Package-level declarations
Types
Access denied.
A list of key groups, and the public keys in each key group, that CloudFront can use to verify the signatures of signed URLs and signed cookies.
A list of Amazon Web Services accounts and the active CloudFront key pairs in each account that CloudFront can use to verify the signatures of signed URLs and signed cookies.
Amazon Web Services services in China customers must file for an Internet Content Provider (ICP) recordal if they want to serve content publicly on an alternate domain name, also known as a CNAME, that they've added to CloudFront. AliasICPRecordal provides the ICP recordal status for CNAMEs associated with distributions. The status is returned in the CloudFront response; you can't configure it yourself.
A complex type that controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin. There are three choices:
An Anycast static IP list. For more information, see Request Anycast static IPs to use for allowlisting in the Amazon CloudFront Developer Guide.
The Anycast static IP list collection.
An abbreviated version of the AnycastIpList structure. Omits the allocated static IP addresses (AnycastIpList$AnycastIps).
Invalidation batch specified is too large.
A complex type that describes how CloudFront processes requests.
A complex type that contains zero or more CacheBehavior elements.
A complex type that controls whether CloudFront caches the response to requests using the specified HTTP methods. There are two choices:
A cache policy.
A cache policy with this name already exists. You must provide a unique name. To modify an existing cache policy, use UpdateCachePolicy.
A cache policy configuration.
An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.
An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.
Cannot delete the cache policy because it is attached to one or more cache behaviors.
A list of cache policies.
An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.
Contains a cache policy.
You can't change the value of a public key.
The entity cannot be deleted while it is in use.
The entity cannot be updated while it is in use.
The Certificate Manager (ACM) certificate associated with your distribution.
Base class for all service related exceptions thrown by the CloudFront client
CloudFront origin access identity.
If the CallerReference is a value you already sent in a previous request to create an identity but the content of the CloudFrontOriginAccessIdentityConfig is different from the original request, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists error.
Origin access identity configuration. Send a GET request to the /<i>CloudFront API version</i>/CloudFront/identity ID/config resource.
The Origin Access Identity specified is already in use.
Lists the origin access identities for CloudFront.Send a GET request to the /<i>CloudFront API version</i>/origin-access-identity/cloudfront resource. The response includes a CloudFrontOriginAccessIdentityList element with zero or more CloudFrontOriginAccessIdentitySummary child elements. By default, your entire list of origin access identities is returned in one single page. If the list is long, you can paginate it using the MaxItems and Marker parameters.
Summary of the information about a CloudFront origin access identity.
The CNAME specified is already defined for CloudFront.
An alias (also called a CNAME) and the CloudFront standard distribution and Amazon Web Services account ID that it's associated with. The standard distribution and account IDs are partially hidden, which allows you to identify the standard distributions and accounts that you own, and helps to protect the information of ones that you don't own.
A list of aliases (also called CNAMEs) and the CloudFront standard distributions and Amazon Web Services accounts that they are associated with. In the list, the standard distribution and account IDs are partially hidden, which allows you to identify the standard distributions and accounts that you own, but helps to protect the information of ones that you don't own.
The connection group for your distribution tenants. When you first create a distribution tenant and you don't specify a connection group, CloudFront will automatically create a default connection group for you. When you create a new distribution tenant and don't specify a connection group, the default one will be associated with your distribution tenant.
Contains information about what CloudFront resources your connection groups are associated with.
A summary that contains details about your connection groups.
A field-level encryption content type profile.
The configuration for a field-level encryption content type-profile mapping.
Field-level encryption content type-profile.
A continuous deployment policy.
A continuous deployment policy with this configuration already exists.
Contains the configuration for a continuous deployment policy.
You cannot delete a continuous deployment policy that is associated with a primary distribution.
Contains a list of continuous deployment policies.
A summary of the information about your continuous deployment policies.
This configuration determines which HTTP requests are sent to the staging distribution. If the HTTP request contains a header and value that matches what you specify here, the request is sent to the staging distribution. Otherwise the request is sent to the primary distribution.
Contains the percentage of traffic to send to a staging distribution.
Contains a list of cookie names.
This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.
The request to create a new origin access identity (OAI). An origin access identity is a special CloudFront user that you can associate with Amazon S3 origins, so that you can secure all or just some of your Amazon S3 content. For more information, see Restricting Access to Amazon S3 Content by Using an Origin Access Identity in the Amazon CloudFront Developer Guide.
The returned result of the corresponding request.
The request to create a new distribution.
The returned result of the corresponding request.
The request to create a new distribution with tags.
The returned result of the corresponding request.
The request to create an invalidation.
The returned result of the corresponding request.
The request to create a new streaming distribution.
The returned result of the corresponding request.
The request to create a new streaming distribution with tags.
The returned result of the corresponding request.
A complex type that controls:
A complex type that controls:
A complex type that contains the list of Custom Headers for each origin.
Customizations for the distribution tenant. For each distribution tenant, you can specify the geographic restrictions, and the Amazon Resource Names (ARNs) for the ACM certificate and WAF web ACL. These are specific values that you can override or disable from the multi-tenant distribution that was used to create the distribution tenant.
A custom origin. A custom origin is any origin that is not an Amazon S3 bucket, with one exception. An Amazon S3 bucket that is configured with static website hostingis a custom origin.
A complex type that describes the default cache behavior if you don't specify a CacheBehavior element or if request URLs don't match any of the values of PathPattern in CacheBehavior elements. You must create exactly one default cache behavior.
Deletes a origin access identity.
This action deletes a web distribution. To delete a web distribution using the CloudFront API, perform the following steps.
The request to delete a streaming distribution.
A distribution tells CloudFront where you want content to be delivered from, and the details about how to track and manage content delivery.
The caller reference you attempted to create the distribution with is associated with another distribution.
A distribution configuration.
A distribution Configuration and a list of tags to be associated with the distribution.
A list of distribution IDs.
A distribution list.
The specified CloudFront distribution is not disabled. You must disable the distribution before you can delete it.
The IDs for the distribution resources.
A summary of the information about a CloudFront distribution.
The distribution tenant.
Filter by the associated distribution ID or connection group ID.
A summary of the information about a distribution tenant.
The DNS configuration for your domain names.
Contains information about the domain conflict. Use this information to determine the affected domain, the related resource, and the affected Amazon Web Services account.
The domain for the specified distribution tenant.
The details about the domain result.
Complex data type for field-level encryption profiles that includes all of the encryption entities.
Complex data type for field-level encryption profiles that includes the encryption key and field pattern specifications.
The entity already exists. You must provide a unique entity.
The entity limit has been exceeded.
The entity was not found.
The entity size limit was exceeded.
A complex data type that includes the profile configurations and other options specified for field-level encryption.
A complex data type that includes the profile configurations specified for field-level encryption.
The specified configuration for field-level encryption already exists.
The specified configuration for field-level encryption is in use.
List of field-level encryption configurations.
A complex data type for field-level encryption profiles.
The specified profile for field-level encryption already exists.
A complex data type of profiles for the field-level encryption.
The specified profile for field-level encryption is in use.
List of field-level encryption profiles.
The maximum size of a profile for field-level encryption was exceeded.
The field-level encryption profile summary.
A summary of a field-level encryption item.
A complex data type that includes the field patterns to match for field-level encryption.
This field only supports standard distributions. You can't specify this field for multi-tenant distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide.
A function with the same name already exists in this Amazon Web Services account. To create a function, you must provide a unique name. To update an existing function, use UpdateFunction.
A CloudFront function that is associated with a cache behavior in a CloudFront distribution.
A list of CloudFront functions that are associated with a cache behavior in a CloudFront distribution. Your functions must be published to the LIVE stage to associate them with a cache behavior.
Contains configuration information about a CloudFront function.
Cannot delete the function because it's attached to one or more cache behaviors.
A list of CloudFront functions.
Contains metadata about a CloudFront function.
The function is too large. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
Contains configuration information and metadata about a CloudFront function.
A complex type that controls the countries in which your content is distributed. CloudFront determines the location of your users using MaxMind GeoIP databases.
The customizations that you specified for the distribution tenant for geographic restrictions.
The origin access identity's configuration information. For more information, see CloudFrontOriginAccessIdentityConfig.
The returned result of the corresponding request.
The request to get an origin access identity's information.
The returned result of the corresponding request.
The request to get a distribution configuration.
The returned result of the corresponding request.
The request to get a distribution's information.
The returned result of the corresponding request.
The request to get an invalidation's information.
The returned result of the corresponding request.
To request to get a streaming distribution configuration.
The returned result of the corresponding request.
The request to get a streaming distribution's information.
The returned result of the corresponding request.
Amazon CloudFront supports gRPC, an open-source remote procedure call (RPC) framework built on HTTP/2. gRPC offers bi-directional streaming and binary protocol that buffers payloads, making it suitable for applications that require low latency communications.
Deletion is not allowed for this entity.
The specified configuration for field-level encryption can't be associated with the specified cache behavior.
An origin cannot contain both an origin access control (OAC) and an origin access identity (OAI).
The update contains modifications that are not allowed.
The import source for the key value store.
The value of Quantity and the size of Items don't match.
An argument is invalid.
The specified CloudFront resource can't be associated.
An invalidation.
An invalidation batch.
The InvalidationList complex type describes the list of invalidation objects. For more information about invalidation, see Invalidating Objects (Web Distributions Only) in the Amazon CloudFront Developer Guide.
A summary of an invalidation request.
The default root object file name is too big or contains an invalid character.
An origin access control is associated with an origin whose domain name is not supported.
An invalid error code was specified.
Your request contains forward cookies option which doesn't match with the expectation for the whitelisted list of cookie names. Either list of cookie names has been specified when not allowed or list of cookie names is missing when expected.
A CloudFront function association is invalid.
The specified geo restriction parameter is not valid.
The headers specified are not valid for an Amazon S3 origin.
The If-Match version is missing or not valid.
The specified Lambda@Edge function association is invalid.
The location code specified is not valid.
The minimum protocol version specified is not valid.
The Amazon S3 origin server specified does not refer to a valid Amazon S3 bucket.
The origin access control is not valid.
The origin access identity is not valid or doesn't exist.
The keep alive timeout specified for the origin is not valid.
The read timeout specified for the origin is not valid.
You cannot specify SSLv3 as the minimum protocol version if you only want to support only clients that support Server Name Indication (SNI).
The query string parameters specified are not valid.
The relative path is too big, is not URL-encoded, or does not begin with a slash (/).
This operation requires the HTTPS protocol. Ensure that you specify the HTTPS protocol in your request, or omit the RequiredProtocols element from your distribution configuration.
A response code is not valid.
The tagging specified is not valid.
The TTL order specified is not valid.
A viewer certificate specified is not valid.
A web ACL ID specified is not valid. To specify a web ACL created using the latest version of WAF, use the ACL ARN, for example arn:aws:wafv2:us-east-1:123456789012:global/webacl/ExampleWebACL/473e64fd-f30b-4765-81a0-62ad96dd167a. To specify a web ACL created using WAF Classic, use the ACL ID, for example 473e64fd-f30b-4765-81a0-62ad96dd167a.
A key group with this name already exists. You must provide a unique name. To modify an existing key group, use UpdateKeyGroup.
A key group configuration.
A list of key groups.
Contains information about a key group.
A list of CloudFront key pair identifiers.
The key value store. Use this to separate data from function code, allowing you to update data without having to publish a new version of a function. The key value store holds keys and their corresponding values.
The key value store association.
The key value store associations.
The key value store list.
A list of identifiers for the public keys that CloudFront can use to verify the signatures of signed URLs and signed cookies.
Contains information about the Amazon Kinesis data stream where you are sending real-time log data.
A complex type that contains a Lambda@Edge function association.
A complex type that specifies a list of Lambda@Edge functions associations for a cache behavior.
The request to list origin access identities.
The returned result of the corresponding request.
The request to list distributions that are associated with a specified WAF web ACL.
The response to a request to list the distributions that are associated with a specified WAF web ACL.
The request to list your distributions.
The returned result of the corresponding request.
The request to list invalidations.
The returned result of the corresponding request.
The request to list your streaming distributions.
The returned result of the corresponding request.
The request to list tags for a CloudFront resource.
The returned result of the corresponding request.
A complex type that specifies whether access logs are written for the distribution.
Contains details about the CloudFront managed ACM certificate.
An object that represents the request for the Amazon CloudFront managed ACM certificate.
This operation requires a body. Ensure that the body is present and the Content-Type header is set.
A monitoring subscription. This structure contains information about whether additional CloudWatch metrics are enabled for a given CloudFront distribution.
A monitoring subscription already exists for the specified distribution.
The cache policy does not exist.
The specified origin access identity does not exist.
The continuous deployment policy doesn't exist.
The specified distribution does not exist.
The specified configuration for field-level encryption doesn't exist.
The specified profile for field-level encryption doesn't exist.
The function does not exist.
The specified invalidation does not exist.
A monitoring subscription does not exist for the specified distribution.
No origin exists with the specified Origin Id.
The origin access control does not exist.
The origin request policy does not exist.
The specified public key doesn't exist.
The real-time log configuration does not exist.
A resource that was specified is not valid.
The response headers policy does not exist.
The specified streaming distribution does not exist.
A CloudFront origin access control, including its unique identifier.
An origin access control with the specified parameters already exists.
A CloudFront origin access control configuration.
Cannot delete the origin access control because it's in use by one or more distributions.
A list of CloudFront origin access controls.
A CloudFront origin access control.
A complex type that contains HeaderName and HeaderValue elements, if any, for this distribution.
An origin group includes two origins (a primary origin and a secondary origin to failover to) and a failover criteria that you specify. You create an origin group to support origin failover in CloudFront. When you create or update a distribution, you can specify the origin group instead of a single origin, and CloudFront will failover from the primary origin to the secondary origin under the failover conditions that you've chosen.
A complex data type that includes information about the failover criteria for an origin group, including the status codes for which CloudFront will failover from the primary origin to the second origin.
An origin in an origin group.
A complex data type for the origins included in an origin group.
A complex data type for the origin groups specified for a distribution.
An origin request policy.
An origin request policy with this name already exists. You must provide a unique name. To modify an existing origin request policy, use UpdateOriginRequestPolicy.
An origin request policy configuration.
An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in requests that CloudFront sends to the origin.
An object that determines whether any HTTP headers (and if so, which headers) are included in requests that CloudFront sends to the origin.
Cannot delete the origin request policy because it is attached to one or more cache behaviors.
A list of origin request policies.
An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in requests that CloudFront sends to the origin.
Contains an origin request policy.
CloudFront Origin Shield.
A complex type that contains information about the SSL/TLS protocols that CloudFront can use when establishing an HTTPS connection with your origin.
A list of parameter values to add to the resource. A parameter is specified as a key-value pair. A valid parameter value must exist for any parameter that is marked as required in the multi-tenant distribution.
An object that contains information about the parameter definition.
This object determines the values that CloudFront includes in the cache key. These values can include HTTP headers, cookies, and URL query strings. CloudFront uses the cache key to find an object in its cache that it can return to the viewer.
A complex type that contains information about the objects that you want to invalidate. For more information, see Specifying the Objects to Invalidate in the Amazon CloudFront Developer Guide.
The precondition in one or more of the request fields evaluated to false.
A public key that you can use with signed URLs and signed cookies, or with field-level encryption.
The specified public key already exists.
Configuration information about a public key that you can use with signed URLs and signed cookies, or with field-level encryption.
The specified public key is in use.
A list of public keys that you can use with signed URLs and signed cookies, or with field-level encryption.
Contains information about a public key.
Query argument-profile mapping for field-level encryption.
Configuration for query argument-profile mapping for field-level encryption.
No profile specified for the field-level encryption query argument.
Query argument-profile mapping for field-level encryption.
This field is deprecated. We recommend that you use a cache policy or an origin request policy instead of this field.
Contains a list of query string names.
A real-time log configuration.
A real-time log configuration with this name already exists. You must provide a unique name. To modify an existing real-time log configuration, use UpdateRealtimeLogConfig.
Cannot delete the real-time log configuration because it is attached to one or more cache behaviors.
The specified real-time log configuration belongs to a different Amazon Web Services account.
A list of real-time log configurations.
A subscription configuration for additional CloudWatch metrics.
Cannot delete this resource because it is in use.
The specified CloudFront resource hasn't been disabled yet.
A response headers policy.
A list of HTTP header names that CloudFront includes as values for the Access-Control-Allow-Headers HTTP response header.
A list of HTTP methods that CloudFront includes as values for the Access-Control-Allow-Methods HTTP response header.
A list of origins (domain names) that CloudFront can use as the value for the Access-Control-Allow-Origin HTTP response header.
A list of HTTP headers that CloudFront includes as values for the Access-Control-Expose-Headers HTTP response header.
A response headers policy with this name already exists. You must provide a unique name. To modify an existing response headers policy, use UpdateResponseHeadersPolicy.
A response headers policy configuration.
The policy directives and their values that CloudFront includes as values for the Content-Security-Policy HTTP response header.
Determines whether CloudFront includes the X-Content-Type-Options HTTP response header with its value set to nosniff.
A configuration for a set of HTTP response headers that are used for cross-origin resource sharing (CORS). CloudFront adds these headers to HTTP responses that it sends for CORS requests that match a cache behavior associated with this response headers policy.
An HTTP response header name and its value. CloudFront includes this header in HTTP responses that it sends for requests that match a cache behavior that's associated with this response headers policy.
A list of HTTP response header names and their values. CloudFront includes these headers in HTTP responses that it sends for requests that match a cache behavior that's associated with this response headers policy.
Determines whether CloudFront includes the X-Frame-Options HTTP response header and the header's value.
Cannot delete the response headers policy because it is attached to one or more cache behaviors in a CloudFront distribution.
A list of response headers policies.
Determines whether CloudFront includes the Referrer-Policy HTTP response header and the header's value.
The name of an HTTP header that CloudFront removes from HTTP responses to requests that match the cache behavior that this response headers policy is attached to.
A list of HTTP header names that CloudFront removes from HTTP responses to requests that match the cache behavior that this response headers policy is attached to.
A configuration for a set of security-related HTTP response headers. CloudFront adds these headers to HTTP responses that it sends for requests that match a cache behavior associated with this response headers policy.
A configuration for enabling the Server-Timing header in HTTP responses sent from CloudFront. CloudFront adds this header to HTTP responses that it sends in response to requests that match a cache behavior that's associated with this response headers policy.
Determines whether CloudFront includes the Strict-Transport-Security HTTP response header and the header's value.
Contains a response headers policy.
Determines whether CloudFront includes the X-XSS-Protection HTTP response header and the header's value.
A complex type that identifies ways in which you want to restrict distribution of your content.
A complex type that contains information about the Amazon S3 origin. If the origin is a custom origin or an S3 bucket that is configured as a website endpoint, use the CustomOriginConfig element instead.
Session stickiness provides the ability to define multiple requests from a single viewer as a single session. This prevents the potentially inconsistent experience of sending some of a given user's requests to your staging distribution, while others are sent to your primary distribution. Define the session duration using TTL values.
The CloudFront domain name of the staging distribution.
A continuous deployment policy for this staging distribution already exists.
A complex data type for the status codes that you specify that, when returned by a primary origin, trigger CloudFront to failover to a second origin.
A streaming distribution tells CloudFront where you want RTMP content to be delivered from, and the details about how to track and manage content delivery.
The caller reference you attempted to create the streaming distribution with is associated with another distribution
The RTMP distribution's configuration information.
A streaming distribution Configuration and a list of tags to be associated with the streaming distribution.
A streaming distribution list.
The specified CloudFront distribution is not disabled. You must disable the distribution before you can delete it.
A summary of the information for a CloudFront streaming distribution.
A complex type that controls whether access logs are written for this streaming distribution.
The configuration for a string schema.
The request to add tags to a CloudFront resource.
This field only supports multi-tenant distributions. You can't specify this field for standard distributions. For more information, see Unsupported features for SaaS Manager for Amazon CloudFront in the Amazon CloudFront Developer Guide.
The CloudFront function failed.
Contains the result of testing a CloudFront function with TestFunction.
The length of the Content-Security-Policy header value in the response headers policy exceeds the maximum.
You cannot create more cache behaviors for the distribution.
You have reached the maximum number of cache policies for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
You cannot create anymore custom SSL/TLS certificates.
Processing your request would cause you to exceed the maximum number of origin access identities allowed.
You have reached the maximum number of continuous deployment policies for this Amazon Web Services account.
Your request contains more cookie names in the whitelist than are allowed per cache behavior.
The number of cookies in the cache policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The number of cookies in the origin request policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The number of custom headers in the response headers policy exceeds the maximum.
Your request contains more CNAMEs than are allowed per distribution.
Processing your request would cause you to exceed the maximum number of distributions allowed.
The maximum number of distributions have been associated with the specified cache policy. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The maximum number of distributions have been associated with the specified configuration for field-level encryption.
The number of distributions that reference this key group is more than the maximum allowed. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The maximum number of distributions have been associated with the specified origin access control.
The maximum number of distributions have been associated with the specified origin request policy. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The maximum number of distributions have been associated with the specified response headers policy.
You have reached the maximum number of distributions that are associated with a CloudFront function. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
Processing your request would cause the maximum number of distributions with Lambda@Edge function associations per owner to be exceeded.
The maximum number of distributions have been associated with the specified Lambda@Edge function.
The maximum number of configurations for field-level encryption have been created.
The maximum number of content type profiles for field-level encryption have been created.
The maximum number of encryption entities for field-level encryption have been created.
The maximum number of field patterns for field-level encryption have been created.
The maximum number of profiles for field-level encryption have been created.
The maximum number of query arg profiles for field-level encryption have been created.
You have reached the maximum number of CloudFront function associations for this distribution. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
You have reached the maximum number of CloudFront functions for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The number of headers in the cache policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
Your request contains too many headers in forwarded values.
The number of headers in the origin request policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
You have exceeded the maximum number of allowable InProgress invalidation batch requests, or invalidation objects.
You have reached the maximum number of key groups for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The number of key groups referenced by this distribution is more than the maximum allowed. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
Your request contains more Lambda@Edge function associations than are allowed per distribution.
The number of origin access controls in your Amazon Web Services account exceeds the maximum allowed.
Your request contains too many origin custom headers.
Processing your request would cause you to exceed the maximum number of origin groups allowed.
You have reached the maximum number of origin request policies for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
You cannot create more origins for the distribution.
The maximum number of public keys for field-level encryption have been created. To create a new public key, delete one of the existing keys.
The number of public keys in this key group is more than the maximum allowed. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
Your request contains too many query string parameters.
The number of query strings in the cache policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The number of query strings in the origin request policy exceeds the maximum. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
You have reached the maximum number of real-time log configurations for this Amazon Web Services account. For more information, see Quotas (formerly known as limits) in the Amazon CloudFront Developer Guide.
The number of headers in RemoveHeadersConfig in the response headers policy exceeds the maximum.
You have reached the maximum number of response headers policies for this Amazon Web Services account.
Your request contains more CNAMEs than are allowed per distribution.
Processing your request would cause you to exceed the maximum number of streaming distributions allowed.
Your request contains more trusted signers than are allowed per distribution.
The traffic configuration of your continuous deployment.
The specified key group does not exist.
A list of key groups whose public keys CloudFront can use to verify the signatures of signed URLs and signed cookies.
One or more of your trusted signers don't exist.
A list of Amazon Web Services accounts whose public keys CloudFront can use to verify the signatures of signed URLs and signed cookies.
This operation is not supported in this Amazon Web Services Region.
The request to remove tags from a CloudFront resource.
The request to update an origin access identity.
The returned result of the corresponding request.
The request to update a distribution.
The returned result of the corresponding request.
The request to update a streaming distribution.
The returned result of the corresponding request.
Contains details about the validation token.
A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers.
An Amazon CloudFront VPC origin configuration.
An Amazon CloudFront VPC origin endpoint configuration.
A list of CloudFront VPC origins.
A summary of the CloudFront VPC origin.
The WAF web ACL customization specified for the distribution tenant.