Resource: awsCloudfrontFieldLevelEncryptionConfig
Provides a CloudFront Field-level Encryption Config resource.
Example Usage
/*Provider bindings are generated by running cdktf get.
See https://cdk.tf/provider-generation for more details.*/
import * as aws from "./.gen/providers/aws";
new aws.cloudfrontFieldLevelEncryptionConfig.CloudfrontFieldLevelEncryptionConfig(
this,
"test",
{
comment: "test comment",
contentTypeProfileConfig: {
contentTypeProfiles: {
items: [
{
contentType: "application/x-www-form-urlencoded",
format: "URLEncoded",
},
],
},
forwardWhenContentTypeIsUnknown: true,
},
queryArgProfileConfig: {
forwardWhenQueryArgProfileIsUnknown: true,
queryArgProfiles: {
items: [
{
profileId:
"${aws_cloudfront_field_level_encryption_profile.test.id}",
queryArg: "Arg1",
},
],
},
},
}
);
Argument Reference
The following arguments are supported:
comment
- (Optional) An optional comment about the Field Level Encryption Config.contentTypeProfileConfig
- (Required) Content Type Profile Config specifies when to forward content if a content type isn't recognized and profiles to use as by default in a request if a query argument doesn't specify a profile to use.queryArgProfileConfig
- (Required) Query Arg Profile Config that specifies when to forward content if a profile isn't found and the profile that can be provided as a query argument in a request.
Content Type Profile Config
forwardWhenContentTypeIsUnknown
- (Required) specifies what to do when an unknown content type is provided for the profile. If true, content is forwarded without being encrypted when the content type is unknown. If false (the default), an error is returned when the content type is unknown.contentTypeProfiles
- (Required) Object that contains an attributeitems
that contains the list of configurations for a field-level encryption content type-profile. See Content Type Profile.
Content Type Profile
contentType
- (Required) he content type for a field-level encryption content type-profile mapping. Valid value isapplication/xWwwFormUrlencoded
.format
- (Required) The format for a field-level encryption content type-profile mapping. Valid value isurlEncoded
.profileId
- (Optional) The profile ID for a field-level encryption content type-profile mapping.
Query Arg Profile Config
forwardWhenQueryArgProfileIsUnknown
- (Required) Flag to set if you want a request to be forwarded to the origin even if the profile specified by the field-level encryption query argument, fle-profile, is unknown.queryArgProfiles
- (Optional) Object that contains an attributeitems
that contains the list ofrofiles specified for query argument-profile mapping for field-level encryption. see Query Arg Profile.
Query Arg Profile
profileId
- (Required) ID of profile to use for field-level encryption query argument-profile mappingqueryArg
- (Required) Query argument for field-level encryption query argument-profile mapping.
Attributes Reference
In addition to all arguments above, the following attributes are exported:
callerReference
- Internal value used by CloudFront to allow future updates to the Field Level Encryption Config.etag
- The current version of the Field Level Encryption Config. For example:e2Qwruhapomqzl
.id
- The identifier for the Field Level Encryption Config. For example:k3D5Eweudccxon
.
Import
Cloudfront Field Level Encryption Config can be imported using the id
, e.g.