CloudFront

Table of Contents

• CloudFront
  • Client
  • Paginators
  • Waiters
  • Examples

Client

class CloudFront.Client

A low-level client representing Amazon CloudFront

This is the Amazon CloudFront API Reference . This guide is for developers who need detailed information about CloudFront API actions, data types, and errors. For detailed information about CloudFront features, see the Amazon CloudFront Developer Guide .

import boto3

client = boto3.client('cloudfront')

These are the available methods:

• associate_alias
• can_paginate
• close
• copy_distribution
• create_cache_policy
• create_cloud_front_origin_access_identity
• create_continuous_deployment_policy
• create_distribution
• create_distribution_with_tags
• create_field_level_encryption_config
• create_field_level_encryption_profile
• create_function
• create_invalidation
• create_key_group
• create_monitoring_subscription
• create_origin_access_control
• create_origin_request_policy
• create_public_key
• create_realtime_log_config
• create_response_headers_policy
• create_streaming_distribution
• create_streaming_distribution_with_tags
• delete_cache_policy
• delete_cloud_front_origin_access_identity
• delete_continuous_deployment_policy
• delete_distribution
• delete_field_level_encryption_config
• delete_field_level_encryption_profile
• delete_function
• delete_key_group
• delete_monitoring_subscription
• delete_origin_access_control
• delete_origin_request_policy
• delete_public_key
• delete_realtime_log_config
• delete_response_headers_policy
• delete_streaming_distribution
• describe_function
• get_cache_policy
• get_cache_policy_config
• get_cloud_front_origin_access_identity
• get_cloud_front_origin_access_identity_config
• get_continuous_deployment_policy
• get_continuous_deployment_policy_config
• get_distribution
• get_distribution_config
• get_field_level_encryption
• get_field_level_encryption_config
• get_field_level_encryption_profile
• get_field_level_encryption_profile_config
• get_function
• get_invalidation
• get_key_group
• get_key_group_config
• get_monitoring_subscription
• get_origin_access_control
• get_origin_access_control_config
• get_origin_request_policy
• get_origin_request_policy_config
• get_paginator
• get_public_key
• get_public_key_config
• get_realtime_log_config
• get_response_headers_policy
• get_response_headers_policy_config
• get_streaming_distribution
• get_streaming_distribution_config
• get_waiter
• list_cache_policies
• list_cloud_front_origin_access_identities
• list_conflicting_aliases
• list_continuous_deployment_policies
• list_distributions
• list_distributions_by_cache_policy_id
• list_distributions_by_key_group
• list_distributions_by_origin_request_policy_id
• list_distributions_by_realtime_log_config
• list_distributions_by_response_headers_policy_id
• list_distributions_by_web_acl_id
• list_field_level_encryption_configs
• list_field_level_encryption_profiles
• list_functions
• list_invalidations
• list_key_groups
• list_origin_access_controls
• list_origin_request_policies
• list_public_keys
• list_realtime_log_configs
• list_response_headers_policies
• list_streaming_distributions
• list_tags_for_resource
• publish_function
• tag_resource
• test_function
• untag_resource
• update_cache_policy
• update_cloud_front_origin_access_identity
• update_continuous_deployment_policy
• update_distribution
• update_distribution_with_staging_config
• update_field_level_encryption_config
• update_field_level_encryption_profile
• update_function
• update_key_group
• update_origin_access_control
• update_origin_request_policy
• update_public_key
• update_realtime_log_config
• update_response_headers_policy
• update_streaming_distribution

Paginators

Paginators are available on a client instance via the get_paginator method. For more detailed instructions and examples on the usage of paginators, see the paginators user guide.

The available paginators are:

• ListCloudFrontOriginAccessIdentities
• ListDistributions
• ListInvalidations
• ListStreamingDistributions

Waiters

Waiters are available on a client instance via the get_waiter method. For more detailed instructions and examples on the usage or waiters, see the waiters user guide.

The available waiters are:

• DistributionDeployed
• InvalidationCompleted
• StreamingDistributionDeployed

Examples

Generate a signed URL for Amazon CloudFront

The following example shows how to generate a signed URL for Amazon CloudFront. Note that you will need the cryptography library to follow this example:

import datetime

from cryptography.hazmat.backends import default_backend
from cryptography.hazmat.primitives import hashes
from cryptography.hazmat.primitives import serialization
from cryptography.hazmat.primitives.asymmetric import padding
from botocore.signers import CloudFrontSigner


def rsa_signer(message):
    with open('path/to/key.pem', 'rb') as key_file:
        private_key = serialization.load_pem_private_key(
            key_file.read(),
            password=None,
            backend=default_backend()
        )
    return private_key.sign(message, padding.PKCS1v15(), hashes.SHA1())

key_id = 'AKIAIOSFODNN7EXAMPLE'
url = 'http://d2949o5mkkp72v.cloudfront.net/hello.txt'
expire_date = datetime.datetime(2017, 1, 1)

cloudfront_signer = CloudFrontSigner(key_id, rsa_signer)

# Create a signed url that will be valid until the specific expiry date
# provided using a canned policy.
signed_url = cloudfront_signer.generate_presigned_url(
    url, date_less_than=expire_date)
print(signed_url)