keys CloudFront can use to validate signed URLs or signed cookies.

When a cache behavior contains trusted signers, CloudFront requires signed URLs or signed cookies for all requests that match the cache behavior. The URLs or cookies must be signed with the private key of a CloudFront key pair in the trusted signer’s account. The signed URL or cookie contains information about which public key CloudFront should use to verify the signature. For more information, see Serving private content in the Amazon CloudFront Developer Guide.

cacheBehavior_functionAssociations :: Lens' CacheBehavior (Maybe FunctionAssociations) Source #

A list of CloudFront functions that are associated with this cache behavior. CloudFront functions must be published to the LIVE stage to associate them with a cache behavior.

cacheBehavior_originRequestPolicyId :: Lens' CacheBehavior (Maybe Text) Source #

The unique identifier of the origin request policy that is attached to this cache behavior. For more information, see Creating origin request policies or Using the managed origin request policies in the Amazon CloudFront Developer Guide.

cacheBehavior_fieldLevelEncryptionId :: Lens' CacheBehavior (Maybe Text) Source #

The value of ID for the field-level encryption configuration that you want CloudFront to use for encrypting specific fields of data for this cache behavior.

cacheBehavior_cachePolicyId :: Lens' CacheBehavior (Maybe Text) Source #

The unique identifier of the cache policy that is attached to this cache behavior. For more information, see Creating cache policies or Using the managed cache policies in the Amazon CloudFront Developer Guide.

A CacheBehavior must include either a CachePolicyId or ForwardedValues. We recommend that you use a CachePolicyId.

cacheBehavior_pathPattern :: Lens' CacheBehavior Text Source #

The pattern (for example, images/*.jpg) that specifies which requests to apply the behavior to. When CloudFront receives a viewer request, the requested path is compared with path patterns in the order in which cache behaviors are listed in the distribution.

You can optionally include a slash (/) at the beginning of the path pattern. For example, /images/*.jpg. CloudFront behavior is the same with or without the leading /.

The path pattern for the default cache behavior is * and cannot be changed. If the request for an object does not match the path pattern for any cache behaviors, CloudFront applies the behavior in the default cache behavior.

For more information, see Path Pattern in the Amazon CloudFront Developer Guide.

cacheBehavior_targetOriginId :: Lens' CacheBehavior Text Source #

The value of ID for the origin that you want CloudFront to route requests to when they match this cache behavior.

cacheBehavior_viewerProtocolPolicy :: Lens' CacheBehavior ViewerProtocolPolicy Source #

The protocol that viewers can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. You can specify the following options:

  • allow-all: Viewers can use HTTP or HTTPS.
  • redirect-to-https: If a viewer submits an HTTP request, CloudFront returns an HTTP status code of 301 (Moved Permanently) to the viewer along with the HTTPS URL. The viewer then resubmits the request using the new URL.
  • https-only: If a viewer sends an HTTP request, CloudFront returns an HTTP status code of 403 (Forbidden).

For more information about requiring the HTTPS protocol, see Requiring HTTPS Between Viewers and CloudFront in the Amazon CloudFront Developer Guide.

The only way to guarantee that viewers retrieve an object that was fetched from the origin using HTTPS is never to use any other protocol to fetch the object. If you have recently changed from HTTP to HTTPS, we recommend that you clear your objects’ cache because cached objects are protocol agnostic. That means that an edge location will return an object from the cache regardless of whether the current request protocol matches the protocol used previously. For more information, see Managing Cache Expiration in the Amazon CloudFront Developer Guide.