AWS 文档 AWS SDK示例 GitHub 存储库中还有更多SDK示例
本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
CloudFront 使用示例 AWS CLI
以下代码示例向您展示了如何使用with来执行操作和实现常见场景 CloudFront。 AWS Command Line Interface
操作是大型程序的代码摘录,必须在上下文中运行。您可以通过操作了解如何调用单个服务函数,还可以通过函数相关场景的上下文查看操作。
每个示例都包含一个指向完整源代码的链接,您可以在其中找到有关如何在上下文中设置和运行代码的说明。
主题
操作
以下代码示例演示如何使用 create-cloud-front-origin-access-identity。
- AWS CLI
-
创建 CloudFront 源访问身份
以下示例通过提供OAI配置作为命令行参数来创建 CloudFront 源访问身份 (OAI):
aws cloudfront create-cloud-front-origin-access-identity \ --cloud-front-origin-access-identity-config \ CallerReference="cli-example",Comment="Example OAI"您可以通过在JSON文件中提供OAI配置来完成同样的事情,如以下示例所示:
aws cloudfront create-cloud-front-origin-access-identity \ --cloud-front-origin-access-identity-configfile://OAI-config.json该文件
OAI-config.json是当前目录中的JSON文档,其中包含以下内容:{ "CallerReference": "cli-example", "Comment": "Example OAI" }无论您为OAI配置提供命令行参数还是JSON文件,输出都是一样的:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/origin-access-identity/cloudfront/E74FTE3AEXAMPLE", "ETag": "E2QWRUHEXAMPLE", "CloudFrontOriginAccessIdentity": { "Id": "E74FTE3AEXAMPLE", "S3CanonicalUserId": "cd13868f797c227fbea2830611a26fe0a21ba1b826ab4bed9b7771c9aEXAMPLE", "CloudFrontOriginAccessIdentityConfig": { "CallerReference": "cli-example", "Comment": "Example OAI" } } }-
有关API详细信息,请参阅 “CreateCloudFrontOriginAccessIdentity AWS CLI
命令参考”。
-
以下代码示例演示如何使用 create-distribution-with-tags。
- AWS CLI
-
创建带有标签的 CloudFront 分配
以下示例通过在名为JSON的文件中提供分发配置和标签来创建带有两个标签的分发
dist-config-with-tags.json:aws cloudfront create-distribution-with-tags \ --distribution-config-with-tagsfile://dist-config-with-tags.json该JSON文件
dist-config-with-tags.json是当前文件夹中包含以下内容的文档。请注意文件顶部的Tags对象,其中包含两个标签:Name = ExampleDistributionProject = ExampleProject{ "Tags": { "Items": [ { "Key": "Name", "Value": "ExampleDistribution" }, { "Key": "Project", "Value": "ExampleProject" } ] }, "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } }输出:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/distribution/EDFDVBD6EXAMPLE", "ETag": "E2QWRUHEXAMPLE", "Distribution": { "Id": "EDFDVBD6EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE", "Status": "InProgress", "LastModifiedTime": "2019-12-04T23:35:41.433Z", "InProgressInvalidationBatches": 0, "DomainName": "d111111abcdef8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } } }-
有关API详细信息,请参阅 “CreateDistributionWithTags AWS CLI
命令参考”。
-
以下代码示例演示如何使用 create-distribution。
- AWS CLI
-
创建分 CloudFront 配
以下示例使用命令行参数为名为
awsexamplebucket的 S3 存储桶创建分配,并将index.html指定为默认根对象:aws cloudfront create-distribution \ --origin-domain-nameawsexamplebucket.s3.amazonaws.com\ --default-root-objectindex.html您可以不使用命令行参数,而是在JSON文件中提供分发配置,如以下示例所示:
aws cloudfront create-distribution \ --distribution-configfile://dist-config.json该文件
dist-config.json是当前文件夹中的JSON文档,其中包含以下内容:{ "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true }无论您是使用命令行参数还是JSON文件提供分发信息,输出都是一样的:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/distribution/EMLARXS9EXAMPLE", "ETag": "E9LHASXEXAMPLE", "Distribution": { "Id": "EMLARXS9EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EMLARXS9EXAMPLE", "Status": "InProgress", "LastModifiedTime": "2019-11-22T00:55:15.705Z", "InProgressInvalidationBatches": 0, "DomainName": "d111111abcdef8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } } }-
有关API详细信息,请参阅 “CreateDistribution AWS CLI
命令参考”。
-
以下代码示例演示如何使用 create-field-level-encryption-config。
- AWS CLI
-
创建 CloudFront 字段级加密配置
以下示例通过在名为JSON的文件中提供配置参数来创建字段级加密配置。
fle-config.json在创建字段级加密配置之前,必须具有字段级加密配置文件。要创建配置文件,请参阅 create-field-level-encryption-profile 命令。有关 CloudFront 字段级加密的更多信息,请参阅 Amazon 开发者指南中的使用字段级加密来帮助保护敏感数据。 CloudFront
aws cloudfront create-field-level-encryption-config \ --field-level-encryption-configfile://fle-config.json该文件
fle-config.json是当前文件夹中的JSON文档,其中包含以下内容:{ "CallerReference": "cli-example", "Comment": "Example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0 } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } }输出:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/field-level-encryption/C3KM2WVD605UAY", "ETag": "E2P4Z4VU7TY5SG", "FieldLevelEncryption": { "Id": "C3KM2WVD605UAY", "LastModifiedTime": "2019-12-10T21:30:18.974Z", "FieldLevelEncryptionConfig": { "CallerReference": "cli-example", "Comment": "Example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0, "Items": [] } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } } } }-
有关API详细信息,请参阅 “CreateFieldLevelEncryptionConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 create-field-level-encryption-profile。
- AWS CLI
-
创建 CloudFront 字段级加密配置文件
以下示例通过在名为的文件中提供参数来创建字段级加密配置JSON文件。
fle-profile-config.json在创建字段级加密配置文件之前,必须拥有 CloudFront 公钥。要创建 CloudFront 公钥,请参阅 create-public-key命令。有关 CloudFront 字段级加密的更多信息,请参阅 Amazon 开发者指南中的使用字段级加密来帮助保护敏感数据。 CloudFront
aws cloudfront create-field-level-encryption-profile \ --field-level-encryption-profile-configfile://fle-profile-config.json该文件
fle-profile-config.json是当前文件夹中的JSON文档,其中包含以下内容:{ "Name": "ExampleFLEProfile", "CallerReference": "cli-example", "Comment": "FLE profile for AWS CLI example", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 1, "Items": [ "ExampleSensitiveField" ] } } ] } }输出:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/field-level-encryption-profile/PPK0UOSIF5WSV", "ETag": "E2QWRUHEXAMPLE", "FieldLevelEncryptionProfile": { "Id": "PPK0UOSIF5WSV", "LastModifiedTime": "2019-12-10T01:03:16.537Z", "FieldLevelEncryptionProfileConfig": { "Name": "ExampleFLEProfile", "CallerReference": "cli-example", "Comment": "FLE profile for AWS CLI example", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 1, "Items": [ "ExampleSensitiveField" ] } } ] } } } }-
有关API详细信息,请参阅 “CreateFieldLevelEncryptionProfile AWS CLI
命令参考”。
-
以下代码示例演示如何使用 create-invalidation。
- AWS CLI
-
为分配创建失效状态 CloudFront
以下
create-invalidation示例为指定 CloudFront 发行版中的指定文件创建失效:aws cloudfront create-invalidation \ --distribution-idEDFDVBD6EXAMPLE\ --paths"/example-path/example-file.jpg""/example-path/example-file2.png"输出:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/distribution/EDFDVBD6EXAMPLE/invalidation/I1JLWSDAP8FU89", "Invalidation": { "Id": "I1JLWSDAP8FU89", "Status": "InProgress", "CreateTime": "2019-12-05T18:24:51.407Z", "InvalidationBatch": { "Paths": { "Quantity": 2, "Items": [ "/example-path/example-file2.png", "/example-path/example-file.jpg" ] }, "CallerReference": "cli-1575570291-670203" } } }在前面的示例中, AWS CLI自动生成了一个随机值
CallerReference。要指定自己的失效参数CallerReference,或者为了避免将失效参数作为命令行参数传递,可以使用JSON文件。以下示例通过在名为的文件中提供失效参数,为两个JSON文件创建失效:inv-batch.jsonaws cloudfront create-invalidation \ --distribution-idEDFDVBD6EXAMPLE\ --invalidation-batchfile://inv-batch.jsoninv-batch.json的内容:{ "Paths": { "Quantity": 2, "Items": [ "/example-path/example-file.jpg", "/example-path/example-file2.png" ] }, "CallerReference": "cli-example" }输出:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/distribution/EDFDVBD6EXAMPLE/invalidation/I2J0I21PCUYOIK", "Invalidation": { "Id": "I2J0I21PCUYOIK", "Status": "InProgress", "CreateTime": "2019-12-05T18:40:49.413Z", "InvalidationBatch": { "Paths": { "Quantity": 2, "Items": [ "/example-path/example-file.jpg", "/example-path/example-file2.png" ] }, "CallerReference": "cli-example" } } }-
有关API详细信息,请参阅 “CreateInvalidation AWS CLI
命令参考”。
-
以下代码示例演示如何使用 create-public-key。
- AWS CLI
-
创建 CloudFront 公钥
以下示例通过在名为JSON的文件中提供参数来创建 CloudFront 公钥
pub-key-config.json。在使用此命令之前,您必须拥有PEM经过编码的公钥。有关更多信息,请参阅《Amazon CloudFront 开发者指南》中的创建RSA密钥对。aws cloudfront create-public-key \ --public-key-configfile://pub-key-config.json该JSON文件
pub-key-config.json是当前文件夹中包含以下内容的文档。请注意,公钥是按PEM格式编码的。{ "CallerReference": "cli-example", "Name": "ExampleKey", "EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n", "Comment": "example public key" }输出:
{ "Location": "https://cloudfront.amazonaws.com/2019-03-26/public-key/KDFB19YGCR002", "ETag": "E2QWRUHEXAMPLE", "PublicKey": { "Id": "KDFB19YGCR002", "CreatedTime": "2019-12-05T18:51:43.781Z", "PublicKeyConfig": { "CallerReference": "cli-example", "Name": "ExampleKey", "EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n", "Comment": "example public key" } } }-
有关API详细信息,请参阅 “CreatePublicKey AWS CLI
命令参考”。
-
以下代码示例演示如何使用 delete-cloud-front-origin-access-identity。
- AWS CLI
-
删除 CloudFront 原始访问身份
以下示例删除了带有 ID 的源访问身份 (OAI)
E74FTE3AEXAMPLE。要删除OAI,您必须拥有OAI的 ID 和ETag。该 OAI ID 将在-access-identity 和 create-cloud-front-origin list-cloud-front-origin-access-identitions 命令的输出中返回。要获取ETag,请使用 get-cloud-front-origin-access-identity 或 get-cloud-front-origin-命令。access-identity-config 使用--if-match选项提供 “OAIs”ETag。aws cloudfront delete-cloud-front-origin-access-identity \ --idE74FTE3AEXAMPLE\ --if-matchE2QWRUHEXAMPLE成功时,此命令没有输出。
-
有关API详细信息,请参阅 “DeleteCloudFrontOriginAccessIdentity AWS CLI
命令参考”。
-
以下代码示例演示如何使用 delete-distribution。
- AWS CLI
-
删除分 CloudFront 配
以下示例删除标识为 ID 的 CloudFront 分配
EDFDVBD6EXAMPLE。删除分配之前,必须先禁用它。要禁用分配,请使用 update-distribution 命令。有关更多信息,请参阅 update-distribution 示例。分配已禁用,您可以将其删除。要删除分配,您必须使用
--if-match选项来提供分配的ETag。要获取ETag,请使用 get-distribution 或get-distribution-config 命令。aws cloudfront delete-distribution \ --idEDFDVBD6EXAMPLE\ --if-matchE2QWRUHEXAMPLE成功时,此命令没有输出。
-
有关API详细信息,请参阅 “DeleteDistribution AWS CLI
命令参考”。
-
以下代码示例演示如何使用 delete-field-level-encryption-config。
- AWS CLI
-
删除 CloudFront 字段级加密配置
以下示例删除带有 CloudFront ID 的字段级加密配置。
C3KM2WVD605UAY要删除字段级加密配置,必须拥有其 ID 和。ETag该 ID 将在-confi create-field-level-encryption g 和 list-field-level-encryption-configs 命令的输出中返回。要获取ETag,请使用get-field-level-encryption 或 get-field-level-encryption-config 命令。使用--if-match选项提供配置ETag。aws cloudfront delete-field-level-encryption-config \ --idC3KM2WVD605UAY\ --if-matchE26M4BIAV81ZF6成功时,此命令没有输出。
-
有关API详细信息,请参阅 “DeleteFieldLevelEncryptionConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 delete-field-level-encryption-profile。
- AWS CLI
-
删除 CloudFront 字段级加密配置文件
以下示例删除带有 CloudFront ID 的字段级加密配置文件。
PPK0UOSIF5WSV要删除字段级加密配置文件,您必须拥有其 ID 和。ETag该 ID 将在-profile 和 create-field-level-encryption list-field-level-encryption-profiles 命令的输出中返回。要获取ETag,请使用-profile 或-p get-field-level-encryption rof get-field-level-encryption ile-config 命令。使用--if-match选项提供个人资料ETag。aws cloudfront delete-field-level-encryption-profile \ --idPPK0UOSIF5WSV\ --if-matchEJETYFJ9CL66D成功时,此命令没有输出。
-
有关API详细信息,请参阅 “DeleteFieldLevelEncryptionProfile AWS CLI
命令参考”。
-
以下代码示例演示如何使用 delete-public-key。
- AWS CLI
-
删除 CloudFront 公钥
以下示例删除标识为 ID 的 CloudFront 公钥
KDFB19YGCR002。要删除公钥,您必须拥有其 ID 和ETag。ID 将在create-public-key 和list-public-keys 命令的输出中返回。要获取ETag,请使用get-public-key 或get-public-key-config 命令。使用--if-match选项提供公钥ETag。aws cloudfront delete-public-key \ --idKDFB19YGCR002\ --if-matchE2QWRUHEXAMPLE成功时,此命令没有输出。
-
有关API详细信息,请参阅 “DeletePublicKey AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-cloud-front-origin-access-identity-config。
- AWS CLI
-
获取 CloudFront 源站访问身份配置
以下示例获取有关带有 ID 的 CloudFront 源访问身份 (OAI) 的元数据
E74FTE3AEXAMPLE,包括其ETag。该 OAI ID 将在-access-identity 和 create-cloud-front-origin list-cloud-front-origin-access-identitions 命令的输出中返回。aws cloudfront get-cloud-front-origin-access-identity-config --idE74FTE3AEXAMPLE输出:
{ "ETag": "E2QWRUHEXAMPLE", "CloudFrontOriginAccessIdentityConfig": { "CallerReference": "cli-example", "Comment": "Example OAI" } }-
有关API详细信息,请参阅 “GetCloudFrontOriginAccessIdentityConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-cloud-front-origin-access-identity。
- AWS CLI
-
获取 CloudFront 源站访问身份
以下示例获取带有 ID 的 CloudFront 源访问身份 (OAI)
E74FTE3AEXAMPLE,包括其ETag和关联的 S3 规范 ID。该 OAI ID 将在-access-identity 和 create-cloud-front-origin list-cloud-front-origin-access-identitions 命令的输出中返回。aws cloudfront get-cloud-front-origin-access-identity --idE74FTE3AEXAMPLE输出:
{ "ETag": "E2QWRUHEXAMPLE", "CloudFrontOriginAccessIdentity": { "Id": "E74FTE3AEXAMPLE", "S3CanonicalUserId": "cd13868f797c227fbea2830611a26fe0a21ba1b826ab4bed9b7771c9aEXAMPLE", "CloudFrontOriginAccessIdentityConfig": { "CallerReference": "cli-example", "Comment": "Example OAI" } } }-
有关API详细信息,请参阅 “GetCloudFrontOriginAccessIdentity AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-distribution-config。
- AWS CLI
-
获取分 CloudFront 发配置
以下示例获取有关带有 ID 的 CloudFront 分配的元数据
EDFDVBD6EXAMPLE,包括其ETag。分配 ID 将在 create-distribution 和 list-distributions 命令中返回。aws cloudfront get-distribution-config --idEDFDVBD6EXAMPLE输出:
{ "ETag": "E2QWRUHEXAMPLE", "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } }-
有关API详细信息,请参阅 “GetDistributionConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-distribution。
- AWS CLI
-
要获得分 CloudFront 发
以下示例获取带有 ID 的 CloudFront 分配
EDFDVBD6EXAMPLE,包括其ETag。分配 ID 将在 create-distribution 和 list-distributions 命令中返回。aws cloudfront get-distribution --idEDFDVBD6EXAMPLE输出:
{ "ETag": "E2QWRUHEXAMPLE", "Distribution": { "Id": "EDFDVBD6EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE", "Status": "Deployed", "LastModifiedTime": "2019-12-04T23:35:41.433Z", "InProgressInvalidationBatches": 0, "DomainName": "d111111abcdef8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } } }-
有关API详细信息,请参阅 “GetDistribution AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-field-level-encryption-config。
- AWS CLI
-
获取有关 CloudFront 字段级加密配置的元数据
以下示例获取有关带有 ID 的 CloudFront 字段级加密配置的元数据
C3KM2WVD605UAY,包括其:ETagaws cloudfront get-field-level-encryption-config --idC3KM2WVD605UAY输出:
{ "ETag": "E2P4Z4VU7TY5SG", "FieldLevelEncryptionConfig": { "CallerReference": "cli-example", "Comment": "Example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0, "Items": [] } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } } }-
有关API详细信息,请参阅 “GetFieldLevelEncryptionConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-field-level-encryption-profile-config。
- AWS CLI
-
获取 CloudFront 字段级加密配置文件配置
以下示例获取有关带有 ID 的 CloudFront 字段级加密配置文件的元数据
PPK0UOSIF5WSV,包括其:ETagaws cloudfront get-field-level-encryption-profile-config --idPPK0UOSIF5WSV输出:
{ "ETag": "E1QQG65FS2L2GC", "FieldLevelEncryptionProfileConfig": { "Name": "ExampleFLEProfile", "CallerReference": "cli-example", "Comment": "FLE profile for AWS CLI example", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 1, "Items": [ "ExampleSensitiveField" ] } } ] } } }-
有关API详细信息,请参阅 “GetFieldLevelEncryptionProfileConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-field-level-encryption-profile。
- AWS CLI
-
获取 CloudFront 字段级加密配置文件
以下示例获取带有 ID 的 CloudFront 字段级加密配置文件
PPK0UOSIF5WSV,包括其:ETagaws cloudfront get-field-level-encryption-profile --idPPK0UOSIF5WSV输出:
{ "ETag": "E1QQG65FS2L2GC", "FieldLevelEncryptionProfile": { "Id": "PPK0UOSIF5WSV", "LastModifiedTime": "2019-12-10T01:03:16.537Z", "FieldLevelEncryptionProfileConfig": { "Name": "ExampleFLEProfile", "CallerReference": "cli-example", "Comment": "FLE profile for AWS CLI example", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 1, "Items": [ "ExampleSensitiveField" ] } } ] } } } }-
有关API详细信息,请参阅 “GetFieldLevelEncryptionProfile AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-field-level-encryption。
- AWS CLI
-
获取 CloudFront 字段级加密配置
以下示例获取带有 ID 的 CloudFront 字段级加密配置
C3KM2WVD605UAY,包括其:ETagaws cloudfront get-field-level-encryption --idC3KM2WVD605UAY输出:
{ "ETag": "E2P4Z4VU7TY5SG", "FieldLevelEncryption": { "Id": "C3KM2WVD605UAY", "LastModifiedTime": "2019-12-10T21:30:18.974Z", "FieldLevelEncryptionConfig": { "CallerReference": "cli-example", "Comment": "Example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0, "Items": [] } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } } } }-
有关API详细信息,请参阅 “GetFieldLevelEncryption AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-invalidation。
- AWS CLI
-
要获得无 CloudFront 效
以下示例使用带有 ID 的 CloudFront 分配的 ID
I2J0I21PCUYOIK获取失效信息:EDFDVBD6EXAMPLEaws cloudfront get-invalidation --idI2J0I21PCUYOIK--distribution-idEDFDVBD6EXAMPLE输出:
{ "Invalidation": { "Status": "Completed", "InvalidationBatch": { "Paths": { "Items": [ "/example-path/example-file.jpg", "/example-path/example-file-2.jpg" ], "Quantity": 2 }, "CallerReference": "cli-example" }, "Id": "I2J0I21PCUYOIK", "CreateTime": "2019-12-05T18:40:49.413Z" } }-
有关API详细信息,请参阅 “GetInvalidation AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-public-key-config。
- AWS CLI
-
获取 CloudFront 公钥配置
以下示例获取有关带有 ID 的 CloudFront 公钥的元数据
KDFB19YGCR002,包括其ETag。公钥 ID 将在create-public-key 和 list-public-keys命令中返回。aws cloudfront get-public-key-config --idKDFB19YGCR002输出:
{ "ETag": "E2QWRUHEXAMPLE", "PublicKeyConfig": { "CallerReference": "cli-example", "Name": "ExampleKey", "EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n", "Comment": "example public key" } }-
有关API详细信息,请参阅 “GetPublicKeyConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 get-public-key。
- AWS CLI
-
获取 CloudFront 公钥
以下示例获取带有 ID 的 CloudFront 公钥
KDFB19YGCR002,包括其ETag。公钥 ID 将在create-public-key 和 list-public-keys命令中返回。aws cloudfront get-public-key --idKDFB19YGCR002输出:
{ "ETag": "E2QWRUHEXAMPLE", "PublicKey": { "Id": "KDFB19YGCR002", "CreatedTime": "2019-12-05T18:51:43.781Z", "PublicKeyConfig": { "CallerReference": "cli-example", "Name": "ExampleKey", "EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n", "Comment": "example public key" } } }-
有关API详细信息,请参阅 “GetPublicKey AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-cloud-front-origin-access-identities。
- AWS CLI
-
列出 CloudFront 源访问身份
以下示例获取了您 AWS 账户中的 CloudFront 原始访问身份 (OAIs) 的列表:
aws cloudfront list-cloud-front-origin-access-identities输出:
{ "CloudFrontOriginAccessIdentityList": { "Items": [ { "Id": "E74FTE3AEXAMPLE", "S3CanonicalUserId": "cd13868f797c227fbea2830611a26fe0a21ba1b826ab4bed9b7771c9aEXAMPLE", "Comment": "Example OAI" }, { "Id": "EH1HDMBEXAMPLE", "S3CanonicalUserId": "1489f6f2e6faacaae7ff64c4c3e6956c24f78788abfc1718c3527c263bf7a17EXAMPLE", "Comment": "Test OAI" }, { "Id": "E2X2C9TEXAMPLE", "S3CanonicalUserId": "cbfeebb915a64749f9be546a45b3fcfd3a31c779673c13c4dd460911ae402c2EXAMPLE", "Comment": "Example OAI #2" } ] } }-
有关API详细信息,请参阅 “ListCloudFrontOriginAccessIdentities AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-distributions。
- AWS CLI
-
列出 CloudFront 发行版
以下示例获取了您 AWS 账户中的 CloudFront 分配列表:
aws cloudfront list-distributions输出:
{ "DistributionList": { "Items": [ { "Id": "EMLARXS9EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EMLARXS9EXAMPLE", "Status": "InProgress", "LastModifiedTime": "2019-11-22T00:55:15.705Z", "InProgressInvalidationBatches": 0, "DomainName": "d111111abcdef8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } }, { "Id": "EDFDVBD6EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE", "Status": "InProgress", "LastModifiedTime": "2019-12-04T23:35:41.433Z", "InProgressInvalidationBatches": 0, "DomainName": "d930174dauwrn8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "cli-example", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket1---s3.amazonaws.com.rproxy.goskope.com-cli-example", "DomainName": "awsexamplebucket1.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket1---s3.amazonaws.com.rproxy.goskope.com-cli-example", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } }, { "Id": "E1X5IZQEXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/E1X5IZQEXAMPLE", "Status": "Deployed", "LastModifiedTime": "2019-11-06T21:31:48.864Z", "DomainName": "d2e04y12345678.cloudfront.net", "Aliases": { "Quantity": 0 }, "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket2", "DomainName": "awsexamplebucket2.s3.us-west-2.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket2", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "HTTP1_1", "IsIPV6Enabled": true } ] } }-
有关API详细信息,请参阅 “ListDistributions AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-field-level-encryption-configs。
- AWS CLI
-
列出 CloudFront 字段级加密配置
以下示例获取了您 AWS 账户中 CloudFront 字段级加密配置的列表:
aws cloudfront list-field-level-encryption-configs输出:
{ "FieldLevelEncryptionList": { "MaxItems": 100, "Quantity": 1, "Items": [ { "Id": "C3KM2WVD605UAY", "LastModifiedTime": "2019-12-10T21:30:18.974Z", "Comment": "Example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0, "Items": [] } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } } ] } }-
有关API详细信息,请参阅 “ListFieldLevelEncryptionConfigs AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-field-level-encryption-profiles。
- AWS CLI
-
列出 CloudFront 字段级加密配置文件
以下示例获取了您 AWS 账户中的 CloudFront 字段级加密配置文件列表:
aws cloudfront list-field-level-encryption-profiles输出:
{ "FieldLevelEncryptionProfileList": { "MaxItems": 100, "Quantity": 2, "Items": [ { "Id": "P280MFCLSYOCVU", "LastModifiedTime": "2019-12-05T01:05:39.896Z", "Name": "ExampleFLEProfile", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 1, "Items": [ "ExampleSensitiveField" ] } } ] }, "Comment": "FLE profile for AWS CLI example" }, { "Id": "PPK0UOSIF5WSV", "LastModifiedTime": "2019-12-10T01:03:16.537Z", "Name": "ExampleFLEProfile2", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2ABC10EXAMPLE", "ProviderId": "ExampleFLEProvider2", "FieldPatterns": { "Quantity": 1, "Items": [ "ExampleSensitiveField2" ] } } ] }, "Comment": "FLE profile #2 for AWS CLI example" } ] } }-
有关API详细信息,请参阅 “ListFieldLevelEncryptionProfiles AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-invalidations。
- AWS CLI
-
列出 CloudFront 失效情况
以下示例获取了带有 ID 的 CloudFront分配的失效列表:
EDFDVBD6EXAMPLEaws cloudfront list-invalidations --distribution-idEDFDVBD6EXAMPLE输出:
{ "InvalidationList": { "Marker": "", "Items": [ { "Status": "Completed", "Id": "YNY2LI2BVJ4NJU", "CreateTime": "2019-08-31T21:15:52.042Z" } ], "IsTruncated": false, "MaxItems": 100, "Quantity": 1 } }-
有关API详细信息,请参阅 “ListInvalidations AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-public-keys。
- AWS CLI
-
列出 CloudFront 公钥
以下示例获取了您 AWS 账户中的 CloudFront 公钥列表:
aws cloudfront list-public-keys输出:
{ "PublicKeyList": { "MaxItems": 100, "Quantity": 2, "Items": [ { "Id": "K2K8NC4HVFE3M0", "Name": "ExampleKey", "CreatedTime": "2019-12-05T01:04:28.818Z", "EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n", "Comment": "example public key" }, { "Id": "K1S0LWQ2L5HTBU", "Name": "ExampleKey2", "CreatedTime": "2019-12-09T23:28:11.110Z", "EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEApOCAg88A8+f4dujn9Izt\n26LxtgAkn2opGgo/NKpMiaisyw5qlg3f1gol7FV6pYNl78iJg3EO8JBbwtlH+cR9\nLGSf60NDeVhm76Oc39Np/vWgOdsGQcRbi9WmKZeSODqjQGzVZWqPmito3FzWVk6b\nfVY5N36U/RdbVAJm95Km+qaMYlbIdF40t72bi3IkKYV5hlB2XoDjlQ9F6ajQKyTB\nMHa3SN8q+3ZjQ4sJJ7D1V6r4wR8jDcFVD5NckWJmmgIVnkOQM37NYeoDnkaOuTpu\nha/+3b8tOb2z3LBVHPkp85zJRAOXacSwf5rZtPYKBNFsixTa2n55k2r218mOkMC4\nUwIDAQAB\n-----END PUBLIC KEY-----", "Comment": "example public key #2" } ] } }-
有关API详细信息,请参阅 “ListPublicKeys AWS CLI
命令参考”。
-
以下代码示例演示如何使用 list-tags-for-resource。
- AWS CLI
-
列出 CloudFront 分配的标签
以下示例获取 CloudFront 分配的标签列表:
aws cloudfront list-tags-for-resource \ --resourcearn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE输出:
{ "Tags": { "Items": [ { "Key": "DateCreated", "Value": "2019-12-04" }, { "Key": "Name", "Value": "Example name" }, { "Key": "Project", "Value": "Example project" } ] } }-
有关API详细信息,请参阅 “ListTagsForResource AWS CLI
命令参考”。
-
以下代码示例演示如何使用 sign。
- AWS CLI
-
要签署 CloudFront URL
以下示例符号为 a CloudFront URL。要签名URL,您需要密钥对 ID(在 AWS 管理控制台中称为访问密钥 ID)和可信签名者的密钥对的私 CloudFront 钥。有关签名的更多信息URLs,请参阅《亚马逊 CloudFront 开发者指南》中的使用签名URLs和签名 Cookie 提供私有内容。
aws cloudfront sign \ --urlhttps://d111111abcdef8.cloudfront.net/private-content/private-file.html\ --key-pair-idAPKAEIBAERJR2EXAMPLE\ --private-keyfile://cf-signer-priv-key.pem\ --date-less-than2020-01-01输出:
https://d111111abcdef8.cloudfront.net/private-content/private-file.html?Expires=1577836800&Signature=nEXK7Kby47XKeZQKVc6pwkif6oZc-JWSpDkH0UH7EBGGqvgurkecCbgL5VfUAXyLQuJxFwRQWscz-owcq9KpmewCXrXQbPaJZNi9XSNwf4YKurPDQYaRQawKoeenH0GFteRf9ELK-Bs3nljTLjtbgzIUt7QJNKXcWr8AuUYikzGdJ4-qzx6WnxXfH~fxg4-GGl6l2kgCpXUB6Jx6K~Y3kpVOdzUPOIqFLHAnJojbhxqrVejomZZ2XrquDvNUCCIbePGnR3d24UPaLXG4FKOqNEaWDIBXu7jUUPwOyQCvpt-GNvjRJxqWf93uMobeMOiVYahb-e0KItiQewGcm0eLZQ__&Key-Pair-Id=APKAEIBAERJR2EXAMPLE-
有关API详细信息,请参阅登录AWS CLI
命令参考。
-
以下代码示例演示如何使用 tag-resource。
- AWS CLI
-
为 CloudFront 分配添加标签
以下
tag-resource示例向指定的 CloudFront 发行版添加了两个标签。aws cloudfront tag-resource \ --resourcearn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE\ --tags 'Items=[{Key=Name,Value="Example name"},{Key=Project,Value="Example project"}]'您可以不使用命令行参数,而是在JSON文件中提供标签,如以下示例所示:
aws cloudfront tag-resource \ --resourcearn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE\ --tagsfile://tags.jsontags.json的内容:{ "Items": [ { "Key": "Name", "Value": "Example name" }, { "Key": "Project", "Value": "Example project" } ] }此命令不生成任何输出。
-
有关API详细信息,请参阅 “TagResource AWS CLI
命令参考”。
-
以下代码示例演示如何使用 untag-resource。
- AWS CLI
-
从 CloudFront 分配中移除标签
以下示例使用命令行参数从 CloudFront 发行版中删除两个标签:
aws cloudfront untag-resource \ --resourcearn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE\ --tag-keysItems=Name,Project您可以不使用命令行参数,而是在JSON文件中提供标签键,如以下示例所示:
aws cloudfront untag-resource \ --resourcearn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE\ --tag-keysfile://tag-keys.json该文件
tag-keys.json是当前文件夹中的JSON文档,其中包含以下内容:{ "Items": [ "Name", "Project" ] }成功时,此命令没有输出。
-
有关API详细信息,请参阅 “UntagResource AWS CLI
命令参考”。
-
以下代码示例演示如何使用 update-cloud-front-origin-access-identity。
- AWS CLI
-
更新 CloudFront 源站访问身份
以下示例使用 ID 更新源访问身份 (OAI)
E74FTE3AEXAMPLE。您唯一可以更新的字段是 “OAIs”Comment。要更新OAI,您必须拥有OAI的 ID 和
ETag。该 OAI ID 将在-access-identity 和 create-cloud-front-origin list-cloud-front-origin-access-identitions 命令的输出中返回。要获取ETag,请使用 get-cloud-front-origin-access-identity 或 get-cloud-front-origin-命令。access-identity-config 使用--if-match选项提供 “OAIs”ETag。aws cloudfront update-cloud-front-origin-access-identity \ --idE74FTE3AEXAMPLE\ --if-matchE2QWRUHEXAMPLE\ --cloud-front-origin-access-identity-config \ CallerReference=cli-example,Comment="Example OAI Updated"您可以通过在JSON文件中提供OAI配置来完成同样的事情,如以下示例所示:
aws cloudfront update-cloud-front-origin-access-identity \ --idE74FTE3AEXAMPLE\ --if-matchE2QWRUHEXAMPLE\ --cloud-front-origin-access-identity-configfile://OAI-config.json该文件
OAI-config.json是当前目录中的JSON文档,其中包含以下内容:{ "CallerReference": "cli-example", "Comment": "Example OAI Updated" }无论您为OAI配置提供命令行参数还是JSON文件,输出都是一样的:
{ "ETag": "E9LHASXEXAMPLE", "CloudFrontOriginAccessIdentity": { "Id": "E74FTE3AEXAMPLE", "S3CanonicalUserId": "cd13868f797c227fbea2830611a26fe0a21ba1b826ab4bed9b7771c9aEXAMPLE", "CloudFrontOriginAccessIdentityConfig": { "CallerReference": "cli-example", "Comment": "Example OAI Updated" } } }-
有关API详细信息,请参阅 “UpdateCloudFrontOriginAccessIdentity AWS CLI
命令参考”。
-
以下代码示例演示如何使用 update-distribution。
- AWS CLI
-
更新 CloudFront 分配的默认根对象
以下示例将CloudFront 分配的默认根对象更新为 ID
EDFDVBD6EXAMPLE:index.htmlaws cloudfront update-distribution --idEDFDVBD6EXAMPLE\ --default-root-objectindex.html输出:
{ "ETag": "E2QWRUHEXAMPLE", "Distribution": { "Id": "EDFDVBD6EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EDFDVBD6EXAMPLE", "Status": "InProgress", "LastModifiedTime": "2019-12-06T18:55:39.870Z", "InProgressInvalidationBatches": 0, "DomainName": "d111111abcdef8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "6b10378d-49be-4c4b-a642-419ccaf8f3b5", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "example-website", "DomainName": "www.example.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "CustomOriginConfig": { "HTTPPort": 80, "HTTPSPort": 443, "OriginProtocolPolicy": "match-viewer", "OriginSslProtocols": { "Quantity": 2, "Items": [ "SSLv3", "TLSv1" ] }, "OriginReadTimeout": 30, "OriginKeepaliveTimeout": 5 } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "example-website", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 1, "Items": [ "*" ] }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": true, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http1.1", "IsIPV6Enabled": true } } }更新分 CloudFront 配
以下示例通过在名
dist-config-disable.json为JSON的文件中提供 CloudFront 分发配置EMLARXS9EXAMPLE来禁用 ID 的分发。要更新分配,您必须使用--if-match选项来提供分配的ETag。要获取ETag,请使用 get-distribution 或get-distribution-config 命令。使用以下示例禁用分配后,您可以使用 delete-distribute 命令将其删除。
aws cloudfront update-distribution \ --idEMLARXS9EXAMPLE\ --if-matchE2QWRUHEXAMPLE\ --distribution-configfile://dist-config-disable.json该JSON文件
dist-config-disable.json是当前文件夹中包含以下内容的文档。请注意,Enabled字段设置为false:{ "CallerReference": "cli-1574382155-496510", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-1574382155-273939", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-1574382155-273939", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": false, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true }输出:
{ "ETag": "E9LHASXEXAMPLE", "Distribution": { "Id": "EMLARXS9EXAMPLE", "ARN": "arn:aws:cloudfront::123456789012:distribution/EMLARXS9EXAMPLE", "Status": "InProgress", "LastModifiedTime": "2019-12-06T18:32:35.553Z", "InProgressInvalidationBatches": 0, "DomainName": "d111111abcdef8.cloudfront.net", "ActiveTrustedSigners": { "Enabled": false, "Quantity": 0 }, "DistributionConfig": { "CallerReference": "cli-1574382155-496510", "Aliases": { "Quantity": 0 }, "DefaultRootObject": "index.html", "Origins": { "Quantity": 1, "Items": [ { "Id": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-1574382155-273939", "DomainName": "awsexamplebucket.s3.amazonaws.com", "OriginPath": "", "CustomHeaders": { "Quantity": 0 }, "S3OriginConfig": { "OriginAccessIdentity": "" } } ] }, "OriginGroups": { "Quantity": 0 }, "DefaultCacheBehavior": { "TargetOriginId": "awsexamplebucket---s3.amazonaws.com.rproxy.goskope.com-1574382155-273939", "ForwardedValues": { "QueryString": false, "Cookies": { "Forward": "none" }, "Headers": { "Quantity": 0 }, "QueryStringCacheKeys": { "Quantity": 0 } }, "TrustedSigners": { "Enabled": false, "Quantity": 0 }, "ViewerProtocolPolicy": "allow-all", "MinTTL": 0, "AllowedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ], "CachedMethods": { "Quantity": 2, "Items": [ "HEAD", "GET" ] } }, "SmoothStreaming": false, "DefaultTTL": 86400, "MaxTTL": 31536000, "Compress": false, "LambdaFunctionAssociations": { "Quantity": 0 }, "FieldLevelEncryptionId": "" }, "CacheBehaviors": { "Quantity": 0 }, "CustomErrorResponses": { "Quantity": 0 }, "Comment": "", "Logging": { "Enabled": false, "IncludeCookies": false, "Bucket": "", "Prefix": "" }, "PriceClass": "PriceClass_All", "Enabled": false, "ViewerCertificate": { "CloudFrontDefaultCertificate": true, "MinimumProtocolVersion": "TLSv1", "CertificateSource": "cloudfront" }, "Restrictions": { "GeoRestriction": { "RestrictionType": "none", "Quantity": 0 } }, "WebACLId": "", "HttpVersion": "http2", "IsIPV6Enabled": true } } }-
有关API详细信息,请参阅 “UpdateDistribution AWS CLI
命令参考”。
-
以下代码示例演示如何使用 update-field-level-encryption-config。
- AWS CLI
-
更新 CloudFront 字段级加密配置
以下示例
C3KM2WVD605UAY通过在Comment文件中提供参数来使用 ID 更新字段级加密配置的字JSON段。要更新字段级加密配置,您必须拥有该配置的 ID 和。
ETag该 ID 将在-confi create-field-level-encryption g 和 list-field-level-encryption-configs 命令的输出中返回。要获取ETag,请使用get-field-level-encryption 或 get-field-level-encryption-config 命令。使用--if-match选项提供配置ETag。aws cloudfront update-field-level-encryption-config \ --idC3KM2WVD605UAY\ --if-matchE2P4Z4VU7TY5SG\ --field-level-encryption-configfile://fle-config.json该文件
fle-config.json是当前目录中的JSON文档,其中包含以下内容:{ "CallerReference": "cli-example", "Comment": "Updated example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0 } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } }输出:
{ "ETag": "E26M4BIAV81ZF6", "FieldLevelEncryption": { "Id": "C3KM2WVD605UAY", "LastModifiedTime": "2019-12-10T22:26:26.170Z", "FieldLevelEncryptionConfig": { "CallerReference": "cli-example", "Comment": "Updated example FLE configuration", "QueryArgProfileConfig": { "ForwardWhenQueryArgProfileIsUnknown": true, "QueryArgProfiles": { "Quantity": 0, "Items": [] } }, "ContentTypeProfileConfig": { "ForwardWhenContentTypeIsUnknown": true, "ContentTypeProfiles": { "Quantity": 1, "Items": [ { "Format": "URLEncoded", "ProfileId": "P280MFCLSYOCVU", "ContentType": "application/x-www-form-urlencoded" } ] } } } } }-
有关API详细信息,请参阅 “UpdateFieldLevelEncryptionConfig AWS CLI
命令参考”。
-
以下代码示例演示如何使用 update-field-level-encryption-profile。
- AWS CLI
-
更新 CloudFront 字段级加密配置文件
以下示例使用 ID 更新字段级加密配置文件。
PPK0UOSIF5WSV此示例通过在文件中提供参数来更新配置JSON文件的和,并添加第二FieldPatterns项。NameComment要更新字段级加密配置文件,您必须拥有该配置文件的 ID 和。
ETag该 ID 将在-profile 和 create-field-level-encryption list-field-level-encryption-profiles 命令的输出中返回。要获取ETag,请使用-profile 或-p get-field-level-encryption rof get-field-level-encryption ile-config 命令。使用--if-match选项提供个人资料ETag。aws cloudfront update-field-level-encryption-profile \ --idPPK0UOSIF5WSV\ --if-matchE1QQG65FS2L2GC\ --field-level-encryption-profile-configfile://fle-profile-config.json该文件
fle-profile-config.json是当前目录中的JSON文档,其中包含以下内容:{ "Name": "ExampleFLEProfileUpdated", "CallerReference": "cli-example", "Comment": "Updated FLE profile for AWS CLI example", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 2, "Items": [ "ExampleSensitiveField", "SecondExampleSensitiveField" ] } } ] } }输出:
{ "ETag": "EJETYFJ9CL66D", "FieldLevelEncryptionProfile": { "Id": "PPK0UOSIF5WSV", "LastModifiedTime": "2019-12-10T19:05:58.296Z", "FieldLevelEncryptionProfileConfig": { "Name": "ExampleFLEProfileUpdated", "CallerReference": "cli-example", "Comment": "Updated FLE profile for AWS CLI example", "EncryptionEntities": { "Quantity": 1, "Items": [ { "PublicKeyId": "K2K8NC4HVFE3M0", "ProviderId": "ExampleFLEProvider", "FieldPatterns": { "Quantity": 2, "Items": [ "ExampleSensitiveField", "SecondExampleSensitiveField" ] } } ] } } } }-
有关API详细信息,请参阅 “UpdateFieldLevelEncryptionProfile AWS CLI
命令参考”。
-
