line |
stmt |
bran |
cond |
sub |
pod |
time |
code |
1
|
|
|
|
|
|
|
package Paws::CloudFront::ViewerCertificate; |
2
|
1
|
|
|
1
|
|
710
|
use Moose; |
|
1
|
|
|
|
|
4
|
|
|
1
|
|
|
|
|
10
|
|
3
|
|
|
|
|
|
|
has ACMCertificateArn => (is => 'ro', isa => 'Str'); |
4
|
|
|
|
|
|
|
has Certificate => (is => 'ro', isa => 'Str'); |
5
|
|
|
|
|
|
|
has CertificateSource => (is => 'ro', isa => 'Str'); |
6
|
|
|
|
|
|
|
has CloudFrontDefaultCertificate => (is => 'ro', isa => 'Bool'); |
7
|
|
|
|
|
|
|
has IAMCertificateId => (is => 'ro', isa => 'Str'); |
8
|
|
|
|
|
|
|
has MinimumProtocolVersion => (is => 'ro', isa => 'Str'); |
9
|
|
|
|
|
|
|
has SSLSupportMethod => (is => 'ro', isa => 'Str'); |
10
|
|
|
|
|
|
|
1; |
11
|
|
|
|
|
|
|
|
12
|
|
|
|
|
|
|
### main pod documentation begin ### |
13
|
|
|
|
|
|
|
|
14
|
|
|
|
|
|
|
=head1 NAME |
15
|
|
|
|
|
|
|
|
16
|
|
|
|
|
|
|
Paws::CloudFront::ViewerCertificate |
17
|
|
|
|
|
|
|
|
18
|
|
|
|
|
|
|
=head1 USAGE |
19
|
|
|
|
|
|
|
|
20
|
|
|
|
|
|
|
This class represents one of two things: |
21
|
|
|
|
|
|
|
|
22
|
|
|
|
|
|
|
=head3 Arguments in a call to a service |
23
|
|
|
|
|
|
|
|
24
|
|
|
|
|
|
|
Use the attributes of this class as arguments to methods. You shouldn't make instances of this class. |
25
|
|
|
|
|
|
|
Each attribute should be used as a named argument in the calls that expect this type of object. |
26
|
|
|
|
|
|
|
|
27
|
|
|
|
|
|
|
As an example, if Att1 is expected to be a Paws::CloudFront::ViewerCertificate object: |
28
|
|
|
|
|
|
|
|
29
|
|
|
|
|
|
|
$service_obj->Method(Att1 => { ACMCertificateArn => $value, ..., SSLSupportMethod => $value }); |
30
|
|
|
|
|
|
|
|
31
|
|
|
|
|
|
|
=head3 Results returned from an API call |
32
|
|
|
|
|
|
|
|
33
|
|
|
|
|
|
|
Use accessors for each attribute. If Att1 is expected to be an Paws::CloudFront::ViewerCertificate object: |
34
|
|
|
|
|
|
|
|
35
|
|
|
|
|
|
|
$result = $service_obj->Method(...); |
36
|
|
|
|
|
|
|
$result->Att1->ACMCertificateArn |
37
|
|
|
|
|
|
|
|
38
|
|
|
|
|
|
|
=head1 DESCRIPTION |
39
|
|
|
|
|
|
|
|
40
|
|
|
|
|
|
|
A complex type that specifies the following: |
41
|
|
|
|
|
|
|
|
42
|
|
|
|
|
|
|
=over |
43
|
|
|
|
|
|
|
|
44
|
|
|
|
|
|
|
=item * |
45
|
|
|
|
|
|
|
|
46
|
|
|
|
|
|
|
Which SSL/TLS certificate to use when viewers request objects using |
47
|
|
|
|
|
|
|
HTTPS |
48
|
|
|
|
|
|
|
|
49
|
|
|
|
|
|
|
=item * |
50
|
|
|
|
|
|
|
|
51
|
|
|
|
|
|
|
Whether you want CloudFront to use dedicated IP addresses or SNI when |
52
|
|
|
|
|
|
|
you're using alternate domain names in your object names |
53
|
|
|
|
|
|
|
|
54
|
|
|
|
|
|
|
=item * |
55
|
|
|
|
|
|
|
|
56
|
|
|
|
|
|
|
The minimum protocol version that you want CloudFront to use when |
57
|
|
|
|
|
|
|
communicating with viewers |
58
|
|
|
|
|
|
|
|
59
|
|
|
|
|
|
|
=back |
60
|
|
|
|
|
|
|
|
61
|
|
|
|
|
|
|
For more information, see Using an HTTPS Connection to Access Your |
62
|
|
|
|
|
|
|
Objects in the I<Amazon Amazon CloudFront Developer Guide>. |
63
|
|
|
|
|
|
|
|
64
|
|
|
|
|
|
|
=head1 ATTRIBUTES |
65
|
|
|
|
|
|
|
|
66
|
|
|
|
|
|
|
|
67
|
|
|
|
|
|
|
=head2 ACMCertificateArn => Str |
68
|
|
|
|
|
|
|
|
69
|
|
|
|
|
|
|
|
70
|
|
|
|
|
|
|
|
71
|
|
|
|
|
|
|
|
72
|
|
|
|
|
|
|
=head2 Certificate => Str |
73
|
|
|
|
|
|
|
|
74
|
|
|
|
|
|
|
Include one of these values to specify the following: |
75
|
|
|
|
|
|
|
|
76
|
|
|
|
|
|
|
=over |
77
|
|
|
|
|
|
|
|
78
|
|
|
|
|
|
|
=item * |
79
|
|
|
|
|
|
|
|
80
|
|
|
|
|
|
|
Whether you want viewers to use HTTP or HTTPS to request your objects. |
81
|
|
|
|
|
|
|
|
82
|
|
|
|
|
|
|
=item * |
83
|
|
|
|
|
|
|
|
84
|
|
|
|
|
|
|
If you want viewers to use HTTPS, whether you're using an alternate |
85
|
|
|
|
|
|
|
domain name such as example.com or the CloudFront domain name for your |
86
|
|
|
|
|
|
|
distribution, such as C<d111111abcdef8.cloudfront.net>. |
87
|
|
|
|
|
|
|
|
88
|
|
|
|
|
|
|
=item * |
89
|
|
|
|
|
|
|
|
90
|
|
|
|
|
|
|
If you're using an alternate domain name, whether AWS Certificate |
91
|
|
|
|
|
|
|
Manager (ACM) provided the certificate, or you purchased a certificate |
92
|
|
|
|
|
|
|
from a third-party certificate authority and imported it into ACM or |
93
|
|
|
|
|
|
|
uploaded it to the IAM certificate store. |
94
|
|
|
|
|
|
|
|
95
|
|
|
|
|
|
|
=back |
96
|
|
|
|
|
|
|
|
97
|
|
|
|
|
|
|
You must specify one (and only one) of the three values. Do not specify |
98
|
|
|
|
|
|
|
C<false> for C<CloudFrontDefaultCertificate>. |
99
|
|
|
|
|
|
|
|
100
|
|
|
|
|
|
|
B<If you want viewers to use HTTP to request your objects>: Specify the |
101
|
|
|
|
|
|
|
following value: |
102
|
|
|
|
|
|
|
|
103
|
|
|
|
|
|
|
C<E<lt>CloudFrontDefaultCertificateE<gt>trueE<lt>CloudFrontDefaultCertificateE<gt>> |
104
|
|
|
|
|
|
|
|
105
|
|
|
|
|
|
|
In addition, specify C<allow-all> for C<ViewerProtocolPolicy> for all |
106
|
|
|
|
|
|
|
of your cache behaviors. |
107
|
|
|
|
|
|
|
|
108
|
|
|
|
|
|
|
B<If you want viewers to use HTTPS to request your objects>: Choose the |
109
|
|
|
|
|
|
|
type of certificate that you want to use based on whether you're using |
110
|
|
|
|
|
|
|
an alternate domain name for your objects or the CloudFront domain |
111
|
|
|
|
|
|
|
name: |
112
|
|
|
|
|
|
|
|
113
|
|
|
|
|
|
|
=over |
114
|
|
|
|
|
|
|
|
115
|
|
|
|
|
|
|
=item * |
116
|
|
|
|
|
|
|
|
117
|
|
|
|
|
|
|
B<If you're using an alternate domain name, such as example.com>: |
118
|
|
|
|
|
|
|
Specify one of the following values, depending on whether ACM provided |
119
|
|
|
|
|
|
|
your certificate or you purchased your certificate from third-party |
120
|
|
|
|
|
|
|
certificate authority: |
121
|
|
|
|
|
|
|
|
122
|
|
|
|
|
|
|
=over |
123
|
|
|
|
|
|
|
|
124
|
|
|
|
|
|
|
=item * |
125
|
|
|
|
|
|
|
|
126
|
|
|
|
|
|
|
C<E<lt>ACMCertificateArnE<gt>ARN for ACM SSL/TLS |
127
|
|
|
|
|
|
|
certificateE<lt>ACMCertificateArnE<gt>> where ARN for ACM SSL/TLS |
128
|
|
|
|
|
|
|
certificate is the ARN for the ACM SSL/TLS certificate that you want to |
129
|
|
|
|
|
|
|
use for this distribution. |
130
|
|
|
|
|
|
|
|
131
|
|
|
|
|
|
|
=item * |
132
|
|
|
|
|
|
|
|
133
|
|
|
|
|
|
|
C<E<lt>IAMCertificateIdE<gt>IAM certificate |
134
|
|
|
|
|
|
|
IDE<lt>IAMCertificateIdE<gt>> where IAM certificate ID is the ID that |
135
|
|
|
|
|
|
|
IAM returned when you added the certificate to the IAM certificate |
136
|
|
|
|
|
|
|
store. |
137
|
|
|
|
|
|
|
|
138
|
|
|
|
|
|
|
=back |
139
|
|
|
|
|
|
|
|
140
|
|
|
|
|
|
|
If you specify C<ACMCertificateArn> or C<IAMCertificateId>, you must |
141
|
|
|
|
|
|
|
also specify a value for C<SSLSupportMethod>. |
142
|
|
|
|
|
|
|
|
143
|
|
|
|
|
|
|
If you choose to use an ACM certificate or a certificate in the IAM |
144
|
|
|
|
|
|
|
certificate store, we recommend that you use only an alternate domain |
145
|
|
|
|
|
|
|
name in your object URLs (C<https://example.com/logo.jpg>). If you use |
146
|
|
|
|
|
|
|
the domain name that is associated with your CloudFront distribution |
147
|
|
|
|
|
|
|
(C<https://d111111abcdef8.cloudfront.net/logo.jpg>) and the viewer |
148
|
|
|
|
|
|
|
supports C<SNI>, then CloudFront behaves normally. However, if the |
149
|
|
|
|
|
|
|
browser does not support SNI, the user's experience depends on the |
150
|
|
|
|
|
|
|
value that you choose for C<SSLSupportMethod>: |
151
|
|
|
|
|
|
|
|
152
|
|
|
|
|
|
|
=over |
153
|
|
|
|
|
|
|
|
154
|
|
|
|
|
|
|
=item * |
155
|
|
|
|
|
|
|
|
156
|
|
|
|
|
|
|
C<vip>: The viewer displays a warning because there is a mismatch |
157
|
|
|
|
|
|
|
between the CloudFront domain name and the domain name in your SSL/TLS |
158
|
|
|
|
|
|
|
certificate. |
159
|
|
|
|
|
|
|
|
160
|
|
|
|
|
|
|
=item * |
161
|
|
|
|
|
|
|
|
162
|
|
|
|
|
|
|
C<sni-only>: CloudFront drops the connection with the browser without |
163
|
|
|
|
|
|
|
returning the object. |
164
|
|
|
|
|
|
|
|
165
|
|
|
|
|
|
|
=back |
166
|
|
|
|
|
|
|
|
167
|
|
|
|
|
|
|
=item * |
168
|
|
|
|
|
|
|
|
169
|
|
|
|
|
|
|
B<If you're using the CloudFront domain name for your distribution, |
170
|
|
|
|
|
|
|
such as C<d111111abcdef8.cloudfront.net> >: Specify the following |
171
|
|
|
|
|
|
|
value: |
172
|
|
|
|
|
|
|
|
173
|
|
|
|
|
|
|
C<E<lt>CloudFrontDefaultCertificateE<gt>trueE<lt>CloudFrontDefaultCertificateE<gt>> |
174
|
|
|
|
|
|
|
|
175
|
|
|
|
|
|
|
If you want viewers to use HTTPS, you must also specify one of the |
176
|
|
|
|
|
|
|
following values in your cache behaviors: |
177
|
|
|
|
|
|
|
|
178
|
|
|
|
|
|
|
=over |
179
|
|
|
|
|
|
|
|
180
|
|
|
|
|
|
|
=item * |
181
|
|
|
|
|
|
|
|
182
|
|
|
|
|
|
|
C<E<lt>ViewerProtocolPolicyE<gt>https-onlyE<lt>ViewerProtocolPolicyE<gt>> |
183
|
|
|
|
|
|
|
|
184
|
|
|
|
|
|
|
=item * |
185
|
|
|
|
|
|
|
|
186
|
|
|
|
|
|
|
C<E<lt>ViewerProtocolPolicyE<gt>redirect-to-httpsE<lt>ViewerProtocolPolicyE<gt>> |
187
|
|
|
|
|
|
|
|
188
|
|
|
|
|
|
|
=back |
189
|
|
|
|
|
|
|
|
190
|
|
|
|
|
|
|
You can also optionally require that CloudFront use HTTPS to |
191
|
|
|
|
|
|
|
communicate with your origin by specifying one of the following values |
192
|
|
|
|
|
|
|
for the applicable origins: |
193
|
|
|
|
|
|
|
|
194
|
|
|
|
|
|
|
=over |
195
|
|
|
|
|
|
|
|
196
|
|
|
|
|
|
|
=item * |
197
|
|
|
|
|
|
|
|
198
|
|
|
|
|
|
|
C<E<lt>OriginProtocolPolicyE<gt>https-onlyE<lt>OriginProtocolPolicyE<gt>> |
199
|
|
|
|
|
|
|
|
200
|
|
|
|
|
|
|
=item * |
201
|
|
|
|
|
|
|
|
202
|
|
|
|
|
|
|
C<E<lt>OriginProtocolPolicyE<gt>match-viewerE<lt>OriginProtocolPolicyE<gt>> |
203
|
|
|
|
|
|
|
|
204
|
|
|
|
|
|
|
=back |
205
|
|
|
|
|
|
|
|
206
|
|
|
|
|
|
|
For more information, see Using Alternate Domain Names and HTTPS in the |
207
|
|
|
|
|
|
|
I<Amazon CloudFront Developer Guide>. |
208
|
|
|
|
|
|
|
|
209
|
|
|
|
|
|
|
=back |
210
|
|
|
|
|
|
|
|
211
|
|
|
|
|
|
|
|
212
|
|
|
|
|
|
|
|
213
|
|
|
|
|
|
|
=head2 CertificateSource => Str |
214
|
|
|
|
|
|
|
|
215
|
|
|
|
|
|
|
This field is deprecated. You can use one of the following: |
216
|
|
|
|
|
|
|
C<[ACMCertificateArn>, C<IAMCertificateId>, or |
217
|
|
|
|
|
|
|
C<CloudFrontDefaultCertificate]>. |
218
|
|
|
|
|
|
|
|
219
|
|
|
|
|
|
|
|
220
|
|
|
|
|
|
|
=head2 CloudFrontDefaultCertificate => Bool |
221
|
|
|
|
|
|
|
|
222
|
|
|
|
|
|
|
|
223
|
|
|
|
|
|
|
|
224
|
|
|
|
|
|
|
|
225
|
|
|
|
|
|
|
=head2 IAMCertificateId => Str |
226
|
|
|
|
|
|
|
|
227
|
|
|
|
|
|
|
|
228
|
|
|
|
|
|
|
|
229
|
|
|
|
|
|
|
|
230
|
|
|
|
|
|
|
=head2 MinimumProtocolVersion => Str |
231
|
|
|
|
|
|
|
|
232
|
|
|
|
|
|
|
Specify the minimum version of the SSL/TLS protocol that you want |
233
|
|
|
|
|
|
|
CloudFront to use for HTTPS connections between viewers and CloudFront: |
234
|
|
|
|
|
|
|
C<SSLv3> or C<TLSv1>. CloudFront serves your objects only to viewers |
235
|
|
|
|
|
|
|
that support SSL/TLS version that you specify and later versions. The |
236
|
|
|
|
|
|
|
C<TLSv1> protocol is more secure, so we recommend that you specify |
237
|
|
|
|
|
|
|
C<SSLv3> only if your users are using browsers or devices that don't |
238
|
|
|
|
|
|
|
support C<TLSv1>. Note the following: |
239
|
|
|
|
|
|
|
|
240
|
|
|
|
|
|
|
=over |
241
|
|
|
|
|
|
|
|
242
|
|
|
|
|
|
|
=item * |
243
|
|
|
|
|
|
|
|
244
|
|
|
|
|
|
|
If you specify |
245
|
|
|
|
|
|
|
E<lt>CloudFrontDefaultCertificateE<gt>trueE<lt>CloudFrontDefaultCertificateE<gt>, |
246
|
|
|
|
|
|
|
the minimum SSL protocol version is C<TLSv1> and can't be changed. |
247
|
|
|
|
|
|
|
|
248
|
|
|
|
|
|
|
=item * |
249
|
|
|
|
|
|
|
|
250
|
|
|
|
|
|
|
If you're using a custom certificate (if you specify a value for |
251
|
|
|
|
|
|
|
C<ACMCertificateArn> or for C<IAMCertificateId>) and if you're using |
252
|
|
|
|
|
|
|
SNI (if you specify C<sni-only> for C<SSLSupportMethod>), you must |
253
|
|
|
|
|
|
|
specify C<TLSv1> for C<MinimumProtocolVersion>. |
254
|
|
|
|
|
|
|
|
255
|
|
|
|
|
|
|
=back |
256
|
|
|
|
|
|
|
|
257
|
|
|
|
|
|
|
|
258
|
|
|
|
|
|
|
|
259
|
|
|
|
|
|
|
=head2 SSLSupportMethod => Str |
260
|
|
|
|
|
|
|
|
261
|
|
|
|
|
|
|
If you specify a value for C<ACMCertificateArn> or for |
262
|
|
|
|
|
|
|
C<IAMCertificateId>, you must also specify how you want CloudFront to |
263
|
|
|
|
|
|
|
serve HTTPS requests: using a method that works for all clients or one |
264
|
|
|
|
|
|
|
that works for most clients: |
265
|
|
|
|
|
|
|
|
266
|
|
|
|
|
|
|
=over |
267
|
|
|
|
|
|
|
|
268
|
|
|
|
|
|
|
=item * |
269
|
|
|
|
|
|
|
|
270
|
|
|
|
|
|
|
C<vip>: CloudFront uses dedicated IP addresses for your content and can |
271
|
|
|
|
|
|
|
respond to HTTPS requests from any viewer. However, you will incur |
272
|
|
|
|
|
|
|
additional monthly charges. |
273
|
|
|
|
|
|
|
|
274
|
|
|
|
|
|
|
=item * |
275
|
|
|
|
|
|
|
|
276
|
|
|
|
|
|
|
C<sni-only>: CloudFront can respond to HTTPS requests from viewers that |
277
|
|
|
|
|
|
|
support Server Name Indication (SNI). All modern browsers support SNI, |
278
|
|
|
|
|
|
|
but some browsers still in use don't support SNI. If some of your |
279
|
|
|
|
|
|
|
users' browsers don't support SNI, we recommend that you do one of the |
280
|
|
|
|
|
|
|
following: |
281
|
|
|
|
|
|
|
|
282
|
|
|
|
|
|
|
=over |
283
|
|
|
|
|
|
|
|
284
|
|
|
|
|
|
|
=item * |
285
|
|
|
|
|
|
|
|
286
|
|
|
|
|
|
|
Use the C<vip> option (dedicated IP addresses) instead of C<sni-only>. |
287
|
|
|
|
|
|
|
|
288
|
|
|
|
|
|
|
=item * |
289
|
|
|
|
|
|
|
|
290
|
|
|
|
|
|
|
Use the CloudFront SSL/TLS certificate instead of a custom certificate. |
291
|
|
|
|
|
|
|
This requires that you use the CloudFront domain name of your |
292
|
|
|
|
|
|
|
distribution in the URLs for your objects, for example, |
293
|
|
|
|
|
|
|
C<https://d111111abcdef8.cloudfront.net/logo.png>. |
294
|
|
|
|
|
|
|
|
295
|
|
|
|
|
|
|
=item * |
296
|
|
|
|
|
|
|
|
297
|
|
|
|
|
|
|
If you can control which browser your users use, upgrade the browser to |
298
|
|
|
|
|
|
|
one that supports SNI. |
299
|
|
|
|
|
|
|
|
300
|
|
|
|
|
|
|
=item * |
301
|
|
|
|
|
|
|
|
302
|
|
|
|
|
|
|
Use HTTP instead of HTTPS. |
303
|
|
|
|
|
|
|
|
304
|
|
|
|
|
|
|
=back |
305
|
|
|
|
|
|
|
|
306
|
|
|
|
|
|
|
=back |
307
|
|
|
|
|
|
|
|
308
|
|
|
|
|
|
|
Do not specify a value for C<SSLSupportMethod> if you specified |
309
|
|
|
|
|
|
|
C<E<lt>CloudFrontDefaultCertificateE<gt>trueE<lt>CloudFrontDefaultCertificateE<gt>>. |
310
|
|
|
|
|
|
|
|
311
|
|
|
|
|
|
|
For more information, see Using Alternate Domain Names and HTTPS in the |
312
|
|
|
|
|
|
|
I<Amazon CloudFront Developer Guide>. |
313
|
|
|
|
|
|
|
|
314
|
|
|
|
|
|
|
|
315
|
|
|
|
|
|
|
|
316
|
|
|
|
|
|
|
=head1 SEE ALSO |
317
|
|
|
|
|
|
|
|
318
|
|
|
|
|
|
|
This class forms part of L<Paws>, describing an object used in L<Paws::CloudFront> |
319
|
|
|
|
|
|
|
|
320
|
|
|
|
|
|
|
=head1 BUGS and CONTRIBUTIONS |
321
|
|
|
|
|
|
|
|
322
|
|
|
|
|
|
|
The source code is located here: https://github.com/pplu/aws-sdk-perl |
323
|
|
|
|
|
|
|
|
324
|
|
|
|
|
|
|
Please report bugs to: https://github.com/pplu/aws-sdk-perl/issues |
325
|
|
|
|
|
|
|
|
326
|
|
|
|
|
|
|
=cut |
327
|
|
|
|
|
|
|
|