1. Packages
  2. AWS
  3. API Docs
  4. cloudfront
  5. OriginAccessControl
AWS v6.54.0 published on Friday, Sep 27, 2024 by Pulumi

aws.cloudfront.OriginAccessControl

Explore with Pulumi AI

aws logo
AWS v6.54.0 published on Friday, Sep 27, 2024 by Pulumi

    Manages an AWS CloudFront Origin Access Control, which is used by CloudFront Distributions with an Amazon S3 bucket as the origin.

    Read more about Origin Access Control in the CloudFront Developer Guide.

    Example Usage

    Basic Usage

    import * as pulumi from "@pulumi/pulumi";
    import * as aws from "@pulumi/aws";
    
    const example = new aws.cloudfront.OriginAccessControl("example", {
        name: "example",
        description: "Example Policy",
        originAccessControlOriginType: "s3",
        signingBehavior: "always",
        signingProtocol: "sigv4",
    });
    
    import pulumi
    import pulumi_aws as aws
    
    example = aws.cloudfront.OriginAccessControl("example",
        name="example",
        description="Example Policy",
        origin_access_control_origin_type="s3",
        signing_behavior="always",
        signing_protocol="sigv4")
    
    package main
    
    import (
    	"github.com/pulumi/pulumi-aws/sdk/v6/go/aws/cloudfront"
    	"github.com/pulumi/pulumi/sdk/v3/go/pulumi"
    )
    
    func main() {
    	pulumi.Run(func(ctx *pulumi.Context) error {
    		_, err := cloudfront.NewOriginAccessControl(ctx, "example", &cloudfront.OriginAccessControlArgs{
    			Name:                          pulumi.String("example"),
    			Description:                   pulumi.String("Example Policy"),
    			OriginAccessControlOriginType: pulumi.String("s3"),
    			SigningBehavior:               pulumi.String("always"),
    			SigningProtocol:               pulumi.String("sigv4"),
    		})
    		if err != nil {
    			return err
    		}
    		return nil
    	})
    }
    
    using System.Collections.Generic;
    using System.Linq;
    using Pulumi;
    using Aws = Pulumi.Aws;
    
    return await Deployment.RunAsync(() => 
    {
        var example = new Aws.CloudFront.OriginAccessControl("example", new()
        {
            Name = "example",
            Description = "Example Policy",
            OriginAccessControlOriginType = "s3",
            SigningBehavior = "always",
            SigningProtocol = "sigv4",
        });
    
    });
    
    package generated_program;
    
    import com.pulumi.Context;
    import com.pulumi.Pulumi;
    import com.pulumi.core.Output;
    import com.pulumi.aws.cloudfront.OriginAccessControl;
    import com.pulumi.aws.cloudfront.OriginAccessControlArgs;
    import java.util.List;
    import java.util.ArrayList;
    import java.util.Map;
    import java.io.File;
    import java.nio.file.Files;
    import java.nio.file.Paths;
    
    public class App {
        public static void main(String[] args) {
            Pulumi.run(App::stack);
        }
    
        public static void stack(Context ctx) {
            var example = new OriginAccessControl("example", OriginAccessControlArgs.builder()
                .name("example")
                .description("Example Policy")
                .originAccessControlOriginType("s3")
                .signingBehavior("always")
                .signingProtocol("sigv4")
                .build());
    
        }
    }
    
    resources:
      example:
        type: aws:cloudfront:OriginAccessControl
        properties:
          name: example
          description: Example Policy
          originAccessControlOriginType: s3
          signingBehavior: always
          signingProtocol: sigv4
    

    Create OriginAccessControl Resource

    Resources are created with functions called constructors. To learn more about declaring and configuring resources, see Resources.

    Constructor syntax

    new OriginAccessControl(name: string, args: OriginAccessControlArgs, opts?: CustomResourceOptions);
    @overload
    def OriginAccessControl(resource_name: str,
                            args: OriginAccessControlArgs,
                            opts: Optional[ResourceOptions] = None)
    
    @overload
    def OriginAccessControl(resource_name: str,
                            opts: Optional[ResourceOptions] = None,
                            origin_access_control_origin_type: Optional[str] = None,
                            signing_behavior: Optional[str] = None,
                            signing_protocol: Optional[str] = None,
                            description: Optional[str] = None,
                            name: Optional[str] = None)
    func NewOriginAccessControl(ctx *Context, name string, args OriginAccessControlArgs, opts ...ResourceOption) (*OriginAccessControl, error)
    public OriginAccessControl(string name, OriginAccessControlArgs args, CustomResourceOptions? opts = null)
    public OriginAccessControl(String name, OriginAccessControlArgs args)
    public OriginAccessControl(String name, OriginAccessControlArgs args, CustomResourceOptions options)
    
    type: aws:cloudfront:OriginAccessControl
    properties: # The arguments to resource properties.
    options: # Bag of options to control resource's behavior.
    
    

    Parameters

    name string
    The unique name of the resource.
    args OriginAccessControlArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    resource_name str
    The unique name of the resource.
    args OriginAccessControlArgs
    The arguments to resource properties.
    opts ResourceOptions
    Bag of options to control resource's behavior.
    ctx Context
    Context object for the current deployment.
    name string
    The unique name of the resource.
    args OriginAccessControlArgs
    The arguments to resource properties.
    opts ResourceOption
    Bag of options to control resource's behavior.
    name string
    The unique name of the resource.
    args OriginAccessControlArgs
    The arguments to resource properties.
    opts CustomResourceOptions
    Bag of options to control resource's behavior.
    name String
    The unique name of the resource.
    args OriginAccessControlArgs
    The arguments to resource properties.
    options CustomResourceOptions
    Bag of options to control resource's behavior.

    Constructor example

    The following reference example uses placeholder values for all input properties.

    var originAccessControlResource = new Aws.CloudFront.OriginAccessControl("originAccessControlResource", new()
    {
        OriginAccessControlOriginType = "string",
        SigningBehavior = "string",
        SigningProtocol = "string",
        Description = "string",
        Name = "string",
    });
    
    example, err := cloudfront.NewOriginAccessControl(ctx, "originAccessControlResource", &cloudfront.OriginAccessControlArgs{
    	OriginAccessControlOriginType: pulumi.String("string"),
    	SigningBehavior:               pulumi.String("string"),
    	SigningProtocol:               pulumi.String("string"),
    	Description:                   pulumi.String("string"),
    	Name:                          pulumi.String("string"),
    })
    
    var originAccessControlResource = new OriginAccessControl("originAccessControlResource", OriginAccessControlArgs.builder()
        .originAccessControlOriginType("string")
        .signingBehavior("string")
        .signingProtocol("string")
        .description("string")
        .name("string")
        .build());
    
    origin_access_control_resource = aws.cloudfront.OriginAccessControl("originAccessControlResource",
        origin_access_control_origin_type="string",
        signing_behavior="string",
        signing_protocol="string",
        description="string",
        name="string")
    
    const originAccessControlResource = new aws.cloudfront.OriginAccessControl("originAccessControlResource", {
        originAccessControlOriginType: "string",
        signingBehavior: "string",
        signingProtocol: "string",
        description: "string",
        name: "string",
    });
    
    type: aws:cloudfront:OriginAccessControl
    properties:
        description: string
        name: string
        originAccessControlOriginType: string
        signingBehavior: string
        signingProtocol: string
    

    OriginAccessControl Resource Properties

    To learn more about resource properties and how to use them, see Inputs and Outputs in the Architecture and Concepts docs.

    Inputs

    The OriginAccessControl resource accepts the following input properties:

    OriginAccessControlOriginType string
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    SigningBehavior string
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    SigningProtocol string
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    Description string
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    Name string
    A name that identifies the Origin Access Control.
    OriginAccessControlOriginType string
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    SigningBehavior string
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    SigningProtocol string
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    Description string
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    Name string
    A name that identifies the Origin Access Control.
    originAccessControlOriginType String
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signingBehavior String
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signingProtocol String
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description String
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    name String
    A name that identifies the Origin Access Control.
    originAccessControlOriginType string
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signingBehavior string
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signingProtocol string
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description string
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    name string
    A name that identifies the Origin Access Control.
    origin_access_control_origin_type str
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signing_behavior str
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signing_protocol str
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description str
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    name str
    A name that identifies the Origin Access Control.
    originAccessControlOriginType String
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signingBehavior String
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signingProtocol String
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description String
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    name String
    A name that identifies the Origin Access Control.

    Outputs

    All input properties are implicitly available as output properties. Additionally, the OriginAccessControl resource produces the following output properties:

    Etag string
    The current version of this Origin Access Control.
    Id string
    The provider-assigned unique ID for this managed resource.
    Etag string
    The current version of this Origin Access Control.
    Id string
    The provider-assigned unique ID for this managed resource.
    etag String
    The current version of this Origin Access Control.
    id String
    The provider-assigned unique ID for this managed resource.
    etag string
    The current version of this Origin Access Control.
    id string
    The provider-assigned unique ID for this managed resource.
    etag str
    The current version of this Origin Access Control.
    id str
    The provider-assigned unique ID for this managed resource.
    etag String
    The current version of this Origin Access Control.
    id String
    The provider-assigned unique ID for this managed resource.

    Look up Existing OriginAccessControl Resource

    Get an existing OriginAccessControl resource’s state with the given name, ID, and optional extra properties used to qualify the lookup.

    public static get(name: string, id: Input<ID>, state?: OriginAccessControlState, opts?: CustomResourceOptions): OriginAccessControl
    @staticmethod
    def get(resource_name: str,
            id: str,
            opts: Optional[ResourceOptions] = None,
            description: Optional[str] = None,
            etag: Optional[str] = None,
            name: Optional[str] = None,
            origin_access_control_origin_type: Optional[str] = None,
            signing_behavior: Optional[str] = None,
            signing_protocol: Optional[str] = None) -> OriginAccessControl
    func GetOriginAccessControl(ctx *Context, name string, id IDInput, state *OriginAccessControlState, opts ...ResourceOption) (*OriginAccessControl, error)
    public static OriginAccessControl Get(string name, Input<string> id, OriginAccessControlState? state, CustomResourceOptions? opts = null)
    public static OriginAccessControl get(String name, Output<String> id, OriginAccessControlState state, CustomResourceOptions options)
    Resource lookup is not supported in YAML
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    resource_name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    name
    The unique name of the resulting resource.
    id
    The unique provider ID of the resource to lookup.
    state
    Any extra arguments used during the lookup.
    opts
    A bag of options that control this resource's behavior.
    The following state arguments are supported:
    Description string
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    Etag string
    The current version of this Origin Access Control.
    Name string
    A name that identifies the Origin Access Control.
    OriginAccessControlOriginType string
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    SigningBehavior string
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    SigningProtocol string
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    Description string
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    Etag string
    The current version of this Origin Access Control.
    Name string
    A name that identifies the Origin Access Control.
    OriginAccessControlOriginType string
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    SigningBehavior string
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    SigningProtocol string
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description String
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    etag String
    The current version of this Origin Access Control.
    name String
    A name that identifies the Origin Access Control.
    originAccessControlOriginType String
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signingBehavior String
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signingProtocol String
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description string
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    etag string
    The current version of this Origin Access Control.
    name string
    A name that identifies the Origin Access Control.
    originAccessControlOriginType string
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signingBehavior string
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signingProtocol string
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description str
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    etag str
    The current version of this Origin Access Control.
    name str
    A name that identifies the Origin Access Control.
    origin_access_control_origin_type str
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signing_behavior str
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signing_protocol str
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.
    description String
    The description of the Origin Access Control. Defaults to "Managed by Pulumi" if omitted.
    etag String
    The current version of this Origin Access Control.
    name String
    A name that identifies the Origin Access Control.
    originAccessControlOriginType String
    The type of origin that this Origin Access Control is for. Valid values are lambda, mediapackagev2, mediastore, and s3.
    signingBehavior String
    Specifies which requests CloudFront signs. Specify always for the most common use case. Allowed values: always, never, and no-override.
    signingProtocol String
    Determines how CloudFront signs (authenticates) requests. The only valid value is sigv4.

    Import

    Using pulumi import, import CloudFront Origin Access Control using the id. For example:

    $ pulumi import aws:cloudfront/originAccessControl:OriginAccessControl example E327GJI25M56DG
    

    To learn more about importing existing cloud resources, see Importing resources.

    Package Details

    Repository
    AWS Classic pulumi/pulumi-aws
    License
    Apache-2.0
    Notes
    This Pulumi package is based on the aws Terraform Provider.
    aws logo
    AWS v6.54.0 published on Friday, Sep 27, 2024 by Pulumi