viewer
Parameters
A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. If the distribution doesn't use `Aliases` (also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net`—set `CloudFrontDefaultCertificate` to `true` and leave all other fields empty. If the distribution uses `Aliases` (alternate domain names or CNAMEs), use the fields in this type to specify the following settings: + Which viewers the distribution accepts HTTPS connections from: only viewers that support server name indication (SNI) (recommended), or all viewers including those that don't support SNI. + To accept HTTPS connections from only viewers that support SNI, set `SSLSupportMethod` to `sni-only`. This is recommended. Most browsers and clients support SNI. (In CloudFormation, the field name is `SslSupportMethod`. Note the different capitalization.) + To accept HTTPS connections from all viewers, including those that don't support SNI, set `SSLSupportMethod` to `vip`. This is not recommended, and results in additional monthly charges from CloudFront. (In CloudFormation, the field name is `SslSupportMethod`. Note the different capitalization.) + The minimum SSL/TLS protocol version that the distribution can use to communicate with viewers. To specify a minimum version, choose a value for `MinimumProtocolVersion`. For more information, see Security Policy in the Amazon CloudFront Developer Guide. + The location of the SSL/TLS certificate, (ACM) (recommended) or (IAM). You specify the location by setting a value in one of the following fields (not both): + `ACMCertificateArn` (In CloudFormation, this field name is `AcmCertificateArn`. Note the different capitalization.) + `IAMCertificateId` (In CloudFormation, this field name is `IamCertificateId`. Note the different capitalization.) All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use `ViewerProtocolPolicy` in the `CacheBehavior` or `DefaultCacheBehavior`. To specify how CloudFront should use SSL/TLS to communicate with your custom origin, use `CustomOriginConfig`. For more information, see Using HTTPS with CloudFront and Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.
Parameters
A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. A complex type that determines the distribution's SSL/TLS configuration for communicating with viewers. If the distribution doesn't use `Aliases` (also known as alternate domain names or CNAMEs)—that is, if the distribution uses the CloudFront domain name such as `d111111abcdef8.cloudfront.net`—set `CloudFrontDefaultCertificate` to `true` and leave all other fields empty. If the distribution uses `Aliases` (alternate domain names or CNAMEs), use the fields in this type to specify the following settings: + Which viewers the distribution accepts HTTPS connections from: only viewers that support server name indication (SNI) (recommended), or all viewers including those that don't support SNI. + To accept HTTPS connections from only viewers that support SNI, set `SSLSupportMethod` to `sni-only`. This is recommended. Most browsers and clients support SNI. (In CloudFormation, the field name is `SslSupportMethod`. Note the different capitalization.) + To accept HTTPS connections from all viewers, including those that don't support SNI, set `SSLSupportMethod` to `vip`. This is not recommended, and results in additional monthly charges from CloudFront. (In CloudFormation, the field name is `SslSupportMethod`. Note the different capitalization.) + The minimum SSL/TLS protocol version that the distribution can use to communicate with viewers. To specify a minimum version, choose a value for `MinimumProtocolVersion`. For more information, see Security Policy in the Amazon CloudFront Developer Guide. + The location of the SSL/TLS certificate, (ACM) (recommended) or (IAM). You specify the location by setting a value in one of the following fields (not both): + `ACMCertificateArn` (In CloudFormation, this field name is `AcmCertificateArn`. Note the different capitalization.) + `IAMCertificateId` (In CloudFormation, this field name is `IamCertificateId`. Note the different capitalization.) All distributions support HTTPS connections from viewers. To require viewers to use HTTPS only, or to redirect them from HTTP to HTTPS, use `ViewerProtocolPolicy` in the `CacheBehavior` or `DefaultCacheBehavior`. To specify how CloudFront should use SSL/TLS to communicate with your custom origin, use `CustomOriginConfig`. For more information, see Using HTTPS with CloudFront and Using Alternate Domain Names and HTTPS in the Amazon CloudFront Developer Guide.