diff --git a/Godeps/Godeps.json b/Godeps/Godeps.json
index 885d040c03a4..bc54b5ab36da 100644
--- a/Godeps/Godeps.json
+++ b/Godeps/Godeps.json
@@ -364,6 +364,11 @@
"Comment": "v1.1.14",
"Rev": "6876e9922ff299adf36e43e04c94820077968b3b"
},
+ {
+ "ImportPath": "github.com/aws/aws-sdk-go/service/cloudfront",
+ "Comment": "v1.1.14",
+ "Rev": "6876e9922ff299adf36e43e04c94820077968b3b"
+ },
{
"ImportPath": "github.com/aws/aws-sdk-go/service/cloudtrail",
"Comment": "v1.1.14",
diff --git a/builtin/providers/aws/cloudfront_distribution_configuration_structure.go b/builtin/providers/aws/cloudfront_distribution_configuration_structure.go
new file mode 100644
index 000000000000..b6d3295a7f41
--- /dev/null
+++ b/builtin/providers/aws/cloudfront_distribution_configuration_structure.go
@@ -0,0 +1,942 @@
+// CloudFront DistributionConfig structure helpers.
+//
+// These functions assist in pulling in data from Terraform resource
+// configuration for the aws_cloudfront_distribution resource, as there are
+// several sub-fields that require their own data type, and do not necessarily
+// 1-1 translate to resource configuration.
+
+package aws
+
+import (
+ "bytes"
+ "fmt"
+ "reflect"
+ "strconv"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/service/cloudfront"
+ "github.com/hashicorp/terraform/flatmap"
+ "github.com/hashicorp/terraform/helper/hashcode"
+ "github.com/hashicorp/terraform/helper/schema"
+)
+
+// Assemble the *cloudfront.DistributionConfig variable. Calls out to various
+// expander functions to convert attributes and sub-attributes to the various
+// complex structures which are necessary to properly build the
+// DistributionConfig structure.
+//
+// Used by the aws_cloudfront_distribution Create and Update functions.
+func expandDistributionConfig(d *schema.ResourceData) *cloudfront.DistributionConfig {
+ distributionConfig := &cloudfront.DistributionConfig{
+ CacheBehaviors: expandCacheBehaviors(d.Get("cache_behavior").(*schema.Set)),
+ CustomErrorResponses: expandCustomErrorResponses(d.Get("custom_error_response").(*schema.Set)),
+ DefaultCacheBehavior: expandDefaultCacheBehavior(d.Get("default_cache_behavior").(*schema.Set).List()[0].(map[string]interface{})),
+ Enabled: aws.Bool(d.Get("enabled").(bool)),
+ Origins: expandOrigins(d.Get("origin").(*schema.Set)),
+ PriceClass: aws.String(d.Get("price_class").(string)),
+ }
+ // This sets CallerReference if it's still pending computation (ie: new resource)
+ if v, ok := d.GetOk("caller_reference"); ok == false {
+ distributionConfig.CallerReference = aws.String(time.Now().Format(time.RFC3339Nano))
+ } else {
+ distributionConfig.CallerReference = aws.String(v.(string))
+ }
+ if v, ok := d.GetOk("comment"); ok {
+ distributionConfig.Comment = aws.String(v.(string))
+ } else {
+ distributionConfig.Comment = aws.String("")
+ }
+ if v, ok := d.GetOk("default_root_object"); ok {
+ distributionConfig.DefaultRootObject = aws.String(v.(string))
+ } else {
+ distributionConfig.DefaultRootObject = aws.String("")
+ }
+ if v, ok := d.GetOk("logging_config"); ok {
+ distributionConfig.Logging = expandLoggingConfig(v.(*schema.Set).List()[0].(map[string]interface{}))
+ } else {
+ distributionConfig.Logging = expandLoggingConfig(nil)
+ }
+ if v, ok := d.GetOk("aliases"); ok {
+ distributionConfig.Aliases = expandAliases(v.(*schema.Set))
+ } else {
+ distributionConfig.Aliases = expandAliases(schema.NewSet(aliasesHash, []interface{}{}))
+ }
+ if v, ok := d.GetOk("restrictions"); ok {
+ distributionConfig.Restrictions = expandRestrictions(v.(*schema.Set).List()[0].(map[string]interface{}))
+ }
+ if v, ok := d.GetOk("viewer_certificate"); ok {
+ distributionConfig.ViewerCertificate = expandViewerCertificate(v.(*schema.Set).List()[0].(map[string]interface{}))
+ }
+ if v, ok := d.GetOk("web_acl_id"); ok {
+ distributionConfig.WebACLId = aws.String(v.(string))
+ } else {
+ distributionConfig.WebACLId = aws.String("")
+ }
+ return distributionConfig
+}
+
+// Unpack the *cloudfront.DistributionConfig variable and set resource data.
+// Calls out to flatten functions to convert the DistributionConfig
+// sub-structures to their respective attributes in the
+// aws_cloudfront_distribution resource.
+//
+// Used by the aws_cloudfront_distribution Read function.
+func flattenDistributionConfig(d *schema.ResourceData, distributionConfig *cloudfront.DistributionConfig) {
+ d.Set("origins", flattenOrigins(distributionConfig.Origins))
+ d.Set("enabled", *distributionConfig.Enabled)
+ d.Set("default_cache_behavior", flattenDefaultCacheBehavior(distributionConfig.DefaultCacheBehavior))
+ d.Set("viewer_certificate", flattenViewerCertificate(distributionConfig.ViewerCertificate))
+ d.Set("price_class", *distributionConfig.PriceClass)
+
+ if distributionConfig.CallerReference != nil {
+ d.Set("caller_reference", *distributionConfig.CallerReference)
+ }
+ if distributionConfig.Comment != nil {
+ if *distributionConfig.Comment != "" {
+ d.Set("comment", *distributionConfig.Comment)
+ }
+ }
+ if distributionConfig.DefaultRootObject != nil {
+ d.Set("default_root_object", *distributionConfig.DefaultRootObject)
+ }
+ if distributionConfig.CustomErrorResponses != nil {
+ d.Set("custom_error_response", flattenCustomErrorResponses(distributionConfig.CustomErrorResponses))
+ }
+ if distributionConfig.CacheBehaviors != nil {
+ d.Set("cache_behavior", flattenCacheBehaviors(distributionConfig.CacheBehaviors))
+ }
+ if distributionConfig.Logging != nil && *distributionConfig.Logging.Enabled {
+ d.Set("logging_config", flattenLoggingConfig(distributionConfig.Logging))
+ }
+ if distributionConfig.Aliases != nil {
+ d.Set("aliases", flattenAliases(distributionConfig.Aliases))
+ }
+ if distributionConfig.Restrictions != nil {
+ d.Set("restrictions", flattenRestrictions(distributionConfig.Restrictions))
+ }
+ if distributionConfig.WebACLId != nil {
+ d.Set("web_acl_id", *distributionConfig.WebACLId)
+ }
+}
+
+func expandDefaultCacheBehavior(m map[string]interface{}) *cloudfront.DefaultCacheBehavior {
+ cb := expandCacheBehavior(m)
+ var dcb cloudfront.DefaultCacheBehavior
+
+ simpleCopyStruct(cb, &dcb)
+ return &dcb
+}
+
+func flattenDefaultCacheBehavior(dcb *cloudfront.DefaultCacheBehavior) *schema.Set {
+ m := make(map[string]interface{})
+ var cb cloudfront.CacheBehavior
+
+ simpleCopyStruct(dcb, &cb)
+ m = flattenCacheBehavior(&cb)
+ return schema.NewSet(defaultCacheBehaviorHash, []interface{}{m})
+}
+
+// Assemble the hash for the aws_cloudfront_distribution default_cache_behavior
+// TypeSet attribute.
+func defaultCacheBehaviorHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%t-", m["compress"].(bool)))
+ buf.WriteString(fmt.Sprintf("%s-", m["viewer_protocol_policy"].(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["target_origin_id"].(string)))
+ buf.WriteString(fmt.Sprintf("%d-", forwardedValuesHash(m["forwarded_values"].(*schema.Set).List()[0].(map[string]interface{}))))
+ buf.WriteString(fmt.Sprintf("%d-", m["min_ttl"].(int)))
+ if d, ok := m["trusted_signers"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ if d, ok := m["max_ttl"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", d.(int)))
+ }
+ if d, ok := m["smooth_streaming"]; ok {
+ buf.WriteString(fmt.Sprintf("%t-", d.(bool)))
+ }
+ if d, ok := m["default_ttl"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", d.(int)))
+ }
+ if d, ok := m["allowed_methods"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ if d, ok := m["cached_methods"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandCacheBehaviors(s *schema.Set) *cloudfront.CacheBehaviors {
+ var qty int64
+ var items []*cloudfront.CacheBehavior
+ for _, v := range s.List() {
+ items = append(items, expandCacheBehavior(v.(map[string]interface{})))
+ qty++
+ }
+ return &cloudfront.CacheBehaviors{
+ Quantity: aws.Int64(qty),
+ Items: items,
+ }
+}
+
+func flattenCacheBehaviors(cbs *cloudfront.CacheBehaviors) *schema.Set {
+ s := []interface{}{}
+ for _, v := range cbs.Items {
+ s = append(s, flattenCacheBehavior(v))
+ }
+ return schema.NewSet(cacheBehaviorHash, s)
+}
+
+func expandCacheBehavior(m map[string]interface{}) *cloudfront.CacheBehavior {
+ cb := &cloudfront.CacheBehavior{
+ Compress: aws.Bool(m["compress"].(bool)),
+ ViewerProtocolPolicy: aws.String(m["viewer_protocol_policy"].(string)),
+ TargetOriginId: aws.String(m["target_origin_id"].(string)),
+ ForwardedValues: expandForwardedValues(m["forwarded_values"].(*schema.Set).List()[0].(map[string]interface{})),
+ MinTTL: aws.Int64(int64(m["min_ttl"].(int))),
+ MaxTTL: aws.Int64(int64(m["max_ttl"].(int))),
+ DefaultTTL: aws.Int64(int64(m["default_ttl"].(int))),
+ }
+ if v, ok := m["trusted_signers"]; ok {
+ cb.TrustedSigners = expandTrustedSigners(v.([]interface{}))
+ } else {
+ cb.TrustedSigners = expandTrustedSigners([]interface{}{})
+ }
+ if v, ok := m["smooth_streaming"]; ok {
+ cb.SmoothStreaming = aws.Bool(v.(bool))
+ }
+ if v, ok := m["allowed_methods"]; ok {
+ cb.AllowedMethods = expandAllowedMethods(v.([]interface{}))
+ }
+ if v, ok := m["cached_methods"]; ok {
+ cb.AllowedMethods.CachedMethods = expandCachedMethods(v.([]interface{}))
+ }
+ if v, ok := m["path_pattern"]; ok {
+ cb.PathPattern = aws.String(v.(string))
+ }
+ return cb
+}
+
+func flattenCacheBehavior(cb *cloudfront.CacheBehavior) map[string]interface{} {
+ m := make(map[string]interface{})
+
+ m["compress"] = *cb.Compress
+ m["viewer_protocol_policy"] = *cb.ViewerProtocolPolicy
+ m["target_origin_id"] = *cb.TargetOriginId
+ m["forwarded_values"] = schema.NewSet(forwardedValuesHash, []interface{}{flattenForwardedValues(cb.ForwardedValues)})
+ m["min_ttl"] = int(*cb.MinTTL)
+
+ if len(cb.TrustedSigners.Items) > 0 {
+ m["trusted_signers"] = flattenTrustedSigners(cb.TrustedSigners)
+ }
+ if cb.MaxTTL != nil {
+ m["max_ttl"] = int(*cb.MaxTTL)
+ }
+ if cb.SmoothStreaming != nil {
+ m["smooth_streaming"] = *cb.SmoothStreaming
+ }
+ if cb.DefaultTTL != nil {
+ m["default_ttl"] = int(*cb.DefaultTTL)
+ }
+ if cb.AllowedMethods != nil {
+ m["allowed_methods"] = flattenAllowedMethods(cb.AllowedMethods)
+ }
+ if cb.AllowedMethods.CachedMethods != nil {
+ m["cached_methods"] = flattenCachedMethods(cb.AllowedMethods.CachedMethods)
+ }
+ if cb.PathPattern != nil {
+ m["path_pattern"] = *cb.PathPattern
+ }
+ return m
+}
+
+// Assemble the hash for the aws_cloudfront_distribution cache_behavior
+// TypeSet attribute.
+func cacheBehaviorHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%t-", m["compress"].(bool)))
+ buf.WriteString(fmt.Sprintf("%s-", m["viewer_protocol_policy"].(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["target_origin_id"].(string)))
+ buf.WriteString(fmt.Sprintf("%d-", forwardedValuesHash(m["forwarded_values"].(*schema.Set).List()[0].(map[string]interface{}))))
+ buf.WriteString(fmt.Sprintf("%d-", m["min_ttl"].(int)))
+ if d, ok := m["trusted_signers"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ if d, ok := m["max_ttl"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", d.(int)))
+ }
+ if d, ok := m["smooth_streaming"]; ok {
+ buf.WriteString(fmt.Sprintf("%t-", d.(bool)))
+ }
+ if d, ok := m["default_ttl"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", d.(int)))
+ }
+ if d, ok := m["allowed_methods"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ if d, ok := m["cached_methods"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ if d, ok := m["path_pattern"]; ok {
+ buf.WriteString(fmt.Sprintf("%s-", d))
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandTrustedSigners(s []interface{}) *cloudfront.TrustedSigners {
+ var ts cloudfront.TrustedSigners
+ if len(s) > 0 {
+ ts.Quantity = aws.Int64(int64(len(s)))
+ ts.Items = expandStringList(s)
+ ts.Enabled = aws.Bool(true)
+ } else {
+ ts.Quantity = aws.Int64(0)
+ ts.Enabled = aws.Bool(false)
+ }
+ return &ts
+}
+
+func flattenTrustedSigners(ts *cloudfront.TrustedSigners) []interface{} {
+ if ts.Items != nil {
+ return flattenStringList(ts.Items)
+ }
+ return []interface{}{}
+}
+
+func expandForwardedValues(m map[string]interface{}) *cloudfront.ForwardedValues {
+ fv := &cloudfront.ForwardedValues{
+ QueryString: aws.Bool(m["query_string"].(bool)),
+ }
+ if v, ok := m["cookies"]; ok {
+ fv.Cookies = expandCookiePreference(v.(*schema.Set).List()[0].(map[string]interface{}))
+ }
+ if v, ok := m["headers"]; ok {
+ fv.Headers = expandHeaders(v.([]interface{}))
+ }
+ return fv
+}
+
+func flattenForwardedValues(fv *cloudfront.ForwardedValues) map[string]interface{} {
+ m := make(map[string]interface{})
+ m["query_string"] = *fv.QueryString
+ if fv.Cookies != nil {
+ m["cookies"] = schema.NewSet(cookiePreferenceHash, []interface{}{flattenCookiePreference(fv.Cookies)})
+ }
+ if fv.Headers != nil {
+ m["headers"] = flattenHeaders(fv.Headers)
+ }
+ return m
+}
+
+// Assemble the hash for the aws_cloudfront_distribution forwarded_values
+// TypeSet attribute.
+func forwardedValuesHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%t-", m["query_string"].(bool)))
+ if d, ok := m["cookies"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", cookiePreferenceHash(d.(*schema.Set).List()[0].(map[string]interface{}))))
+ }
+ if d, ok := m["headers"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandHeaders(d []interface{}) *cloudfront.Headers {
+ return &cloudfront.Headers{
+ Quantity: aws.Int64(int64(len(d))),
+ Items: expandStringList(d),
+ }
+}
+
+func flattenHeaders(h *cloudfront.Headers) []interface{} {
+ if h.Items != nil {
+ return flattenStringList(h.Items)
+ }
+ return []interface{}{}
+}
+
+func expandCookiePreference(m map[string]interface{}) *cloudfront.CookiePreference {
+ cp := &cloudfront.CookiePreference{
+ Forward: aws.String(m["forward"].(string)),
+ }
+ if v, ok := m["whitelisted_names"]; ok {
+ cp.WhitelistedNames = expandCookieNames(v.([]interface{}))
+ }
+ return cp
+}
+
+func flattenCookiePreference(cp *cloudfront.CookiePreference) map[string]interface{} {
+ m := make(map[string]interface{})
+ m["forward"] = *cp.Forward
+ if cp.WhitelistedNames != nil {
+ m["whitelisted_names"] = flattenCookieNames(cp.WhitelistedNames)
+ }
+ return m
+}
+
+// Assemble the hash for the aws_cloudfront_distribution cookies
+// TypeSet attribute.
+func cookiePreferenceHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%s-", m["forward"].(string)))
+ if d, ok := m["whitelisted_names"]; ok {
+ for _, e := range sortInterfaceSlice(d.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", e.(string)))
+ }
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandCookieNames(d []interface{}) *cloudfront.CookieNames {
+ return &cloudfront.CookieNames{
+ Quantity: aws.Int64(int64(len(d))),
+ Items: expandStringList(d),
+ }
+}
+
+func flattenCookieNames(cn *cloudfront.CookieNames) []interface{} {
+ if cn.Items != nil {
+ return flattenStringList(cn.Items)
+ }
+ return []interface{}{}
+}
+
+func expandAllowedMethods(s []interface{}) *cloudfront.AllowedMethods {
+ return &cloudfront.AllowedMethods{
+ Quantity: aws.Int64(int64(len(s))),
+ Items: expandStringList(s),
+ }
+}
+
+func flattenAllowedMethods(am *cloudfront.AllowedMethods) []interface{} {
+ if am.Items != nil {
+ return flattenStringList(am.Items)
+ }
+ return []interface{}{}
+}
+
+func expandCachedMethods(s []interface{}) *cloudfront.CachedMethods {
+ return &cloudfront.CachedMethods{
+ Quantity: aws.Int64(int64(len(s))),
+ Items: expandStringList(s),
+ }
+}
+
+func flattenCachedMethods(cm *cloudfront.CachedMethods) []interface{} {
+ if cm.Items != nil {
+ return flattenStringList(cm.Items)
+ }
+ return []interface{}{}
+}
+
+func expandOrigins(s *schema.Set) *cloudfront.Origins {
+ qty := 0
+ items := []*cloudfront.Origin{}
+ for _, v := range s.List() {
+ items = append(items, expandOrigin(v.(map[string]interface{})))
+ qty++
+ }
+ return &cloudfront.Origins{
+ Quantity: aws.Int64(int64(qty)),
+ Items: items,
+ }
+}
+
+func flattenOrigins(ors *cloudfront.Origins) *schema.Set {
+ s := []interface{}{}
+ for _, v := range ors.Items {
+ s = append(s, flattenOrigin(v))
+ }
+ return schema.NewSet(originHash, s)
+}
+
+func expandOrigin(m map[string]interface{}) *cloudfront.Origin {
+ origin := &cloudfront.Origin{
+ Id: aws.String(m["origin_id"].(string)),
+ DomainName: aws.String(m["domain_name"].(string)),
+ }
+ if v, ok := m["custom_header"]; ok {
+ origin.CustomHeaders = expandCustomHeaders(v.(*schema.Set))
+ }
+ if v, ok := m["custom_origin_config"]; ok {
+ if s := v.(*schema.Set).List(); len(s) > 0 {
+ origin.CustomOriginConfig = expandCustomOriginConfig(s[0].(map[string]interface{}))
+ }
+ }
+ if v, ok := m["origin_path"]; ok {
+ origin.OriginPath = aws.String(v.(string))
+ }
+ if v, ok := m["s3_origin_config"]; ok {
+ if s := v.(*schema.Set).List(); len(s) > 0 {
+ origin.S3OriginConfig = expandS3OriginConfig(s[0].(map[string]interface{}))
+ }
+ }
+ return origin
+}
+
+func flattenOrigin(or *cloudfront.Origin) map[string]interface{} {
+ m := make(map[string]interface{})
+ m["origin_id"] = *or.Id
+ m["domain_name"] = *or.DomainName
+ if or.CustomHeaders != nil {
+ m["custom_header"] = flattenCustomHeaders(or.CustomHeaders)
+ }
+ if or.CustomOriginConfig != nil {
+ m["custom_origin_config"] = schema.NewSet(customOriginConfigHash, []interface{}{flattenCustomOriginConfig(or.CustomOriginConfig)})
+ }
+ if or.OriginPath != nil {
+ m["origin_path"] = *or.OriginPath
+ }
+ if or.S3OriginConfig != nil {
+ m["s3_origin_config"] = schema.NewSet(s3OriginConfigHash, []interface{}{flattenS3OriginConfig(or.S3OriginConfig)})
+ }
+ return m
+}
+
+// Assemble the hash for the aws_cloudfront_distribution origin
+// TypeSet attribute.
+func originHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%s-", m["origin_id"].(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["domain_name"].(string)))
+ if v, ok := m["custom_header"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", customHeadersHash(v.(*schema.Set))))
+ }
+ if v, ok := m["custom_origin_config"]; ok {
+ if s := v.(*schema.Set).List(); len(s) > 0 {
+ buf.WriteString(fmt.Sprintf("%d-", customOriginConfigHash((s[0].(map[string]interface{})))))
+ }
+ }
+ if v, ok := m["origin_path"]; ok {
+ buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+ }
+ if v, ok := m["s3_origin_config"]; ok {
+ if s := v.(*schema.Set).List(); len(s) > 0 {
+ buf.WriteString(fmt.Sprintf("%d-", s3OriginConfigHash((s[0].(map[string]interface{})))))
+ }
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandCustomHeaders(s *schema.Set) *cloudfront.CustomHeaders {
+ qty := 0
+ items := []*cloudfront.OriginCustomHeader{}
+ for _, v := range s.List() {
+ items = append(items, expandOriginCustomHeader(v.(map[string]interface{})))
+ qty++
+ }
+ return &cloudfront.CustomHeaders{
+ Quantity: aws.Int64(int64(qty)),
+ Items: items,
+ }
+}
+
+func flattenCustomHeaders(chs *cloudfront.CustomHeaders) *schema.Set {
+ s := []interface{}{}
+ for _, v := range chs.Items {
+ s = append(s, flattenOriginCustomHeader(v))
+ }
+ return schema.NewSet(originCustomHeaderHash, s)
+}
+
+func expandOriginCustomHeader(m map[string]interface{}) *cloudfront.OriginCustomHeader {
+ return &cloudfront.OriginCustomHeader{
+ HeaderName: aws.String(m["name"].(string)),
+ HeaderValue: aws.String(m["value"].(string)),
+ }
+}
+
+func flattenOriginCustomHeader(och *cloudfront.OriginCustomHeader) map[string]interface{} {
+ return map[string]interface{}{
+ "name": *och.HeaderName,
+ "value": *och.HeaderValue,
+ }
+}
+
+// Helper function used by originHash to get a composite hash for all
+// aws_cloudfront_distribution custom_header attributes.
+func customHeadersHash(s *schema.Set) int {
+ var buf bytes.Buffer
+ for _, v := range s.List() {
+ buf.WriteString(fmt.Sprintf("%d-", originCustomHeaderHash(v)))
+ }
+ return hashcode.String(buf.String())
+}
+
+// Assemble the hash for the aws_cloudfront_distribution custom_header
+// TypeSet attribute.
+func originCustomHeaderHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%s-", m["name"].(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["value"].(string)))
+ return hashcode.String(buf.String())
+}
+
+func expandCustomOriginConfig(m map[string]interface{}) *cloudfront.CustomOriginConfig {
+ return &cloudfront.CustomOriginConfig{
+ OriginProtocolPolicy: aws.String(m["origin_protocol_policy"].(string)),
+ HTTPPort: aws.Int64(int64(m["http_port"].(int))),
+ HTTPSPort: aws.Int64(int64(m["https_port"].(int))),
+ OriginSslProtocols: expandCustomOriginConfigSSL(m["origin_ssl_protocols"].([]interface{})),
+ }
+}
+
+func flattenCustomOriginConfig(cor *cloudfront.CustomOriginConfig) map[string]interface{} {
+ return map[string]interface{}{
+ "origin_protocol_policy": *cor.OriginProtocolPolicy,
+ "http_port": int(*cor.HTTPPort),
+ "https_port": int(*cor.HTTPSPort),
+ "origin_ssl_protocols": flattenCustomOriginConfigSSL(cor.OriginSslProtocols),
+ }
+}
+
+// Assemble the hash for the aws_cloudfront_distribution custom_origin_config
+// TypeSet attribute.
+func customOriginConfigHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%s-", m["origin_protocol_policy"].(string)))
+ buf.WriteString(fmt.Sprintf("%d-", m["http_port"].(int)))
+ buf.WriteString(fmt.Sprintf("%d-", m["https_port"].(int)))
+ for _, v := range sortInterfaceSlice(m["origin_ssl_protocols"].([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandCustomOriginConfigSSL(s []interface{}) *cloudfront.OriginSslProtocols {
+ items := expandStringList(s)
+ return &cloudfront.OriginSslProtocols{
+ Quantity: aws.Int64(int64(len(items))),
+ Items: items,
+ }
+}
+
+func flattenCustomOriginConfigSSL(osp *cloudfront.OriginSslProtocols) []interface{} {
+ return flattenStringList(osp.Items)
+}
+
+func expandS3OriginConfig(m map[string]interface{}) *cloudfront.S3OriginConfig {
+ return &cloudfront.S3OriginConfig{
+ OriginAccessIdentity: aws.String(m["origin_access_identity"].(string)),
+ }
+}
+
+func flattenS3OriginConfig(s3o *cloudfront.S3OriginConfig) map[string]interface{} {
+ return map[string]interface{}{
+ "origin_access_identity": *s3o.OriginAccessIdentity,
+ }
+}
+
+// Assemble the hash for the aws_cloudfront_distribution s3_origin_config
+// TypeSet attribute.
+func s3OriginConfigHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%s-", m["origin_access_identity"].(string)))
+ return hashcode.String(buf.String())
+}
+
+func expandCustomErrorResponses(s *schema.Set) *cloudfront.CustomErrorResponses {
+ qty := 0
+ items := []*cloudfront.CustomErrorResponse{}
+ for _, v := range s.List() {
+ items = append(items, expandCustomErrorResponse(v.(map[string]interface{})))
+ qty++
+ }
+ return &cloudfront.CustomErrorResponses{
+ Quantity: aws.Int64(int64(qty)),
+ Items: items,
+ }
+}
+
+func flattenCustomErrorResponses(ers *cloudfront.CustomErrorResponses) *schema.Set {
+ s := []interface{}{}
+ for _, v := range ers.Items {
+ s = append(s, flattenCustomErrorResponse(v))
+ }
+ return schema.NewSet(customErrorResponseHash, s)
+}
+
+func expandCustomErrorResponse(m map[string]interface{}) *cloudfront.CustomErrorResponse {
+ er := cloudfront.CustomErrorResponse{
+ ErrorCode: aws.Int64(int64(m["error_code"].(int))),
+ }
+ if v, ok := m["error_caching_min_ttl"]; ok {
+ er.ErrorCachingMinTTL = aws.Int64(int64(v.(int)))
+ }
+ if v, ok := m["response_code"]; ok {
+ er.ResponseCode = aws.String(strconv.Itoa(v.(int)))
+ }
+ if v, ok := m["response_page_path"]; ok {
+ er.ResponsePagePath = aws.String(v.(string))
+ }
+ return &er
+}
+
+func flattenCustomErrorResponse(er *cloudfront.CustomErrorResponse) map[string]interface{} {
+ m := make(map[string]interface{})
+ m["error_code"] = int(*er.ErrorCode)
+ if er.ErrorCachingMinTTL != nil {
+ m["error_caching_min_ttl"] = int(*er.ErrorCachingMinTTL)
+ }
+ if er.ResponseCode != nil {
+ m["response_code"], _ = strconv.Atoi(*er.ResponseCode)
+ }
+ if er.ResponsePagePath != nil {
+ m["response_page_path"] = *er.ResponsePagePath
+ }
+ return m
+}
+
+// Assemble the hash for the aws_cloudfront_distribution custom_error_response
+// TypeSet attribute.
+func customErrorResponseHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%d-", m["error_code"].(int)))
+ if v, ok := m["error_caching_min_ttl"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", v.(int)))
+ }
+ if v, ok := m["response_code"]; ok {
+ buf.WriteString(fmt.Sprintf("%d-", v.(int)))
+ }
+ if v, ok := m["response_page_path"]; ok {
+ buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandLoggingConfig(m map[string]interface{}) *cloudfront.LoggingConfig {
+ var lc cloudfront.LoggingConfig
+ if m != nil {
+ lc.Prefix = aws.String(m["prefix"].(string))
+ lc.Bucket = aws.String(m["bucket"].(string))
+ lc.IncludeCookies = aws.Bool(m["include_cookies"].(bool))
+ lc.Enabled = aws.Bool(true)
+ } else {
+ lc.Prefix = aws.String("")
+ lc.Bucket = aws.String("")
+ lc.IncludeCookies = aws.Bool(false)
+ lc.Enabled = aws.Bool(false)
+ }
+ return &lc
+}
+
+func flattenLoggingConfig(lc *cloudfront.LoggingConfig) *schema.Set {
+ m := make(map[string]interface{})
+ m["prefix"] = *lc.Prefix
+ m["bucket"] = *lc.Bucket
+ m["include_cookies"] = *lc.IncludeCookies
+ return schema.NewSet(loggingConfigHash, []interface{}{m})
+}
+
+// Assemble the hash for the aws_cloudfront_distribution logging_config
+// TypeSet attribute.
+func loggingConfigHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%s-", m["prefix"].(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["bucket"].(string)))
+ buf.WriteString(fmt.Sprintf("%t-", m["include_cookies"].(bool)))
+ return hashcode.String(buf.String())
+}
+
+func expandAliases(as *schema.Set) *cloudfront.Aliases {
+ s := as.List()
+ var aliases cloudfront.Aliases
+ if len(s) > 0 {
+ aliases.Quantity = aws.Int64(int64(len(s)))
+ aliases.Items = expandStringList(s)
+ } else {
+ aliases.Quantity = aws.Int64(0)
+ }
+ return &aliases
+}
+
+func flattenAliases(aliases *cloudfront.Aliases) *schema.Set {
+ if aliases.Items != nil {
+ return schema.NewSet(aliasesHash, flattenStringList(aliases.Items))
+ }
+ return schema.NewSet(aliasesHash, []interface{}{})
+}
+
+// Assemble the hash for the aws_cloudfront_distribution aliases
+// TypeSet attribute.
+func aliasesHash(v interface{}) int {
+ return hashcode.String(v.(string))
+}
+
+func expandRestrictions(m map[string]interface{}) *cloudfront.Restrictions {
+ return &cloudfront.Restrictions{
+ GeoRestriction: expandGeoRestriction(m["geo_restriction"].(*schema.Set).List()[0].(map[string]interface{})),
+ }
+}
+
+func flattenRestrictions(r *cloudfront.Restrictions) *schema.Set {
+ m := make(map[string]interface{})
+ s := schema.NewSet(geoRestrictionHash, []interface{}{flattenGeoRestriction(r.GeoRestriction)})
+ m["geo_restriction"] = s
+ return schema.NewSet(restrictionsHash, []interface{}{m})
+}
+
+// Assemble the hash for the aws_cloudfront_distribution restrictions
+// TypeSet attribute.
+func restrictionsHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ buf.WriteString(fmt.Sprintf("%d-", geoRestrictionHash(m["geo_restriction"].(*schema.Set).List()[0].(map[string]interface{}))))
+ return hashcode.String(buf.String())
+}
+
+func expandGeoRestriction(m map[string]interface{}) *cloudfront.GeoRestriction {
+ gr := cloudfront.GeoRestriction{
+ RestrictionType: aws.String(m["restriction_type"].(string)),
+ }
+ if v, ok := m["locations"]; ok {
+ gr.Quantity = aws.Int64(int64(len(v.([]interface{}))))
+ gr.Items = expandStringList(v.([]interface{}))
+ } else {
+ gr.Quantity = aws.Int64(0)
+ }
+ return &gr
+}
+
+func flattenGeoRestriction(gr *cloudfront.GeoRestriction) map[string]interface{} {
+ m := make(map[string]interface{})
+
+ m["restriction_type"] = *gr.RestrictionType
+ if gr.Items != nil {
+ m["locations"] = flattenStringList(gr.Items)
+ }
+ return m
+}
+
+// Assemble the hash for the aws_cloudfront_distribution geo_restriction
+// TypeSet attribute.
+func geoRestrictionHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ // All keys added in alphabetical order.
+ buf.WriteString(fmt.Sprintf("%s-", m["restriction_type"].(string)))
+ if v, ok := m["locations"]; ok {
+ for _, w := range sortInterfaceSlice(v.([]interface{})) {
+ buf.WriteString(fmt.Sprintf("%s-", w.(string)))
+ }
+ }
+ return hashcode.String(buf.String())
+}
+
+func expandViewerCertificate(m map[string]interface{}) *cloudfront.ViewerCertificate {
+ var vc cloudfront.ViewerCertificate
+ if v, ok := m["iam_certificate_id"]; ok && v != "" {
+ vc.IAMCertificateId = aws.String(v.(string))
+ vc.SSLSupportMethod = aws.String(m["ssl_support_method"].(string))
+ } else if v, ok := m["acm_certificate_arn"]; ok && v != "" {
+ vc.ACMCertificateArn = aws.String(v.(string))
+ vc.SSLSupportMethod = aws.String(m["ssl_support_method"].(string))
+ } else {
+ vc.CloudFrontDefaultCertificate = aws.Bool(m["cloudfront_default_certificate"].(bool))
+ }
+ if v, ok := m["minimum_protocol_version"]; ok && v != "" {
+ vc.MinimumProtocolVersion = aws.String(v.(string))
+ }
+ return &vc
+}
+
+func flattenViewerCertificate(vc *cloudfront.ViewerCertificate) *schema.Set {
+ m := make(map[string]interface{})
+
+ if vc.IAMCertificateId != nil {
+ m["iam_certificate_id"] = *vc.IAMCertificateId
+ m["ssl_support_method"] = *vc.SSLSupportMethod
+ } else if vc.ACMCertificateArn != nil {
+ m["acm_certificate_arn"] = *vc.ACMCertificateArn
+ m["ssl_support_method"] = *vc.SSLSupportMethod
+ } else {
+ m["cloudfront_default_certificate"] = *vc.CloudFrontDefaultCertificate
+ }
+ if vc.MinimumProtocolVersion != nil {
+ m["minimum_protocol_version"] = *vc.MinimumProtocolVersion
+ }
+ return schema.NewSet(viewerCertificateHash, []interface{}{m})
+}
+
+// Assemble the hash for the aws_cloudfront_distribution viewer_certificate
+// TypeSet attribute.
+func viewerCertificateHash(v interface{}) int {
+ var buf bytes.Buffer
+ m := v.(map[string]interface{})
+ if v, ok := m["iam_certificate_id"]; ok {
+ buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["ssl_support_method"].(string)))
+ } else if v, ok := m["acm_certificate_arn"]; ok {
+ buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+ buf.WriteString(fmt.Sprintf("%s-", m["ssl_support_method"].(string)))
+ } else {
+ buf.WriteString(fmt.Sprintf("%t-", m["cloudfront_default_certificate"].(bool)))
+ }
+ if v, ok := m["minimum_protocol_version"]; ok {
+ buf.WriteString(fmt.Sprintf("%s-", v.(string)))
+ }
+ return hashcode.String(buf.String())
+}
+
+// Do a top-level copy of struct fields from one struct to another. Used to
+// copy fields between CacheBehavior and DefaultCacheBehavior structs.
+func simpleCopyStruct(src, dst interface{}) {
+ s := reflect.ValueOf(src).Elem()
+ d := reflect.ValueOf(dst).Elem()
+
+ for i := 0; i < s.NumField(); i++ {
+ if s.Field(i).CanSet() == true {
+ if s.Field(i).Interface() != nil {
+ for j := 0; j < d.NumField(); j++ {
+ if d.Type().Field(j).Name == s.Type().Field(i).Name {
+ d.Field(j).Set(s.Field(i))
+ }
+ }
+ }
+ }
+ }
+}
+
+// Convert *cloudfront.ActiveTrustedSigners to a flatmap.Map type, which ensures
+// it can probably be inserted into the schema.TypeMap type used by the
+// active_trusted_signers attribute.
+func flattenActiveTrustedSigners(ats *cloudfront.ActiveTrustedSigners) flatmap.Map {
+ m := make(map[string]interface{})
+ s := []interface{}{}
+ m["enabled"] = *ats.Enabled
+
+ for _, v := range ats.Items {
+ signer := make(map[string]interface{})
+ signer["aws_account_number"] = *v.AwsAccountNumber
+ signer["key_pair_ids"] = aws.StringValueSlice(v.KeyPairIds.Items)
+ s = append(s, signer)
+ }
+ m["items"] = s
+ return flatmap.Flatten(m)
+}
diff --git a/builtin/providers/aws/cloudfront_distribution_configuration_structure_test.go b/builtin/providers/aws/cloudfront_distribution_configuration_structure_test.go
new file mode 100644
index 000000000000..792a926862b2
--- /dev/null
+++ b/builtin/providers/aws/cloudfront_distribution_configuration_structure_test.go
@@ -0,0 +1,989 @@
+package aws
+
+import (
+ "reflect"
+ "testing"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/hashicorp/terraform/helper/schema"
+)
+
+func defaultCacheBehaviorConf() map[string]interface{} {
+ return map[string]interface{}{
+ "viewer_protocol_policy": "allow-all",
+ "target_origin_id": "myS3Origin",
+ "forwarded_values": schema.NewSet(forwardedValuesHash, []interface{}{forwardedValuesConf()}),
+ "min_ttl": 86400,
+ "trusted_signers": trustedSignersConf(),
+ "max_ttl": 365000000,
+ "smooth_streaming": false,
+ "default_ttl": 86400,
+ "allowed_methods": allowedMethodsConf(),
+ "cached_methods": cachedMethodsConf(),
+ "compress": true,
+ }
+}
+
+func cacheBehaviorConf1() map[string]interface{} {
+ cb := defaultCacheBehaviorConf()
+ cb["path_pattern"] = "/path1"
+ return cb
+}
+
+func cacheBehaviorConf2() map[string]interface{} {
+ cb := defaultCacheBehaviorConf()
+ cb["path_pattern"] = "/path2"
+ return cb
+}
+
+func cacheBehaviorsConf() *schema.Set {
+ return schema.NewSet(cacheBehaviorHash, []interface{}{cacheBehaviorConf1(), cacheBehaviorConf2()})
+}
+
+func trustedSignersConf() []interface{} {
+ return []interface{}{"1234567890EX", "1234567891EX"}
+}
+
+func forwardedValuesConf() map[string]interface{} {
+ return map[string]interface{}{
+ "query_string": true,
+ "cookies": schema.NewSet(cookiePreferenceHash, []interface{}{cookiePreferenceConf()}),
+ "headers": headersConf(),
+ }
+}
+
+func headersConf() []interface{} {
+ return []interface{}{"X-Example1", "X-Example2"}
+}
+
+func cookiePreferenceConf() map[string]interface{} {
+ return map[string]interface{}{
+ "forward": "whitelist",
+ "whitelisted_names": cookieNamesConf(),
+ }
+}
+
+func cookieNamesConf() []interface{} {
+ return []interface{}{"Example1", "Example2"}
+}
+
+func allowedMethodsConf() []interface{} {
+ return []interface{}{"DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT"}
+}
+
+func cachedMethodsConf() []interface{} {
+ return []interface{}{"GET", "HEAD", "OPTIONS"}
+}
+
+func originCustomHeadersConf() *schema.Set {
+ return schema.NewSet(originCustomHeaderHash, []interface{}{originCustomHeaderConf1(), originCustomHeaderConf2()})
+}
+
+func originCustomHeaderConf1() map[string]interface{} {
+ return map[string]interface{}{
+ "name": "X-Custom-Header1",
+ "value": "samplevalue",
+ }
+}
+
+func originCustomHeaderConf2() map[string]interface{} {
+ return map[string]interface{}{
+ "name": "X-Custom-Header2",
+ "value": "samplevalue",
+ }
+}
+
+func customOriginConf() map[string]interface{} {
+ return map[string]interface{}{
+ "origin_protocol_policy": "http-only",
+ "http_port": 80,
+ "https_port": 443,
+ "origin_ssl_protocols": customOriginSslProtocolsConf(),
+ }
+}
+
+func customOriginSslProtocolsConf() []interface{} {
+ return []interface{}{"SSLv3", "TLSv1", "TLSv1.1", "TLSv1.2"}
+}
+
+func s3OriginConf() map[string]interface{} {
+ return map[string]interface{}{
+ "origin_access_identity": "origin-access-identity/cloudfront/E127EXAMPLE51Z",
+ }
+}
+
+func originWithCustomConf() map[string]interface{} {
+ return map[string]interface{}{
+ "origin_id": "CustomOrigin",
+ "domain_name": "www.example.com",
+ "origin_path": "/",
+ "custom_origin_config": schema.NewSet(customOriginConfigHash, []interface{}{customOriginConf()}),
+ "custom_header": originCustomHeadersConf(),
+ }
+}
+func originWithS3Conf() map[string]interface{} {
+ return map[string]interface{}{
+ "origin_id": "S3Origin",
+ "domain_name": "s3.example.com",
+ "origin_path": "/",
+ "s3_origin_config": schema.NewSet(s3OriginConfigHash, []interface{}{s3OriginConf()}),
+ "custom_header": originCustomHeadersConf(),
+ }
+}
+
+func multiOriginConf() *schema.Set {
+ return schema.NewSet(originHash, []interface{}{originWithCustomConf(), originWithS3Conf()})
+}
+
+func geoRestrictionWhitelistConf() map[string]interface{} {
+ return map[string]interface{}{
+ "restriction_type": "whitelist",
+ "locations": []interface{}{"CA", "GB", "US"},
+ }
+}
+
+func geoRestrictionsConf() map[string]interface{} {
+ return map[string]interface{}{
+ "geo_restriction": schema.NewSet(geoRestrictionHash, []interface{}{geoRestrictionWhitelistConf()}),
+ }
+}
+
+func geoRestrictionConfNoItems() map[string]interface{} {
+ return map[string]interface{}{
+ "restriction_type": "none",
+ }
+}
+
+func customErrorResponsesConf() []interface{} {
+ return []interface{}{
+ map[string]interface{}{
+ "error_code": 404,
+ "error_caching_min_ttl": 30,
+ "response_code": 200,
+ "response_page_path": "/error-pages/404.html",
+ },
+ map[string]interface{}{
+ "error_code": 403,
+ "error_caching_min_ttl": 15,
+ "response_code": 404,
+ "response_page_path": "/error-pages/404.html",
+ },
+ }
+}
+
+func aliasesConf() *schema.Set {
+ return schema.NewSet(aliasesHash, []interface{}{"example.com", "www.example.com"})
+}
+
+func loggingConfigConf() map[string]interface{} {
+ return map[string]interface{}{
+ "include_cookies": false,
+ "bucket": "mylogs.s3.amazonaws.com",
+ "prefix": "myprefix",
+ }
+}
+
+func customErrorResponsesConfSet() *schema.Set {
+ return schema.NewSet(customErrorResponseHash, customErrorResponsesConf())
+}
+
+func customErrorResponsesConfFirst() map[string]interface{} {
+ return customErrorResponsesConf()[0].(map[string]interface{})
+}
+
+func viewerCertificateConfSetCloudFrontDefault() map[string]interface{} {
+ return map[string]interface{}{
+ "cloudfront_default_certificate": true,
+ }
+}
+
+func viewerCertificateConfSetIAM() map[string]interface{} {
+ return map[string]interface{}{
+ "iam_certificate_id": "iamcert-01234567",
+ "ssl_support_method": "vip",
+ "minimum_protocol_version": "TLSv1",
+ }
+}
+
+func viewerCertificateConfSetACM() map[string]interface{} {
+ return map[string]interface{}{
+ "acm_certificate_arn": "arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012",
+ "ssl_support_method": "sni-only",
+ "minimum_protocol_version": "TLSv1",
+ }
+}
+
+func TestCloudFrontStructure_expandDefaultCacheBehavior(t *testing.T) {
+ data := defaultCacheBehaviorConf()
+ dcb := expandDefaultCacheBehavior(data)
+ if *dcb.Compress != true {
+ t.Fatalf("Expected Compress to be true, got %v", *dcb.Compress)
+ }
+ if *dcb.ViewerProtocolPolicy != "allow-all" {
+ t.Fatalf("Expected ViewerProtocolPolicy to be allow-all, got %v", *dcb.ViewerProtocolPolicy)
+ }
+ if *dcb.TargetOriginId != "myS3Origin" {
+ t.Fatalf("Expected TargetOriginId to be allow-all, got %v", *dcb.TargetOriginId)
+ }
+ if reflect.DeepEqual(dcb.ForwardedValues.Headers.Items, expandStringList(headersConf())) != true {
+ t.Fatalf("Expected Items to be %v, got %v", headersConf(), dcb.ForwardedValues.Headers.Items)
+ }
+ if *dcb.MinTTL != 86400 {
+ t.Fatalf("Expected MinTTL to be 86400, got %v", *dcb.MinTTL)
+ }
+ if reflect.DeepEqual(dcb.TrustedSigners.Items, expandStringList(trustedSignersConf())) != true {
+ t.Fatalf("Expected TrustedSigners.Items to be %v, got %v", trustedSignersConf(), dcb.TrustedSigners.Items)
+ }
+ if *dcb.MaxTTL != 365000000 {
+ t.Fatalf("Expected MaxTTL to be 86400, got %v", *dcb.MaxTTL)
+ }
+ if *dcb.SmoothStreaming != false {
+ t.Fatalf("Expected SmoothStreaming to be false, got %v", *dcb.SmoothStreaming)
+ }
+ if *dcb.DefaultTTL != 86400 {
+ t.Fatalf("Expected DefaultTTL to be 86400, got %v", *dcb.DefaultTTL)
+ }
+ if reflect.DeepEqual(dcb.AllowedMethods.Items, expandStringList(allowedMethodsConf())) != true {
+ t.Fatalf("Expected TrustedSigners.Items to be %v, got %v", allowedMethodsConf(), dcb.AllowedMethods.Items)
+ }
+ if reflect.DeepEqual(dcb.AllowedMethods.CachedMethods.Items, expandStringList(cachedMethodsConf())) != true {
+ t.Fatalf("Expected TrustedSigners.Items to be %v, got %v", cachedMethodsConf(), dcb.AllowedMethods.CachedMethods.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenDefaultCacheBehavior(t *testing.T) {
+ in := defaultCacheBehaviorConf()
+ dcb := expandDefaultCacheBehavior(in)
+ out := flattenDefaultCacheBehavior(dcb)
+ diff := schema.NewSet(defaultCacheBehaviorHash, []interface{}{in}).Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandCacheBehavior(t *testing.T) {
+ data := cacheBehaviorConf1()
+ cb := expandCacheBehavior(data)
+ if *cb.Compress != true {
+ t.Fatalf("Expected Compress to be true, got %v", *cb.Compress)
+ }
+ if *cb.ViewerProtocolPolicy != "allow-all" {
+ t.Fatalf("Expected ViewerProtocolPolicy to be allow-all, got %v", *cb.ViewerProtocolPolicy)
+ }
+ if *cb.TargetOriginId != "myS3Origin" {
+ t.Fatalf("Expected TargetOriginId to be myS3Origin, got %v", *cb.TargetOriginId)
+ }
+ if reflect.DeepEqual(cb.ForwardedValues.Headers.Items, expandStringList(headersConf())) != true {
+ t.Fatalf("Expected Items to be %v, got %v", headersConf(), cb.ForwardedValues.Headers.Items)
+ }
+ if *cb.MinTTL != 86400 {
+ t.Fatalf("Expected MinTTL to be 86400, got %v", *cb.MinTTL)
+ }
+ if reflect.DeepEqual(cb.TrustedSigners.Items, expandStringList(trustedSignersConf())) != true {
+ t.Fatalf("Expected TrustedSigners.Items to be %v, got %v", trustedSignersConf(), cb.TrustedSigners.Items)
+ }
+ if *cb.MaxTTL != 365000000 {
+ t.Fatalf("Expected MaxTTL to be 365000000, got %v", *cb.MaxTTL)
+ }
+ if *cb.SmoothStreaming != false {
+ t.Fatalf("Expected SmoothStreaming to be false, got %v", *cb.SmoothStreaming)
+ }
+ if *cb.DefaultTTL != 86400 {
+ t.Fatalf("Expected DefaultTTL to be 86400, got %v", *cb.DefaultTTL)
+ }
+ if reflect.DeepEqual(cb.AllowedMethods.Items, expandStringList(allowedMethodsConf())) != true {
+ t.Fatalf("Expected AllowedMethods.Items to be %v, got %v", allowedMethodsConf(), cb.AllowedMethods.Items)
+ }
+ if reflect.DeepEqual(cb.AllowedMethods.CachedMethods.Items, expandStringList(cachedMethodsConf())) != true {
+ t.Fatalf("Expected AllowedMethods.CachedMethods.Items to be %v, got %v", cachedMethodsConf(), cb.AllowedMethods.CachedMethods.Items)
+ }
+ if *cb.PathPattern != "/path1" {
+ t.Fatalf("Expected PathPattern to be /path1, got %v", *cb.PathPattern)
+ }
+}
+
+func TestCloudFrontStructure_flattenCacheBehavior(t *testing.T) {
+ in := cacheBehaviorConf1()
+ cb := expandCacheBehavior(in)
+ out := flattenCacheBehavior(cb)
+ var diff *schema.Set
+ if out["compress"] != true {
+ t.Fatalf("Expected out[compress] to be true, got %v", out["compress"])
+ }
+ if out["viewer_protocol_policy"] != "allow-all" {
+ t.Fatalf("Expected out[viewer_protocol_policy] to be allow-all, got %v", out["viewer_protocol_policy"])
+ }
+ if out["target_origin_id"] != "myS3Origin" {
+ t.Fatalf("Expected out[target_origin_id] to be myS3Origin, got %v", out["target_origin_id"])
+ }
+ diff = out["forwarded_values"].(*schema.Set).Difference(in["forwarded_values"].(*schema.Set))
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out[forwarded_values] to be %v, got %v, diff: %v", out["forwarded_values"], in["forwarded_values"], diff)
+ }
+ if out["min_ttl"] != int(86400) {
+ t.Fatalf("Expected out[min_ttl] to be 86400 (int), got %v", out["forwarded_values"])
+ }
+ if reflect.DeepEqual(out["trusted_signers"], in["trusted_signers"]) != true {
+ t.Fatalf("Expected out[trusted_signers] to be %v, got %v", in["trusted_signers"], out["trusted_signers"])
+ }
+ if out["max_ttl"] != int(365000000) {
+ t.Fatalf("Expected out[max_ttl] to be 365000000 (int), got %v", out["max_ttl"])
+ }
+ if out["smooth_streaming"] != false {
+ t.Fatalf("Expected out[smooth_streaming] to be false, got %v", out["smooth_streaming"])
+ }
+ if out["default_ttl"] != int(86400) {
+ t.Fatalf("Expected out[default_ttl] to be 86400 (int), got %v", out["default_ttl"])
+ }
+ if reflect.DeepEqual(out["allowed_methods"], in["allowed_methods"]) != true {
+ t.Fatalf("Expected out[allowed_methods] to be %v, got %v", in["allowed_methods"], out["allowed_methods"])
+ }
+ if reflect.DeepEqual(out["cached_methods"], in["cached_methods"]) != true {
+ t.Fatalf("Expected out[cached_methods] to be %v, got %v", in["cached_methods"], out["cached_methods"])
+ }
+ if out["path_pattern"] != "/path1" {
+ t.Fatalf("Expected out[path_pattern] to be /path1, got %v", out["path_pattern"])
+ }
+}
+
+func TestCloudFrontStructure_expandCacheBehaviors(t *testing.T) {
+ data := cacheBehaviorsConf()
+ cbs := expandCacheBehaviors(data)
+ if *cbs.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *cbs.Quantity)
+ }
+ if *cbs.Items[0].TargetOriginId != "myS3Origin" {
+ t.Fatalf("Expected first Item's TargetOriginId to be myS3Origin, got %v", *cbs.Items[0].TargetOriginId)
+ }
+}
+
+func TestCloudFrontStructure_flattenCacheBehaviors(t *testing.T) {
+ in := cacheBehaviorsConf()
+ cbs := expandCacheBehaviors(in)
+ out := flattenCacheBehaviors(cbs)
+ diff := in.Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandTrustedSigners(t *testing.T) {
+ data := trustedSignersConf()
+ ts := expandTrustedSigners(data)
+ if *ts.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *ts.Quantity)
+ }
+ if *ts.Enabled != true {
+ t.Fatalf("Expected Enabled to be true, got %v", *ts.Enabled)
+ }
+ if reflect.DeepEqual(ts.Items, expandStringList(data)) != true {
+ t.Fatalf("Expected Items to be %v, got %v", data, ts.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenTrustedSigners(t *testing.T) {
+ in := trustedSignersConf()
+ ts := expandTrustedSigners(in)
+ out := flattenTrustedSigners(ts)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandTrustedSigners_empty(t *testing.T) {
+ data := []interface{}{}
+ ts := expandTrustedSigners(data)
+ if *ts.Quantity != 0 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *ts.Quantity)
+ }
+ if *ts.Enabled != false {
+ t.Fatalf("Expected Enabled to be true, got %v", *ts.Enabled)
+ }
+ if ts.Items != nil {
+ t.Fatalf("Expected Items to be nil, got %v", ts.Items)
+ }
+}
+
+func TestCloudFrontStructure_expandForwardedValues(t *testing.T) {
+ data := forwardedValuesConf()
+ fv := expandForwardedValues(data)
+ if *fv.QueryString != true {
+ t.Fatalf("Expected QueryString to be true, got %v", *fv.QueryString)
+ }
+ if reflect.DeepEqual(fv.Cookies.WhitelistedNames.Items, expandStringList(cookieNamesConf())) != true {
+ t.Fatalf("Expected Cookies.WhitelistedNames.Items to be %v, got %v", cookieNamesConf(), fv.Cookies.WhitelistedNames.Items)
+ }
+ if reflect.DeepEqual(fv.Headers.Items, expandStringList(headersConf())) != true {
+ t.Fatalf("Expected Headers.Items to be %v, got %v", headersConf(), fv.Headers.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenForwardedValues(t *testing.T) {
+ in := forwardedValuesConf()
+ fv := expandForwardedValues(in)
+ out := flattenForwardedValues(fv)
+
+ if out["query_string"] != true {
+ t.Fatalf("Expected out[query_string] to be true, got %v", out["query_string"])
+ }
+ if out["cookies"].(*schema.Set).Equal(in["cookies"].(*schema.Set)) != true {
+ t.Fatalf("Expected out[cookies] to be %v, got %v", in["cookies"], out["cookies"])
+ }
+ if reflect.DeepEqual(out["headers"], in["headers"]) != true {
+ t.Fatalf("Expected out[headers] to be %v, got %v", in["headers"], out["headers"])
+ }
+}
+
+func TestCloudFrontStructure_expandHeaders(t *testing.T) {
+ data := headersConf()
+ h := expandHeaders(data)
+ if *h.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *h.Quantity)
+ }
+ if reflect.DeepEqual(h.Items, expandStringList(data)) != true {
+ t.Fatalf("Expected Items to be %v, got %v", data, h.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenHeaders(t *testing.T) {
+ in := headersConf()
+ h := expandHeaders(in)
+ out := flattenHeaders(h)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandCookiePreference(t *testing.T) {
+ data := cookiePreferenceConf()
+ cp := expandCookiePreference(data)
+ if *cp.Forward != "whitelist" {
+ t.Fatalf("Expected Forward to be whitelist, got %v", *cp.Forward)
+ }
+ if reflect.DeepEqual(cp.WhitelistedNames.Items, expandStringList(cookieNamesConf())) != true {
+ t.Fatalf("Expected WhitelistedNames.Items to be %v, got %v", cookieNamesConf(), cp.WhitelistedNames.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenCookiePreference(t *testing.T) {
+ in := cookiePreferenceConf()
+ cp := expandCookiePreference(in)
+ out := flattenCookiePreference(cp)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandCookieNames(t *testing.T) {
+ data := cookieNamesConf()
+ cn := expandCookieNames(data)
+ if *cn.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *cn.Quantity)
+ }
+ if reflect.DeepEqual(cn.Items, expandStringList(data)) != true {
+ t.Fatalf("Expected Items to be %v, got %v", data, cn.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenCookieNames(t *testing.T) {
+ in := cookieNamesConf()
+ cn := expandCookieNames(in)
+ out := flattenCookieNames(cn)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandAllowedMethods(t *testing.T) {
+ data := allowedMethodsConf()
+ am := expandAllowedMethods(data)
+ if *am.Quantity != 7 {
+ t.Fatalf("Expected Quantity to be 3, got %v", *am.Quantity)
+ }
+ if reflect.DeepEqual(am.Items, expandStringList(data)) != true {
+ t.Fatalf("Expected Items to be %v, got %v", data, am.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenAllowedMethods(t *testing.T) {
+ in := allowedMethodsConf()
+ am := expandAllowedMethods(in)
+ out := flattenAllowedMethods(am)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandCachedMethods(t *testing.T) {
+ data := cachedMethodsConf()
+ cm := expandCachedMethods(data)
+ if *cm.Quantity != 3 {
+ t.Fatalf("Expected Quantity to be 3, got %v", *cm.Quantity)
+ }
+ if reflect.DeepEqual(cm.Items, expandStringList(data)) != true {
+ t.Fatalf("Expected Items to be %v, got %v", data, cm.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenCachedMethods(t *testing.T) {
+ in := cachedMethodsConf()
+ cm := expandCachedMethods(in)
+ out := flattenCachedMethods(cm)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandOrigins(t *testing.T) {
+ data := multiOriginConf()
+ origins := expandOrigins(data)
+ if *origins.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *origins.Quantity)
+ }
+ if *origins.Items[0].OriginPath != "/" {
+ t.Fatalf("Expected first Item's OriginPath to be /, got %v", *origins.Items[0].OriginPath)
+ }
+}
+
+func TestCloudFrontStructure_flattenOrigins(t *testing.T) {
+ in := multiOriginConf()
+ origins := expandOrigins(in)
+ out := flattenOrigins(origins)
+ diff := in.Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandOrigin(t *testing.T) {
+ data := originWithCustomConf()
+ or := expandOrigin(data)
+ if *or.Id != "CustomOrigin" {
+ t.Fatalf("Expected Id to be CustomOrigin, got %v", *or.Id)
+ }
+ if *or.DomainName != "www.example.com" {
+ t.Fatalf("Expected DomainName to be www.example.com, got %v", *or.DomainName)
+ }
+ if *or.OriginPath != "/" {
+ t.Fatalf("Expected OriginPath to be /, got %v", *or.OriginPath)
+ }
+ if *or.CustomOriginConfig.OriginProtocolPolicy != "http-only" {
+ t.Fatalf("Expected CustomOriginConfig.OriginProtocolPolicy to be http-only, got %v", *or.CustomOriginConfig.OriginProtocolPolicy)
+ }
+ if *or.CustomHeaders.Items[0].HeaderValue != "samplevalue" {
+ t.Fatalf("Expected CustomHeaders.Items[0].HeaderValue to be samplevalue, got %v", *or.CustomHeaders.Items[0].HeaderValue)
+ }
+}
+
+func TestCloudFrontStructure_flattenOrigin(t *testing.T) {
+ in := originWithCustomConf()
+ or := expandOrigin(in)
+ out := flattenOrigin(or)
+
+ if out["origin_id"] != "CustomOrigin" {
+ t.Fatalf("Expected out[origin_id] to be CustomOrigin, got %v", out["origin_id"])
+ }
+ if out["domain_name"] != "www.example.com" {
+ t.Fatalf("Expected out[domain_name] to be www.example.com, got %v", out["domain_name"])
+ }
+ if out["origin_path"] != "/" {
+ t.Fatalf("Expected out[origin_path] to be /, got %v", out["origin_path"])
+ }
+ if out["custom_origin_config"].(*schema.Set).Equal(in["custom_origin_config"].(*schema.Set)) != true {
+ t.Fatalf("Expected out[custom_origin_config] to be %v, got %v", in["custom_origin_config"], out["custom_origin_config"])
+ }
+}
+
+func TestCloudFrontStructure_expandCustomHeaders(t *testing.T) {
+ in := originCustomHeadersConf()
+ chs := expandCustomHeaders(in)
+ if *chs.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *chs.Quantity)
+ }
+ if *chs.Items[0].HeaderValue != "samplevalue" {
+ t.Fatalf("Expected first Item's HeaderValue to be samplevalue, got %v", *chs.Items[0].HeaderValue)
+ }
+}
+
+func TestCloudFrontStructure_flattenCustomHeaders(t *testing.T) {
+ in := originCustomHeadersConf()
+ chs := expandCustomHeaders(in)
+ out := flattenCustomHeaders(chs)
+ diff := in.Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_flattenOriginCustomHeader(t *testing.T) {
+ in := originCustomHeaderConf1()
+ och := expandOriginCustomHeader(in)
+ out := flattenOriginCustomHeader(och)
+
+ if out["name"] != "X-Custom-Header1" {
+ t.Fatalf("Expected out[name] to be X-Custom-Header1, got %v", out["name"])
+ }
+ if out["value"] != "samplevalue" {
+ t.Fatalf("Expected out[value] to be samplevalue, got %v", out["value"])
+ }
+}
+
+func TestCloudFrontStructure_expandOriginCustomHeader(t *testing.T) {
+ in := originCustomHeaderConf1()
+ och := expandOriginCustomHeader(in)
+
+ if *och.HeaderName != "X-Custom-Header1" {
+ t.Fatalf("Expected HeaderName to be X-Custom-Header1, got %v", *och.HeaderName)
+ }
+ if *och.HeaderValue != "samplevalue" {
+ t.Fatalf("Expected HeaderValue to be samplevalue, got %v", *och.HeaderValue)
+ }
+}
+
+func TestCloudFrontStructure_expandCustomOriginConfig(t *testing.T) {
+ data := customOriginConf()
+ co := expandCustomOriginConfig(data)
+ if *co.OriginProtocolPolicy != "http-only" {
+ t.Fatalf("Expected OriginProtocolPolicy to be http-only, got %v", *co.OriginProtocolPolicy)
+ }
+ if *co.HTTPPort != 80 {
+ t.Fatalf("Expected HTTPPort to be 80, got %v", *co.HTTPPort)
+ }
+ if *co.HTTPSPort != 443 {
+ t.Fatalf("Expected HTTPSPort to be 443, got %v", *co.HTTPSPort)
+ }
+}
+
+func TestCloudFrontStructure_flattenCustomOriginConfig(t *testing.T) {
+ in := customOriginConf()
+ co := expandCustomOriginConfig(in)
+ out := flattenCustomOriginConfig(co)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandCustomOriginConfigSSL(t *testing.T) {
+ in := customOriginSslProtocolsConf()
+ ocs := expandCustomOriginConfigSSL(in)
+ if *ocs.Quantity != 4 {
+ t.Fatalf("Expected Quantity to be 4, got %v", *ocs.Quantity)
+ }
+ if *ocs.Items[0] != "SSLv3" {
+ t.Fatalf("Expected first Item to be SSLv3, got %v", *ocs.Items[0])
+ }
+}
+
+func TestCloudFrontStructure_flattenCustomOriginConfigSSL(t *testing.T) {
+ in := customOriginSslProtocolsConf()
+ ocs := expandCustomOriginConfigSSL(in)
+ out := flattenCustomOriginConfigSSL(ocs)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandS3OriginConfig(t *testing.T) {
+ data := s3OriginConf()
+ s3o := expandS3OriginConfig(data)
+ if *s3o.OriginAccessIdentity != "origin-access-identity/cloudfront/E127EXAMPLE51Z" {
+ t.Fatalf("Expected OriginAccessIdentity to be origin-access-identity/cloudfront/E127EXAMPLE51Z, got %v", *s3o.OriginAccessIdentity)
+ }
+}
+
+func TestCloudFrontStructure_flattenS3OriginConfig(t *testing.T) {
+ in := s3OriginConf()
+ s3o := expandS3OriginConfig(in)
+ out := flattenS3OriginConfig(s3o)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandCustomErrorResponses(t *testing.T) {
+ data := customErrorResponsesConfSet()
+ ers := expandCustomErrorResponses(data)
+ if *ers.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *ers.Quantity)
+ }
+ if *ers.Items[0].ResponsePagePath != "/error-pages/404.html" {
+ t.Fatalf("Expected ResponsePagePath in first Item to be /error-pages/404.html, got %v", *ers.Items[0].ResponsePagePath)
+ }
+}
+
+func TestCloudFrontStructure_flattenCustomErrorResponses(t *testing.T) {
+ in := customErrorResponsesConfSet()
+ ers := expandCustomErrorResponses(in)
+ out := flattenCustomErrorResponses(ers)
+
+ if in.Equal(out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandCustomErrorResponse(t *testing.T) {
+ data := customErrorResponsesConfFirst()
+ er := expandCustomErrorResponse(data)
+ if *er.ErrorCode != 404 {
+ t.Fatalf("Expected ErrorCode to be 404, got %v", *er.ErrorCode)
+ }
+ if *er.ErrorCachingMinTTL != 30 {
+ t.Fatalf("Expected ErrorCachingMinTTL to be 30, got %v", *er.ErrorCachingMinTTL)
+ }
+ if *er.ResponseCode != "200" {
+ t.Fatalf("Expected ResponseCode to be 200 (as string), got %v", *er.ResponseCode)
+ }
+ if *er.ResponsePagePath != "/error-pages/404.html" {
+ t.Fatalf("Expected ResponsePagePath to be /error-pages/404.html, got %v", *er.ResponsePagePath)
+ }
+}
+
+func TestCloudFrontStructure_flattenCustomErrorResponse(t *testing.T) {
+ in := customErrorResponsesConfFirst()
+ er := expandCustomErrorResponse(in)
+ out := flattenCustomErrorResponse(er)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandLoggingConfig(t *testing.T) {
+ data := loggingConfigConf()
+
+ lc := expandLoggingConfig(data)
+ if *lc.Enabled != true {
+ t.Fatalf("Expected Enabled to be true, got %v", *lc.Enabled)
+ }
+ if *lc.Prefix != "myprefix" {
+ t.Fatalf("Expected Prefix to be myprefix, got %v", *lc.Prefix)
+ }
+ if *lc.Bucket != "mylogs.s3.amazonaws.com" {
+ t.Fatalf("Expected Bucket to be mylogs.s3.amazonaws.com, got %v", *lc.Bucket)
+ }
+ if *lc.IncludeCookies != false {
+ t.Fatalf("Expected IncludeCookies to be false, got %v", *lc.IncludeCookies)
+ }
+}
+
+func TestCloudFrontStructure_expandLoggingConfig_nilValue(t *testing.T) {
+ lc := expandLoggingConfig(nil)
+ if *lc.Enabled != false {
+ t.Fatalf("Expected Enabled to be false, got %v", *lc.Enabled)
+ }
+ if *lc.Prefix != "" {
+ t.Fatalf("Expected Prefix to be blank, got %v", *lc.Prefix)
+ }
+ if *lc.Bucket != "" {
+ t.Fatalf("Expected Bucket to be blank, got %v", *lc.Bucket)
+ }
+ if *lc.IncludeCookies != false {
+ t.Fatalf("Expected IncludeCookies to be false, got %v", *lc.IncludeCookies)
+ }
+}
+
+func TestCloudFrontStructure_flattenLoggingConfig(t *testing.T) {
+ in := loggingConfigConf()
+ lc := expandLoggingConfig(in)
+ out := flattenLoggingConfig(lc)
+ diff := schema.NewSet(loggingConfigHash, []interface{}{in}).Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandAliases(t *testing.T) {
+ data := aliasesConf()
+ a := expandAliases(data)
+ if *a.Quantity != 2 {
+ t.Fatalf("Expected Quantity to be 2, got %v", *a.Quantity)
+ }
+ if reflect.DeepEqual(a.Items, expandStringList(data.List())) != true {
+ t.Fatalf("Expected Items to be [example.com www.example.com], got %v", a.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenAliases(t *testing.T) {
+ in := aliasesConf()
+ a := expandAliases(in)
+ out := flattenAliases(a)
+ diff := in.Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandRestrictions(t *testing.T) {
+ data := geoRestrictionsConf()
+ r := expandRestrictions(data)
+ if *r.GeoRestriction.RestrictionType != "whitelist" {
+ t.Fatalf("Expected GeoRestriction.RestrictionType to be whitelist, got %v", *r.GeoRestriction.RestrictionType)
+ }
+}
+
+func TestCloudFrontStructure_flattenRestrictions(t *testing.T) {
+ in := geoRestrictionsConf()
+ r := expandRestrictions(in)
+ out := flattenRestrictions(r)
+ diff := schema.NewSet(restrictionsHash, []interface{}{in}).Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandGeoRestriction_whitelist(t *testing.T) {
+ data := geoRestrictionWhitelistConf()
+ gr := expandGeoRestriction(data)
+ if *gr.RestrictionType != "whitelist" {
+ t.Fatalf("Expected RestrictionType to be whitelist, got %v", *gr.RestrictionType)
+ }
+ if *gr.Quantity != 3 {
+ t.Fatalf("Expected Quantity to be 3, got %v", *gr.Quantity)
+ }
+ if reflect.DeepEqual(gr.Items, aws.StringSlice([]string{"CA", "GB", "US"})) != true {
+ t.Fatalf("Expected Items be [CA, GB, US], got %v", gr.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenGeoRestriction_whitelist(t *testing.T) {
+ in := geoRestrictionWhitelistConf()
+ gr := expandGeoRestriction(in)
+ out := flattenGeoRestriction(gr)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandGeoRestriction_no_items(t *testing.T) {
+ data := geoRestrictionConfNoItems()
+ gr := expandGeoRestriction(data)
+ if *gr.RestrictionType != "none" {
+ t.Fatalf("Expected RestrictionType to be none, got %v", *gr.RestrictionType)
+ }
+ if *gr.Quantity != 0 {
+ t.Fatalf("Expected Quantity to be 0, got %v", *gr.Quantity)
+ }
+ if gr.Items != nil {
+ t.Fatalf("Expected Items to not be set, got %v", gr.Items)
+ }
+}
+
+func TestCloudFrontStructure_flattenGeoRestriction_no_items(t *testing.T) {
+ in := geoRestrictionConfNoItems()
+ gr := expandGeoRestriction(in)
+ out := flattenGeoRestriction(gr)
+
+ if reflect.DeepEqual(in, out) != true {
+ t.Fatalf("Expected out to be %v, got %v", in, out)
+ }
+}
+
+func TestCloudFrontStructure_expandViewerCertificate_cloudfront_default_certificate(t *testing.T) {
+ data := viewerCertificateConfSetCloudFrontDefault()
+ vc := expandViewerCertificate(data)
+ if vc.ACMCertificateArn != nil {
+ t.Fatalf("Expected ACMCertificateArn to be unset, got %v", *vc.ACMCertificateArn)
+ }
+ if *vc.CloudFrontDefaultCertificate != true {
+ t.Fatalf("Expected CloudFrontDefaultCertificate to be true, got %v", *vc.CloudFrontDefaultCertificate)
+ }
+ if vc.IAMCertificateId != nil {
+ t.Fatalf("Expected IAMCertificateId to not be set, got %v", *vc.IAMCertificateId)
+ }
+ if vc.SSLSupportMethod != nil {
+ t.Fatalf("Expected IAMCertificateId to not be set, got %v", *vc.SSLSupportMethod)
+ }
+ if vc.MinimumProtocolVersion != nil {
+ t.Fatalf("Expected IAMCertificateId to not be set, got %v", *vc.MinimumProtocolVersion)
+ }
+}
+
+func TestCloudFrontStructure_flattenViewerCertificate_cloudfront_default_certificate(t *testing.T) {
+ in := viewerCertificateConfSetCloudFrontDefault()
+ vc := expandViewerCertificate(in)
+ out := flattenViewerCertificate(vc)
+ diff := schema.NewSet(viewerCertificateHash, []interface{}{in}).Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_expandViewerCertificate_iam_certificate_id(t *testing.T) {
+ data := viewerCertificateConfSetIAM()
+ vc := expandViewerCertificate(data)
+ if vc.ACMCertificateArn != nil {
+ t.Fatalf("Expected ACMCertificateArn to be unset, got %v", *vc.ACMCertificateArn)
+ }
+ if vc.CloudFrontDefaultCertificate != nil {
+ t.Fatalf("Expected CloudFrontDefaultCertificate to be unset, got %v", *vc.CloudFrontDefaultCertificate)
+ }
+ if *vc.IAMCertificateId != "iamcert-01234567" {
+ t.Fatalf("Expected IAMCertificateId to be iamcert-01234567, got %v", *vc.IAMCertificateId)
+ }
+ if *vc.SSLSupportMethod != "vip" {
+ t.Fatalf("Expected IAMCertificateId to be vip, got %v", *vc.SSLSupportMethod)
+ }
+ if *vc.MinimumProtocolVersion != "TLSv1" {
+ t.Fatalf("Expected IAMCertificateId to be TLSv1, got %v", *vc.MinimumProtocolVersion)
+ }
+}
+
+func TestCloudFrontStructure_expandViewerCertificate_acm_certificate_arn(t *testing.T) {
+ data := viewerCertificateConfSetACM()
+ vc := expandViewerCertificate(data)
+ if *vc.ACMCertificateArn != "arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012" {
+ t.Fatalf("Expected ACMCertificateArn to be arn:aws:acm:us-east-1:123456789012:certificate/12345678-1234-1234-1234-123456789012, got %v", *vc.ACMCertificateArn)
+ }
+ if vc.CloudFrontDefaultCertificate != nil {
+ t.Fatalf("Expected CloudFrontDefaultCertificate to be unset, got %v", *vc.CloudFrontDefaultCertificate)
+ }
+ if vc.IAMCertificateId != nil {
+ t.Fatalf("Expected IAMCertificateId to be unset, got %v", *vc.IAMCertificateId)
+ }
+ if *vc.SSLSupportMethod != "sni-only" {
+ t.Fatalf("Expected IAMCertificateId to be sni-only, got %v", *vc.SSLSupportMethod)
+ }
+ if *vc.MinimumProtocolVersion != "TLSv1" {
+ t.Fatalf("Expected IAMCertificateId to be TLSv1, got %v", *vc.MinimumProtocolVersion)
+ }
+}
+
+func TestCloudFrontStructure_falttenViewerCertificate_iam_certificate_id(t *testing.T) {
+ in := viewerCertificateConfSetIAM()
+ vc := expandViewerCertificate(in)
+ out := flattenViewerCertificate(vc)
+ diff := schema.NewSet(viewerCertificateHash, []interface{}{in}).Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
+
+func TestCloudFrontStructure_falttenViewerCertificate_acm_certificate_arn(t *testing.T) {
+ in := viewerCertificateConfSetACM()
+ vc := expandViewerCertificate(in)
+ out := flattenViewerCertificate(vc)
+ diff := schema.NewSet(viewerCertificateHash, []interface{}{in}).Difference(out)
+
+ if len(diff.List()) > 0 {
+ t.Fatalf("Expected out to be %v, got %v, diff: %v", in, out, diff)
+ }
+}
diff --git a/builtin/providers/aws/provider.go b/builtin/providers/aws/provider.go
index 74f5b5d45afc..3b1c1d7f6924 100644
--- a/builtin/providers/aws/provider.go
+++ b/builtin/providers/aws/provider.go
@@ -129,7 +129,8 @@ func Provider() terraform.ResourceProvider {
"aws_autoscaling_policy": resourceAwsAutoscalingPolicy(),
"aws_autoscaling_schedule": resourceAwsAutoscalingSchedule(),
"aws_cloudformation_stack": resourceAwsCloudFormationStack(),
- "aws_cloudfront_web_distribution": resourceAwsCloudFrontWebDistribution(),
+ "aws_cloudfront_distribution": resourceAwsCloudFrontDistribution(),
+ "aws_cloudfront_origin_access_identity": resourceAwsCloudFrontOriginAccessIdentity(),
"aws_cloudtrail": resourceAwsCloudTrail(),
"aws_cloudwatch_event_rule": resourceAwsCloudWatchEventRule(),
"aws_cloudwatch_event_target": resourceAwsCloudWatchEventTarget(),
diff --git a/builtin/providers/aws/resource_aws_cloudfront_distribution.go b/builtin/providers/aws/resource_aws_cloudfront_distribution.go
new file mode 100644
index 000000000000..e5889faeea36
--- /dev/null
+++ b/builtin/providers/aws/resource_aws_cloudfront_distribution.go
@@ -0,0 +1,595 @@
+package aws
+
+import (
+ "log"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/service/cloudfront"
+ "github.com/hashicorp/terraform/helper/resource"
+ "github.com/hashicorp/terraform/helper/schema"
+)
+
+func resourceAwsCloudFrontDistribution() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceAwsCloudFrontDistributionCreate,
+ Read: resourceAwsCloudFrontDistributionRead,
+ Update: resourceAwsCloudFrontDistributionUpdate,
+ Delete: resourceAwsCloudFrontDistributionDelete,
+
+ Schema: map[string]*schema.Schema{
+ "aliases": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ Set: aliasesHash,
+ },
+ "cache_behavior": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Set: cacheBehaviorHash,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "allowed_methods": &schema.Schema{
+ Type: schema.TypeList,
+ Required: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "cached_methods": &schema.Schema{
+ Type: schema.TypeList,
+ Required: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "compress": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ Default: false,
+ },
+ "default_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "forwarded_values": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: forwardedValuesHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "cookies": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Set: cookiePreferenceHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "forward": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "whitelisted_names": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ },
+ },
+ },
+ "headers": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "query_string": &schema.Schema{
+ Type: schema.TypeBool,
+ Required: true,
+ },
+ },
+ },
+ },
+ "max_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "min_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "path_pattern": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "smooth_streaming": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ },
+ "target_origin_id": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "trusted_signers": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "viewer_protocol_policy": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ },
+ },
+ },
+ "comment": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ "custom_error_response": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Set: customErrorResponseHash,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "error_caching_min_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Optional: true,
+ },
+ "error_code": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "response_code": &schema.Schema{
+ Type: schema.TypeInt,
+ Optional: true,
+ },
+ "response_page_path": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ },
+ },
+ },
+ "default_cache_behavior": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: defaultCacheBehaviorHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "allowed_methods": &schema.Schema{
+ Type: schema.TypeList,
+ Required: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "cached_methods": &schema.Schema{
+ Type: schema.TypeList,
+ Required: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "compress": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ Default: false,
+ },
+ "default_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "forwarded_values": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: forwardedValuesHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "cookies": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Set: cookiePreferenceHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "forward": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "whitelisted_names": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ },
+ },
+ },
+ "headers": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "query_string": &schema.Schema{
+ Type: schema.TypeBool,
+ Required: true,
+ },
+ },
+ },
+ },
+ "max_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "min_ttl": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "smooth_streaming": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ },
+ "target_origin_id": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "trusted_signers": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "viewer_protocol_policy": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ },
+ },
+ },
+ "default_root_object": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ "enabled": &schema.Schema{
+ Type: schema.TypeBool,
+ Required: true,
+ },
+ "logging_config": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Set: loggingConfigHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "bucket": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "include_cookies": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ Default: false,
+ },
+ "prefix": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ Default: "",
+ },
+ },
+ },
+ },
+ "origin": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: originHash,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "custom_origin_config": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ ConflictsWith: []string{"origin.s3_origin_config"},
+ Set: customOriginConfigHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "http_port": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "https_port": &schema.Schema{
+ Type: schema.TypeInt,
+ Required: true,
+ },
+ "origin_protocol_policy": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "origin_ssl_protocols": &schema.Schema{
+ Type: schema.TypeList,
+ Required: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ },
+ },
+ },
+ "domain_name": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "custom_header": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ Set: originCustomHeaderHash,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "name": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "value": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ },
+ },
+ },
+ "origin_id": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ "origin_path": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ "s3_origin_config": &schema.Schema{
+ Type: schema.TypeSet,
+ Optional: true,
+ ConflictsWith: []string{"origin.custom_origin_config"},
+ Set: s3OriginConfigHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "origin_access_identity": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ Default: "",
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "price_class": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ Default: "PriceClass_All",
+ },
+ "restrictions": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: restrictionsHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "geo_restriction": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: geoRestrictionHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "locations": &schema.Schema{
+ Type: schema.TypeList,
+ Optional: true,
+ Elem: &schema.Schema{Type: schema.TypeString},
+ },
+ "restriction_type": &schema.Schema{
+ Type: schema.TypeString,
+ Required: true,
+ },
+ },
+ },
+ },
+ },
+ },
+ },
+ "viewer_certificate": &schema.Schema{
+ Type: schema.TypeSet,
+ Required: true,
+ Set: viewerCertificateHash,
+ MaxItems: 1,
+ Elem: &schema.Resource{
+ Schema: map[string]*schema.Schema{
+ "acm_certificate_arn": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ ConflictsWith: []string{"viewer_certificate.cloudfront_default_certificate", "viewer_certificate.iam_certificate_id"},
+ },
+ "cloudfront_default_certificate": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ ConflictsWith: []string{"viewer_certificate.acm_certificate_arn", "viewer_certificate.iam_certificate_id"},
+ },
+ "iam_certificate_id": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ ConflictsWith: []string{"viewer_certificate.acm_certificate_arn", "viewer_certificate.cloudfront_default_certificate"},
+ },
+ "minimum_protocol_version": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ Default: "SSLv3",
+ },
+ "ssl_support_method": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ },
+ },
+ },
+ "web_acl_id": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ },
+ "caller_reference": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "status": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "active_trusted_signers": &schema.Schema{
+ Type: schema.TypeMap,
+ Computed: true,
+ },
+ "domain_name": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "last_modified_time": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "in_progress_validation_batches": &schema.Schema{
+ Type: schema.TypeInt,
+ Computed: true,
+ },
+ "etag": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ // retain_on_delete is a non-API attribute that may help facilitate speedy
+ // deletion of a resoruce. It's mainly here for testing purposes, so
+ // enable at your own risk.
+ "retain_on_delete": &schema.Schema{
+ Type: schema.TypeBool,
+ Optional: true,
+ Default: false,
+ },
+ },
+ }
+}
+
+func resourceAwsCloudFrontDistributionCreate(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.CreateDistributionInput{
+ DistributionConfig: expandDistributionConfig(d),
+ }
+
+ resp, err := conn.CreateDistribution(params)
+ if err != nil {
+ return err
+ }
+ d.SetId(*resp.Distribution.Id)
+ return resourceAwsCloudFrontDistributionRead(d, meta)
+}
+
+func resourceAwsCloudFrontDistributionRead(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.GetDistributionInput{
+ Id: aws.String(d.Id()),
+ }
+
+ resp, err := conn.GetDistribution(params)
+ if err != nil {
+ return err
+ }
+
+ // Update attributes from DistributionConfig
+ flattenDistributionConfig(d, resp.Distribution.DistributionConfig)
+ // Update other attributes outside of DistributionConfig
+ d.SetId(*resp.Distribution.Id)
+ d.Set("active_trusted_signers", flattenActiveTrustedSigners(resp.Distribution.ActiveTrustedSigners))
+ d.Set("status", *resp.Distribution.Status)
+ d.Set("domain_name", *resp.Distribution.DomainName)
+ d.Set("last_modified_time", aws.String(resp.Distribution.LastModifiedTime.String()))
+ d.Set("in_progress_validation_batches", *resp.Distribution.InProgressInvalidationBatches)
+ d.Set("etag", *resp.ETag)
+ return nil
+}
+
+func resourceAwsCloudFrontDistributionUpdate(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.UpdateDistributionInput{
+ Id: aws.String(d.Id()),
+ DistributionConfig: expandDistributionConfig(d),
+ IfMatch: aws.String(d.Get("etag").(string)),
+ }
+ _, err := conn.UpdateDistribution(params)
+ if err != nil {
+ return err
+ }
+
+ return resourceAwsCloudFrontDistributionRead(d, meta)
+}
+
+func resourceAwsCloudFrontDistributionDelete(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+
+ // manually disable the distribution first
+ d.Set("enabled", false)
+ err := resourceAwsCloudFrontDistributionUpdate(d, meta)
+ if err != nil {
+ return err
+ }
+
+ // skip delete if retain_on_delete is enabled
+ if d.Get("retain_on_delete").(bool) {
+ log.Printf("[WARN] Removing Distribtuion ID %s with retain_on_delete set. Please delete this distribution manually.", d.Id())
+ d.SetId("")
+ return nil
+ }
+
+ // Distribution needs to be in deployed state again before it can be deleted.
+ resourceAwsCloudFrontDistributionWaitUntilDeployed(d.Id(), meta)
+
+ // now delete
+ params := &cloudfront.DeleteDistributionInput{
+ Id: aws.String(d.Id()),
+ IfMatch: aws.String(d.Get("etag").(string)),
+ }
+
+ _, err = conn.DeleteDistribution(params)
+ if err != nil {
+ return err
+ }
+
+ // Done
+ d.SetId("")
+ return nil
+}
+
+// resourceAwsCloudFrontWebDistributionWaitUntilDeployed blocks until the
+// distribution is deployed. It currently takes exactly 15 minutes to deploy
+// but that might change in the future.
+func resourceAwsCloudFrontDistributionWaitUntilDeployed(id string, meta interface{}) error {
+ stateConf := &resource.StateChangeConf{
+ Pending: []string{"InProgress", "Deployed"},
+ Target: []string{"Deployed"},
+ Refresh: resourceAwsCloudFrontWebDistributionStateRefreshFunc(id, meta),
+ Timeout: 40 * time.Minute,
+ MinTimeout: 15 * time.Second,
+ Delay: 10 * time.Minute,
+ }
+
+ _, err := stateConf.WaitForState()
+ return err
+}
+
+// The refresh function for resourceAwsCloudFrontWebDistributionWaitUntilDeployed.
+func resourceAwsCloudFrontWebDistributionStateRefreshFunc(id string, meta interface{}) resource.StateRefreshFunc {
+ return func() (interface{}, string, error) {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.GetDistributionInput{
+ Id: aws.String(id),
+ }
+
+ resp, err := conn.GetDistribution(params)
+ if err != nil {
+ log.Printf("Error on retrieving CloudFront distribution when waiting: %s", err)
+ return nil, "", err
+ }
+
+ if resp == nil {
+ return nil, "", nil
+ }
+
+ return resp.Distribution, *resp.Distribution.Status, nil
+ }
+}
diff --git a/builtin/providers/aws/resource_aws_cloudfront_distribution_test.go b/builtin/providers/aws/resource_aws_cloudfront_distribution_test.go
new file mode 100644
index 000000000000..7972e310bdb7
--- /dev/null
+++ b/builtin/providers/aws/resource_aws_cloudfront_distribution_test.go
@@ -0,0 +1,388 @@
+package aws
+
+import (
+ "fmt"
+ "math/rand"
+ "testing"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/service/cloudfront"
+ "github.com/hashicorp/terraform/helper/resource"
+ "github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSCloudFrontDistribution_S3Origin(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudFrontDistributionDestroy,
+ Steps: []resource.TestStep{
+ resource.TestStep{
+ Config: testAccAWSCloudFrontDistributionS3Config,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudFrontDistributionExistence(
+ "aws_cloudfront_distribution.s3_distribution",
+ ),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccAWSCloudFrontDistribution_customOrigin(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudFrontDistributionDestroy,
+ Steps: []resource.TestStep{
+ resource.TestStep{
+ Config: testAccAWSCloudFrontDistributionCustomConfig,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudFrontDistributionExistence(
+ "aws_cloudfront_distribution.custom_distribution",
+ ),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccAWSCloudFrontDistribution_multiOrigin(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudFrontDistributionDestroy,
+ Steps: []resource.TestStep{
+ resource.TestStep{
+ Config: testAccAWSCloudFrontDistributionMultiOriginConfig,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudFrontDistributionExistence(
+ "aws_cloudfront_distribution.multi_origin_distribution",
+ ),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccAWSCloudFrontDistribution_noOptionalItemsConfig(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudFrontDistributionDestroy,
+ Steps: []resource.TestStep{
+ resource.TestStep{
+ Config: testAccAWSCloudFrontDistributionNoOptionalItemsConfig,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudFrontDistributionExistence(
+ "aws_cloudfront_distribution.no_optional_items",
+ ),
+ ),
+ },
+ },
+ })
+}
+
+func testAccCheckCloudFrontDistributionDestroy(s *terraform.State) error {
+ for k, rs := range s.RootModule().Resources {
+ if rs.Type != "aws_cloudfront_distribution" {
+ continue
+ }
+ dist, _ := testAccAuxCloudFrontGetDistributionConfig(s, k)
+
+ if *dist.DistributionConfig.Enabled != false {
+ return fmt.Errorf("CloudFront distribution should be disabled")
+ }
+ }
+ return nil
+}
+
+func testAccCheckCloudFrontDistributionExistence(cloudFrontResource string) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ _, err := testAccAuxCloudFrontGetDistributionConfig(s, cloudFrontResource)
+
+ return err
+ }
+}
+
+func testAccAuxCloudFrontGetDistributionConfig(s *terraform.State, cloudFrontResource string) (*cloudfront.Distribution, error) {
+ cf, ok := s.RootModule().Resources[cloudFrontResource]
+ if !ok {
+ return nil, fmt.Errorf("Not found: %s", cloudFrontResource)
+ }
+
+ if cf.Primary.ID == "" {
+ return nil, fmt.Errorf("No Id is set")
+ }
+
+ cloudfrontconn := testAccProvider.Meta().(*AWSClient).cloudfrontconn
+
+ req := &cloudfront.GetDistributionInput{
+ Id: aws.String(cf.Primary.ID),
+ }
+
+ res, err := cloudfrontconn.GetDistribution(req)
+ if err != nil {
+ return nil, fmt.Errorf("Error retrieving CloudFront distribution: %s", err)
+ }
+
+ return res.Distribution, nil
+}
+
+var testAccAWSCloudFrontDistributionS3Config = fmt.Sprintf(`
+variable rand_id {
+ default = %d
+}
+
+resource "aws_s3_bucket" "s3_bucket" {
+ bucket = "mybucket.${var.rand_id}.s3.amazonaws.com"
+ acl = "public-read"
+}
+
+resource "aws_cloudfront_distribution" "s3_distribution" {
+ origin {
+ domain_name = "${aws_s3_bucket.s3_bucket.id}"
+ origin_id = "myS3Origin"
+ s3_origin_config {}
+ }
+ enabled = true
+ default_root_object = "index.html"
+ logging_config {
+ include_cookies = false
+ bucket = "mylogs.${var.rand_id}.s3.amazonaws.com"
+ prefix = "myprefix"
+ }
+ aliases = [ "mysite.${var.rand_id}.example.com", "yoursite.${var.rand_id}.example.com" ]
+ default_cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myS3Origin"
+ forwarded_values {
+ query_string = false
+ cookies {
+ forward = "none"
+ }
+ }
+ viewer_protocol_policy = "allow-all"
+ min_ttl = 0
+ default_ttl = 3600
+ max_ttl = 86400
+ }
+ price_class = "PriceClass_200"
+ restrictions {
+ geo_restriction {
+ restriction_type = "whitelist"
+ locations = [ "US", "CA", "GB", "DE" ]
+ }
+ }
+ viewer_certificate {
+ cloudfront_default_certificate = true
+ }
+ retain_on_delete = true
+}
+`, rand.New(rand.NewSource(time.Now().UnixNano())).Int())
+
+var testAccAWSCloudFrontDistributionCustomConfig = fmt.Sprintf(`
+variable rand_id {
+ default = %d
+}
+
+resource "aws_cloudfront_distribution" "custom_distribution" {
+ origin {
+ domain_name = "www.example.com"
+ origin_id = "myCustomOrigin"
+ custom_origin_config {
+ http_port = 80
+ https_port = 443
+ origin_protocol_policy = "http-only"
+ origin_ssl_protocols = [ "SSLv3", "TLSv1" ]
+ }
+ }
+ enabled = true
+ comment = "Some comment"
+ default_root_object = "index.html"
+ logging_config {
+ include_cookies = false
+ bucket = "mylogs.${var.rand_id}.s3.amazonaws.com"
+ prefix = "myprefix"
+ }
+ aliases = [ "mysite.${var.rand_id}.example.com", "*.yoursite.${var.rand_id}.example.com" ]
+ default_cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myCustomOrigin"
+ smooth_streaming = false
+ forwarded_values {
+ query_string = false
+ cookies {
+ forward = "all"
+ }
+ }
+ viewer_protocol_policy = "allow-all"
+ min_ttl = 0
+ default_ttl = 3600
+ max_ttl = 86400
+ }
+ price_class = "PriceClass_200"
+ restrictions {
+ geo_restriction {
+ restriction_type = "whitelist"
+ locations = [ "US", "CA", "GB", "DE" ]
+ }
+ }
+ viewer_certificate {
+ cloudfront_default_certificate = true
+ }
+ retain_on_delete = true
+}
+`, rand.New(rand.NewSource(time.Now().UnixNano())).Int())
+
+var testAccAWSCloudFrontDistributionMultiOriginConfig = fmt.Sprintf(`
+variable rand_id {
+ default = %d
+}
+
+resource "aws_s3_bucket" "s3_bucket" {
+ bucket = "mybucket.${var.rand_id}.s3.amazonaws.com"
+ acl = "public-read"
+}
+
+resource "aws_cloudfront_distribution" "multi_origin_distribution" {
+ origin {
+ domain_name = "${aws_s3_bucket.s3_bucket.id}"
+ origin_id = "myS3Origin"
+ s3_origin_config {}
+ }
+ origin {
+ domain_name = "www.example.com"
+ origin_id = "myCustomOrigin"
+ custom_origin_config {
+ http_port = 80
+ https_port = 443
+ origin_protocol_policy = "http-only"
+ origin_ssl_protocols = [ "SSLv3", "TLSv1" ]
+ }
+ }
+ enabled = true
+ comment = "Some comment"
+ default_root_object = "index.html"
+ logging_config {
+ include_cookies = false
+ bucket = "mylogs.${var.rand_id}.s3.amazonaws.com"
+ prefix = "myprefix"
+ }
+ aliases = [ "mysite.${var.rand_id}.example.com", "*.yoursite.${var.rand_id}.example.com" ]
+ default_cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myS3Origin"
+ smooth_streaming = true
+ forwarded_values {
+ query_string = false
+ cookies {
+ forward = "all"
+ }
+ }
+ min_ttl = 100
+ default_ttl = 100
+ max_ttl = 100
+ viewer_protocol_policy = "allow-all"
+ }
+ cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myS3Origin"
+ forwarded_values {
+ query_string = true
+ cookies {
+ forward = "none"
+ }
+ }
+ min_ttl = 50
+ default_ttl = 50
+ max_ttl = 50
+ viewer_protocol_policy = "allow-all"
+ path_pattern = "images1/*.jpg"
+ }
+ cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myCustomOrigin"
+ forwarded_values {
+ query_string = true
+ cookies {
+ forward = "none"
+ }
+ }
+ min_ttl = 50
+ default_ttl = 50
+ max_ttl = 50
+ viewer_protocol_policy = "allow-all"
+ path_pattern = "images2/*.jpg"
+ }
+ price_class = "PriceClass_All"
+ custom_error_response {
+ error_code = 404
+ response_page_path = "/error-pages/404.html"
+ response_code = 200
+ error_caching_min_ttl = 30
+ }
+ restrictions {
+ geo_restriction {
+ restriction_type = "none"
+ }
+ }
+ viewer_certificate {
+ cloudfront_default_certificate = true
+ }
+ retain_on_delete = true
+}
+`, rand.New(rand.NewSource(time.Now().UnixNano())).Int())
+
+var testAccAWSCloudFrontDistributionNoOptionalItemsConfig = fmt.Sprintf(`
+variable rand_id {
+ default = %d
+}
+
+resource "aws_cloudfront_distribution" "no_optional_items" {
+ origin {
+ domain_name = "www.example.com"
+ origin_id = "myCustomOrigin"
+ custom_origin_config {
+ http_port = 80
+ https_port = 443
+ origin_protocol_policy = "http-only"
+ origin_ssl_protocols = [ "SSLv3", "TLSv1" ]
+ }
+ }
+ enabled = true
+ comment = "Some comment"
+ default_cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myCustomOrigin"
+ smooth_streaming = false
+ forwarded_values {
+ query_string = false
+ cookies {
+ forward = "all"
+ }
+ }
+ viewer_protocol_policy = "allow-all"
+ min_ttl = 0
+ default_ttl = 3600
+ max_ttl = 86400
+ }
+ restrictions {
+ geo_restriction {
+ restriction_type = "whitelist"
+ locations = [ "US", "CA", "GB", "DE" ]
+ }
+ }
+ viewer_certificate {
+ cloudfront_default_certificate = true
+ }
+ retain_on_delete = true
+}
+`, rand.New(rand.NewSource(time.Now().UnixNano())).Int())
diff --git a/builtin/providers/aws/resource_aws_cloudfront_origin_access_identity.go b/builtin/providers/aws/resource_aws_cloudfront_origin_access_identity.go
new file mode 100644
index 000000000000..3b367f8f5055
--- /dev/null
+++ b/builtin/providers/aws/resource_aws_cloudfront_origin_access_identity.go
@@ -0,0 +1,130 @@
+package aws
+
+import (
+ "fmt"
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/service/cloudfront"
+ "github.com/hashicorp/terraform/helper/schema"
+)
+
+func resourceAwsCloudFrontOriginAccessIdentity() *schema.Resource {
+ return &schema.Resource{
+ Create: resourceAwsCloudFrontOriginAccessIdentityCreate,
+ Read: resourceAwsCloudFrontOriginAccessIdentityRead,
+ Update: resourceAwsCloudFrontOriginAccessIdentityUpdate,
+ Delete: resourceAwsCloudFrontOriginAccessIdentityDelete,
+
+ Schema: map[string]*schema.Schema{
+ "comment": &schema.Schema{
+ Type: schema.TypeString,
+ Optional: true,
+ Default: "",
+ },
+ "caller_reference": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "cloudfront_access_identity_path": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "etag": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ "s3_canonical_user_id": &schema.Schema{
+ Type: schema.TypeString,
+ Computed: true,
+ },
+ },
+ }
+}
+
+func resourceAwsCloudFrontOriginAccessIdentityCreate(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.CreateCloudFrontOriginAccessIdentityInput{
+ CloudFrontOriginAccessIdentityConfig: expandOriginAccessIdentityConfig(d),
+ }
+
+ resp, err := conn.CreateCloudFrontOriginAccessIdentity(params)
+ if err != nil {
+ return err
+ }
+ d.SetId(*resp.CloudFrontOriginAccessIdentity.Id)
+ return resourceAwsCloudFrontOriginAccessIdentityRead(d, meta)
+}
+
+func resourceAwsCloudFrontOriginAccessIdentityRead(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.GetCloudFrontOriginAccessIdentityInput{
+ Id: aws.String(d.Id()),
+ }
+
+ resp, err := conn.GetCloudFrontOriginAccessIdentity(params)
+ if err != nil {
+ return err
+ }
+
+ // Update attributes from DistributionConfig
+ flattenOriginAccessIdentityConfig(d, resp.CloudFrontOriginAccessIdentity.CloudFrontOriginAccessIdentityConfig)
+ // Update other attributes outside of DistributionConfig
+ d.SetId(*resp.CloudFrontOriginAccessIdentity.Id)
+ d.Set("etag", *resp.ETag)
+ d.Set("s3_canonical_user_id", *resp.CloudFrontOriginAccessIdentity.S3CanonicalUserId)
+ d.Set("cloudfront_access_identity_path", fmt.Sprintf("origin-access-identity/cloudfront/%s", *resp.CloudFrontOriginAccessIdentity.Id))
+ return nil
+}
+
+func resourceAwsCloudFrontOriginAccessIdentityUpdate(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.UpdateCloudFrontOriginAccessIdentityInput{
+ Id: aws.String(d.Id()),
+ CloudFrontOriginAccessIdentityConfig: expandOriginAccessIdentityConfig(d),
+ IfMatch: aws.String(d.Get("etag").(string)),
+ }
+ _, err := conn.UpdateCloudFrontOriginAccessIdentity(params)
+ if err != nil {
+ return err
+ }
+
+ return resourceAwsCloudFrontOriginAccessIdentityRead(d, meta)
+}
+
+func resourceAwsCloudFrontOriginAccessIdentityDelete(d *schema.ResourceData, meta interface{}) error {
+ conn := meta.(*AWSClient).cloudfrontconn
+ params := &cloudfront.DeleteCloudFrontOriginAccessIdentityInput{
+ Id: aws.String(d.Id()),
+ IfMatch: aws.String(d.Get("etag").(string)),
+ }
+
+ _, err := conn.DeleteCloudFrontOriginAccessIdentity(params)
+ if err != nil {
+ return err
+ }
+
+ // Done
+ d.SetId("")
+ return nil
+}
+
+func expandOriginAccessIdentityConfig(d *schema.ResourceData) *cloudfront.OriginAccessIdentityConfig {
+ originAccessIdentityConfig := &cloudfront.OriginAccessIdentityConfig{
+ Comment: aws.String(d.Get("comment").(string)),
+ }
+ // This sets CallerReference if it's still pending computation (ie: new resource)
+ if v, ok := d.GetOk("caller_reference"); ok == false {
+ originAccessIdentityConfig.CallerReference = aws.String(time.Now().Format(time.RFC3339Nano))
+ } else {
+ originAccessIdentityConfig.CallerReference = aws.String(v.(string))
+ }
+ return originAccessIdentityConfig
+}
+
+func flattenOriginAccessIdentityConfig(d *schema.ResourceData, originAccessIdentityConfig *cloudfront.OriginAccessIdentityConfig) {
+ if originAccessIdentityConfig.Comment != nil {
+ d.Set("comment", *originAccessIdentityConfig.Comment)
+ }
+ d.Set("caller_reference", *originAccessIdentityConfig.CallerReference)
+}
diff --git a/builtin/providers/aws/resource_aws_cloudfront_origin_access_identity_test.go b/builtin/providers/aws/resource_aws_cloudfront_origin_access_identity_test.go
new file mode 100644
index 000000000000..d73b8e033242
--- /dev/null
+++ b/builtin/providers/aws/resource_aws_cloudfront_origin_access_identity_test.go
@@ -0,0 +1,119 @@
+package aws
+
+import (
+ "fmt"
+ "regexp"
+ "testing"
+
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/service/cloudfront"
+ "github.com/hashicorp/terraform/helper/resource"
+ "github.com/hashicorp/terraform/terraform"
+)
+
+func TestAccAWSCloudFrontOriginAccessIdentity_basic(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudFrontOriginAccessIdentityDestroy,
+ Steps: []resource.TestStep{
+ resource.TestStep{
+ Config: testAccAWSCloudFrontOriginAccessIdentityConfig,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudFrontOriginAccessIdentityExistence("aws_cloudfront_origin_access_identity.origin_access_identity"),
+ resource.TestCheckResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity", "comment", "some comment"),
+ resource.TestMatchResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity",
+ "caller_reference",
+ regexp.MustCompile("^20[0-9]{2}.*")),
+ resource.TestMatchResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity",
+ "s3_canonical_user_id",
+ regexp.MustCompile("^[a-z0-9]+")),
+ resource.TestMatchResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity",
+ "cloudfront_access_identity_path",
+ regexp.MustCompile("^origin-access-identity/cloudfront/[A-Z0-9]+")),
+ ),
+ },
+ },
+ })
+}
+
+func TestAccAWSCloudFrontOriginAccessIdentity_noComment(t *testing.T) {
+ resource.Test(t, resource.TestCase{
+ PreCheck: func() { testAccPreCheck(t) },
+ Providers: testAccProviders,
+ CheckDestroy: testAccCheckCloudFrontOriginAccessIdentityDestroy,
+ Steps: []resource.TestStep{
+ resource.TestStep{
+ Config: testAccAWSCloudFrontOriginAccessIdentityNoCommentConfig,
+ Check: resource.ComposeTestCheckFunc(
+ testAccCheckCloudFrontOriginAccessIdentityExistence("aws_cloudfront_origin_access_identity.origin_access_identity"),
+ resource.TestMatchResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity",
+ "caller_reference",
+ regexp.MustCompile("^20[0-9]{2}.*")),
+ resource.TestMatchResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity",
+ "s3_canonical_user_id",
+ regexp.MustCompile("^[a-z0-9]+")),
+ resource.TestMatchResourceAttr("aws_cloudfront_origin_access_identity.origin_access_identity",
+ "cloudfront_access_identity_path",
+ regexp.MustCompile("^origin-access-identity/cloudfront/[A-Z0-9]+")),
+ ),
+ },
+ },
+ })
+}
+
+func testAccCheckCloudFrontOriginAccessIdentityDestroy(s *terraform.State) error {
+ conn := testAccProvider.Meta().(*AWSClient).cloudfrontconn
+
+ for _, rs := range s.RootModule().Resources {
+ if rs.Type != "aws_cloudfront_origin_access_identity" {
+ continue
+ }
+
+ params := &cloudfront.GetCloudFrontOriginAccessIdentityInput{
+ Id: aws.String(rs.Primary.ID),
+ }
+
+ _, err := conn.GetCloudFrontOriginAccessIdentity(params)
+ if err == nil {
+ return fmt.Errorf("CloudFront origin access identity was not deleted")
+ }
+ }
+
+ return nil
+}
+
+func testAccCheckCloudFrontOriginAccessIdentityExistence(r string) resource.TestCheckFunc {
+ return func(s *terraform.State) error {
+ rs, ok := s.RootModule().Resources[r]
+ if !ok {
+ return fmt.Errorf("Not found: %s", r)
+ }
+ if rs.Primary.ID == "" {
+ return fmt.Errorf("No Id is set")
+ }
+
+ conn := testAccProvider.Meta().(*AWSClient).cloudfrontconn
+
+ params := &cloudfront.GetCloudFrontOriginAccessIdentityInput{
+ Id: aws.String(rs.Primary.ID),
+ }
+
+ _, err := conn.GetCloudFrontOriginAccessIdentity(params)
+ if err != nil {
+ return fmt.Errorf("Error retrieving CloudFront distribution: %s", err)
+ }
+ return nil
+ }
+}
+
+const testAccAWSCloudFrontOriginAccessIdentityConfig = `
+resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
+ comment = "some comment"
+}
+`
+
+const testAccAWSCloudFrontOriginAccessIdentityNoCommentConfig = `
+resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
+}
+`
diff --git a/builtin/providers/aws/resource_aws_cloudfront_web_distribution.go b/builtin/providers/aws/resource_aws_cloudfront_web_distribution.go
deleted file mode 100644
index 0b0fb9b567f2..000000000000
--- a/builtin/providers/aws/resource_aws_cloudfront_web_distribution.go
+++ /dev/null
@@ -1,587 +0,0 @@
-package aws
-
-import (
- "fmt"
- "log"
- "time"
-
- "github.com/aws/aws-sdk-go/aws"
- "github.com/aws/aws-sdk-go/aws/awserr"
- "github.com/aws/aws-sdk-go/service/cloudfront"
- "github.com/hashicorp/terraform/helper/resource"
- "github.com/hashicorp/terraform/helper/schema"
-)
-
-func resourceAwsCloudFrontWebDistribution() *schema.Resource {
- return &schema.Resource{
- Create: resourceAwsCloudFrontWebDistributionCreate,
- Read: resourceAwsCloudFrontWebDistributionRead,
- Update: resourceAwsCloudFrontWebDistributionUpdate,
- Delete: resourceAwsCloudFrontWebDistributionDelete,
-
- Schema: map[string]*schema.Schema{
- "origin_domain_name": &schema.Schema{
- Type: schema.TypeString,
- Required: true,
- },
-
- "origin_http_port": &schema.Schema{
- Type: schema.TypeInt,
- Optional: true,
- Default: 80,
- },
-
- "origin_https_port": &schema.Schema{
- Type: schema.TypeInt,
- Optional: true,
- Default: 443,
- },
-
- "origin_protocol_policy": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "http-only",
- },
-
- "origin_path": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "",
- },
-
- "enabled": &schema.Schema{
- Type: schema.TypeBool,
- Optional: true,
- Default: true,
- },
-
- "comment": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- },
-
- "price_class": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "PriceClass_All",
- },
-
- "default_root_object": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- },
-
- "domain_name": &schema.Schema{
- Type: schema.TypeString,
- Computed: true,
- },
-
- "status": &schema.Schema{
- Type: schema.TypeString,
- Computed: true,
- },
-
- "viewer_protocol_policy": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "allow-all",
- },
-
- "forward_cookie": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "none",
- },
-
- "whitelisted_cookies": &schema.Schema{
- Type: schema.TypeList,
- Elem: &schema.Schema{Type: schema.TypeString},
- Optional: true,
- },
-
- "forward_query_string": &schema.Schema{
- Type: schema.TypeBool,
- Optional: true,
- Default: false,
- },
-
- "minimum_ttl": &schema.Schema{
- Type: schema.TypeInt,
- Optional: true,
- Default: 0,
- },
-
- "maximum_ttl": &schema.Schema{
- Type: schema.TypeInt,
- Optional: true,
- Default: 31536000,
- },
-
- "default_ttl": &schema.Schema{
- Type: schema.TypeInt,
- Optional: true,
- Default: 86400,
- },
-
- "smooth_streaming": &schema.Schema{
- Type: schema.TypeBool,
- Optional: true,
- },
-
- "allowed_methods": &schema.Schema{
- Type: schema.TypeList,
- Elem: &schema.Schema{Type: schema.TypeString},
- Optional: true,
- Computed: true,
- },
-
- "cached_methods": &schema.Schema{
- Type: schema.TypeList,
- Elem: &schema.Schema{Type: schema.TypeString},
- Optional: true,
- Computed: true,
- },
-
- "forwarded_headers": &schema.Schema{
- Type: schema.TypeList,
- Elem: &schema.Schema{Type: schema.TypeString},
- Optional: true,
- },
-
- "logging_enabled": &schema.Schema{
- Type: schema.TypeBool,
- Optional: true,
- Default: false,
- },
-
- "logging_include_cookies": &schema.Schema{
- Type: schema.TypeBool,
- Optional: true,
- Default: false,
- },
-
- "logging_prefix": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- },
-
- "logging_bucket": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- },
-
- "minimum_ssl": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "SSLv3",
- },
-
- "certificate_id": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- },
-
- "ssl_support_method": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "vip",
- },
-
- "aliases": &schema.Schema{
- Type: schema.TypeList,
- Elem: &schema.Schema{Type: schema.TypeString},
- Optional: true,
- },
-
- "geo_restriction_type": &schema.Schema{
- Type: schema.TypeString,
- Optional: true,
- Default: "none",
- },
-
- "geo_restrictions": &schema.Schema{
- Type: schema.TypeList,
- Elem: &schema.Schema{Type: schema.TypeString},
- Optional: true,
- },
-
- "zone_id": &schema.Schema{
- Type: schema.TypeString,
- Computed: true,
- },
- },
- }
-}
-
-func resourceAwsCloudFrontWebDistributionCreate(d *schema.ResourceData, meta interface{}) error {
- cloudfrontconn := meta.(*AWSClient).cloudfrontconn
-
- // CloudFront distribution configurations require a unique Caller Reference
- callerReference := time.Now().Format(time.RFC3339Nano)
- c, err := resourceAwsCloudFrontWebDistributionDistributionConfig(d, meta, &callerReference)
- if err != nil {
- return err
- }
-
- res, err := cloudfrontconn.CreateDistribution(&cloudfront.CreateDistributionInput{
- DistributionConfig: c,
- })
-
- if err != nil {
- return fmt.Errorf("Error creating CloudFront distribution: %s", err)
- }
-
- d.SetId(*res.Distribution.Id)
-
- err = resourceAwsCloudFrontWebDistributionWaitUntilDeployed(d, meta)
- if err != nil {
- return err
- }
-
- return resourceAwsCloudFrontWebDistributionRead(d, meta)
-}
-
-func resourceAwsCloudFrontWebDistributionRead(d *schema.ResourceData, meta interface{}) error {
- v, err := resourceAwsCloudFrontWebDistributionDistributionRetrieve(d, meta)
- if err != nil {
- if cferr, ok := err.(awserr.Error); ok && cferr.Code() == "NoSuchDistribution" {
- // Fail quietly if resource no longer exists
- d.SetId("")
- return nil
- }
- return err
- }
-
- c := v.Distribution.DistributionConfig
- d.Set("enabled", c.Enabled)
- d.Set("comment", c.Comment)
- d.Set("price_class", c.PriceClass)
- d.Set("default_root_object", c.DefaultRootObject)
- d.Set("domain_name", v.Distribution.DomainName)
- d.Set("status", v.Distribution.Status)
- d.Set("viewer_protocol_policy", c.DefaultCacheBehavior.ViewerProtocolPolicy)
- d.Set("forward_cookie", c.DefaultCacheBehavior.ForwardedValues.Cookies)
- if c.DefaultCacheBehavior.ForwardedValues.Cookies.WhitelistedNames != nil {
- d.Set("whitelisted_cookies", resourceAwsCloudFrontCopyItems(c.DefaultCacheBehavior.ForwardedValues.Cookies.WhitelistedNames.Items))
- }
- d.Set("forward_query_string", c.DefaultCacheBehavior.ForwardedValues.QueryString)
- d.Set("minimum_ttl", c.DefaultCacheBehavior.MinTTL)
- d.Set("maximum_ttl", c.DefaultCacheBehavior.MaxTTL)
- d.Set("default_ttl", c.DefaultCacheBehavior.DefaultTTL)
- d.Set("smooth_streaming", c.DefaultCacheBehavior.SmoothStreaming)
- d.Set("allowed_methods", resourceAwsCloudFrontCopyItems(c.DefaultCacheBehavior.AllowedMethods.Items))
- d.Set("cached_methods", resourceAwsCloudFrontCopyItems(c.DefaultCacheBehavior.AllowedMethods.CachedMethods.Items))
- d.Set("forwarded_headers", resourceAwsCloudFrontCopyItems(c.DefaultCacheBehavior.ForwardedValues.Headers.Items))
- d.Set("logging_enabled", c.Logging.Enabled)
- d.Set("logging_include_cookies", c.Logging.IncludeCookies)
- d.Set("logging_prefix", c.Logging.Prefix)
- d.Set("logging_bucket", c.Logging.Bucket)
- d.Set("aliases", c.Aliases.Items)
- d.Set("geo_restriction_type", c.Restrictions.GeoRestriction.RestrictionType)
- d.Set("geo_restrictions", resourceAwsCloudFrontCopyItems(c.Restrictions.GeoRestriction.Items))
- d.Set("zone_id", "Z2FDTNDATAQYW2")
-
- d.Set("minimum_ssl", c.ViewerCertificate.MinimumProtocolVersion)
- d.Set("ssl_support_method", c.ViewerCertificate.SSLSupportMethod)
- if *c.ViewerCertificate.CloudFrontDefaultCertificate == true {
- d.Set("certificate_id", "")
- } else {
- d.Set("certificate_id", c.ViewerCertificate.IAMCertificateId)
- }
-
- // CloudFront distributions supports multiple origins. However most of the above
- // configuration options also apply to a single origin which would result in
- // an overwhelming API
- o := c.Origins.Items[0]
- d.Set("origin_domain_name", o.DomainName)
- d.Set("origin_path", o.OriginPath)
- d.Set("origin_http_port", o.CustomOriginConfig.HTTPPort)
- d.Set("origin_https_port", o.CustomOriginConfig.HTTPSPort)
- d.Set("origin_protocol_policy", o.CustomOriginConfig.OriginProtocolPolicy)
-
- return nil
-}
-
-func resourceAwsCloudFrontWebDistributionUpdate(d *schema.ResourceData, meta interface{}) error {
- cloudfrontconn := meta.(*AWSClient).cloudfrontconn
-
- // CloudFront configuration changes requires the ETag of the latest changeset
- v, err := resourceAwsCloudFrontWebDistributionDistributionRetrieve(d, meta)
- if err != nil {
- return err
- }
-
- c, err := resourceAwsCloudFrontWebDistributionDistributionConfig(d, meta, v.Distribution.DistributionConfig.CallerReference)
- if err != nil {
- return err
- }
-
- params := &cloudfront.UpdateDistributionInput{
- DistributionConfig: c,
- Id: aws.String(string(d.Id())),
- IfMatch: v.ETag,
- }
-
- _, err = cloudfrontconn.UpdateDistribution(params)
-
- if err != nil {
- return fmt.Errorf("Error updating CloudFront distribution: %s", err)
- }
-
- err = resourceAwsCloudFrontWebDistributionWaitUntilDeployed(d, meta)
- if err != nil {
- return err
- }
-
- return resourceAwsCloudFrontWebDistributionRead(d, meta)
-}
-
-func resourceAwsCloudFrontWebDistributionDelete(d *schema.ResourceData, meta interface{}) error {
- cloudfrontconn := meta.(*AWSClient).cloudfrontconn
-
- v, err := resourceAwsCloudFrontWebDistributionDistributionRetrieve(d, meta)
- if err != nil {
- return err
- }
-
- // Do nothing if resource no longer exists
- if v == nil {
- return nil
- }
-
- // CloudFront distributions must be disabled in order to be deleted
- if d.Get("enabled") == true {
- d.Set("enabled", false)
-
- err := resourceAwsCloudFrontWebDistributionUpdate(d, meta)
- if err != nil {
- return err
- }
-
- // Retrieve the latest ETag again
- v, err = resourceAwsCloudFrontWebDistributionDistributionRetrieve(d, meta)
- if err != nil {
- return err
- }
- }
-
- params := &cloudfront.DeleteDistributionInput{
- Id: aws.String(string(d.Id())),
- IfMatch: v.ETag,
- }
-
- _, err = cloudfrontconn.DeleteDistribution(params)
-
- if err != nil {
- return fmt.Errorf("Error deleting CloudFront distribution: %s", err)
- }
-
- return nil
-}
-
-func resourceAwsCloudFrontWebDistributionDistributionConfig(
- d *schema.ResourceData, meta interface{},
- callerReference *string) (*cloudfront.DistributionConfig, error) {
-
- originId := fmt.Sprintf("%s-origin", d.Get("origin_domain_name"))
- aliases := resourceAwsCloudFrontWebDistributionAwsStringLists(
- d.Get("aliases"))
- geoRestrictions := resourceAwsCloudFrontWebDistributionAwsStringLists(
- d.Get("geo_restrictions"))
- allowedMethods := resourceAwsCloudFrontWebDistributionHandleMethods(
- d.Get("allowed_methods"))
- cachedMethods := resourceAwsCloudFrontWebDistributionHandleMethods(
- d.Get("cached_methods"))
- forwardedHeaders := resourceAwsCloudFrontWebDistributionAwsStringLists(
- d.Get("forwarded_headers"))
- cookies := resourceAwsCloudFrontWebDistributionCookies(
- d.Get("forward_cookie"), d.Get("whitelisted_cookies"))
- viewerCertificate := &cloudfront.ViewerCertificate{
- MinimumProtocolVersion: aws.String(d.Get("minimum_ssl").(string)),
- SSLSupportMethod: aws.String(d.Get("ssl_support_method").(string)),
- }
- if d.Get("certificate_id") == "" {
- viewerCertificate.CloudFrontDefaultCertificate = aws.Bool(true)
- } else {
- viewerCertificate.IAMCertificateId = aws.String(d.Get("certificate_id").(string))
- }
-
- // PUT DistributionConfig requires, unlike POST, EVERY possible option to be set.
- // Except for the configurable options, these are the defaults options.
- return &cloudfront.DistributionConfig{
- CallerReference: callerReference,
- Enabled: aws.Bool(d.Get("enabled").(bool)),
- Comment: aws.String(d.Get("comment").(string)),
- PriceClass: aws.String(d.Get("price_class").(string)),
- DefaultRootObject: aws.String(d.Get("default_root_object").(string)),
- Aliases: &cloudfront.Aliases{
- Quantity: aws.Int64(int64(len(aliases))),
- Items: aliases,
- },
- Origins: &cloudfront.Origins{
- Quantity: aws.Int64(1),
- Items: []*cloudfront.Origin{
- &cloudfront.Origin{
- DomainName: aws.String(d.Get("origin_domain_name").(string)),
- Id: aws.String(originId),
- OriginPath: aws.String(d.Get("origin_path").(string)),
- CustomOriginConfig: &cloudfront.CustomOriginConfig{
- HTTPPort: aws.Int64(int64(d.Get("origin_http_port").(int))),
- HTTPSPort: aws.Int64(int64(d.Get("origin_https_port").(int))),
- OriginProtocolPolicy: aws.String(d.Get("origin_protocol_policy").(string)),
- },
- },
- },
- },
- ViewerCertificate: viewerCertificate,
- Logging: &cloudfront.LoggingConfig{
- Enabled: aws.Bool(d.Get("logging_enabled").(bool)),
- IncludeCookies: aws.Bool(d.Get("logging_include_cookies").(bool)),
- Prefix: aws.String(d.Get("logging_prefix").(string)),
- Bucket: aws.String(d.Get("logging_bucket").(string)),
- },
- Restrictions: &cloudfront.Restrictions{
- GeoRestriction: &cloudfront.GeoRestriction{
- Quantity: aws.Int64(int64(len(geoRestrictions))),
- RestrictionType: aws.String(d.Get("geo_restriction_type").(string)),
- Items: geoRestrictions,
- },
- },
- DefaultCacheBehavior: &cloudfront.DefaultCacheBehavior{
- ForwardedValues: &cloudfront.ForwardedValues{
- Cookies: cookies,
- QueryString: aws.Bool(d.Get("forward_query_string").(bool)),
- Headers: &cloudfront.Headers{
- Quantity: aws.Int64(int64(len(forwardedHeaders))),
- Items: forwardedHeaders,
- },
- },
- TargetOriginId: aws.String(originId),
- ViewerProtocolPolicy: aws.String(d.Get("viewer_protocol_policy").(string)),
- MinTTL: aws.Int64(int64(d.Get("minimum_ttl").(int))),
- MaxTTL: aws.Int64(int64(d.Get("maximum_ttl").(int))),
- DefaultTTL: aws.Int64(int64(d.Get("default_ttl").(int))),
- TrustedSigners: &cloudfront.TrustedSigners{
- Enabled: aws.Bool(false),
- Quantity: aws.Int64(0),
- },
- SmoothStreaming: aws.Bool(d.Get("smooth_streaming").(bool)),
- AllowedMethods: &cloudfront.AllowedMethods{
- Quantity: aws.Int64(int64(len(allowedMethods))),
- Items: allowedMethods,
- CachedMethods: &cloudfront.CachedMethods{
- Quantity: aws.Int64(int64(len(cachedMethods))),
- Items: cachedMethods,
- },
- },
- },
- CacheBehaviors: &cloudfront.CacheBehaviors{
- Quantity: aws.Int64(0),
- },
- CustomErrorResponses: &cloudfront.CustomErrorResponses{
- Quantity: aws.Int64(0),
- },
- }, nil
-}
-
-// resourceAwsCloudFrontWebDistributionWaitUntilDeployed blocks until the
-// distribution is deployed. It currently takes exactly 15 minutes to deploy
-// but that might change in the future.
-func resourceAwsCloudFrontWebDistributionWaitUntilDeployed(
- d *schema.ResourceData, meta interface{}) error {
- stateConf := &resource.StateChangeConf{
- Pending: []string{"InProgress", "Deployed"},
- Target: "Deployed",
- Refresh: resourceAwsCloudFrontWebDistributionStateRefreshFunc(d, meta),
- Timeout: 40 * time.Minute,
- MinTimeout: 15 * time.Second,
- Delay: 10 * time.Minute,
- }
-
- _, err := stateConf.WaitForState()
- return err
-}
-
-func resourceAwsCloudFrontWebDistributionStateRefreshFunc(
- d *schema.ResourceData, meta interface{}) resource.StateRefreshFunc {
- return func() (interface{}, string, error) {
- v, err := resourceAwsCloudFrontWebDistributionDistributionRetrieve(d, meta)
-
- if err != nil {
- log.Printf("Error on retrieving CloudFront distribution when waiting: %s", err)
- return nil, "", err
- }
-
- if v == nil {
- return nil, "", nil
- }
-
- return v.Distribution, *v.Distribution.Status, nil
- }
-}
-
-func resourceAwsCloudFrontWebDistributionDistributionRetrieve(
- d *schema.ResourceData, meta interface{}) (*cloudfront.GetDistributionOutput, error) {
- cloudfrontconn := meta.(*AWSClient).cloudfrontconn
-
- req := &cloudfront.GetDistributionInput{
- Id: aws.String(d.Id()),
- }
-
- res, err := cloudfrontconn.GetDistribution(req)
- if err != nil {
- return nil, fmt.Errorf("Error retrieving CloudFront distribution: %s", err)
- }
-
- return res, nil
-}
-
-func resourceAwsCloudFrontWebDistributionAwsStringLists(in interface{}) []*string {
- list := in.([]interface{})
- out := make([]*string, 0, len(list))
- for _, r := range list {
- s := r.(string)
- out = append(out, aws.String(s))
- }
- return out
-}
-
-func resourceAwsCloudFrontWebDistributionHandleMethods(in interface{}) []*string {
- // Terraform schemas does not currently support arrays as default values
- if len(in.([]interface{})) == 0 {
- return []*string{
- aws.String("GET"),
- aws.String("HEAD"),
- }
- }
-
- return resourceAwsCloudFrontWebDistributionAwsStringLists(in)
-}
-
-func resourceAwsCloudFrontWebDistributionCookies(a, b interface{}) *cloudfront.CookiePreference {
- forwardCookie := a.(string)
-
- if forwardCookie != "whitelist" {
- return &cloudfront.CookiePreference{
- Forward: aws.String(forwardCookie),
- }
- }
-
- whitelist := resourceAwsCloudFrontWebDistributionAwsStringLists(b)
-
- return &cloudfront.CookiePreference{
- Forward: aws.String(forwardCookie),
- WhitelistedNames: &cloudfront.CookieNames{
- Quantity: aws.Int64(int64(len(whitelist))),
- Items: whitelist,
- },
- }
-}
-
-func resourceAwsCloudFrontCopyItems(d []*string) []string {
- list := make([]string, 0, len(d))
- for _, item := range d {
- list = append(list, *item)
- }
- return list
-}
diff --git a/builtin/providers/aws/resource_aws_cloudfront_web_distribution_test.go b/builtin/providers/aws/resource_aws_cloudfront_web_distribution_test.go
deleted file mode 100644
index d4810d449ca7..000000000000
--- a/builtin/providers/aws/resource_aws_cloudfront_web_distribution_test.go
+++ /dev/null
@@ -1,124 +0,0 @@
-package aws
-
-import (
- "fmt"
- "math/rand"
- "testing"
- "time"
-
- "github.com/aws/aws-sdk-go/aws"
- "github.com/aws/aws-sdk-go/service/cloudfront"
- "github.com/hashicorp/terraform/helper/resource"
- "github.com/hashicorp/terraform/terraform"
-)
-
-func TestAccAWSCloudFront_basic(t *testing.T) {
- resource.Test(t, resource.TestCase{
- PreCheck: func() { testAccPreCheck(t) },
- Providers: testAccProviders,
- CheckDestroy: testAccCheckCloudFrontDestroy,
- Steps: []resource.TestStep{
- resource.TestStep{
- Config: testAccAWSCloudFrontConfig,
- Check: resource.ComposeTestCheckFunc(
- testAccCheckCloudfrontExistance(
- "aws_cloudfront_web_distribution.main",
- ),
- ),
- },
- resource.TestStep{
- Config: testAccAWSCloudFrontUpdate,
- Check: resource.ComposeTestCheckFunc(
- testAccCheckCloudfrontExistance(
- "aws_cloudfront_web_distribution.main",
- ),
- testAccCheckCloudfrontCheckDistributionDisabled(
- "aws_cloudfront_web_distribution.main",
- ),
- testAccCheckCloudfrontCheckDistributionAlias(
- "aws_cloudfront_web_distribution.main",
- ),
- ),
- },
- },
- })
-}
-
-func testAccCheckCloudFrontDestroy(s *terraform.State) error {
- if len(s.RootModule().Resources) > 0 {
- return fmt.Errorf("Expected all resources to be gone, but found: %#v", s.RootModule().Resources)
- }
-
- return nil
-}
-
-func testAccCheckCloudfrontExistance(cloudFrontResource string) resource.TestCheckFunc {
- return func(s *terraform.State) error {
- _, err := testAccAuxCloudfrontGetDistributionConfig(s, cloudFrontResource)
-
- return err
- }
-}
-
-func testAccCheckCloudfrontCheckDistributionDisabled(cloudFrontResource string) resource.TestCheckFunc {
- return func(s *terraform.State) error {
- dist, _ := testAccAuxCloudfrontGetDistributionConfig(s, cloudFrontResource)
-
- if *dist.DistributionConfig.Enabled != false {
- return fmt.Errorf("CloudFront distribution should be disabled")
- }
-
- return nil
- }
-}
-
-func testAccCheckCloudfrontCheckDistributionAlias(cloudFrontResource string) resource.TestCheckFunc {
- return func(s *terraform.State) error {
- dist, _ := testAccAuxCloudfrontGetDistributionConfig(s, cloudFrontResource)
-
- if len(dist.DistributionConfig.Aliases.Items) != 1 {
- return fmt.Errorf("CloudFront failed updating aliases")
- }
-
- return nil
- }
-}
-
-func testAccAuxCloudfrontGetDistributionConfig(s *terraform.State, cloudFrontResource string) (*cloudfront.Distribution, error) {
- cf, ok := s.RootModule().Resources[cloudFrontResource]
- if !ok {
- return nil, fmt.Errorf("Not found: %s", cloudFrontResource)
- }
-
- if cf.Primary.ID == "" {
- return nil, fmt.Errorf("No Id is set")
- }
-
- cloudfrontconn := testAccProvider.Meta().(*AWSClient).cloudfrontconn
-
- req := &cloudfront.GetDistributionInput{
- Id: aws.String(cf.Primary.ID),
- }
-
- res, err := cloudfrontconn.GetDistribution(req)
- if err != nil {
- return nil, fmt.Errorf("Error retrieving CloudFront distribution: %s", err)
- }
-
- return res.Distribution, nil
-}
-
-const testAccAWSCloudFrontConfig = `
-resource "aws_cloudfront_web_distribution" "main" {
- origin_domain_name = "fileserver.example.com"
-}
-`
-
-// CloudFront does not allow CNAME conflicts on the same account
-var testAccAWSCloudFrontUpdate = fmt.Sprintf(`
-resource "aws_cloudfront_web_distribution" "main" {
- enabled = false
- origin_domain_name = "fileserver.example.com"
- aliases = ["static-%d.example.com"]
-}
-`, rand.New(rand.NewSource(time.Now().UnixNano())).Int())
diff --git a/builtin/providers/aws/structure.go b/builtin/providers/aws/structure.go
index 72766c0269d6..318a3702ea9c 100644
--- a/builtin/providers/aws/structure.go
+++ b/builtin/providers/aws/structure.go
@@ -1016,3 +1016,23 @@ func flattenCloudWachLogMetricTransformations(ts []*cloudwatchlogs.MetricTransfo
return m
}
+
+// There are several parts of the AWS API that will sort lists of strings,
+// causing diffs inbetweeen resources that use lists. This avoids a bit of
+// code duplication for pre-sorts that can be used for things like hash
+// functions, etc.
+func sortInterfaceSlice(in []interface{}) []interface{} {
+ a := []string{}
+ b := []interface{}{}
+ for _, v := range in {
+ a = append(a, v.(string))
+ }
+
+ sort.Strings(a)
+
+ for _, v := range a {
+ b = append(b, v)
+ }
+
+ return b
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudfront/api.go b/vendor/github.com/aws/aws-sdk-go/service/cloudfront/api.go
new file mode 100644
index 000000000000..cfdb35577d71
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/cloudfront/api.go
@@ -0,0 +1,3450 @@
+// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
+
+// Package cloudfront provides a client for Amazon CloudFront.
+package cloudfront
+
+import (
+ "time"
+
+ "github.com/aws/aws-sdk-go/aws/awsutil"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol"
+ "github.com/aws/aws-sdk-go/private/protocol/restxml"
+)
+
+const opCreateCloudFrontOriginAccessIdentity = "CreateCloudFrontOriginAccessIdentity2016_01_28"
+
+// CreateCloudFrontOriginAccessIdentityRequest generates a request for the CreateCloudFrontOriginAccessIdentity operation.
+func (c *CloudFront) CreateCloudFrontOriginAccessIdentityRequest(input *CreateCloudFrontOriginAccessIdentityInput) (req *request.Request, output *CreateCloudFrontOriginAccessIdentityOutput) {
+ op := &request.Operation{
+ Name: opCreateCloudFrontOriginAccessIdentity,
+ HTTPMethod: "POST",
+ HTTPPath: "/2016-01-28/origin-access-identity/cloudfront",
+ }
+
+ if input == nil {
+ input = &CreateCloudFrontOriginAccessIdentityInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &CreateCloudFrontOriginAccessIdentityOutput{}
+ req.Data = output
+ return
+}
+
+// Create a new origin access identity.
+func (c *CloudFront) CreateCloudFrontOriginAccessIdentity(input *CreateCloudFrontOriginAccessIdentityInput) (*CreateCloudFrontOriginAccessIdentityOutput, error) {
+ req, out := c.CreateCloudFrontOriginAccessIdentityRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opCreateDistribution = "CreateDistribution2016_01_28"
+
+// CreateDistributionRequest generates a request for the CreateDistribution operation.
+func (c *CloudFront) CreateDistributionRequest(input *CreateDistributionInput) (req *request.Request, output *CreateDistributionOutput) {
+ op := &request.Operation{
+ Name: opCreateDistribution,
+ HTTPMethod: "POST",
+ HTTPPath: "/2016-01-28/distribution",
+ }
+
+ if input == nil {
+ input = &CreateDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &CreateDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Create a new distribution.
+func (c *CloudFront) CreateDistribution(input *CreateDistributionInput) (*CreateDistributionOutput, error) {
+ req, out := c.CreateDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opCreateInvalidation = "CreateInvalidation2016_01_28"
+
+// CreateInvalidationRequest generates a request for the CreateInvalidation operation.
+func (c *CloudFront) CreateInvalidationRequest(input *CreateInvalidationInput) (req *request.Request, output *CreateInvalidationOutput) {
+ op := &request.Operation{
+ Name: opCreateInvalidation,
+ HTTPMethod: "POST",
+ HTTPPath: "/2016-01-28/distribution/{DistributionId}/invalidation",
+ }
+
+ if input == nil {
+ input = &CreateInvalidationInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &CreateInvalidationOutput{}
+ req.Data = output
+ return
+}
+
+// Create a new invalidation.
+func (c *CloudFront) CreateInvalidation(input *CreateInvalidationInput) (*CreateInvalidationOutput, error) {
+ req, out := c.CreateInvalidationRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opCreateStreamingDistribution = "CreateStreamingDistribution2016_01_28"
+
+// CreateStreamingDistributionRequest generates a request for the CreateStreamingDistribution operation.
+func (c *CloudFront) CreateStreamingDistributionRequest(input *CreateStreamingDistributionInput) (req *request.Request, output *CreateStreamingDistributionOutput) {
+ op := &request.Operation{
+ Name: opCreateStreamingDistribution,
+ HTTPMethod: "POST",
+ HTTPPath: "/2016-01-28/streaming-distribution",
+ }
+
+ if input == nil {
+ input = &CreateStreamingDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &CreateStreamingDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Create a new streaming distribution.
+func (c *CloudFront) CreateStreamingDistribution(input *CreateStreamingDistributionInput) (*CreateStreamingDistributionOutput, error) {
+ req, out := c.CreateStreamingDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opDeleteCloudFrontOriginAccessIdentity = "DeleteCloudFrontOriginAccessIdentity2016_01_28"
+
+// DeleteCloudFrontOriginAccessIdentityRequest generates a request for the DeleteCloudFrontOriginAccessIdentity operation.
+func (c *CloudFront) DeleteCloudFrontOriginAccessIdentityRequest(input *DeleteCloudFrontOriginAccessIdentityInput) (req *request.Request, output *DeleteCloudFrontOriginAccessIdentityOutput) {
+ op := &request.Operation{
+ Name: opDeleteCloudFrontOriginAccessIdentity,
+ HTTPMethod: "DELETE",
+ HTTPPath: "/2016-01-28/origin-access-identity/cloudfront/{Id}",
+ }
+
+ if input == nil {
+ input = &DeleteCloudFrontOriginAccessIdentityInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Remove(restxml.UnmarshalHandler)
+ req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
+ output = &DeleteCloudFrontOriginAccessIdentityOutput{}
+ req.Data = output
+ return
+}
+
+// Delete an origin access identity.
+func (c *CloudFront) DeleteCloudFrontOriginAccessIdentity(input *DeleteCloudFrontOriginAccessIdentityInput) (*DeleteCloudFrontOriginAccessIdentityOutput, error) {
+ req, out := c.DeleteCloudFrontOriginAccessIdentityRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opDeleteDistribution = "DeleteDistribution2016_01_28"
+
+// DeleteDistributionRequest generates a request for the DeleteDistribution operation.
+func (c *CloudFront) DeleteDistributionRequest(input *DeleteDistributionInput) (req *request.Request, output *DeleteDistributionOutput) {
+ op := &request.Operation{
+ Name: opDeleteDistribution,
+ HTTPMethod: "DELETE",
+ HTTPPath: "/2016-01-28/distribution/{Id}",
+ }
+
+ if input == nil {
+ input = &DeleteDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Remove(restxml.UnmarshalHandler)
+ req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
+ output = &DeleteDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Delete a distribution.
+func (c *CloudFront) DeleteDistribution(input *DeleteDistributionInput) (*DeleteDistributionOutput, error) {
+ req, out := c.DeleteDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opDeleteStreamingDistribution = "DeleteStreamingDistribution2016_01_28"
+
+// DeleteStreamingDistributionRequest generates a request for the DeleteStreamingDistribution operation.
+func (c *CloudFront) DeleteStreamingDistributionRequest(input *DeleteStreamingDistributionInput) (req *request.Request, output *DeleteStreamingDistributionOutput) {
+ op := &request.Operation{
+ Name: opDeleteStreamingDistribution,
+ HTTPMethod: "DELETE",
+ HTTPPath: "/2016-01-28/streaming-distribution/{Id}",
+ }
+
+ if input == nil {
+ input = &DeleteStreamingDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ req.Handlers.Unmarshal.Remove(restxml.UnmarshalHandler)
+ req.Handlers.Unmarshal.PushBackNamed(protocol.UnmarshalDiscardBodyHandler)
+ output = &DeleteStreamingDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Delete a streaming distribution.
+func (c *CloudFront) DeleteStreamingDistribution(input *DeleteStreamingDistributionInput) (*DeleteStreamingDistributionOutput, error) {
+ req, out := c.DeleteStreamingDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetCloudFrontOriginAccessIdentity = "GetCloudFrontOriginAccessIdentity2016_01_28"
+
+// GetCloudFrontOriginAccessIdentityRequest generates a request for the GetCloudFrontOriginAccessIdentity operation.
+func (c *CloudFront) GetCloudFrontOriginAccessIdentityRequest(input *GetCloudFrontOriginAccessIdentityInput) (req *request.Request, output *GetCloudFrontOriginAccessIdentityOutput) {
+ op := &request.Operation{
+ Name: opGetCloudFrontOriginAccessIdentity,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/origin-access-identity/cloudfront/{Id}",
+ }
+
+ if input == nil {
+ input = &GetCloudFrontOriginAccessIdentityInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetCloudFrontOriginAccessIdentityOutput{}
+ req.Data = output
+ return
+}
+
+// Get the information about an origin access identity.
+func (c *CloudFront) GetCloudFrontOriginAccessIdentity(input *GetCloudFrontOriginAccessIdentityInput) (*GetCloudFrontOriginAccessIdentityOutput, error) {
+ req, out := c.GetCloudFrontOriginAccessIdentityRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetCloudFrontOriginAccessIdentityConfig = "GetCloudFrontOriginAccessIdentityConfig2016_01_28"
+
+// GetCloudFrontOriginAccessIdentityConfigRequest generates a request for the GetCloudFrontOriginAccessIdentityConfig operation.
+func (c *CloudFront) GetCloudFrontOriginAccessIdentityConfigRequest(input *GetCloudFrontOriginAccessIdentityConfigInput) (req *request.Request, output *GetCloudFrontOriginAccessIdentityConfigOutput) {
+ op := &request.Operation{
+ Name: opGetCloudFrontOriginAccessIdentityConfig,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/origin-access-identity/cloudfront/{Id}/config",
+ }
+
+ if input == nil {
+ input = &GetCloudFrontOriginAccessIdentityConfigInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetCloudFrontOriginAccessIdentityConfigOutput{}
+ req.Data = output
+ return
+}
+
+// Get the configuration information about an origin access identity.
+func (c *CloudFront) GetCloudFrontOriginAccessIdentityConfig(input *GetCloudFrontOriginAccessIdentityConfigInput) (*GetCloudFrontOriginAccessIdentityConfigOutput, error) {
+ req, out := c.GetCloudFrontOriginAccessIdentityConfigRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetDistribution = "GetDistribution2016_01_28"
+
+// GetDistributionRequest generates a request for the GetDistribution operation.
+func (c *CloudFront) GetDistributionRequest(input *GetDistributionInput) (req *request.Request, output *GetDistributionOutput) {
+ op := &request.Operation{
+ Name: opGetDistribution,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/distribution/{Id}",
+ }
+
+ if input == nil {
+ input = &GetDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Get the information about a distribution.
+func (c *CloudFront) GetDistribution(input *GetDistributionInput) (*GetDistributionOutput, error) {
+ req, out := c.GetDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetDistributionConfig = "GetDistributionConfig2016_01_28"
+
+// GetDistributionConfigRequest generates a request for the GetDistributionConfig operation.
+func (c *CloudFront) GetDistributionConfigRequest(input *GetDistributionConfigInput) (req *request.Request, output *GetDistributionConfigOutput) {
+ op := &request.Operation{
+ Name: opGetDistributionConfig,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/distribution/{Id}/config",
+ }
+
+ if input == nil {
+ input = &GetDistributionConfigInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetDistributionConfigOutput{}
+ req.Data = output
+ return
+}
+
+// Get the configuration information about a distribution.
+func (c *CloudFront) GetDistributionConfig(input *GetDistributionConfigInput) (*GetDistributionConfigOutput, error) {
+ req, out := c.GetDistributionConfigRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetInvalidation = "GetInvalidation2016_01_28"
+
+// GetInvalidationRequest generates a request for the GetInvalidation operation.
+func (c *CloudFront) GetInvalidationRequest(input *GetInvalidationInput) (req *request.Request, output *GetInvalidationOutput) {
+ op := &request.Operation{
+ Name: opGetInvalidation,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/distribution/{DistributionId}/invalidation/{Id}",
+ }
+
+ if input == nil {
+ input = &GetInvalidationInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetInvalidationOutput{}
+ req.Data = output
+ return
+}
+
+// Get the information about an invalidation.
+func (c *CloudFront) GetInvalidation(input *GetInvalidationInput) (*GetInvalidationOutput, error) {
+ req, out := c.GetInvalidationRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetStreamingDistribution = "GetStreamingDistribution2016_01_28"
+
+// GetStreamingDistributionRequest generates a request for the GetStreamingDistribution operation.
+func (c *CloudFront) GetStreamingDistributionRequest(input *GetStreamingDistributionInput) (req *request.Request, output *GetStreamingDistributionOutput) {
+ op := &request.Operation{
+ Name: opGetStreamingDistribution,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/streaming-distribution/{Id}",
+ }
+
+ if input == nil {
+ input = &GetStreamingDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetStreamingDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Get the information about a streaming distribution.
+func (c *CloudFront) GetStreamingDistribution(input *GetStreamingDistributionInput) (*GetStreamingDistributionOutput, error) {
+ req, out := c.GetStreamingDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opGetStreamingDistributionConfig = "GetStreamingDistributionConfig2016_01_28"
+
+// GetStreamingDistributionConfigRequest generates a request for the GetStreamingDistributionConfig operation.
+func (c *CloudFront) GetStreamingDistributionConfigRequest(input *GetStreamingDistributionConfigInput) (req *request.Request, output *GetStreamingDistributionConfigOutput) {
+ op := &request.Operation{
+ Name: opGetStreamingDistributionConfig,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/streaming-distribution/{Id}/config",
+ }
+
+ if input == nil {
+ input = &GetStreamingDistributionConfigInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &GetStreamingDistributionConfigOutput{}
+ req.Data = output
+ return
+}
+
+// Get the configuration information about a streaming distribution.
+func (c *CloudFront) GetStreamingDistributionConfig(input *GetStreamingDistributionConfigInput) (*GetStreamingDistributionConfigOutput, error) {
+ req, out := c.GetStreamingDistributionConfigRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opListCloudFrontOriginAccessIdentities = "ListCloudFrontOriginAccessIdentities2016_01_28"
+
+// ListCloudFrontOriginAccessIdentitiesRequest generates a request for the ListCloudFrontOriginAccessIdentities operation.
+func (c *CloudFront) ListCloudFrontOriginAccessIdentitiesRequest(input *ListCloudFrontOriginAccessIdentitiesInput) (req *request.Request, output *ListCloudFrontOriginAccessIdentitiesOutput) {
+ op := &request.Operation{
+ Name: opListCloudFrontOriginAccessIdentities,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/origin-access-identity/cloudfront",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"Marker"},
+ OutputTokens: []string{"CloudFrontOriginAccessIdentityList.NextMarker"},
+ LimitToken: "MaxItems",
+ TruncationToken: "CloudFrontOriginAccessIdentityList.IsTruncated",
+ },
+ }
+
+ if input == nil {
+ input = &ListCloudFrontOriginAccessIdentitiesInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &ListCloudFrontOriginAccessIdentitiesOutput{}
+ req.Data = output
+ return
+}
+
+// List origin access identities.
+func (c *CloudFront) ListCloudFrontOriginAccessIdentities(input *ListCloudFrontOriginAccessIdentitiesInput) (*ListCloudFrontOriginAccessIdentitiesOutput, error) {
+ req, out := c.ListCloudFrontOriginAccessIdentitiesRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+func (c *CloudFront) ListCloudFrontOriginAccessIdentitiesPages(input *ListCloudFrontOriginAccessIdentitiesInput, fn func(p *ListCloudFrontOriginAccessIdentitiesOutput, lastPage bool) (shouldContinue bool)) error {
+ page, _ := c.ListCloudFrontOriginAccessIdentitiesRequest(input)
+ page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator"))
+ return page.EachPage(func(p interface{}, lastPage bool) bool {
+ return fn(p.(*ListCloudFrontOriginAccessIdentitiesOutput), lastPage)
+ })
+}
+
+const opListDistributions = "ListDistributions2016_01_28"
+
+// ListDistributionsRequest generates a request for the ListDistributions operation.
+func (c *CloudFront) ListDistributionsRequest(input *ListDistributionsInput) (req *request.Request, output *ListDistributionsOutput) {
+ op := &request.Operation{
+ Name: opListDistributions,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/distribution",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"Marker"},
+ OutputTokens: []string{"DistributionList.NextMarker"},
+ LimitToken: "MaxItems",
+ TruncationToken: "DistributionList.IsTruncated",
+ },
+ }
+
+ if input == nil {
+ input = &ListDistributionsInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &ListDistributionsOutput{}
+ req.Data = output
+ return
+}
+
+// List distributions.
+func (c *CloudFront) ListDistributions(input *ListDistributionsInput) (*ListDistributionsOutput, error) {
+ req, out := c.ListDistributionsRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+func (c *CloudFront) ListDistributionsPages(input *ListDistributionsInput, fn func(p *ListDistributionsOutput, lastPage bool) (shouldContinue bool)) error {
+ page, _ := c.ListDistributionsRequest(input)
+ page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator"))
+ return page.EachPage(func(p interface{}, lastPage bool) bool {
+ return fn(p.(*ListDistributionsOutput), lastPage)
+ })
+}
+
+const opListDistributionsByWebACLId = "ListDistributionsByWebACLId2016_01_28"
+
+// ListDistributionsByWebACLIdRequest generates a request for the ListDistributionsByWebACLId operation.
+func (c *CloudFront) ListDistributionsByWebACLIdRequest(input *ListDistributionsByWebACLIdInput) (req *request.Request, output *ListDistributionsByWebACLIdOutput) {
+ op := &request.Operation{
+ Name: opListDistributionsByWebACLId,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/distributionsByWebACLId/{WebACLId}",
+ }
+
+ if input == nil {
+ input = &ListDistributionsByWebACLIdInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &ListDistributionsByWebACLIdOutput{}
+ req.Data = output
+ return
+}
+
+// List the distributions that are associated with a specified AWS WAF web ACL.
+func (c *CloudFront) ListDistributionsByWebACLId(input *ListDistributionsByWebACLIdInput) (*ListDistributionsByWebACLIdOutput, error) {
+ req, out := c.ListDistributionsByWebACLIdRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opListInvalidations = "ListInvalidations2016_01_28"
+
+// ListInvalidationsRequest generates a request for the ListInvalidations operation.
+func (c *CloudFront) ListInvalidationsRequest(input *ListInvalidationsInput) (req *request.Request, output *ListInvalidationsOutput) {
+ op := &request.Operation{
+ Name: opListInvalidations,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/distribution/{DistributionId}/invalidation",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"Marker"},
+ OutputTokens: []string{"InvalidationList.NextMarker"},
+ LimitToken: "MaxItems",
+ TruncationToken: "InvalidationList.IsTruncated",
+ },
+ }
+
+ if input == nil {
+ input = &ListInvalidationsInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &ListInvalidationsOutput{}
+ req.Data = output
+ return
+}
+
+// List invalidation batches.
+func (c *CloudFront) ListInvalidations(input *ListInvalidationsInput) (*ListInvalidationsOutput, error) {
+ req, out := c.ListInvalidationsRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+func (c *CloudFront) ListInvalidationsPages(input *ListInvalidationsInput, fn func(p *ListInvalidationsOutput, lastPage bool) (shouldContinue bool)) error {
+ page, _ := c.ListInvalidationsRequest(input)
+ page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator"))
+ return page.EachPage(func(p interface{}, lastPage bool) bool {
+ return fn(p.(*ListInvalidationsOutput), lastPage)
+ })
+}
+
+const opListStreamingDistributions = "ListStreamingDistributions2016_01_28"
+
+// ListStreamingDistributionsRequest generates a request for the ListStreamingDistributions operation.
+func (c *CloudFront) ListStreamingDistributionsRequest(input *ListStreamingDistributionsInput) (req *request.Request, output *ListStreamingDistributionsOutput) {
+ op := &request.Operation{
+ Name: opListStreamingDistributions,
+ HTTPMethod: "GET",
+ HTTPPath: "/2016-01-28/streaming-distribution",
+ Paginator: &request.Paginator{
+ InputTokens: []string{"Marker"},
+ OutputTokens: []string{"StreamingDistributionList.NextMarker"},
+ LimitToken: "MaxItems",
+ TruncationToken: "StreamingDistributionList.IsTruncated",
+ },
+ }
+
+ if input == nil {
+ input = &ListStreamingDistributionsInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &ListStreamingDistributionsOutput{}
+ req.Data = output
+ return
+}
+
+// List streaming distributions.
+func (c *CloudFront) ListStreamingDistributions(input *ListStreamingDistributionsInput) (*ListStreamingDistributionsOutput, error) {
+ req, out := c.ListStreamingDistributionsRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+func (c *CloudFront) ListStreamingDistributionsPages(input *ListStreamingDistributionsInput, fn func(p *ListStreamingDistributionsOutput, lastPage bool) (shouldContinue bool)) error {
+ page, _ := c.ListStreamingDistributionsRequest(input)
+ page.Handlers.Build.PushBack(request.MakeAddToUserAgentFreeFormHandler("Paginator"))
+ return page.EachPage(func(p interface{}, lastPage bool) bool {
+ return fn(p.(*ListStreamingDistributionsOutput), lastPage)
+ })
+}
+
+const opUpdateCloudFrontOriginAccessIdentity = "UpdateCloudFrontOriginAccessIdentity2016_01_28"
+
+// UpdateCloudFrontOriginAccessIdentityRequest generates a request for the UpdateCloudFrontOriginAccessIdentity operation.
+func (c *CloudFront) UpdateCloudFrontOriginAccessIdentityRequest(input *UpdateCloudFrontOriginAccessIdentityInput) (req *request.Request, output *UpdateCloudFrontOriginAccessIdentityOutput) {
+ op := &request.Operation{
+ Name: opUpdateCloudFrontOriginAccessIdentity,
+ HTTPMethod: "PUT",
+ HTTPPath: "/2016-01-28/origin-access-identity/cloudfront/{Id}/config",
+ }
+
+ if input == nil {
+ input = &UpdateCloudFrontOriginAccessIdentityInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &UpdateCloudFrontOriginAccessIdentityOutput{}
+ req.Data = output
+ return
+}
+
+// Update an origin access identity.
+func (c *CloudFront) UpdateCloudFrontOriginAccessIdentity(input *UpdateCloudFrontOriginAccessIdentityInput) (*UpdateCloudFrontOriginAccessIdentityOutput, error) {
+ req, out := c.UpdateCloudFrontOriginAccessIdentityRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opUpdateDistribution = "UpdateDistribution2016_01_28"
+
+// UpdateDistributionRequest generates a request for the UpdateDistribution operation.
+func (c *CloudFront) UpdateDistributionRequest(input *UpdateDistributionInput) (req *request.Request, output *UpdateDistributionOutput) {
+ op := &request.Operation{
+ Name: opUpdateDistribution,
+ HTTPMethod: "PUT",
+ HTTPPath: "/2016-01-28/distribution/{Id}/config",
+ }
+
+ if input == nil {
+ input = &UpdateDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &UpdateDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Update a distribution.
+func (c *CloudFront) UpdateDistribution(input *UpdateDistributionInput) (*UpdateDistributionOutput, error) {
+ req, out := c.UpdateDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+const opUpdateStreamingDistribution = "UpdateStreamingDistribution2016_01_28"
+
+// UpdateStreamingDistributionRequest generates a request for the UpdateStreamingDistribution operation.
+func (c *CloudFront) UpdateStreamingDistributionRequest(input *UpdateStreamingDistributionInput) (req *request.Request, output *UpdateStreamingDistributionOutput) {
+ op := &request.Operation{
+ Name: opUpdateStreamingDistribution,
+ HTTPMethod: "PUT",
+ HTTPPath: "/2016-01-28/streaming-distribution/{Id}/config",
+ }
+
+ if input == nil {
+ input = &UpdateStreamingDistributionInput{}
+ }
+
+ req = c.newRequest(op, input, output)
+ output = &UpdateStreamingDistributionOutput{}
+ req.Data = output
+ return
+}
+
+// Update a streaming distribution.
+func (c *CloudFront) UpdateStreamingDistribution(input *UpdateStreamingDistributionInput) (*UpdateStreamingDistributionOutput, error) {
+ req, out := c.UpdateStreamingDistributionRequest(input)
+ err := req.Send()
+ return out, err
+}
+
+// A complex type that lists the AWS accounts, if any, that you included in
+// the TrustedSigners complex type for the default cache behavior or for any
+// of the other cache behaviors for this distribution. These are accounts that
+// you want to allow to create signed URLs for private content.
+type ActiveTrustedSigners struct {
+ _ struct{} `type:"structure"`
+
+ // Each active trusted signer.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // A complex type that contains one Signer complex type for each unique trusted
+ // signer that is specified in the TrustedSigners complex type, including trusted
+ // signers in the default cache behavior and in all of the other cache behaviors.
+ Items []*Signer `locationNameList:"Signer" type:"list"`
+
+ // The number of unique trusted signers included in all cache behaviors. For
+ // example, if three cache behaviors all list the same three AWS accounts, the
+ // value of Quantity for ActiveTrustedSigners will be 3.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s ActiveTrustedSigners) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ActiveTrustedSigners) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information about CNAMEs (alternate domain names),
+// if any, for this distribution.
+type Aliases struct {
+ _ struct{} `type:"structure"`
+
+ // Optional: A complex type that contains CNAME elements, if any, for this distribution.
+ // If Quantity is 0, you can omit Items.
+ Items []*string `locationNameList:"CNAME" type:"list"`
+
+ // The number of CNAMEs, if any, for this distribution.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s Aliases) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Aliases) GoString() string {
+ return s.String()
+}
+
+// A complex type that controls which HTTP methods CloudFront processes and
+// forwards to your Amazon S3 bucket or your custom origin. There are three
+// choices: - CloudFront forwards only GET and HEAD requests. - CloudFront forwards
+// only GET, HEAD and OPTIONS requests. - CloudFront forwards GET, HEAD, OPTIONS,
+// PUT, PATCH, POST, and DELETE requests. If you pick the third choice, you
+// may need to restrict access to your Amazon S3 bucket or to your custom origin
+// so users can't perform operations that you don't want them to. For example,
+// you may not want users to have permission to delete objects from your origin.
+type AllowedMethods struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that controls whether CloudFront caches the response to requests
+ // using the specified HTTP methods. There are two choices: - CloudFront caches
+ // responses to GET and HEAD requests. - CloudFront caches responses to GET,
+ // HEAD, and OPTIONS requests. If you pick the second choice for your S3 Origin,
+ // you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers
+ // and Origin headers for the responses to be cached correctly.
+ CachedMethods *CachedMethods `type:"structure"`
+
+ // A complex type that contains the HTTP methods that you want CloudFront to
+ // process and forward to your origin.
+ Items []*string `locationNameList:"Method" type:"list" required:"true"`
+
+ // The number of HTTP methods that you want CloudFront to forward to your origin.
+ // Valid values are 2 (for GET and HEAD requests), 3 (for GET, HEAD and OPTIONS
+ // requests) and 7 (for GET, HEAD, OPTIONS, PUT, PATCH, POST, and DELETE requests).
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s AllowedMethods) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s AllowedMethods) GoString() string {
+ return s.String()
+}
+
+// A complex type that describes how CloudFront processes requests. You can
+// create up to 10 cache behaviors.You must create at least as many cache behaviors
+// (including the default cache behavior) as you have origins if you want CloudFront
+// to distribute objects from all of the origins. Each cache behavior specifies
+// the one origin from which you want CloudFront to get objects. If you have
+// two origins and only the default cache behavior, the default cache behavior
+// will cause CloudFront to get objects from one of the origins, but the other
+// origin will never be used. If you don't want to specify any cache behaviors,
+// include only an empty CacheBehaviors element. Don't include an empty CacheBehavior
+// element, or CloudFront returns a MalformedXML error. To delete all cache
+// behaviors in an existing distribution, update the distribution configuration
+// and include only an empty CacheBehaviors element. To add, change, or remove
+// one or more cache behaviors, update the distribution configuration and specify
+// all of the cache behaviors that you want to include in the updated distribution.
+type CacheBehavior struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that controls which HTTP methods CloudFront processes and
+ // forwards to your Amazon S3 bucket or your custom origin. There are three
+ // choices: - CloudFront forwards only GET and HEAD requests. - CloudFront forwards
+ // only GET, HEAD and OPTIONS requests. - CloudFront forwards GET, HEAD, OPTIONS,
+ // PUT, PATCH, POST, and DELETE requests. If you pick the third choice, you
+ // may need to restrict access to your Amazon S3 bucket or to your custom origin
+ // so users can't perform operations that you don't want them to. For example,
+ // you may not want users to have permission to delete objects from your origin.
+ AllowedMethods *AllowedMethods `type:"structure"`
+
+ // Whether you want CloudFront to automatically compress content for web requests
+ // that include Accept-Encoding: gzip in the request header. If so, specify
+ // true; if not, specify false. CloudFront compresses files larger than 1000
+ // bytes and less than 1 megabyte for both Amazon S3 and custom origins. When
+ // a CloudFront edge location is unusually busy, some files might not be compressed.
+ // The value of the Content-Type header must be on the list of file types that
+ // CloudFront will compress. For the current list, see Serving Compressed Content
+ // (http://docs.aws.amazon.com/console/cloudfront/compressed-content) in the
+ // Amazon CloudFront Developer Guide. If you configure CloudFront to compress
+ // content, CloudFront removes the ETag response header from the objects that
+ // it compresses. The ETag header indicates that the version in a CloudFront
+ // edge cache is identical to the version on the origin server, but after compression
+ // the two versions are no longer identical. As a result, for compressed objects,
+ // CloudFront can't use the ETag header to determine whether an expired object
+ // in the CloudFront edge cache is still the latest version.
+ Compress *bool `type:"boolean"`
+
+ // If you don't configure your origin to add a Cache-Control max-age directive
+ // or an Expires header, DefaultTTL is the default amount of time (in seconds)
+ // that an object is in a CloudFront cache before CloudFront forwards another
+ // request to your origin to determine whether the object has been updated.
+ // The value that you specify applies only when your origin does not add HTTP
+ // headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires
+ // to objects. You can specify a value from 0 to 3,153,600,000 seconds (100
+ // years).
+ DefaultTTL *int64 `type:"long"`
+
+ // A complex type that specifies how CloudFront handles query strings, cookies
+ // and headers.
+ ForwardedValues *ForwardedValues `type:"structure" required:"true"`
+
+ // The maximum amount of time (in seconds) that an object is in a CloudFront
+ // cache before CloudFront forwards another request to your origin to determine
+ // whether the object has been updated. The value that you specify applies only
+ // when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control
+ // s-maxage, and Expires to objects. You can specify a value from 0 to 3,153,600,000
+ // seconds (100 years).
+ MaxTTL *int64 `type:"long"`
+
+ // The minimum amount of time that you want objects to stay in CloudFront caches
+ // before CloudFront queries your origin to see whether the object has been
+ // updated.You can specify a value from 0 to 3,153,600,000 seconds (100 years).
+ MinTTL *int64 `type:"long" required:"true"`
+
+ // The pattern (for example, images/*.jpg) that specifies which requests you
+ // want this cache behavior to apply to. When CloudFront receives an end-user
+ // request, the requested path is compared with path patterns in the order in
+ // which cache behaviors are listed in the distribution. The path pattern for
+ // the default cache behavior is * and cannot be changed. If the request for
+ // an object does not match the path pattern for any cache behaviors, CloudFront
+ // applies the behavior in the default cache behavior.
+ PathPattern *string `type:"string" required:"true"`
+
+ // Indicates whether you want to distribute media files in Microsoft Smooth
+ // Streaming format using the origin that is associated with this cache behavior.
+ // If so, specify true; if not, specify false.
+ SmoothStreaming *bool `type:"boolean"`
+
+ // The value of ID for the origin that you want CloudFront to route requests
+ // to when a request matches the path pattern either for a cache behavior or
+ // for the default cache behavior.
+ TargetOriginId *string `type:"string" required:"true"`
+
+ // A complex type that specifies the AWS accounts, if any, that you want to
+ // allow to create signed URLs for private content. If you want to require signed
+ // URLs in requests for objects in the target origin that match the PathPattern
+ // for this cache behavior, specify true for Enabled, and specify the applicable
+ // values for Quantity and Items. For more information, go to Using a Signed
+ // URL to Serve Private Content in the Amazon CloudFront Developer Guide. If
+ // you don't want to require signed URLs in requests for objects that match
+ // PathPattern, specify false for Enabled and 0 for Quantity. Omit Items. To
+ // add, change, or remove one or more trusted signers, change Enabled to true
+ // (if it's currently false), change Quantity as applicable, and specify all
+ // of the trusted signers that you want to include in the updated distribution.
+ TrustedSigners *TrustedSigners `type:"structure" required:"true"`
+
+ // Use this element to specify the protocol that users can use to access the
+ // files in the origin specified by TargetOriginId when a request matches the
+ // path pattern in PathPattern. If you want CloudFront to allow end users to
+ // use any available protocol, specify allow-all. If you want CloudFront to
+ // require HTTPS, specify https. If you want CloudFront to respond to an HTTP
+ // request with an HTTP status code of 301 (Moved Permanently) and the HTTPS
+ // URL, specify redirect-to-https. The viewer then resubmits the request using
+ // the HTTPS URL.
+ ViewerProtocolPolicy *string `type:"string" required:"true" enum:"ViewerProtocolPolicy"`
+}
+
+// String returns the string representation
+func (s CacheBehavior) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CacheBehavior) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains zero or more CacheBehavior elements.
+type CacheBehaviors struct {
+ _ struct{} `type:"structure"`
+
+ // Optional: A complex type that contains cache behaviors for this distribution.
+ // If Quantity is 0, you can omit Items.
+ Items []*CacheBehavior `locationNameList:"CacheBehavior" type:"list"`
+
+ // The number of cache behaviors for this distribution.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s CacheBehaviors) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CacheBehaviors) GoString() string {
+ return s.String()
+}
+
+// A complex type that controls whether CloudFront caches the response to requests
+// using the specified HTTP methods. There are two choices: - CloudFront caches
+// responses to GET and HEAD requests. - CloudFront caches responses to GET,
+// HEAD, and OPTIONS requests. If you pick the second choice for your S3 Origin,
+// you may need to forward Access-Control-Request-Method, Access-Control-Request-Headers
+// and Origin headers for the responses to be cached correctly.
+type CachedMethods struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains the HTTP methods that you want CloudFront to
+ // cache responses to.
+ Items []*string `locationNameList:"Method" type:"list" required:"true"`
+
+ // The number of HTTP methods for which you want CloudFront to cache responses.
+ // Valid values are 2 (for caching responses to GET and HEAD requests) and 3
+ // (for caching responses to GET, HEAD, and OPTIONS requests).
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s CachedMethods) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CachedMethods) GoString() string {
+ return s.String()
+}
+
+// A complex type that specifies the whitelisted cookies, if any, that you want
+// CloudFront to forward to your origin that is associated with this cache behavior.
+type CookieNames struct {
+ _ struct{} `type:"structure"`
+
+ // Optional: A complex type that contains whitelisted cookies for this cache
+ // behavior. If Quantity is 0, you can omit Items.
+ Items []*string `locationNameList:"Name" type:"list"`
+
+ // The number of whitelisted cookies for this cache behavior.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s CookieNames) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CookieNames) GoString() string {
+ return s.String()
+}
+
+// A complex type that specifies the cookie preferences associated with this
+// cache behavior.
+type CookiePreference struct {
+ _ struct{} `type:"structure"`
+
+ // Use this element to specify whether you want CloudFront to forward cookies
+ // to the origin that is associated with this cache behavior. You can specify
+ // all, none or whitelist. If you choose All, CloudFront forwards all cookies
+ // regardless of how many your application uses.
+ Forward *string `type:"string" required:"true" enum:"ItemSelection"`
+
+ // A complex type that specifies the whitelisted cookies, if any, that you want
+ // CloudFront to forward to your origin that is associated with this cache behavior.
+ WhitelistedNames *CookieNames `type:"structure"`
+}
+
+// String returns the string representation
+func (s CookiePreference) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CookiePreference) GoString() string {
+ return s.String()
+}
+
+// The request to create a new origin access identity.
+type CreateCloudFrontOriginAccessIdentityInput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentityConfig"`
+
+ // The origin access identity's configuration information.
+ CloudFrontOriginAccessIdentityConfig *OriginAccessIdentityConfig `locationName:"CloudFrontOriginAccessIdentityConfig" type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s CreateCloudFrontOriginAccessIdentityInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateCloudFrontOriginAccessIdentityInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type CreateCloudFrontOriginAccessIdentityOutput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentity"`
+
+ // The origin access identity's information.
+ CloudFrontOriginAccessIdentity *OriginAccessIdentity `type:"structure"`
+
+ // The current version of the origin access identity created.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+
+ // The fully qualified URI of the new origin access identity just created. For
+ // example: https://cloudfront.amazonaws.com/2010-11-01/origin-access-identity/cloudfront/E74FTE3AJFJ256A.
+ Location *string `location:"header" locationName:"Location" type:"string"`
+}
+
+// String returns the string representation
+func (s CreateCloudFrontOriginAccessIdentityOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateCloudFrontOriginAccessIdentityOutput) GoString() string {
+ return s.String()
+}
+
+// The request to create a new distribution.
+type CreateDistributionInput struct {
+ _ struct{} `type:"structure" payload:"DistributionConfig"`
+
+ // The distribution's configuration information.
+ DistributionConfig *DistributionConfig `locationName:"DistributionConfig" type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s CreateDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateDistributionInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type CreateDistributionOutput struct {
+ _ struct{} `type:"structure" payload:"Distribution"`
+
+ // The distribution's information.
+ Distribution *Distribution `type:"structure"`
+
+ // The current version of the distribution created.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+
+ // The fully qualified URI of the new distribution resource just created. For
+ // example: https://cloudfront.amazonaws.com/2010-11-01/distribution/EDFDVBD632BHDS5.
+ Location *string `location:"header" locationName:"Location" type:"string"`
+}
+
+// String returns the string representation
+func (s CreateDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// The request to create an invalidation.
+type CreateInvalidationInput struct {
+ _ struct{} `type:"structure" payload:"InvalidationBatch"`
+
+ // The distribution's id.
+ DistributionId *string `location:"uri" locationName:"DistributionId" type:"string" required:"true"`
+
+ // The batch information for the invalidation.
+ InvalidationBatch *InvalidationBatch `locationName:"InvalidationBatch" type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s CreateInvalidationInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateInvalidationInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type CreateInvalidationOutput struct {
+ _ struct{} `type:"structure" payload:"Invalidation"`
+
+ // The invalidation's information.
+ Invalidation *Invalidation `type:"structure"`
+
+ // The fully qualified URI of the distribution and invalidation batch request,
+ // including the Invalidation ID.
+ Location *string `location:"header" locationName:"Location" type:"string"`
+}
+
+// String returns the string representation
+func (s CreateInvalidationOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateInvalidationOutput) GoString() string {
+ return s.String()
+}
+
+// The request to create a new streaming distribution.
+type CreateStreamingDistributionInput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistributionConfig"`
+
+ // The streaming distribution's configuration information.
+ StreamingDistributionConfig *StreamingDistributionConfig `locationName:"StreamingDistributionConfig" type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s CreateStreamingDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateStreamingDistributionInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type CreateStreamingDistributionOutput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistribution"`
+
+ // The current version of the streaming distribution created.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+
+ // The fully qualified URI of the new streaming distribution resource just created.
+ // For example: https://cloudfront.amazonaws.com/2010-11-01/streaming-distribution/EGTXBD79H29TRA8.
+ Location *string `location:"header" locationName:"Location" type:"string"`
+
+ // The streaming distribution's information.
+ StreamingDistribution *StreamingDistribution `type:"structure"`
+}
+
+// String returns the string representation
+func (s CreateStreamingDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CreateStreamingDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// A complex type that describes how you'd prefer CloudFront to respond to requests
+// that result in either a 4xx or 5xx response. You can control whether a custom
+// error page should be displayed, what the desired response code should be
+// for this error page and how long should the error response be cached by CloudFront.
+// If you don't want to specify any custom error responses, include only an
+// empty CustomErrorResponses element. To delete all custom error responses
+// in an existing distribution, update the distribution configuration and include
+// only an empty CustomErrorResponses element. To add, change, or remove one
+// or more custom error responses, update the distribution configuration and
+// specify all of the custom error responses that you want to include in the
+// updated distribution.
+type CustomErrorResponse struct {
+ _ struct{} `type:"structure"`
+
+ // The minimum amount of time you want HTTP error codes to stay in CloudFront
+ // caches before CloudFront queries your origin to see whether the object has
+ // been updated. You can specify a value from 0 to 31,536,000.
+ ErrorCachingMinTTL *int64 `type:"long"`
+
+ // The 4xx or 5xx HTTP status code that you want to customize. For a list of
+ // HTTP status codes that you can customize, see CloudFront documentation.
+ ErrorCode *int64 `type:"integer" required:"true"`
+
+ // The HTTP status code that you want CloudFront to return with the custom error
+ // page to the viewer. For a list of HTTP status codes that you can replace,
+ // see CloudFront Documentation.
+ ResponseCode *string `type:"string"`
+
+ // The path of the custom error page (for example, /custom_404.html). The path
+ // is relative to the distribution and must begin with a slash (/). If the path
+ // includes any non-ASCII characters or unsafe characters as defined in RFC
+ // 1783 (http://www.ietf.org/rfc/rfc1738.txt), URL encode those characters.
+ // Do not URL encode any other characters in the path, or CloudFront will not
+ // return the custom error page to the viewer.
+ ResponsePagePath *string `type:"string"`
+}
+
+// String returns the string representation
+func (s CustomErrorResponse) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CustomErrorResponse) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains zero or more CustomErrorResponse elements.
+type CustomErrorResponses struct {
+ _ struct{} `type:"structure"`
+
+ // Optional: A complex type that contains custom error responses for this distribution.
+ // If Quantity is 0, you can omit Items.
+ Items []*CustomErrorResponse `locationNameList:"CustomErrorResponse" type:"list"`
+
+ // The number of custom error responses for this distribution.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s CustomErrorResponses) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CustomErrorResponses) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains the list of Custom Headers for each origin.
+type CustomHeaders struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains the custom headers for this Origin.
+ Items []*OriginCustomHeader `locationNameList:"OriginCustomHeader" type:"list"`
+
+ // The number of custom headers for this origin.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s CustomHeaders) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CustomHeaders) GoString() string {
+ return s.String()
+}
+
+// A customer origin.
+type CustomOriginConfig struct {
+ _ struct{} `type:"structure"`
+
+ // The HTTP port the custom origin listens on.
+ HTTPPort *int64 `type:"integer" required:"true"`
+
+ // The HTTPS port the custom origin listens on.
+ HTTPSPort *int64 `type:"integer" required:"true"`
+
+ // The origin protocol policy to apply to your origin.
+ OriginProtocolPolicy *string `type:"string" required:"true" enum:"OriginProtocolPolicy"`
+
+ // The SSL/TLS protocols that you want CloudFront to use when communicating
+ // with your origin over HTTPS.
+ OriginSslProtocols *OriginSslProtocols `type:"structure"`
+}
+
+// String returns the string representation
+func (s CustomOriginConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s CustomOriginConfig) GoString() string {
+ return s.String()
+}
+
+// A complex type that describes the default cache behavior if you do not specify
+// a CacheBehavior element or if files don't match any of the values of PathPattern
+// in CacheBehavior elements.You must create exactly one default cache behavior.
+type DefaultCacheBehavior struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that controls which HTTP methods CloudFront processes and
+ // forwards to your Amazon S3 bucket or your custom origin. There are three
+ // choices: - CloudFront forwards only GET and HEAD requests. - CloudFront forwards
+ // only GET, HEAD and OPTIONS requests. - CloudFront forwards GET, HEAD, OPTIONS,
+ // PUT, PATCH, POST, and DELETE requests. If you pick the third choice, you
+ // may need to restrict access to your Amazon S3 bucket or to your custom origin
+ // so users can't perform operations that you don't want them to. For example,
+ // you may not want users to have permission to delete objects from your origin.
+ AllowedMethods *AllowedMethods `type:"structure"`
+
+ // Whether you want CloudFront to automatically compress content for web requests
+ // that include Accept-Encoding: gzip in the request header. If so, specify
+ // true; if not, specify false. CloudFront compresses files larger than 1000
+ // bytes and less than 1 megabyte for both Amazon S3 and custom origins. When
+ // a CloudFront edge location is unusually busy, some files might not be compressed.
+ // The value of the Content-Type header must be on the list of file types that
+ // CloudFront will compress. For the current list, see Serving Compressed Content
+ // (http://docs.aws.amazon.com/console/cloudfront/compressed-content) in the
+ // Amazon CloudFront Developer Guide. If you configure CloudFront to compress
+ // content, CloudFront removes the ETag response header from the objects that
+ // it compresses. The ETag header indicates that the version in a CloudFront
+ // edge cache is identical to the version on the origin server, but after compression
+ // the two versions are no longer identical. As a result, for compressed objects,
+ // CloudFront can't use the ETag header to determine whether an expired object
+ // in the CloudFront edge cache is still the latest version.
+ Compress *bool `type:"boolean"`
+
+ // If you don't configure your origin to add a Cache-Control max-age directive
+ // or an Expires header, DefaultTTL is the default amount of time (in seconds)
+ // that an object is in a CloudFront cache before CloudFront forwards another
+ // request to your origin to determine whether the object has been updated.
+ // The value that you specify applies only when your origin does not add HTTP
+ // headers such as Cache-Control max-age, Cache-Control s-maxage, and Expires
+ // to objects. You can specify a value from 0 to 3,153,600,000 seconds (100
+ // years).
+ DefaultTTL *int64 `type:"long"`
+
+ // A complex type that specifies how CloudFront handles query strings, cookies
+ // and headers.
+ ForwardedValues *ForwardedValues `type:"structure" required:"true"`
+
+ // The maximum amount of time (in seconds) that an object is in a CloudFront
+ // cache before CloudFront forwards another request to your origin to determine
+ // whether the object has been updated. The value that you specify applies only
+ // when your origin adds HTTP headers such as Cache-Control max-age, Cache-Control
+ // s-maxage, and Expires to objects. You can specify a value from 0 to 3,153,600,000
+ // seconds (100 years).
+ MaxTTL *int64 `type:"long"`
+
+ // The minimum amount of time that you want objects to stay in CloudFront caches
+ // before CloudFront queries your origin to see whether the object has been
+ // updated.You can specify a value from 0 to 3,153,600,000 seconds (100 years).
+ MinTTL *int64 `type:"long" required:"true"`
+
+ // Indicates whether you want to distribute media files in Microsoft Smooth
+ // Streaming format using the origin that is associated with this cache behavior.
+ // If so, specify true; if not, specify false.
+ SmoothStreaming *bool `type:"boolean"`
+
+ // The value of ID for the origin that you want CloudFront to route requests
+ // to when a request matches the path pattern either for a cache behavior or
+ // for the default cache behavior.
+ TargetOriginId *string `type:"string" required:"true"`
+
+ // A complex type that specifies the AWS accounts, if any, that you want to
+ // allow to create signed URLs for private content. If you want to require signed
+ // URLs in requests for objects in the target origin that match the PathPattern
+ // for this cache behavior, specify true for Enabled, and specify the applicable
+ // values for Quantity and Items. For more information, go to Using a Signed
+ // URL to Serve Private Content in the Amazon CloudFront Developer Guide. If
+ // you don't want to require signed URLs in requests for objects that match
+ // PathPattern, specify false for Enabled and 0 for Quantity. Omit Items. To
+ // add, change, or remove one or more trusted signers, change Enabled to true
+ // (if it's currently false), change Quantity as applicable, and specify all
+ // of the trusted signers that you want to include in the updated distribution.
+ TrustedSigners *TrustedSigners `type:"structure" required:"true"`
+
+ // Use this element to specify the protocol that users can use to access the
+ // files in the origin specified by TargetOriginId when a request matches the
+ // path pattern in PathPattern. If you want CloudFront to allow end users to
+ // use any available protocol, specify allow-all. If you want CloudFront to
+ // require HTTPS, specify https. If you want CloudFront to respond to an HTTP
+ // request with an HTTP status code of 301 (Moved Permanently) and the HTTPS
+ // URL, specify redirect-to-https. The viewer then resubmits the request using
+ // the HTTPS URL.
+ ViewerProtocolPolicy *string `type:"string" required:"true" enum:"ViewerProtocolPolicy"`
+}
+
+// String returns the string representation
+func (s DefaultCacheBehavior) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DefaultCacheBehavior) GoString() string {
+ return s.String()
+}
+
+// The request to delete a origin access identity.
+type DeleteCloudFrontOriginAccessIdentityInput struct {
+ _ struct{} `type:"structure"`
+
+ // The origin access identity's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+
+ // The value of the ETag header you received from a previous GET or PUT request.
+ // For example: E2QWRUHAPOMQZL.
+ IfMatch *string `location:"header" locationName:"If-Match" type:"string"`
+}
+
+// String returns the string representation
+func (s DeleteCloudFrontOriginAccessIdentityInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteCloudFrontOriginAccessIdentityInput) GoString() string {
+ return s.String()
+}
+
+type DeleteCloudFrontOriginAccessIdentityOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s DeleteCloudFrontOriginAccessIdentityOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteCloudFrontOriginAccessIdentityOutput) GoString() string {
+ return s.String()
+}
+
+// The request to delete a distribution.
+type DeleteDistributionInput struct {
+ _ struct{} `type:"structure"`
+
+ // The distribution id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+
+ // The value of the ETag header you received when you disabled the distribution.
+ // For example: E2QWRUHAPOMQZL.
+ IfMatch *string `location:"header" locationName:"If-Match" type:"string"`
+}
+
+// String returns the string representation
+func (s DeleteDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteDistributionInput) GoString() string {
+ return s.String()
+}
+
+type DeleteDistributionOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s DeleteDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// The request to delete a streaming distribution.
+type DeleteStreamingDistributionInput struct {
+ _ struct{} `type:"structure"`
+
+ // The distribution id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+
+ // The value of the ETag header you received when you disabled the streaming
+ // distribution. For example: E2QWRUHAPOMQZL.
+ IfMatch *string `location:"header" locationName:"If-Match" type:"string"`
+}
+
+// String returns the string representation
+func (s DeleteStreamingDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteStreamingDistributionInput) GoString() string {
+ return s.String()
+}
+
+type DeleteStreamingDistributionOutput struct {
+ _ struct{} `type:"structure"`
+}
+
+// String returns the string representation
+func (s DeleteStreamingDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DeleteStreamingDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// A distribution.
+type Distribution struct {
+ _ struct{} `type:"structure"`
+
+ // CloudFront automatically adds this element to the response only if you've
+ // set up the distribution to serve private content with signed URLs. The element
+ // lists the key pair IDs that CloudFront is aware of for each trusted signer.
+ // The Signer child element lists the AWS account number of the trusted signer
+ // (or an empty Self element if the signer is you). The Signer element also
+ // includes the IDs of any active key pairs associated with the trusted signer's
+ // AWS account. If no KeyPairId element appears for a Signer, that signer can't
+ // create working signed URLs.
+ ActiveTrustedSigners *ActiveTrustedSigners `type:"structure" required:"true"`
+
+ // The current configuration information for the distribution.
+ DistributionConfig *DistributionConfig `type:"structure" required:"true"`
+
+ // The domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
+ DomainName *string `type:"string" required:"true"`
+
+ // The identifier for the distribution. For example: EDFDVBD632BHDS5.
+ Id *string `type:"string" required:"true"`
+
+ // The number of invalidation batches currently in progress.
+ InProgressInvalidationBatches *int64 `type:"integer" required:"true"`
+
+ // The date and time the distribution was last modified.
+ LastModifiedTime *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`
+
+ // This response element indicates the current status of the distribution. When
+ // the status is Deployed, the distribution's information is fully propagated
+ // throughout the Amazon CloudFront system.
+ Status *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s Distribution) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Distribution) GoString() string {
+ return s.String()
+}
+
+// A distribution Configuration.
+type DistributionConfig struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains information about CNAMEs (alternate domain names),
+ // if any, for this distribution.
+ Aliases *Aliases `type:"structure"`
+
+ // A complex type that contains zero or more CacheBehavior elements.
+ CacheBehaviors *CacheBehaviors `type:"structure"`
+
+ // A unique number that ensures the request can't be replayed. If the CallerReference
+ // is new (no matter the content of the DistributionConfig object), a new distribution
+ // is created. If the CallerReference is a value you already sent in a previous
+ // request to create a distribution, and the content of the DistributionConfig
+ // is identical to the original request (ignoring white space), the response
+ // includes the same information returned to the original request. If the CallerReference
+ // is a value you already sent in a previous request to create a distribution
+ // but the content of the DistributionConfig is different from the original
+ // request, CloudFront returns a DistributionAlreadyExists error.
+ CallerReference *string `type:"string" required:"true"`
+
+ // Any comments you want to include about the distribution.
+ Comment *string `type:"string" required:"true"`
+
+ // A complex type that contains zero or more CustomErrorResponse elements.
+ CustomErrorResponses *CustomErrorResponses `type:"structure"`
+
+ // A complex type that describes the default cache behavior if you do not specify
+ // a CacheBehavior element or if files don't match any of the values of PathPattern
+ // in CacheBehavior elements.You must create exactly one default cache behavior.
+ DefaultCacheBehavior *DefaultCacheBehavior `type:"structure" required:"true"`
+
+ // The object that you want CloudFront to return (for example, index.html) when
+ // an end user requests the root URL for your distribution (http://www.example.com)
+ // instead of an object in your distribution (http://www.example.com/index.html).
+ // Specifying a default root object avoids exposing the contents of your distribution.
+ // If you don't want to specify a default root object when you create a distribution,
+ // include an empty DefaultRootObject element. To delete the default root object
+ // from an existing distribution, update the distribution configuration and
+ // include an empty DefaultRootObject element. To replace the default root object,
+ // update the distribution configuration and specify the new object.
+ DefaultRootObject *string `type:"string"`
+
+ // Whether the distribution is enabled to accept end user requests for content.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // A complex type that controls whether access logs are written for the distribution.
+ Logging *LoggingConfig `type:"structure"`
+
+ // A complex type that contains information about origins for this distribution.
+ Origins *Origins `type:"structure" required:"true"`
+
+ // A complex type that contains information about price class for this distribution.
+ PriceClass *string `type:"string" enum:"PriceClass"`
+
+ // A complex type that identifies ways in which you want to restrict distribution
+ // of your content.
+ Restrictions *Restrictions `type:"structure"`
+
+ // A complex type that contains information about viewer certificates for this
+ // distribution.
+ ViewerCertificate *ViewerCertificate `type:"structure"`
+
+ // (Optional) If you're using AWS WAF to filter CloudFront requests, the Id
+ // of the AWS WAF web ACL that is associated with the distribution.
+ WebACLId *string `type:"string"`
+}
+
+// String returns the string representation
+func (s DistributionConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DistributionConfig) GoString() string {
+ return s.String()
+}
+
+// A distribution list.
+type DistributionList struct {
+ _ struct{} `type:"structure"`
+
+ // A flag that indicates whether more distributions remain to be listed. If
+ // your results were truncated, you can make a follow-up pagination request
+ // using the Marker request parameter to retrieve more distributions in the
+ // list.
+ IsTruncated *bool `type:"boolean" required:"true"`
+
+ // A complex type that contains one DistributionSummary element for each distribution
+ // that was created by the current AWS account.
+ Items []*DistributionSummary `locationNameList:"DistributionSummary" type:"list"`
+
+ // The value you provided for the Marker request parameter.
+ Marker *string `type:"string" required:"true"`
+
+ // The value you provided for the MaxItems request parameter.
+ MaxItems *int64 `type:"integer" required:"true"`
+
+ // If IsTruncated is true, this element is present and contains the value you
+ // can use for the Marker request parameter to continue listing your distributions
+ // where they left off.
+ NextMarker *string `type:"string"`
+
+ // The number of distributions that were created by the current AWS account.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s DistributionList) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DistributionList) GoString() string {
+ return s.String()
+}
+
+// A summary of the information for an Amazon CloudFront distribution.
+type DistributionSummary struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains information about CNAMEs (alternate domain names),
+ // if any, for this distribution.
+ Aliases *Aliases `type:"structure" required:"true"`
+
+ // A complex type that contains zero or more CacheBehavior elements.
+ CacheBehaviors *CacheBehaviors `type:"structure" required:"true"`
+
+ // The comment originally specified when this distribution was created.
+ Comment *string `type:"string" required:"true"`
+
+ // A complex type that contains zero or more CustomErrorResponses elements.
+ CustomErrorResponses *CustomErrorResponses `type:"structure" required:"true"`
+
+ // A complex type that describes the default cache behavior if you do not specify
+ // a CacheBehavior element or if files don't match any of the values of PathPattern
+ // in CacheBehavior elements.You must create exactly one default cache behavior.
+ DefaultCacheBehavior *DefaultCacheBehavior `type:"structure" required:"true"`
+
+ // The domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
+ DomainName *string `type:"string" required:"true"`
+
+ // Whether the distribution is enabled to accept end user requests for content.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // The identifier for the distribution. For example: EDFDVBD632BHDS5.
+ Id *string `type:"string" required:"true"`
+
+ // The date and time the distribution was last modified.
+ LastModifiedTime *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`
+
+ // A complex type that contains information about origins for this distribution.
+ Origins *Origins `type:"structure" required:"true"`
+
+ PriceClass *string `type:"string" required:"true" enum:"PriceClass"`
+
+ // A complex type that identifies ways in which you want to restrict distribution
+ // of your content.
+ Restrictions *Restrictions `type:"structure" required:"true"`
+
+ // This response element indicates the current status of the distribution. When
+ // the status is Deployed, the distribution's information is fully propagated
+ // throughout the Amazon CloudFront system.
+ Status *string `type:"string" required:"true"`
+
+ // A complex type that contains information about viewer certificates for this
+ // distribution.
+ ViewerCertificate *ViewerCertificate `type:"structure" required:"true"`
+
+ // The Web ACL Id (if any) associated with the distribution.
+ WebACLId *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s DistributionSummary) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s DistributionSummary) GoString() string {
+ return s.String()
+}
+
+// A complex type that specifies how CloudFront handles query strings, cookies
+// and headers.
+type ForwardedValues struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that specifies how CloudFront handles cookies.
+ Cookies *CookiePreference `type:"structure" required:"true"`
+
+ // A complex type that specifies the Headers, if any, that you want CloudFront
+ // to vary upon for this cache behavior.
+ Headers *Headers `type:"structure"`
+
+ // Indicates whether you want CloudFront to forward query strings to the origin
+ // that is associated with this cache behavior. If so, specify true; if not,
+ // specify false.
+ QueryString *bool `type:"boolean" required:"true"`
+}
+
+// String returns the string representation
+func (s ForwardedValues) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ForwardedValues) GoString() string {
+ return s.String()
+}
+
+// A complex type that controls the countries in which your content is distributed.
+// For more information about geo restriction, go to Customizing Error Responses
+// in the Amazon CloudFront Developer Guide. CloudFront determines the location
+// of your users using MaxMind GeoIP databases. For information about the accuracy
+// of these databases, see How accurate are your GeoIP databases? on the MaxMind
+// website.
+type GeoRestriction struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains a Location element for each country in which
+ // you want CloudFront either to distribute your content (whitelist) or not
+ // distribute your content (blacklist). The Location element is a two-letter,
+ // uppercase country code for a country that you want to include in your blacklist
+ // or whitelist. Include one Location element for each country. CloudFront and
+ // MaxMind both use ISO 3166 country codes. For the current list of countries
+ // and the corresponding codes, see ISO 3166-1-alpha-2 code on the International
+ // Organization for Standardization website. You can also refer to the country
+ // list in the CloudFront console, which includes both country names and codes.
+ Items []*string `locationNameList:"Location" type:"list"`
+
+ // When geo restriction is enabled, this is the number of countries in your
+ // whitelist or blacklist. Otherwise, when it is not enabled, Quantity is 0,
+ // and you can omit Items.
+ Quantity *int64 `type:"integer" required:"true"`
+
+ // The method that you want to use to restrict distribution of your content
+ // by country: - none: No geo restriction is enabled, meaning access to content
+ // is not restricted by client geo location. - blacklist: The Location elements
+ // specify the countries in which you do not want CloudFront to distribute your
+ // content. - whitelist: The Location elements specify the countries in which
+ // you want CloudFront to distribute your content.
+ RestrictionType *string `type:"string" required:"true" enum:"GeoRestrictionType"`
+}
+
+// String returns the string representation
+func (s GeoRestriction) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GeoRestriction) GoString() string {
+ return s.String()
+}
+
+// The request to get an origin access identity's configuration.
+type GetCloudFrontOriginAccessIdentityConfigInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identity's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetCloudFrontOriginAccessIdentityConfigInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetCloudFrontOriginAccessIdentityConfigInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetCloudFrontOriginAccessIdentityConfigOutput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentityConfig"`
+
+ // The origin access identity's configuration information.
+ CloudFrontOriginAccessIdentityConfig *OriginAccessIdentityConfig `type:"structure"`
+
+ // The current version of the configuration. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+}
+
+// String returns the string representation
+func (s GetCloudFrontOriginAccessIdentityConfigOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetCloudFrontOriginAccessIdentityConfigOutput) GoString() string {
+ return s.String()
+}
+
+// The request to get an origin access identity's information.
+type GetCloudFrontOriginAccessIdentityInput struct {
+ _ struct{} `type:"structure"`
+
+ // The identity's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetCloudFrontOriginAccessIdentityInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetCloudFrontOriginAccessIdentityInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetCloudFrontOriginAccessIdentityOutput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentity"`
+
+ // The origin access identity's information.
+ CloudFrontOriginAccessIdentity *OriginAccessIdentity `type:"structure"`
+
+ // The current version of the origin access identity's information. For example:
+ // E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+}
+
+// String returns the string representation
+func (s GetCloudFrontOriginAccessIdentityOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetCloudFrontOriginAccessIdentityOutput) GoString() string {
+ return s.String()
+}
+
+// The request to get a distribution configuration.
+type GetDistributionConfigInput struct {
+ _ struct{} `type:"structure"`
+
+ // The distribution's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetDistributionConfigInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetDistributionConfigInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetDistributionConfigOutput struct {
+ _ struct{} `type:"structure" payload:"DistributionConfig"`
+
+ // The distribution's configuration information.
+ DistributionConfig *DistributionConfig `type:"structure"`
+
+ // The current version of the configuration. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+}
+
+// String returns the string representation
+func (s GetDistributionConfigOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetDistributionConfigOutput) GoString() string {
+ return s.String()
+}
+
+// The request to get a distribution's information.
+type GetDistributionInput struct {
+ _ struct{} `type:"structure"`
+
+ // The distribution's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetDistributionInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetDistributionOutput struct {
+ _ struct{} `type:"structure" payload:"Distribution"`
+
+ // The distribution's information.
+ Distribution *Distribution `type:"structure"`
+
+ // The current version of the distribution's information. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+}
+
+// String returns the string representation
+func (s GetDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// The request to get an invalidation's information.
+type GetInvalidationInput struct {
+ _ struct{} `type:"structure"`
+
+ // The distribution's id.
+ DistributionId *string `location:"uri" locationName:"DistributionId" type:"string" required:"true"`
+
+ // The invalidation's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetInvalidationInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetInvalidationInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetInvalidationOutput struct {
+ _ struct{} `type:"structure" payload:"Invalidation"`
+
+ // The invalidation's information.
+ Invalidation *Invalidation `type:"structure"`
+}
+
+// String returns the string representation
+func (s GetInvalidationOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetInvalidationOutput) GoString() string {
+ return s.String()
+}
+
+// To request to get a streaming distribution configuration.
+type GetStreamingDistributionConfigInput struct {
+ _ struct{} `type:"structure"`
+
+ // The streaming distribution's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetStreamingDistributionConfigInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetStreamingDistributionConfigInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetStreamingDistributionConfigOutput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistributionConfig"`
+
+ // The current version of the configuration. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+
+ // The streaming distribution's configuration information.
+ StreamingDistributionConfig *StreamingDistributionConfig `type:"structure"`
+}
+
+// String returns the string representation
+func (s GetStreamingDistributionConfigOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetStreamingDistributionConfigOutput) GoString() string {
+ return s.String()
+}
+
+// The request to get a streaming distribution's information.
+type GetStreamingDistributionInput struct {
+ _ struct{} `type:"structure"`
+
+ // The streaming distribution's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s GetStreamingDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetStreamingDistributionInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type GetStreamingDistributionOutput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistribution"`
+
+ // The current version of the streaming distribution's information. For example:
+ // E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+
+ // The streaming distribution's information.
+ StreamingDistribution *StreamingDistribution `type:"structure"`
+}
+
+// String returns the string representation
+func (s GetStreamingDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s GetStreamingDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// A complex type that specifies the headers that you want CloudFront to forward
+// to the origin for this cache behavior. For the headers that you specify,
+// CloudFront also caches separate versions of a given object based on the header
+// values in viewer requests; this is known as varying on headers. For example,
+// suppose viewer requests for logo.jpg contain a custom Product header that
+// has a value of either Acme or Apex, and you configure CloudFront to vary
+// on the Product header. CloudFront forwards the Product header to the origin
+// and caches the response from the origin once for each header value.
+type Headers struct {
+ _ struct{} `type:"structure"`
+
+ // Optional: A complex type that contains a Name element for each header that
+ // you want CloudFront to forward to the origin and to vary on for this cache
+ // behavior. If Quantity is 0, omit Items.
+ Items []*string `locationNameList:"Name" type:"list"`
+
+ // The number of different headers that you want CloudFront to forward to the
+ // origin and to vary on for this cache behavior. The maximum number of headers
+ // that you can specify by name is 10. If you want CloudFront to forward all
+ // headers to the origin and vary on all of them, specify 1 for Quantity and
+ // * for Name. If you don't want CloudFront to forward any additional headers
+ // to the origin or to vary on any headers, specify 0 for Quantity and omit
+ // Items.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s Headers) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Headers) GoString() string {
+ return s.String()
+}
+
+// An invalidation.
+type Invalidation struct {
+ _ struct{} `type:"structure"`
+
+ // The date and time the invalidation request was first made.
+ CreateTime *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`
+
+ // The identifier for the invalidation request. For example: IDFDVBD632BHDS5.
+ Id *string `type:"string" required:"true"`
+
+ // The current invalidation information for the batch request.
+ InvalidationBatch *InvalidationBatch `type:"structure" required:"true"`
+
+ // The status of the invalidation request. When the invalidation batch is finished,
+ // the status is Completed.
+ Status *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s Invalidation) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Invalidation) GoString() string {
+ return s.String()
+}
+
+// An invalidation batch.
+type InvalidationBatch struct {
+ _ struct{} `type:"structure"`
+
+ // A unique name that ensures the request can't be replayed. If the CallerReference
+ // is new (no matter the content of the Path object), a new distribution is
+ // created. If the CallerReference is a value you already sent in a previous
+ // request to create an invalidation batch, and the content of each Path element
+ // is identical to the original request, the response includes the same information
+ // returned to the original request. If the CallerReference is a value you already
+ // sent in a previous request to create a distribution but the content of any
+ // Path is different from the original request, CloudFront returns an InvalidationBatchAlreadyExists
+ // error.
+ CallerReference *string `type:"string" required:"true"`
+
+ // The path of the object to invalidate. The path is relative to the distribution
+ // and must begin with a slash (/). You must enclose each invalidation object
+ // with the Path element tags. If the path includes non-ASCII characters or
+ // unsafe characters as defined in RFC 1783 (http://www.ietf.org/rfc/rfc1738.txt),
+ // URL encode those characters. Do not URL encode any other characters in the
+ // path, or CloudFront will not invalidate the old version of the updated object.
+ Paths *Paths `type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s InvalidationBatch) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s InvalidationBatch) GoString() string {
+ return s.String()
+}
+
+// An invalidation list.
+type InvalidationList struct {
+ _ struct{} `type:"structure"`
+
+ // A flag that indicates whether more invalidation batch requests remain to
+ // be listed. If your results were truncated, you can make a follow-up pagination
+ // request using the Marker request parameter to retrieve more invalidation
+ // batches in the list.
+ IsTruncated *bool `type:"boolean" required:"true"`
+
+ // A complex type that contains one InvalidationSummary element for each invalidation
+ // batch that was created by the current AWS account.
+ Items []*InvalidationSummary `locationNameList:"InvalidationSummary" type:"list"`
+
+ // The value you provided for the Marker request parameter.
+ Marker *string `type:"string" required:"true"`
+
+ // The value you provided for the MaxItems request parameter.
+ MaxItems *int64 `type:"integer" required:"true"`
+
+ // If IsTruncated is true, this element is present and contains the value you
+ // can use for the Marker request parameter to continue listing your invalidation
+ // batches where they left off.
+ NextMarker *string `type:"string"`
+
+ // The number of invalidation batches that were created by the current AWS account.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s InvalidationList) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s InvalidationList) GoString() string {
+ return s.String()
+}
+
+// Summary of an invalidation request.
+type InvalidationSummary struct {
+ _ struct{} `type:"structure"`
+
+ CreateTime *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`
+
+ // The unique ID for an invalidation request.
+ Id *string `type:"string" required:"true"`
+
+ // The status of an invalidation request.
+ Status *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s InvalidationSummary) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s InvalidationSummary) GoString() string {
+ return s.String()
+}
+
+// A complex type that lists the active CloudFront key pairs, if any, that are
+// associated with AwsAccountNumber.
+type KeyPairIds struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that lists the active CloudFront key pairs, if any, that are
+ // associated with AwsAccountNumber.
+ Items []*string `locationNameList:"KeyPairId" type:"list"`
+
+ // The number of active CloudFront key pairs for AwsAccountNumber.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s KeyPairIds) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s KeyPairIds) GoString() string {
+ return s.String()
+}
+
+// The request to list origin access identities.
+type ListCloudFrontOriginAccessIdentitiesInput struct {
+ _ struct{} `type:"structure"`
+
+ // Use this when paginating results to indicate where to begin in your list
+ // of origin access identities. The results include identities in the list that
+ // occur after the marker. To get the next page of results, set the Marker to
+ // the value of the NextMarker from the current page's response (which is also
+ // the ID of the last identity on that page).
+ Marker *string `location:"querystring" locationName:"Marker" type:"string"`
+
+ // The maximum number of origin access identities you want in the response body.
+ MaxItems *int64 `location:"querystring" locationName:"MaxItems" type:"integer"`
+}
+
+// String returns the string representation
+func (s ListCloudFrontOriginAccessIdentitiesInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListCloudFrontOriginAccessIdentitiesInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type ListCloudFrontOriginAccessIdentitiesOutput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentityList"`
+
+ // The CloudFrontOriginAccessIdentityList type.
+ CloudFrontOriginAccessIdentityList *OriginAccessIdentityList `type:"structure"`
+}
+
+// String returns the string representation
+func (s ListCloudFrontOriginAccessIdentitiesOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListCloudFrontOriginAccessIdentitiesOutput) GoString() string {
+ return s.String()
+}
+
+// The request to list distributions that are associated with a specified AWS
+// WAF web ACL.
+type ListDistributionsByWebACLIdInput struct {
+ _ struct{} `type:"structure"`
+
+ // Use Marker and MaxItems to control pagination of results. If you have more
+ // than MaxItems distributions that satisfy the request, the response includes
+ // a NextMarker element. To get the next page of results, submit another request.
+ // For the value of Marker, specify the value of NextMarker from the last response.
+ // (For the first request, omit Marker.)
+ Marker *string `location:"querystring" locationName:"Marker" type:"string"`
+
+ // The maximum number of distributions that you want CloudFront to return in
+ // the response body. The maximum and default values are both 100.
+ MaxItems *int64 `location:"querystring" locationName:"MaxItems" type:"integer"`
+
+ // The Id of the AWS WAF web ACL for which you want to list the associated distributions.
+ // If you specify "null" for the Id, the request returns a list of the distributions
+ // that aren't associated with a web ACL.
+ WebACLId *string `location:"uri" locationName:"WebACLId" type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s ListDistributionsByWebACLIdInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListDistributionsByWebACLIdInput) GoString() string {
+ return s.String()
+}
+
+// The response to a request to list the distributions that are associated with
+// a specified AWS WAF web ACL.
+type ListDistributionsByWebACLIdOutput struct {
+ _ struct{} `type:"structure" payload:"DistributionList"`
+
+ // The DistributionList type.
+ DistributionList *DistributionList `type:"structure"`
+}
+
+// String returns the string representation
+func (s ListDistributionsByWebACLIdOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListDistributionsByWebACLIdOutput) GoString() string {
+ return s.String()
+}
+
+// The request to list your distributions.
+type ListDistributionsInput struct {
+ _ struct{} `type:"structure"`
+
+ // Use Marker and MaxItems to control pagination of results. If you have more
+ // than MaxItems distributions that satisfy the request, the response includes
+ // a NextMarker element. To get the next page of results, submit another request.
+ // For the value of Marker, specify the value of NextMarker from the last response.
+ // (For the first request, omit Marker.)
+ Marker *string `location:"querystring" locationName:"Marker" type:"string"`
+
+ // The maximum number of distributions that you want CloudFront to return in
+ // the response body. The maximum and default values are both 100.
+ MaxItems *int64 `location:"querystring" locationName:"MaxItems" type:"integer"`
+}
+
+// String returns the string representation
+func (s ListDistributionsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListDistributionsInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type ListDistributionsOutput struct {
+ _ struct{} `type:"structure" payload:"DistributionList"`
+
+ // The DistributionList type.
+ DistributionList *DistributionList `type:"structure"`
+}
+
+// String returns the string representation
+func (s ListDistributionsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListDistributionsOutput) GoString() string {
+ return s.String()
+}
+
+// The request to list invalidations.
+type ListInvalidationsInput struct {
+ _ struct{} `type:"structure"`
+
+ // The distribution's id.
+ DistributionId *string `location:"uri" locationName:"DistributionId" type:"string" required:"true"`
+
+ // Use this parameter when paginating results to indicate where to begin in
+ // your list of invalidation batches. Because the results are returned in decreasing
+ // order from most recent to oldest, the most recent results are on the first
+ // page, the second page will contain earlier results, and so on. To get the
+ // next page of results, set the Marker to the value of the NextMarker from
+ // the current page's response. This value is the same as the ID of the last
+ // invalidation batch on that page.
+ Marker *string `location:"querystring" locationName:"Marker" type:"string"`
+
+ // The maximum number of invalidation batches you want in the response body.
+ MaxItems *int64 `location:"querystring" locationName:"MaxItems" type:"integer"`
+}
+
+// String returns the string representation
+func (s ListInvalidationsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListInvalidationsInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type ListInvalidationsOutput struct {
+ _ struct{} `type:"structure" payload:"InvalidationList"`
+
+ // Information about invalidation batches.
+ InvalidationList *InvalidationList `type:"structure"`
+}
+
+// String returns the string representation
+func (s ListInvalidationsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListInvalidationsOutput) GoString() string {
+ return s.String()
+}
+
+// The request to list your streaming distributions.
+type ListStreamingDistributionsInput struct {
+ _ struct{} `type:"structure"`
+
+ // Use this when paginating results to indicate where to begin in your list
+ // of streaming distributions. The results include distributions in the list
+ // that occur after the marker. To get the next page of results, set the Marker
+ // to the value of the NextMarker from the current page's response (which is
+ // also the ID of the last distribution on that page).
+ Marker *string `location:"querystring" locationName:"Marker" type:"string"`
+
+ // The maximum number of streaming distributions you want in the response body.
+ MaxItems *int64 `location:"querystring" locationName:"MaxItems" type:"integer"`
+}
+
+// String returns the string representation
+func (s ListStreamingDistributionsInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListStreamingDistributionsInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type ListStreamingDistributionsOutput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistributionList"`
+
+ // The StreamingDistributionList type.
+ StreamingDistributionList *StreamingDistributionList `type:"structure"`
+}
+
+// String returns the string representation
+func (s ListStreamingDistributionsOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ListStreamingDistributionsOutput) GoString() string {
+ return s.String()
+}
+
+// A complex type that controls whether access logs are written for the distribution.
+type LoggingConfig struct {
+ _ struct{} `type:"structure"`
+
+ // The Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
+ Bucket *string `type:"string" required:"true"`
+
+ // Specifies whether you want CloudFront to save access logs to an Amazon S3
+ // bucket. If you do not want to enable logging when you create a distribution
+ // or if you want to disable logging for an existing distribution, specify false
+ // for Enabled, and specify empty Bucket and Prefix elements. If you specify
+ // false for Enabled but you specify values for Bucket, prefix and IncludeCookies,
+ // the values are automatically deleted.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // Specifies whether you want CloudFront to include cookies in access logs,
+ // specify true for IncludeCookies. If you choose to include cookies in logs,
+ // CloudFront logs all cookies regardless of how you configure the cache behaviors
+ // for this distribution. If you do not want to include cookies when you create
+ // a distribution or if you want to disable include cookies for an existing
+ // distribution, specify false for IncludeCookies.
+ IncludeCookies *bool `type:"boolean" required:"true"`
+
+ // An optional string that you want CloudFront to prefix to the access log filenames
+ // for this distribution, for example, myprefix/. If you want to enable logging,
+ // but you do not want to specify a prefix, you still must include an empty
+ // Prefix element in the Logging element.
+ Prefix *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s LoggingConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s LoggingConfig) GoString() string {
+ return s.String()
+}
+
+// A complex type that describes the Amazon S3 bucket or the HTTP server (for
+// example, a web server) from which CloudFront gets your files.You must create
+// at least one origin.
+type Origin struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains information about the custom headers associated
+ // with this Origin.
+ CustomHeaders *CustomHeaders `type:"structure"`
+
+ // A complex type that contains information about a custom origin. If the origin
+ // is an Amazon S3 bucket, use the S3OriginConfig element instead.
+ CustomOriginConfig *CustomOriginConfig `type:"structure"`
+
+ // Amazon S3 origins: The DNS name of the Amazon S3 bucket from which you want
+ // CloudFront to get objects for this origin, for example, myawsbucket.s3.amazonaws.com.
+ // Custom origins: The DNS domain name for the HTTP server from which you want
+ // CloudFront to get objects for this origin, for example, www.example.com.
+ DomainName *string `type:"string" required:"true"`
+
+ // A unique identifier for the origin. The value of Id must be unique within
+ // the distribution. You use the value of Id when you create a cache behavior.
+ // The Id identifies the origin that CloudFront routes a request to when the
+ // request matches the path pattern for that cache behavior.
+ Id *string `type:"string" required:"true"`
+
+ // An optional element that causes CloudFront to request your content from a
+ // directory in your Amazon S3 bucket or your custom origin. When you include
+ // the OriginPath element, specify the directory name, beginning with a /. CloudFront
+ // appends the directory name to the value of DomainName.
+ OriginPath *string `type:"string"`
+
+ // A complex type that contains information about the Amazon S3 origin. If the
+ // origin is a custom origin, use the CustomOriginConfig element instead.
+ S3OriginConfig *S3OriginConfig `type:"structure"`
+}
+
+// String returns the string representation
+func (s Origin) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Origin) GoString() string {
+ return s.String()
+}
+
+// CloudFront origin access identity.
+type OriginAccessIdentity struct {
+ _ struct{} `type:"structure"`
+
+ // The current configuration information for the identity.
+ CloudFrontOriginAccessIdentityConfig *OriginAccessIdentityConfig `type:"structure"`
+
+ // The ID for the origin access identity. For example: E74FTE3AJFJ256A.
+ Id *string `type:"string" required:"true"`
+
+ // The Amazon S3 canonical user ID for the origin access identity, which you
+ // use when giving the origin access identity read permission to an object in
+ // Amazon S3.
+ S3CanonicalUserId *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s OriginAccessIdentity) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OriginAccessIdentity) GoString() string {
+ return s.String()
+}
+
+// Origin access identity configuration.
+type OriginAccessIdentityConfig struct {
+ _ struct{} `type:"structure"`
+
+ // A unique number that ensures the request can't be replayed. If the CallerReference
+ // is new (no matter the content of the CloudFrontOriginAccessIdentityConfig
+ // object), a new origin access identity is created. If the CallerReference
+ // is a value you already sent in a previous request to create an identity,
+ // and the content of the CloudFrontOriginAccessIdentityConfig is identical
+ // to the original request (ignoring white space), the response includes the
+ // same information returned to the original request. If the CallerReference
+ // is a value you already sent in a previous request to create an identity but
+ // the content of the CloudFrontOriginAccessIdentityConfig is different from
+ // the original request, CloudFront returns a CloudFrontOriginAccessIdentityAlreadyExists
+ // error.
+ CallerReference *string `type:"string" required:"true"`
+
+ // Any comments you want to include about the origin access identity.
+ Comment *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s OriginAccessIdentityConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OriginAccessIdentityConfig) GoString() string {
+ return s.String()
+}
+
+// The CloudFrontOriginAccessIdentityList type.
+type OriginAccessIdentityList struct {
+ _ struct{} `type:"structure"`
+
+ // A flag that indicates whether more origin access identities remain to be
+ // listed. If your results were truncated, you can make a follow-up pagination
+ // request using the Marker request parameter to retrieve more items in the
+ // list.
+ IsTruncated *bool `type:"boolean" required:"true"`
+
+ // A complex type that contains one CloudFrontOriginAccessIdentitySummary element
+ // for each origin access identity that was created by the current AWS account.
+ Items []*OriginAccessIdentitySummary `locationNameList:"CloudFrontOriginAccessIdentitySummary" type:"list"`
+
+ // The value you provided for the Marker request parameter.
+ Marker *string `type:"string" required:"true"`
+
+ // The value you provided for the MaxItems request parameter.
+ MaxItems *int64 `type:"integer" required:"true"`
+
+ // If IsTruncated is true, this element is present and contains the value you
+ // can use for the Marker request parameter to continue listing your origin
+ // access identities where they left off.
+ NextMarker *string `type:"string"`
+
+ // The number of CloudFront origin access identities that were created by the
+ // current AWS account.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s OriginAccessIdentityList) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OriginAccessIdentityList) GoString() string {
+ return s.String()
+}
+
+// Summary of the information about a CloudFront origin access identity.
+type OriginAccessIdentitySummary struct {
+ _ struct{} `type:"structure"`
+
+ // The comment for this origin access identity, as originally specified when
+ // created.
+ Comment *string `type:"string" required:"true"`
+
+ // The ID for the origin access identity. For example: E74FTE3AJFJ256A.
+ Id *string `type:"string" required:"true"`
+
+ // The Amazon S3 canonical user ID for the origin access identity, which you
+ // use when giving the origin access identity read permission to an object in
+ // Amazon S3.
+ S3CanonicalUserId *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s OriginAccessIdentitySummary) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OriginAccessIdentitySummary) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information related to a Header
+type OriginCustomHeader struct {
+ _ struct{} `type:"structure"`
+
+ // The header's name.
+ HeaderName *string `type:"string" required:"true"`
+
+ // The header's value.
+ HeaderValue *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s OriginCustomHeader) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OriginCustomHeader) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains the list of SSL/TLS protocols that you want
+// CloudFront to use when communicating with your origin over HTTPS.
+type OriginSslProtocols struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains one SslProtocol element for each SSL/TLS protocol
+ // that you want to allow CloudFront to use when establishing an HTTPS connection
+ // with this origin.
+ Items []*string `locationNameList:"SslProtocol" type:"list" required:"true"`
+
+ // The number of SSL/TLS protocols that you want to allow CloudFront to use
+ // when establishing an HTTPS connection with this origin.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s OriginSslProtocols) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s OriginSslProtocols) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information about origins for this distribution.
+type Origins struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains origins for this distribution.
+ Items []*Origin `locationNameList:"Origin" min:"1" type:"list"`
+
+ // The number of origins for this distribution.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s Origins) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Origins) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information about the objects that you want
+// to invalidate.
+type Paths struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains a list of the objects that you want to invalidate.
+ Items []*string `locationNameList:"Path" type:"list"`
+
+ // The number of objects that you want to invalidate.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s Paths) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Paths) GoString() string {
+ return s.String()
+}
+
+// A complex type that identifies ways in which you want to restrict distribution
+// of your content.
+type Restrictions struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that controls the countries in which your content is distributed.
+ // For more information about geo restriction, go to Customizing Error Responses
+ // in the Amazon CloudFront Developer Guide. CloudFront determines the location
+ // of your users using MaxMind GeoIP databases. For information about the accuracy
+ // of these databases, see How accurate are your GeoIP databases? on the MaxMind
+ // website.
+ GeoRestriction *GeoRestriction `type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s Restrictions) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Restrictions) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information about the Amazon S3 bucket from
+// which you want CloudFront to get your media files for distribution.
+type S3Origin struct {
+ _ struct{} `type:"structure"`
+
+ // The DNS name of the S3 origin.
+ DomainName *string `type:"string" required:"true"`
+
+ // Your S3 origin's origin access identity.
+ OriginAccessIdentity *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s S3Origin) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s S3Origin) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information about the Amazon S3 origin. If the
+// origin is a custom origin, use the CustomOriginConfig element instead.
+type S3OriginConfig struct {
+ _ struct{} `type:"structure"`
+
+ // The CloudFront origin access identity to associate with the origin. Use an
+ // origin access identity to configure the origin so that end users can only
+ // access objects in an Amazon S3 bucket through CloudFront. If you want end
+ // users to be able to access objects using either the CloudFront URL or the
+ // Amazon S3 URL, specify an empty OriginAccessIdentity element. To delete the
+ // origin access identity from an existing distribution, update the distribution
+ // configuration and include an empty OriginAccessIdentity element. To replace
+ // the origin access identity, update the distribution configuration and specify
+ // the new origin access identity. Use the format origin-access-identity/cloudfront/Id
+ // where Id is the value that CloudFront returned in the Id element when you
+ // created the origin access identity.
+ OriginAccessIdentity *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s S3OriginConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s S3OriginConfig) GoString() string {
+ return s.String()
+}
+
+// A complex type that lists the AWS accounts that were included in the TrustedSigners
+// complex type, as well as their active CloudFront key pair IDs, if any.
+type Signer struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies an AWS account that can create signed URLs. Values: self, which
+ // indicates that the AWS account that was used to create the distribution can
+ // created signed URLs, or an AWS account number. Omit the dashes in the account
+ // number.
+ AwsAccountNumber *string `type:"string"`
+
+ // A complex type that lists the active CloudFront key pairs, if any, that are
+ // associated with AwsAccountNumber.
+ KeyPairIds *KeyPairIds `type:"structure"`
+}
+
+// String returns the string representation
+func (s Signer) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s Signer) GoString() string {
+ return s.String()
+}
+
+// A streaming distribution.
+type StreamingDistribution struct {
+ _ struct{} `type:"structure"`
+
+ // CloudFront automatically adds this element to the response only if you've
+ // set up the distribution to serve private content with signed URLs. The element
+ // lists the key pair IDs that CloudFront is aware of for each trusted signer.
+ // The Signer child element lists the AWS account number of the trusted signer
+ // (or an empty Self element if the signer is you). The Signer element also
+ // includes the IDs of any active key pairs associated with the trusted signer's
+ // AWS account. If no KeyPairId element appears for a Signer, that signer can't
+ // create working signed URLs.
+ ActiveTrustedSigners *ActiveTrustedSigners `type:"structure" required:"true"`
+
+ // The domain name corresponding to the streaming distribution. For example:
+ // s5c39gqb8ow64r.cloudfront.net.
+ DomainName *string `type:"string" required:"true"`
+
+ // The identifier for the streaming distribution. For example: EGTXBD79H29TRA8.
+ Id *string `type:"string" required:"true"`
+
+ // The date and time the distribution was last modified.
+ LastModifiedTime *time.Time `type:"timestamp" timestampFormat:"iso8601"`
+
+ // The current status of the streaming distribution. When the status is Deployed,
+ // the distribution's information is fully propagated throughout the Amazon
+ // CloudFront system.
+ Status *string `type:"string" required:"true"`
+
+ // The current configuration information for the streaming distribution.
+ StreamingDistributionConfig *StreamingDistributionConfig `type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s StreamingDistribution) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StreamingDistribution) GoString() string {
+ return s.String()
+}
+
+// The configuration for the streaming distribution.
+type StreamingDistributionConfig struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains information about CNAMEs (alternate domain names),
+ // if any, for this streaming distribution.
+ Aliases *Aliases `type:"structure"`
+
+ // A unique number that ensures the request can't be replayed. If the CallerReference
+ // is new (no matter the content of the StreamingDistributionConfig object),
+ // a new streaming distribution is created. If the CallerReference is a value
+ // you already sent in a previous request to create a streaming distribution,
+ // and the content of the StreamingDistributionConfig is identical to the original
+ // request (ignoring white space), the response includes the same information
+ // returned to the original request. If the CallerReference is a value you already
+ // sent in a previous request to create a streaming distribution but the content
+ // of the StreamingDistributionConfig is different from the original request,
+ // CloudFront returns a DistributionAlreadyExists error.
+ CallerReference *string `type:"string" required:"true"`
+
+ // Any comments you want to include about the streaming distribution.
+ Comment *string `type:"string" required:"true"`
+
+ // Whether the streaming distribution is enabled to accept end user requests
+ // for content.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // A complex type that controls whether access logs are written for the streaming
+ // distribution.
+ Logging *StreamingLoggingConfig `type:"structure"`
+
+ // A complex type that contains information about price class for this streaming
+ // distribution.
+ PriceClass *string `type:"string" enum:"PriceClass"`
+
+ // A complex type that contains information about the Amazon S3 bucket from
+ // which you want CloudFront to get your media files for distribution.
+ S3Origin *S3Origin `type:"structure" required:"true"`
+
+ // A complex type that specifies the AWS accounts, if any, that you want to
+ // allow to create signed URLs for private content. If you want to require signed
+ // URLs in requests for objects in the target origin that match the PathPattern
+ // for this cache behavior, specify true for Enabled, and specify the applicable
+ // values for Quantity and Items. For more information, go to Using a Signed
+ // URL to Serve Private Content in the Amazon CloudFront Developer Guide. If
+ // you don't want to require signed URLs in requests for objects that match
+ // PathPattern, specify false for Enabled and 0 for Quantity. Omit Items. To
+ // add, change, or remove one or more trusted signers, change Enabled to true
+ // (if it's currently false), change Quantity as applicable, and specify all
+ // of the trusted signers that you want to include in the updated distribution.
+ TrustedSigners *TrustedSigners `type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s StreamingDistributionConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StreamingDistributionConfig) GoString() string {
+ return s.String()
+}
+
+// A streaming distribution list.
+type StreamingDistributionList struct {
+ _ struct{} `type:"structure"`
+
+ // A flag that indicates whether more streaming distributions remain to be listed.
+ // If your results were truncated, you can make a follow-up pagination request
+ // using the Marker request parameter to retrieve more distributions in the
+ // list.
+ IsTruncated *bool `type:"boolean" required:"true"`
+
+ // A complex type that contains one StreamingDistributionSummary element for
+ // each distribution that was created by the current AWS account.
+ Items []*StreamingDistributionSummary `locationNameList:"StreamingDistributionSummary" type:"list"`
+
+ // The value you provided for the Marker request parameter.
+ Marker *string `type:"string" required:"true"`
+
+ // The value you provided for the MaxItems request parameter.
+ MaxItems *int64 `type:"integer" required:"true"`
+
+ // If IsTruncated is true, this element is present and contains the value you
+ // can use for the Marker request parameter to continue listing your streaming
+ // distributions where they left off.
+ NextMarker *string `type:"string"`
+
+ // The number of streaming distributions that were created by the current AWS
+ // account.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s StreamingDistributionList) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StreamingDistributionList) GoString() string {
+ return s.String()
+}
+
+// A summary of the information for an Amazon CloudFront streaming distribution.
+type StreamingDistributionSummary struct {
+ _ struct{} `type:"structure"`
+
+ // A complex type that contains information about CNAMEs (alternate domain names),
+ // if any, for this streaming distribution.
+ Aliases *Aliases `type:"structure" required:"true"`
+
+ // The comment originally specified when this distribution was created.
+ Comment *string `type:"string" required:"true"`
+
+ // The domain name corresponding to the distribution. For example: d604721fxaaqy9.cloudfront.net.
+ DomainName *string `type:"string" required:"true"`
+
+ // Whether the distribution is enabled to accept end user requests for content.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // The identifier for the distribution. For example: EDFDVBD632BHDS5.
+ Id *string `type:"string" required:"true"`
+
+ // The date and time the distribution was last modified.
+ LastModifiedTime *time.Time `type:"timestamp" timestampFormat:"iso8601" required:"true"`
+
+ PriceClass *string `type:"string" required:"true" enum:"PriceClass"`
+
+ // A complex type that contains information about the Amazon S3 bucket from
+ // which you want CloudFront to get your media files for distribution.
+ S3Origin *S3Origin `type:"structure" required:"true"`
+
+ // Indicates the current status of the distribution. When the status is Deployed,
+ // the distribution's information is fully propagated throughout the Amazon
+ // CloudFront system.
+ Status *string `type:"string" required:"true"`
+
+ // A complex type that specifies the AWS accounts, if any, that you want to
+ // allow to create signed URLs for private content. If you want to require signed
+ // URLs in requests for objects in the target origin that match the PathPattern
+ // for this cache behavior, specify true for Enabled, and specify the applicable
+ // values for Quantity and Items. For more information, go to Using a Signed
+ // URL to Serve Private Content in the Amazon CloudFront Developer Guide. If
+ // you don't want to require signed URLs in requests for objects that match
+ // PathPattern, specify false for Enabled and 0 for Quantity. Omit Items. To
+ // add, change, or remove one or more trusted signers, change Enabled to true
+ // (if it's currently false), change Quantity as applicable, and specify all
+ // of the trusted signers that you want to include in the updated distribution.
+ TrustedSigners *TrustedSigners `type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s StreamingDistributionSummary) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StreamingDistributionSummary) GoString() string {
+ return s.String()
+}
+
+// A complex type that controls whether access logs are written for this streaming
+// distribution.
+type StreamingLoggingConfig struct {
+ _ struct{} `type:"structure"`
+
+ // The Amazon S3 bucket to store the access logs in, for example, myawslogbucket.s3.amazonaws.com.
+ Bucket *string `type:"string" required:"true"`
+
+ // Specifies whether you want CloudFront to save access logs to an Amazon S3
+ // bucket. If you do not want to enable logging when you create a streaming
+ // distribution or if you want to disable logging for an existing streaming
+ // distribution, specify false for Enabled, and specify empty Bucket and Prefix
+ // elements. If you specify false for Enabled but you specify values for Bucket
+ // and Prefix, the values are automatically deleted.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // An optional string that you want CloudFront to prefix to the access log filenames
+ // for this streaming distribution, for example, myprefix/. If you want to enable
+ // logging, but you do not want to specify a prefix, you still must include
+ // an empty Prefix element in the Logging element.
+ Prefix *string `type:"string" required:"true"`
+}
+
+// String returns the string representation
+func (s StreamingLoggingConfig) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s StreamingLoggingConfig) GoString() string {
+ return s.String()
+}
+
+// A complex type that specifies the AWS accounts, if any, that you want to
+// allow to create signed URLs for private content. If you want to require signed
+// URLs in requests for objects in the target origin that match the PathPattern
+// for this cache behavior, specify true for Enabled, and specify the applicable
+// values for Quantity and Items. For more information, go to Using a Signed
+// URL to Serve Private Content in the Amazon CloudFront Developer Guide. If
+// you don't want to require signed URLs in requests for objects that match
+// PathPattern, specify false for Enabled and 0 for Quantity. Omit Items. To
+// add, change, or remove one or more trusted signers, change Enabled to true
+// (if it's currently false), change Quantity as applicable, and specify all
+// of the trusted signers that you want to include in the updated distribution.
+type TrustedSigners struct {
+ _ struct{} `type:"structure"`
+
+ // Specifies whether you want to require end users to use signed URLs to access
+ // the files specified by PathPattern and TargetOriginId.
+ Enabled *bool `type:"boolean" required:"true"`
+
+ // Optional: A complex type that contains trusted signers for this cache behavior.
+ // If Quantity is 0, you can omit Items.
+ Items []*string `locationNameList:"AwsAccountNumber" type:"list"`
+
+ // The number of trusted signers for this cache behavior.
+ Quantity *int64 `type:"integer" required:"true"`
+}
+
+// String returns the string representation
+func (s TrustedSigners) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s TrustedSigners) GoString() string {
+ return s.String()
+}
+
+// The request to update an origin access identity.
+type UpdateCloudFrontOriginAccessIdentityInput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentityConfig"`
+
+ // The identity's configuration information.
+ CloudFrontOriginAccessIdentityConfig *OriginAccessIdentityConfig `locationName:"CloudFrontOriginAccessIdentityConfig" type:"structure" required:"true"`
+
+ // The identity's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+
+ // The value of the ETag header you received when retrieving the identity's
+ // configuration. For example: E2QWRUHAPOMQZL.
+ IfMatch *string `location:"header" locationName:"If-Match" type:"string"`
+}
+
+// String returns the string representation
+func (s UpdateCloudFrontOriginAccessIdentityInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateCloudFrontOriginAccessIdentityInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type UpdateCloudFrontOriginAccessIdentityOutput struct {
+ _ struct{} `type:"structure" payload:"CloudFrontOriginAccessIdentity"`
+
+ // The origin access identity's information.
+ CloudFrontOriginAccessIdentity *OriginAccessIdentity `type:"structure"`
+
+ // The current version of the configuration. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+}
+
+// String returns the string representation
+func (s UpdateCloudFrontOriginAccessIdentityOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateCloudFrontOriginAccessIdentityOutput) GoString() string {
+ return s.String()
+}
+
+// The request to update a distribution.
+type UpdateDistributionInput struct {
+ _ struct{} `type:"structure" payload:"DistributionConfig"`
+
+ // The distribution's configuration information.
+ DistributionConfig *DistributionConfig `locationName:"DistributionConfig" type:"structure" required:"true"`
+
+ // The distribution's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+
+ // The value of the ETag header you received when retrieving the distribution's
+ // configuration. For example: E2QWRUHAPOMQZL.
+ IfMatch *string `location:"header" locationName:"If-Match" type:"string"`
+}
+
+// String returns the string representation
+func (s UpdateDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateDistributionInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type UpdateDistributionOutput struct {
+ _ struct{} `type:"structure" payload:"Distribution"`
+
+ // The distribution's information.
+ Distribution *Distribution `type:"structure"`
+
+ // The current version of the configuration. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+}
+
+// String returns the string representation
+func (s UpdateDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// The request to update a streaming distribution.
+type UpdateStreamingDistributionInput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistributionConfig"`
+
+ // The streaming distribution's id.
+ Id *string `location:"uri" locationName:"Id" type:"string" required:"true"`
+
+ // The value of the ETag header you received when retrieving the streaming distribution's
+ // configuration. For example: E2QWRUHAPOMQZL.
+ IfMatch *string `location:"header" locationName:"If-Match" type:"string"`
+
+ // The streaming distribution's configuration information.
+ StreamingDistributionConfig *StreamingDistributionConfig `locationName:"StreamingDistributionConfig" type:"structure" required:"true"`
+}
+
+// String returns the string representation
+func (s UpdateStreamingDistributionInput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateStreamingDistributionInput) GoString() string {
+ return s.String()
+}
+
+// The returned result of the corresponding request.
+type UpdateStreamingDistributionOutput struct {
+ _ struct{} `type:"structure" payload:"StreamingDistribution"`
+
+ // The current version of the configuration. For example: E2QWRUHAPOMQZL.
+ ETag *string `location:"header" locationName:"ETag" type:"string"`
+
+ // The streaming distribution's information.
+ StreamingDistribution *StreamingDistribution `type:"structure"`
+}
+
+// String returns the string representation
+func (s UpdateStreamingDistributionOutput) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s UpdateStreamingDistributionOutput) GoString() string {
+ return s.String()
+}
+
+// A complex type that contains information about viewer certificates for this
+// distribution.
+type ViewerCertificate struct {
+ _ struct{} `type:"structure"`
+
+ // If you want viewers to use HTTPS to request your objects and you're using
+ // an alternate domain name in your object URLs (for example, https://example.com/logo.jpg),
+ // specify the ACM certificate ARN of the custom viewer certificate for this
+ // distribution. Specify either this value, IAMCertificateId, or CloudFrontDefaultCertificate.
+ ACMCertificateArn *string `type:"string"`
+
+ // Note: this field is deprecated. Please use one of [ACMCertificateArn, IAMCertificateId,
+ // CloudFrontDefaultCertificate].
+ Certificate *string `deprecated:"true" type:"string"`
+
+ // Note: this field is deprecated. Please use one of [ACMCertificateArn, IAMCertificateId,
+ // CloudFrontDefaultCertificate].
+ CertificateSource *string `deprecated:"true" type:"string" enum:"CertificateSource"`
+
+ // If you want viewers to use HTTPS to request your objects and you're using
+ // the CloudFront domain name of your distribution in your object URLs (for
+ // example, https://d111111abcdef8.cloudfront.net/logo.jpg), set to true. Omit
+ // this value if you are setting an ACMCertificateArn or IAMCertificateId.
+ CloudFrontDefaultCertificate *bool `type:"boolean"`
+
+ // If you want viewers to use HTTPS to request your objects and you're using
+ // an alternate domain name in your object URLs (for example, https://example.com/logo.jpg),
+ // specify the IAM certificate identifier of the custom viewer certificate for
+ // this distribution. Specify either this value, ACMCertificateArn, or CloudFrontDefaultCertificate.
+ IAMCertificateId *string `type:"string"`
+
+ // Specify the minimum version of the SSL protocol that you want CloudFront
+ // to use, SSLv3 or TLSv1, for HTTPS connections. CloudFront will serve your
+ // objects only to browsers or devices that support at least the SSL version
+ // that you specify. The TLSv1 protocol is more secure, so we recommend that
+ // you specify SSLv3 only if your users are using browsers or devices that don't
+ // support TLSv1. If you're using a custom certificate (if you specify a value
+ // for IAMCertificateId) and if you're using dedicated IP (if you specify vip
+ // for SSLSupportMethod), you can choose SSLv3 or TLSv1 as the MinimumProtocolVersion.
+ // If you're using a custom certificate (if you specify a value for IAMCertificateId)
+ // and if you're using SNI (if you specify sni-only for SSLSupportMethod), you
+ // must specify TLSv1 for MinimumProtocolVersion.
+ MinimumProtocolVersion *string `type:"string" enum:"MinimumProtocolVersion"`
+
+ // If you specify a value for IAMCertificateId, you must also specify how you
+ // want CloudFront to serve HTTPS requests. Valid values are vip and sni-only.
+ // If you specify vip, CloudFront uses dedicated IP addresses for your content
+ // and can respond to HTTPS requests from any viewer. However, you must request
+ // permission to use this feature, and you incur additional monthly charges.
+ // If you specify sni-only, CloudFront can only respond to HTTPS requests from
+ // viewers that support Server Name Indication (SNI). All modern browsers support
+ // SNI, but some browsers still in use don't support SNI. Do not specify a value
+ // for SSLSupportMethod if you specified true for CloudFrontDefaultCertificate.
+ SSLSupportMethod *string `type:"string" enum:"SSLSupportMethod"`
+}
+
+// String returns the string representation
+func (s ViewerCertificate) String() string {
+ return awsutil.Prettify(s)
+}
+
+// GoString returns the string representation
+func (s ViewerCertificate) GoString() string {
+ return s.String()
+}
+
+const (
+ // @enum CertificateSource
+ CertificateSourceCloudfront = "cloudfront"
+ // @enum CertificateSource
+ CertificateSourceIam = "iam"
+ // @enum CertificateSource
+ CertificateSourceAcm = "acm"
+)
+
+const (
+ // @enum GeoRestrictionType
+ GeoRestrictionTypeBlacklist = "blacklist"
+ // @enum GeoRestrictionType
+ GeoRestrictionTypeWhitelist = "whitelist"
+ // @enum GeoRestrictionType
+ GeoRestrictionTypeNone = "none"
+)
+
+const (
+ // @enum ItemSelection
+ ItemSelectionNone = "none"
+ // @enum ItemSelection
+ ItemSelectionWhitelist = "whitelist"
+ // @enum ItemSelection
+ ItemSelectionAll = "all"
+)
+
+const (
+ // @enum Method
+ MethodGet = "GET"
+ // @enum Method
+ MethodHead = "HEAD"
+ // @enum Method
+ MethodPost = "POST"
+ // @enum Method
+ MethodPut = "PUT"
+ // @enum Method
+ MethodPatch = "PATCH"
+ // @enum Method
+ MethodOptions = "OPTIONS"
+ // @enum Method
+ MethodDelete = "DELETE"
+)
+
+const (
+ // @enum MinimumProtocolVersion
+ MinimumProtocolVersionSslv3 = "SSLv3"
+ // @enum MinimumProtocolVersion
+ MinimumProtocolVersionTlsv1 = "TLSv1"
+)
+
+const (
+ // @enum OriginProtocolPolicy
+ OriginProtocolPolicyHttpOnly = "http-only"
+ // @enum OriginProtocolPolicy
+ OriginProtocolPolicyMatchViewer = "match-viewer"
+ // @enum OriginProtocolPolicy
+ OriginProtocolPolicyHttpsOnly = "https-only"
+)
+
+const (
+ // @enum PriceClass
+ PriceClassPriceClass100 = "PriceClass_100"
+ // @enum PriceClass
+ PriceClassPriceClass200 = "PriceClass_200"
+ // @enum PriceClass
+ PriceClassPriceClassAll = "PriceClass_All"
+)
+
+const (
+ // @enum SSLSupportMethod
+ SSLSupportMethodSniOnly = "sni-only"
+ // @enum SSLSupportMethod
+ SSLSupportMethodVip = "vip"
+)
+
+const (
+ // @enum SslProtocol
+ SslProtocolSslv3 = "SSLv3"
+ // @enum SslProtocol
+ SslProtocolTlsv1 = "TLSv1"
+ // @enum SslProtocol
+ SslProtocolTlsv11 = "TLSv1.1"
+ // @enum SslProtocol
+ SslProtocolTlsv12 = "TLSv1.2"
+)
+
+const (
+ // @enum ViewerProtocolPolicy
+ ViewerProtocolPolicyAllowAll = "allow-all"
+ // @enum ViewerProtocolPolicy
+ ViewerProtocolPolicyHttpsOnly = "https-only"
+ // @enum ViewerProtocolPolicy
+ ViewerProtocolPolicyRedirectToHttps = "redirect-to-https"
+)
diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudfront/service.go b/vendor/github.com/aws/aws-sdk-go/service/cloudfront/service.go
new file mode 100644
index 000000000000..51b73c6efef8
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/cloudfront/service.go
@@ -0,0 +1,86 @@
+// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
+
+package cloudfront
+
+import (
+ "github.com/aws/aws-sdk-go/aws"
+ "github.com/aws/aws-sdk-go/aws/client"
+ "github.com/aws/aws-sdk-go/aws/client/metadata"
+ "github.com/aws/aws-sdk-go/aws/request"
+ "github.com/aws/aws-sdk-go/private/protocol/restxml"
+ "github.com/aws/aws-sdk-go/private/signer/v4"
+)
+
+// CloudFront is a client for CloudFront.
+//The service client's operations are safe to be used concurrently.
+// It is not safe to mutate any of the client's properties though.
+type CloudFront struct {
+ *client.Client
+}
+
+// Used for custom client initialization logic
+var initClient func(*client.Client)
+
+// Used for custom request initialization logic
+var initRequest func(*request.Request)
+
+// A ServiceName is the name of the service the client will make API calls to.
+const ServiceName = "cloudfront"
+
+// New creates a new instance of the CloudFront client with a session.
+// If additional configuration is needed for the client instance use the optional
+// aws.Config parameter to add your extra config.
+//
+// Example:
+// // Create a CloudFront client from just a session.
+// svc := cloudfront.New(mySession)
+//
+// // Create a CloudFront client with additional configuration
+// svc := cloudfront.New(mySession, aws.NewConfig().WithRegion("us-west-2"))
+func New(p client.ConfigProvider, cfgs ...*aws.Config) *CloudFront {
+ c := p.ClientConfig(ServiceName, cfgs...)
+ return newClient(*c.Config, c.Handlers, c.Endpoint, c.SigningRegion)
+}
+
+// newClient creates, initializes and returns a new service client instance.
+func newClient(cfg aws.Config, handlers request.Handlers, endpoint, signingRegion string) *CloudFront {
+ svc := &CloudFront{
+ Client: client.New(
+ cfg,
+ metadata.ClientInfo{
+ ServiceName: ServiceName,
+ SigningRegion: signingRegion,
+ Endpoint: endpoint,
+ APIVersion: "2016-01-28",
+ },
+ handlers,
+ ),
+ }
+
+ // Handlers
+ svc.Handlers.Sign.PushBack(v4.Sign)
+ svc.Handlers.Build.PushBackNamed(restxml.BuildHandler)
+ svc.Handlers.Unmarshal.PushBackNamed(restxml.UnmarshalHandler)
+ svc.Handlers.UnmarshalMeta.PushBackNamed(restxml.UnmarshalMetaHandler)
+ svc.Handlers.UnmarshalError.PushBackNamed(restxml.UnmarshalErrorHandler)
+
+ // Run custom client initialization if present
+ if initClient != nil {
+ initClient(svc.Client)
+ }
+
+ return svc
+}
+
+// newRequest creates a new request for a CloudFront operation and runs any
+// custom request initialization.
+func (c *CloudFront) newRequest(op *request.Operation, params, data interface{}) *request.Request {
+ req := c.NewRequest(op, params, data)
+
+ // Run custom request initialization if present
+ if initRequest != nil {
+ initRequest(req)
+ }
+
+ return req
+}
diff --git a/vendor/github.com/aws/aws-sdk-go/service/cloudfront/waiters.go b/vendor/github.com/aws/aws-sdk-go/service/cloudfront/waiters.go
new file mode 100644
index 000000000000..7a0525d1770b
--- /dev/null
+++ b/vendor/github.com/aws/aws-sdk-go/service/cloudfront/waiters.go
@@ -0,0 +1,76 @@
+// THIS FILE IS AUTOMATICALLY GENERATED. DO NOT EDIT.
+
+package cloudfront
+
+import (
+ "github.com/aws/aws-sdk-go/private/waiter"
+)
+
+func (c *CloudFront) WaitUntilDistributionDeployed(input *GetDistributionInput) error {
+ waiterCfg := waiter.Config{
+ Operation: "GetDistribution",
+ Delay: 60,
+ MaxAttempts: 25,
+ Acceptors: []waiter.WaitAcceptor{
+ {
+ State: "success",
+ Matcher: "path",
+ Argument: "Distribution.Status",
+ Expected: "Deployed",
+ },
+ },
+ }
+
+ w := waiter.Waiter{
+ Client: c,
+ Input: input,
+ Config: waiterCfg,
+ }
+ return w.Wait()
+}
+
+func (c *CloudFront) WaitUntilInvalidationCompleted(input *GetInvalidationInput) error {
+ waiterCfg := waiter.Config{
+ Operation: "GetInvalidation",
+ Delay: 20,
+ MaxAttempts: 30,
+ Acceptors: []waiter.WaitAcceptor{
+ {
+ State: "success",
+ Matcher: "path",
+ Argument: "Invalidation.Status",
+ Expected: "Completed",
+ },
+ },
+ }
+
+ w := waiter.Waiter{
+ Client: c,
+ Input: input,
+ Config: waiterCfg,
+ }
+ return w.Wait()
+}
+
+func (c *CloudFront) WaitUntilStreamingDistributionDeployed(input *GetStreamingDistributionInput) error {
+ waiterCfg := waiter.Config{
+ Operation: "GetStreamingDistribution",
+ Delay: 60,
+ MaxAttempts: 25,
+ Acceptors: []waiter.WaitAcceptor{
+ {
+ State: "success",
+ Matcher: "path",
+ Argument: "StreamingDistribution.Status",
+ Expected: "Deployed",
+ },
+ },
+ }
+
+ w := waiter.Waiter{
+ Client: c,
+ Input: input,
+ Config: waiterCfg,
+ }
+ return w.Wait()
+}
diff --git a/website/source/docs/providers/aws/r/cloudfront_distribution.html.markdown b/website/source/docs/providers/aws/r/cloudfront_distribution.html.markdown
new file mode 100644
index 000000000000..cbeedca539f0
--- /dev/null
+++ b/website/source/docs/providers/aws/r/cloudfront_distribution.html.markdown
@@ -0,0 +1,197 @@
+---
+layout: "aws"
+page_title: "AWS: cloudfront_distribution"
+sidebar_current: "docs-aws-resource-cloudfront-distribution"
+description: |-
+ Provides a CloudFront web distribution resource.
+---
+
+# aws\_cloudfront\_distribution
+
+Creates an Amazon CloudFront web distribution.
+
+For information about CloudFront distributions, see the
+[Amazon CloudFront Developer Guide][1]. For specific information about creating
+CloudFront web distributions, see the [POST Distribution][2] page in the Amazon
+CloudFront API Reference.
+
+~> **NOTE:** CloudFront distributions take about 15 minutes to a deployed state
+after creation or modification. During this time, deletes to resources will be
+blocked. If you need to delete a distribution that is enabled and you do not
+want to wait, you need to use the `retain_on_delete` flag.
+
+## Example Usage
+
+The following example below creates a CloudFront distribution with an S3 origin.
+
+```
+resource "aws_cloudfront_distribution" "s3_distribution" {
+ origin {
+ domain_name = "mybucket.s3.amazonaws.com"
+ origin_id = "myS3Origin"
+ s3_origin_config {
+ origin_access_identity = "origin-access-identity/cloudfront/ABCDEFG1234567"
+ }
+ }
+ enabled = true
+ comment = "Some comment"
+ default_root_object = "index.html"
+ logging_config {
+ include_cookies = false
+ bucket = "mylogs.s3.amazonaws.com"
+ prefix = "myprefix"
+ }
+ aliases = [ "mysite.example.com", "yoursite.example.com" ]
+ default_cache_behavior {
+ allowed_methods = [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ]
+ cached_methods = [ "GET", "HEAD" ]
+ target_origin_id = "myS3Origin"
+ forwarded_values {
+ query_string = false
+ cookies {
+ forward = "none"
+ }
+ }
+ viewer_protocol_policy = "allow-all"
+ min_ttl = 0
+ default_ttl = 3600
+ max_ttl = 86400
+ }
+ price_class = "PriceClass_200"
+ restrictions {
+ geo_restriction {
+ restriction_type = "whitelist"
+ locations = [ "US", "CA", "GB", "DE" ]
+ }
+ }
+ viewer_certificate {
+ cloudfront_default_certificate = true
+ }
+}
+```
+
+## Argument Reference
+
+The CloudFront distribution argument layout is a complex structure composed
+of several sub-resources - these resources are laid out below.
+
+### Top-Level Arguments
+
+* `aliases` (Optional) - Extra CNAMEs (alternate domain names), if any, for this distribution.
+* `cache_behavior` (Optional) - A [cache behavior](#cache_behavior) resource for this distribution (multiples allowed).
+* `comment` (Optional) - Any comments you want to include about the distribution.
+* `custom_error_response` (Optional) - One or more [custom error response](#custom_error_response) elements (multiples allowed).
+* `default_cache_behavior` (Required) - The [default cache behavior](#default_cache_behavior) for this distribution (maximum one).
+* `default_root_object` (Optional) - The object that you want CloudFront to return (for example, index.html) when an end user requests the root URL.
+* `enabled` (Required) - Whether the distribution is enabled to accept end user requests for content.
+* `logging_config` (Optional) - The [logging configuration](#logging_config) that controls how logs are written to your distribution (maximum one).
+* `origin` (Required) - One or more [origins](#origin) for this distribution (multiples allowed).
+* `price_class` (Optional) - The price class for this distribution.
+* `restrictions` (Required) - The [restriction configuration](#restrictions) for this distribution (maximum one).
+* `viewer_certificate` (Required) - The [SSL configuration](#viewer_certificate) for this distribution (maximum one).
+* `web_acl_id` (Optional) - If you're using AWS WAF to filter CloudFront requests, the Id of the AWS WAF web ACL that is associated with the distribution.
+* `retain_on_delete` (Optional) - Disables the distribution instead of deleting it when destroying the resource through Terraform. If this is set, the distribution needs to be deleted manually afterwards. Default: `false`.
+
+#### `cache_behavior` Arguments
+
+* `allowed_methods` (Required) - Controls which HTTP methods CloudFront processes and forwards to your Amazon S3 bucket or your custom origin.
+* `cached_methods` (Required) - Controls whether CloudFront caches the response to requests using the specified HTTP methods.
+* `compress` (Optional) - Whether you want CloudFront to automatically compress content for web requests that include `Accept-Encoding: gzip` in the request header (default: `false`).
+* `default_ttl` (Required) - The default amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request in the absence of an `Cache-Control max-age` or `Expires` header.
+* `forwarded_values` (Required) - The [forwarded values configuration](#forwarded_values) that specifies how CloudFront handles query strings, cookies and headers (maximum one).
+* `max_ttl` (Required) - The maximum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether the object has been updated. Only effective in the presence of `Cache-Control max-age`, `Cache-Control s-maxage`, and `Expires` headers.
+* `min_ttl` (Required) - The minimum amount of time that you want objects to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
+* `path_pattern` (Required) - The pattern (for example, `images/*.jpg)` that specifies which requests you want this cache behavior to apply to.
+* `smooth_streaming` (Optional) - Indicates whether you want to distribute media files in Microsoft Smooth Streaming format using the origin that is associated with this cache behavior.
+* `target_origin_id` (Required) - The value of ID for the origin that you want CloudFront to route requests to when a request matches the path pattern either for a cache behavior or for the default cache behavior.
+* `trusted_signers` (Optional) - The AWS accounts, if any, that you want to allow to create signed URLs for private content.
+* `viewer_protocol_policy` (Required) - Use this element to specify the protocol that users can use to access the files in the origin specified by TargetOriginId when a request matches the path pattern in PathPattern. One of `allow-all`, `https-only`, or `redirect-to-https`.
+
+##### `forwarded_values` Arguments
+
+* `cookies` (Optional) - The [forwarded values cookies](#cookies) that specifies how CloudFront handles cookies (maximum one).
+* `headers` (Optional) - Specifies the Headers, if any, that you want CloudFront to vary upon for this cache behavior.
+* `query_string` (Required) - Indicates whether you want CloudFront to forward query strings to the origin that is associated with this cache behavior.
+
+##### `cookies` Arguments
+
+* `forward` (Required) - Specifies whether you want CloudFront to forward cookies to the origin that is associated with this cache behavior. You can specify `all`, `none` or `whitelist`.
+* `whitelisted_names` (Optional) - If you have specified `whitelist` to `forward`, the whitelisted cookies that you want CloudFront to forward to your origin.
+
+#### `custom_error_response` Arguments
+
+* `error_caching_min_ttl` (Optional) - The minimum amount of time you want HTTP error codes to stay in CloudFront caches before CloudFront queries your origin to see whether the object has been updated.
+* `error_code` (Required) - The 4xx or 5xx HTTP status code that you want to customize.
+* `response_code` (Optional) - The HTTP status code that you want CloudFront to return with the custom error page to the viewer.
+* `response_page_path` (Optional) - The path of the custom error page (for example, `/custom_404.html`).
+
+#### `default_cache_behavior` Arguments
+
+The arguments for `default_cache_behavior` are the same as for
+[`cache_behavior`](#cache_behavior), except for the `path_pattern` argument is
+not required.
+
+#### `logging_config` Arguments
+
+* `bucket` (Required) - The Amazon S3 bucket to store the access logs in, for example, `myawslogbucket.s3.amazonaws.com`.
+* `include_cookies` (Optional) - Specifies whether you want CloudFront to include cookies in access logs (default: `false`).
+* `prefix` (Optional) - An optional string that you want CloudFront to prefix to the access log filenames for this distribution, for example, `myprefix/`.
+
+#### `origin` Arguments
+
+* `custom_origin_config` - The [CloudFront custom origin](#custom_origin_config) configuration information. If an S3 origin is required, use `s3_origin_config` instead.
+* `domain_name` (Required) - The DNS domain name of either the S3 bucket, or web site of your custom origin.
+* `custom_header` (Optional) - One or more sub-resources with `name` and `value` parameters that specify header data that will be sent to the origin (multiples allowed).
+* `origin_id` (Required) - A unique identifier for the origin.
+* `origin_path` (Optional) - An optional element that causes CloudFront to request your content from a directory in your Amazon S3 bucket or your custom origin.
+* `s3_origin_config` - The [CloudFront S3 origin](#s3_origin_config) configuration information. If a custom origin is required, use `s3_origin_config` instead.
+
+##### `custom_origin_config` Arguments
+
+* `http_port` (Required) - The HTTP port the custom origin listens on.
+* `https_port` (Required) - The HTTPS port the custom origin listens on.
+* `origin_protocol_policy` (Required) - The origin protocol policy to apply to your origin. One of `http-only`, `https-only`, or `match-viewer`.
+* `origin_ssl_protocols` (Required) - The SSL/TLS protocols that you want CloudFront to use when communicating with your origin over HTTPS. A list of one or more of `SSLv3`, `TLSv1`, `TLSv1.1`, and `TLSv1.2`.
+
+##### `s3_origin_config` Arguments
+
+* `origin_access_identity` (Optional) - The [CloudFront origin access identity][5] to associate with the origin.
+
+#### `restrictions` Arguments
+
+The `restrictions` sub-resource takes another single sub-resource named
+`geo_restriction` (see the example for usage).
+
+The arguments of `geo_restriction` are:
+
+* `locations` (Optional) - The [ISO 3166-1-alpha-2 codes][4] for which you want CloudFront either to distribute your content (`whitelist`) or not distribute your content (`blacklist`).
+* `restriction_type` (Required) - The method that you want to use to restrict distribution of your content by country: `none`, `whitelist`, or `blacklist`.
+
+#### `viewer_certificate` Arguments
+
+* `acm_certificate_arn` - The ARN of the [AWS Certificate Manager][6] certificate that you wish to use with this distribution. Specify this, `cloudfront_default_certificate`, or `iam_certificate_id`.
+* `cloudfront_default_certificate` - `true` if you want viewers to use HTTPS to request your objects and you're using the CloudFront domain name for your distribution. Specify this, `acm_certificate_arn`, or `iam_certificate_id`.
+* `iam_certificate_id` - The IAM certificate identifier of the custom viewer certificate for this distribution if you are using a custom domain. Specify this, `acm_certificate_arn`, or `cloudfront_default_certificate`.
+* `minimum_protocol_version` - The minimum version of the SSL protocol that you want CloudFront to use for HTTPS connections. One of `SSLv3` or `TLSv1`. Default: `SSLv3`. **NOTE**: If you are using a custom certificate (specified with `acm_certificate_arn` or `iam_certificate_id`), and have specified `sni-only` in `ssl_support_method`, `TLSv1` must be specified.
+* `ssl_support_method`: Specifies how you want CloudFront to serve HTTPS requests. One of `vip` or `sni-only`. Required if you specify `acm_certificate_arn` or `iam_certificate_id`. **NOTE:** `vip` causes CloudFront to use a dedicated IP address and may incur extra charges.
+
+## Attribute Reference
+
+The following attributes are exported:
+
+* `id` - The identifier for the distribution. For example: `EDFDVBD632BHDS5`.
+* `caller_reference` - Internal value used by CloudFront to allow future updates to the distribution configuration.
+* `status` - The current status of the distribution. `Deployed` if the distribution's information is fully propagated throughout the Amazon CloudFront system.
+* `active_trusted_signers` - The key pair IDs that CloudFront is aware of for each trusted signer, if the distribution is set up to serve private content with signed URLs.
+* `domain_name` - The domain name corresponding to the distribution. For example: `d604721fxaaqy9.cloudfront.net`.
+* `last_modified_time` - The date and time the distribution was last modified.
+* `in_progress_validation_batches` - The number of invalidation batches currently in progress.
+* `etag` - The current version of the distribution's information. For example: `E2QWRUHAPOMQZL`.
+
+
+[1]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html
+[2]: http://docs.aws.amazon.com/AmazonCloudFront/latest/APIReference/CreateDistribution.html
+[3]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
+[4]: http://www.iso.org/iso/country_codes/iso_3166_code_lists/country_names_and_code_elements.htm
+[5]: /docs/providers/aws/r/cloudfront_origin_access_identity.html
+[6]: https://aws.amazon.com/certificate-manager/
diff --git a/website/source/docs/providers/aws/r/cloudfront_origin_access_identity.html.markdown b/website/source/docs/providers/aws/r/cloudfront_origin_access_identity.html.markdown
new file mode 100644
index 000000000000..0587aa533245
--- /dev/null
+++ b/website/source/docs/providers/aws/r/cloudfront_origin_access_identity.html.markdown
@@ -0,0 +1,58 @@
+---
+layout: "aws"
+page_title: "AWS: cloudfront_origin_access_identity"
+sidebar_current: "docs-aws-resource-cloudfront-origin-access-identity"
+description: |-
+ Provides a CloudFront origin access identity.
+---
+
+# aws\_cloudfront\_origin\_access\_identity
+
+Creates an Amazon CloudFront origin access identity.
+
+For information about CloudFront distributions, see the
+[Amazon CloudFront Developer Guide][1]. For more information on generating
+origin access identities, see
+[Using an Origin Access Identity to Restrict Access to Your Amazon S3 Content][2].
+
+## Example Usage
+
+The following example below creates a CloudFront origin access identity.
+
+```
+resource "aws_cloudfront_origin_access_identity" "origin_access_identity" {
+ comment = "Some comment"
+}
+```
+
+## Argument Reference
+
+* `comment` (Optional) - An optional comment for the origin access identity.
+
+## Attribute Reference
+
+The following attributes are exported:
+
+* `id` - The identifier for the distribution. For example: `EDFDVBD632BHDS5`.
+* `caller_reference` - Internal value used by CloudFront to allow future updates to the origin access identity.
+* `cloudfront_access_identity_path` - A shortcut to the full path for the origin access identity to use in CloudFront, see below.
+* `etag` - The current version of the origin access identity's information. For example: E2QWRUHAPOMQZL.
+* `s3_canonical_user_id` - The Amazon S3 canonical user ID for the origin access identity, which you use when giving the origin access identity read permission to an object in Amazon S3.
+
+## Using With CloudFront
+
+Normally, when referencing an origin access identity in CloudFront, you need to
+prefix the ID with the `origin-access-identity/cloudfront/` special path.
+The `cloudfront_access_identity_path` allows this to be circumvented.
+The below snippet demonstrates use with the `s3_origin_config` structure for the
+[`aws_cloudfront_web_distribution`][3] resource:
+
+```
+s3_origin_config {
+ origin_access_identity = "${aws_cloudfront_origin_access_identity.origin_access_identity.cloudfront_access_identity_path}"
+}
+```
+
+[1]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Introduction.html
+[2]: http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html
+[3]: /docs/providers/aws/r/cloudfront_distribution.html
diff --git a/website/source/docs/providers/aws/r/cloudfront_web_distribution.html.markdown b/website/source/docs/providers/aws/r/cloudfront_web_distribution.html.markdown
deleted file mode 100644
index 84a0c1b48ece..000000000000
--- a/website/source/docs/providers/aws/r/cloudfront_web_distribution.html.markdown
+++ /dev/null
@@ -1,64 +0,0 @@
----
-layout: "aws"
-page_title: "AWS: cloudfront_web_distribution"
-sidebar_current: "docs-aws-resource-cloudfront-web-distribution"
-description: |-
- Provides a CloudFront web distribution resource.
----
-
-# cloudfront\_web\_distribution
-
-Provides a CloudFront distribution resource. Distributions takes approximately
-15 minutes to deploy.
-
-## Example Usage
-
-```
-resource "aws_cloudfront_web_distribution" "static" {
- origin_domain_name = "bucket.s3.amazonaws.com"
-}
-```
-
-## Argument Reference
-
-The following arguments are supported:
-
-* `origin_domain_name` - (Required) The Amazon S3 bucket or web server from which you want CloudFront to fetch your web content.
-* `origin_http_port` - (Optional) Default: `80`.
-* `origin_https_port` - (Optional) Default: `443`.
-* `origin_protocol_policy` - (Optional) Default: `"http-only"`.
-* `origin_path` - (Optional) Request the content from a directory in your Amazon S3 bucket or your custom origin.
-* `enabled` - (Optional) Default: `true`.
-* `comment` - (Optional)
-* `price_class` - (Optional) Default: `"PriceClass_All"`.
-* `default_root_object` - (Optional)
-* `status` - (Optional)
-* `viewer_protocol_policy` - (Optional) Default: `"allow-all"`.
-* `forward_cookie` - (Optional) Include all user cookies in the request URLs that it forwards to your origin. Default: `"none"`.
-* `whitelisted_cookies` - (Optional)
-* `forward_query_string` - (Optional) Include query strings in the request URLs that it forwards to your origin. Default: `false`.
-* `minimum_ttl` - (Optional) The minimum amount of time (in seconds) that an object is in a CloudFront cache before CloudFront forwards another request to your origin to determine whether an updated version is available. Default: `0`.
-* `maximum_ttl` - (Optional) Default: `31536000`.
-* `default_ttl` - (Optional) Default: `86400`.
-* `smooth_streaming` - (Optional)
-* `allowed_methods` - (Optional)
-* `cached_methods` - (Optional)
-* `forwarded_headers` - (Optional)
-* `logging_enabled` - (Optional) Log all viewer requests for files in your distribution. Default: `false`.
-* `logging_include_cookies` - (Optional) Include cookies in access logs. Default: `false`.
-* `logging_prefix` - (Optional) Prefix for the names of log files.
-* `logging_bucket` - (Optional) Destination bucket in the format of `bucketname.s3.amazonaws.com`.
-* `minimum_ssl` - (Optional)
-* `certificate_id` - (Optional)
-* `ssl_support_method` - (Optional)
-* `aliases` - (Optional) A list alternate domain names(CNAMES).
-* `geo_restriction_type` - (Optional) Type of restriction. Default `"none"`.
-* `geo_restrictions` - (Optional) A list of two-letter country codes.
-
-## Attributes Reference
-
-The following attributes are exported:
-
-* `id` - The unique identifier of the distribution.
-* `domain_name` - Unique domain of the resource.
-* `zone_id` - The canonical hosted zone ID of CloudFront(to be used in a Route 53 Alias record)
diff --git a/website/source/layouts/aws.erb b/website/source/layouts/aws.erb
index 955b02dd5110..a3bcfadd9058 100644
--- a/website/source/layouts/aws.erb
+++ b/website/source/layouts/aws.erb
@@ -55,8 +55,11 @@
>
CloudFront Resources