aws-cdk-lib.aws_cloudfront.SourceConfiguration

interface SourceConfiguration

LanguageType name
.NETAmazon.CDK.AWS.CloudFront.SourceConfiguration
Gogithub.com/aws/aws-cdk-go/awscdk/v2/awscloudfront#SourceConfiguration
Javasoftware.amazon.awscdk.services.cloudfront.SourceConfiguration
Pythonaws_cdk.aws_cloudfront.SourceConfiguration
TypeScript (source)aws-cdk-lib » aws_cloudfront » SourceConfiguration

A source configuration is a wrapper for CloudFront origins and behaviors.

An origin is what CloudFront will "be in front of" - that is, CloudFront will pull it's assets from an origin.

If you're using s3 as a source - pass the s3Origin property, otherwise, pass the customOriginSource property.

One or the other must be passed, and it is invalid to pass both in the same SourceConfiguration.

Example

// The code below shows an example of how to instantiate this type.
// The values are placeholders you should change.
import * as cdk from 'aws-cdk-lib';
import { aws_cloudfront as cloudfront } from 'aws-cdk-lib';
import { aws_lambda as lambda } from 'aws-cdk-lib';
import { aws_s3 as s3 } from 'aws-cdk-lib';

declare const bucket: s3.Bucket;
declare const function_: cloudfront.Function;
declare const keyGroup: cloudfront.KeyGroup;
declare const originAccessIdentity: cloudfront.OriginAccessIdentity;
declare const version: lambda.Version;
const sourceConfiguration: cloudfront.SourceConfiguration = {
  behaviors: [{
    allowedMethods: cloudfront.CloudFrontAllowedMethods.GET_HEAD,
    cachedMethods: cloudfront.CloudFrontAllowedCachedMethods.GET_HEAD,
    compress: false,
    defaultTtl: cdk.Duration.minutes(30),
    forwardedValues: {
      queryString: false,

      // the properties below are optional
      cookies: {
        forward: 'forward',

        // the properties below are optional
        whitelistedNames: ['whitelistedNames'],
      },
      headers: ['headers'],
      queryStringCacheKeys: ['queryStringCacheKeys'],
    },
    functionAssociations: [{
      eventType: cloudfront.FunctionEventType.VIEWER_REQUEST,
      function: function_,
    }],
    isDefaultBehavior: false,
    lambdaFunctionAssociations: [{
      eventType: cloudfront.LambdaEdgeEventType.ORIGIN_REQUEST,
      lambdaFunction: version,

      // the properties below are optional
      includeBody: false,
    }],
    maxTtl: cdk.Duration.minutes(30),
    minTtl: cdk.Duration.minutes(30),
    pathPattern: 'pathPattern',
    trustedKeyGroups: [keyGroup],
    trustedSigners: ['trustedSigners'],
    viewerProtocolPolicy: cloudfront.ViewerProtocolPolicy.HTTPS_ONLY,
  }],

  // the properties below are optional
  connectionAttempts: 123,
  connectionTimeout: cdk.Duration.minutes(30),
  customOriginSource: {
    domainName: 'domainName',

    // the properties below are optional
    allowedOriginSSLVersions: [cloudfront.OriginSslPolicy.SSL_V3],
    httpPort: 123,
    httpsPort: 123,
    originHeaders: {
      originHeadersKey: 'originHeaders',
    },
    originKeepaliveTimeout: cdk.Duration.minutes(30),
    originPath: 'originPath',
    originProtocolPolicy: cloudfront.OriginProtocolPolicy.HTTP_ONLY,
    originReadTimeout: cdk.Duration.minutes(30),
    originShieldRegion: 'originShieldRegion',
  },
  failoverCriteriaStatusCodes: [cloudfront.FailoverStatusCode.FORBIDDEN],
  failoverCustomOriginSource: {
    domainName: 'domainName',

    // the properties below are optional
    allowedOriginSSLVersions: [cloudfront.OriginSslPolicy.SSL_V3],
    httpPort: 123,
    httpsPort: 123,
    originHeaders: {
      originHeadersKey: 'originHeaders',
    },
    originKeepaliveTimeout: cdk.Duration.minutes(30),
    originPath: 'originPath',
    originProtocolPolicy: cloudfront.OriginProtocolPolicy.HTTP_ONLY,
    originReadTimeout: cdk.Duration.minutes(30),
    originShieldRegion: 'originShieldRegion',
  },
  failoverS3OriginSource: {
    s3BucketSource: bucket,

    // the properties below are optional
    originAccessIdentity: originAccessIdentity,
    originHeaders: {
      originHeadersKey: 'originHeaders',
    },
    originPath: 'originPath',
    originShieldRegion: 'originShieldRegion',
  },
  originShieldRegion: 'originShieldRegion',
  s3OriginSource: {
    s3BucketSource: bucket,

    // the properties below are optional
    originAccessIdentity: originAccessIdentity,
    originHeaders: {
      originHeadersKey: 'originHeaders',
    },
    originPath: 'originPath',
    originShieldRegion: 'originShieldRegion',
  },
};

Properties

NameTypeDescription
behaviorsBehavior[]The behaviors associated with this source.
connectionAttempts?numberThe number of times that CloudFront attempts to connect to the origin.
connectionTimeout?DurationThe number of seconds that CloudFront waits when trying to establish a connection to the origin.
customOriginSource?CustomOriginConfigA custom origin source - for all non-s3 sources.
failoverCriteriaStatusCodes?FailoverStatusCode[]HTTP status code to failover to second origin.
failoverCustomOriginSource?CustomOriginConfigA custom origin source for failover in case the s3OriginSource returns invalid status code.
failoverS3OriginSource?S3OriginConfigAn s3 origin source for failover in case the s3OriginSource returns invalid status code.
originShieldRegion?stringWhen you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance.
s3OriginSource?S3OriginConfigAn s3 origin source - if you're using s3 for your assets.

behaviors

Type: Behavior[]

The behaviors associated with this source.

At least one (default) behavior must be included.


connectionAttempts?

Type: number (optional, default: 3)

The number of times that CloudFront attempts to connect to the origin.

You can specify 1, 2, or 3 as the number of attempts.


connectionTimeout?

Type: Duration (optional, default: cdk.Duration.seconds(10))

The number of seconds that CloudFront waits when trying to establish a connection to the origin.

You can specify a number of seconds between 1 and 10 (inclusive).


customOriginSource?

Type: CustomOriginConfig (optional)

A custom origin source - for all non-s3 sources.


failoverCriteriaStatusCodes?

Type: FailoverStatusCode[] (optional, default: [500, 502, 503, 504])

HTTP status code to failover to second origin.


failoverCustomOriginSource?

Type: CustomOriginConfig (optional, default: no failover configuration)

A custom origin source for failover in case the s3OriginSource returns invalid status code.


failoverS3OriginSource?

Type: S3OriginConfig (optional, default: no failover configuration)

An s3 origin source for failover in case the s3OriginSource returns invalid status code.


originShieldRegion?

Type: string (optional, default: origin shield not enabled)

When you enable Origin Shield in the AWS Region that has the lowest latency to your origin, you can get better network performance.

See also: https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/origin-shield.html


s3OriginSource?

Type: S3OriginConfig (optional)

An s3 origin source - if you're using s3 for your assets.