Trying a cloudfront distribution using the AWS CLI, one needs an argument --distribution-config
aws cloudfront create-distribution
aws: error: argument --distribution-config is required
I assume this is a json string with the configuration for the distribution, but I cannot find any documentation about it.
Where can I find a minimal working example?
The following JSON worked for me. I used get-distribution-config to generate it.
{
"Comment": "example json",
"CacheBehaviors": {
"Quantity": 0
},
"Logging": {
"Bucket": null,
"Prefix": null,
"Enabled": false,
"IncludeCookies": false
},
"Origins": {
"Items": [
{
"S3OriginConfig": {
"OriginAccessIdentity": null
},
"Id": "S3-origin",
"DomainName": "example.s3.amazonaws.com"
}
],
"Quantity": 1
},
"DefaultRootObject": null,
"PriceClass": "PriceClass_All",
"Enabled": false,
"DefaultCacheBehavior": {
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TargetOriginId": "S3-origin",
"ViewerProtocolPolicy": "allow-all",
"ForwardedValues": {
"Headers": {
"Quantity": 0
},
"Cookies": {
"Forward": "none"
},
"QueryString": false
},
"SmoothStreaming": false,
"AllowedMethods": {
"Items": [
"GET",
"HEAD"
],
"Quantity": 2
},
"MinTTL": 0
},
"CallerReference": "example",
"ViewerCertificate": {
"CloudFrontDefaultCertificate": true
},
"CustomErrorResponses": {
"Quantity": 0
},
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Quantity": 0
}
},
"Aliases": {
"Quantity": 0
}
}
As stated in the documentation you could try to run this command:
aws cloudfront create-distribution --distribution-config file://distconfig.json
The file distconfig.json is a JSON document in the current folder that defines a CloudFront distribution:
distconfig.json
{
"CallerReference": "my-distribution-2015-09-01",
"Aliases": {
"Quantity": 0
},
"DefaultRootObject": "index.html",
"Origins": {
"Quantity": 1,
"Items": [
{
"Id": "my-origin",
"DomainName": "my-bucket.s3.amazonaws.com",
"S3OriginConfig": {
"OriginAccessIdentity": ""
}
}
]
},
"DefaultCacheBehavior": {
"TargetOriginId": "my-origin",
"ForwardedValues": {
"QueryString": true,
"Cookies": {
"Forward": "none"
}
},
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "allow-all",
"MinTTL": 3600
},
"CacheBehaviors": {
"Quantity": 0
},
"Comment": "",
"Logging": {
"Enabled": false,
"IncludeCookies": true,
"Bucket": "",
"Prefix": ""
},
"PriceClass": "PriceClass_All",
"Enabled": true
}
If you follow the link I provided, you will have more information about the output this command will give you.
Related
I'm trying to setup an AWS EventBridge rule that will filter all Okta user events with rawUserAgent as "anything-but" with the "prefix" libwww-perl. My question is that is there a way to chain AWS rule syntax on the same field in the event? I tried something like this, but it didn't work -
{
"detail": {
"eventType": [{
"prefix": "user.session.start"
}],
"outcome": {
"result": [{
"prefix": "FAILURE"
}]
},
"client": {
"userAgent": {
"rawUserAgent": [{
"anything-but": [{"prefix": "libwww-perl"}]
}]
}
}
}
}
Any suggestions on how I can achieve this?
Here's a sample event:
{
"version": "0",
"id": "123",
"detail-type": "SystemLog",
"source": "okta",
"account": "123",
"time": "2022-06-24T13:07:02Z",
"region": "us-east-1",
"resources": [],
"detail": {
"uuid": "123",
"published": "2022-06-24T13:07:02.586Z",
"eventType": "user.session.start",
"version": "0",
"displayMessage": "User login to Okta",
"severity": "INFO",
"client": {
"userAgent": {
"rawUserAgent": "libwww-perl/6.15",
"os": "Unknown",
"browser": "UNKNOWN"
},
"zone": "null",
"device": "Unknown",
"id": null,
"ipAddress": "192.168.1.1",
"geographicalContext": {
"city": null,
"state": null,
"country": "United States",
"postalCode": null,
"geolocation": {
"lat": 37.751,
"lon": -97.822
}
},
"ipChain": [
{
"ip": "192.168.1.1.",
"geographicalContext": {
"city": null,
"state": null
"country": "Canada",
"postalCode": null,
"geolocation": {
"lat": 37.751,
"lon": -97.822
}
},
"version": "V4",
"source": null
}
]
},
"device": null,
"actor": {
"id": "unknown",
"type": "User",
"alternateId": "abc#gmail.com",
"displayName": "unknown",
"detailEntry": null
},
"outcome": {
"result": "FAILURE",
"reason": "VERIFICATION_ERROR"
},
"target": null,
"transaction": {
"type": "WEB",
"id": "YrW29nCfOE-MgiNf6-1UkQAAA8I",
"detail": {}
},
"debugContext": {
"debugData": {
"loginResult": "VERIFICATION_ERROR",
"requestId": "abcd",
"threatSuspected": "true",
"requestUri": "",
"url": ""
}
},
"legacyEventType": "core.user_auth.login_failed",
"authenticationContext": {
"authenticationProvider": null,
"credentialProvider": null,
"credentialType": null,
"issuer": null,
"authenticationStep": 0,
"externalSessionId": "unknown",
"interface": null
},
"securityContext": {
"asNumber": 11174,
"asOrg": "qwerty",
"isp": "qwerty",
"domain": "qwerty.com",
"isProxy": false
},
"insertionTimestamp": null
}
}
You can use this pattern:
{
"detail": {
"eventType": [{
"prefix": "user.session.start"
}],
"client": {
"userAgent": {
"rawUserAgent": [{
"anything-but": {
"prefix": "libwww-perl"
}
}]
}
},
"outcome": {
"result": [{
"prefix": "FAILURE"
}]
}
}
}
Unsuccessfully trying to set up a CloudFront distribution for a static AWS-bucket based website, which worked with http, but not https. After adding certificate and configuring CloudFront, I am getting ERR_TOO_MANY_REDIRECTS
Can the problem be the multiple CNAMEs for mywebsite, configured in Route 53?
2 records are from certificate manager validation, not sure where the others came from.
Thank you!
mywebsite.com A Simple -
dwm6otdm3onq4.cloudfront.net.
mywebsite.com MX Simple -
10 inbound-smtp.us-east-1.amazonaws.com
mywebsite.com NS Simple -
ns-480.awsdns-60.com.
ns-1803.awsdns-33.co.uk.
ns-622.awsdns-13.net.
ns-1286.awsdns-32.org.
mywebsite.com SOA Simple -
ns-480.awsdns-60.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
_ab7fff75e12e479a02ad7b663442718d.mywebsite.com CNAME Simple -
_ffb36079eac41a4ec0d793858a8756ae.cvfdyspdbk.acm-validations.aws.
_amazonses.mywebsite.com TXT Simple -
"16fq2E3zX5omvpZj0u/Wjf3U3Qky9a5eI/G8FQdp2VA="
c43idfnpaak4u3nh3znyjcezzfgjbza7._domainkey.mywebsite.com CNAME Simple -
c43idfnpaak4u3nh3znyjcezzfgjbza7.dkim.amazonses.com
n3b4lhcvp63woqnod6tlgpovm5dcpqkz._domainkey.mywebsite.com CNAME Simple -
n3b4lhcvp63woqnod6tlgpovm5dcpqkz.dkim.amazonses.com.
tgfvwhfjzfmn4cfpalcjlxrb7vfutszu._domainkey.mywebsite.com CNAME Simple -
tgfvwhfjzfmn4cfpalcjlxrb7vfutszu.dkim.amazonses.com
autodiscover.mywebsite.com CNAME Simple -
autodiscover.mail.us-east-1.awsapps.com
www.mywebsite.com A Simple -
dwm6otdm3onq4.cloudfront.net.
_b6ae735a7252c03dbfbe162ec5be00cc.www.mywebsite.com CNAME Simple -
_16d9e15225e215d9fd9e9876ce29c409.cvfdyspdbk.acm-validations.aws.
{
"ETag": "E2UARY2PF3JN6L",
"Distribution": {
"Id": "E2VAMJ3R5UEYSD",
"ARN": "arn:aws:cloudfront::098706368979:distribution/E2VAMJ3R5UEYSD",
"Status": "Deployed",
"LastModifiedTime": "2021-08-18T19:41:28.165Z",
"InProgressInvalidationBatches": 0,
"DomainName": "dwm6otdm3onq4.cloudfront.net",
"ActiveTrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"DistributionConfig": {
"CallerReference": "49a807de-37a4-4c9f-add6-739dcffd27cb",
"Aliases": {
"Quantity": 2,
"Items": [
"www.mywebsite.com",
"mywebsite.com"
]
},
"DefaultRootObject": "index.html",
"Origins": {
"Quantity": 2,
"Items": [
{
"Id": "www.mywebsite.com.s3.us-east-1.amazonaws.com",
"DomainName": "mywebsite.com.s3-website-us-east-1.amazonaws.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "match-viewer",
"OriginSslProtocols": {
"Quantity": 3,
"Items": [
"TLSv1",
"TLSv1.1",
"TLSv1.2"
]
},
"OriginReadTimeout": 30,
"OriginKeepaliveTimeout": 5
}
},
{
"Id": "mywebsite.com.s3.us-east-1.amazonaws.com",
"DomainName": "mywebsite.com.s3-website-us-east-1.amazonaws.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "http-only",
"OriginSslProtocols": {
"Quantity": 3,
"Items": [
"TLSv1",
"TLSv1.1",
"TLSv1.2"
]
},
"OriginReadTimeout": 30,
"OriginKeepaliveTimeout": 5
}
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "www.mywebsite.com.s3.us-east-1.amazonaws.com",
"ForwardedValues": {
"QueryString": false,
"Cookies": {
"Forward": "none"
},
"Headers": {
"Quantity": 0
},
"QueryStringCacheKeys": {
"Quantity": 0
}
},
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "redirect-to-https",
"MinTTL": 0,
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
"CachedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
]
}
},
"SmoothStreaming": false,
"DefaultTTL": 0,
"MaxTTL": 0,
"Compress": true,
"LambdaFunctionAssociations": {
"Quantity": 0
},
"FieldLevelEncryptionId": ""
},
"CacheBehaviors": {
"Quantity": 0
},
"CustomErrorResponses": {
"Quantity": 0
},
"Comment": "",
"Logging": {
"Enabled": false,
"IncludeCookies": false,
"Bucket": "",
"Prefix": ""
},
"PriceClass": "PriceClass_100",
"Enabled": true,
"ViewerCertificate": {
"ACMCertificateArn": "arn:aws:acm:us-east-1:098706368979:certificate/8213cadd-5efd-44ad-b252-3d2cb7bed408",
"SSLSupportMethod": "sni-only",
"MinimumProtocolVersion": "TLSv1.2_2021",
"Certificate": "arn:aws:acm:us-east-1:098706368979:certificate/8213cadd-5efd-44ad-b252-3d2cb7bed408",
"CertificateSource": "acm"
},
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Quantity": 0
}
},
"WebACLId": "",
"HttpVersion": "http2",
"IsIPV6Enabled": true
},
"AliasICPRecordals": [
{
"CNAME": "www.mywebsite.com",
"ICPRecordalStatus": "APPROVED"
},
{
"CNAME": "mywebsite.com",
"ICPRecordalStatus": "APPROVED"
}
]
}
}
get-bucket-policy
{
"Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"PublicReadGetObject\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::mywebsite.com/*\"},{\"Sid\":\"PublicReadGetObjectVersion\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObjectVersion\",\"Resource\":\"arn:aws:s3:::mywebsite.com/*\"},{\"Sid\":\"PublicListBucket\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:ListBucket\",\"Resource\":\"arn:aws:s3:::mywebsite.com\"}]}"
}
get-bucket-website:
{
"IndexDocument": {
"Suffix": "index.html"
}
}
It's difficult to see what is causing the redirects, but it is clear that your CloudFront configuration is not really ideal. You've got the same origin configured twice (while only using one) and they are configured to also use HTTPS to access S3, which is not supported. They are also configured using a custom HTTP origin, while it is a little more secure to use the S3 origin configuration with an Origin Access Identity (OAI).
You can use this blog as a base to set it up using an OAI. This will probably/hopefully also fix your redirection issues.
Adding an AAA record fixed the issue.
Unsuccessfully trying to set up a CloudFront distribution for a static AWS-bucket based website, which worked with http, but not https. After adding certificate and configuring CloudFront, I am getting ERR_TOO_MANY_REDIRECTS
Can the problem be the multiple CNAMEs for mywebsite, configured in Route 53?
2 records are from certificate manager validation, not sure where the others came from.
Thank you!
mywebsite.com A Simple -
dwm6otdm3onq4.cloudfront.net.
mywebsite.com MX Simple -
10 inbound-smtp.us-east-1.amazonaws.com
mywebsite.com NS Simple -
ns-480.awsdns-60.com.
ns-1803.awsdns-33.co.uk.
ns-622.awsdns-13.net.
ns-1286.awsdns-32.org.
mywebsite.com SOA Simple -
ns-480.awsdns-60.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
_ab7fff75e12e479a02ad7b663442718d.mywebsite.com CNAME Simple -
_ffb36079eac41a4ec0d793858a8756ae.cvfdyspdbk.acm-validations.aws.
_amazonses.mywebsite.com TXT Simple -
"16fq2E3zX5omvpZj0u/Wjf3U3Qky9a5eI/G8FQdp2VA="
c43idfnpaak4u3nh3znyjcezzfgjbza7._domainkey.mywebsite.com CNAME Simple -
c43idfnpaak4u3nh3znyjcezzfgjbza7.dkim.amazonses.com
n3b4lhcvp63woqnod6tlgpovm5dcpqkz._domainkey.mywebsite.com CNAME Simple -
n3b4lhcvp63woqnod6tlgpovm5dcpqkz.dkim.amazonses.com.
tgfvwhfjzfmn4cfpalcjlxrb7vfutszu._domainkey.mywebsite.com CNAME Simple -
tgfvwhfjzfmn4cfpalcjlxrb7vfutszu.dkim.amazonses.com
autodiscover.mywebsite.com CNAME Simple -
autodiscover.mail.us-east-1.awsapps.com
www.mywebsite.com A Simple -
dwm6otdm3onq4.cloudfront.net.
_b6ae735a7252c03dbfbe162ec5be00cc.www.mywebsite.com CNAME Simple -
_16d9e15225e215d9fd9e9876ce29c409.cvfdyspdbk.acm-validations.aws.
{
"ETag": "E2UARY2PF3JN6L",
"Distribution": {
"Id": "E2VAMJ3R5UEYSD",
"ARN": "arn:aws:cloudfront::098706368979:distribution/E2VAMJ3R5UEYSD",
"Status": "Deployed",
"LastModifiedTime": "2021-08-18T19:41:28.165Z",
"InProgressInvalidationBatches": 0,
"DomainName": "dwm6otdm3onq4.cloudfront.net",
"ActiveTrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"DistributionConfig": {
"CallerReference": "49a807de-37a4-4c9f-add6-739dcffd27cb",
"Aliases": {
"Quantity": 2,
"Items": [
"www.mywebsite.com",
"mywebsite.com"
]
},
"DefaultRootObject": "index.html",
"Origins": {
"Quantity": 2,
"Items": [
{
"Id": "www.mywebsite.com.s3.us-east-1.amazonaws.com",
"DomainName": "mywebsite.com.s3-website-us-east-1.amazonaws.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "match-viewer",
"OriginSslProtocols": {
"Quantity": 3,
"Items": [
"TLSv1",
"TLSv1.1",
"TLSv1.2"
]
},
"OriginReadTimeout": 30,
"OriginKeepaliveTimeout": 5
}
},
{
"Id": "mywebsite.com.s3.us-east-1.amazonaws.com",
"DomainName": "mywebsite.com.s3-website-us-east-1.amazonaws.com",
"OriginPath": "",
"CustomHeaders": {
"Quantity": 0
},
"CustomOriginConfig": {
"HTTPPort": 80,
"HTTPSPort": 443,
"OriginProtocolPolicy": "http-only",
"OriginSslProtocols": {
"Quantity": 3,
"Items": [
"TLSv1",
"TLSv1.1",
"TLSv1.2"
]
},
"OriginReadTimeout": 30,
"OriginKeepaliveTimeout": 5
}
}
]
},
"OriginGroups": {
"Quantity": 0
},
"DefaultCacheBehavior": {
"TargetOriginId": "www.mywebsite.com.s3.us-east-1.amazonaws.com",
"ForwardedValues": {
"QueryString": false,
"Cookies": {
"Forward": "none"
},
"Headers": {
"Quantity": 0
},
"QueryStringCacheKeys": {
"Quantity": 0
}
},
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"ViewerProtocolPolicy": "redirect-to-https",
"MinTTL": 0,
"AllowedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
],
"CachedMethods": {
"Quantity": 2,
"Items": [
"HEAD",
"GET"
]
}
},
"SmoothStreaming": false,
"DefaultTTL": 0,
"MaxTTL": 0,
"Compress": true,
"LambdaFunctionAssociations": {
"Quantity": 0
},
"FieldLevelEncryptionId": ""
},
"CacheBehaviors": {
"Quantity": 0
},
"CustomErrorResponses": {
"Quantity": 0
},
"Comment": "",
"Logging": {
"Enabled": false,
"IncludeCookies": false,
"Bucket": "",
"Prefix": ""
},
"PriceClass": "PriceClass_100",
"Enabled": true,
"ViewerCertificate": {
"ACMCertificateArn": "arn:aws:acm:us-east-1:098706368979:certificate/8213cadd-5efd-44ad-b252-3d2cb7bed408",
"SSLSupportMethod": "sni-only",
"MinimumProtocolVersion": "TLSv1.2_2021",
"Certificate": "arn:aws:acm:us-east-1:098706368979:certificate/8213cadd-5efd-44ad-b252-3d2cb7bed408",
"CertificateSource": "acm"
},
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Quantity": 0
}
},
"WebACLId": "",
"HttpVersion": "http2",
"IsIPV6Enabled": true
},
"AliasICPRecordals": [
{
"CNAME": "www.mywebsite.com",
"ICPRecordalStatus": "APPROVED"
},
{
"CNAME": "mywebsite.com",
"ICPRecordalStatus": "APPROVED"
}
]
}
}
get-bucket-policy
{
"Policy": "{\"Version\":\"2012-10-17\",\"Statement\":[{\"Sid\":\"PublicReadGetObject\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObject\",\"Resource\":\"arn:aws:s3:::mywebsite.com/*\"},{\"Sid\":\"PublicReadGetObjectVersion\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:GetObjectVersion\",\"Resource\":\"arn:aws:s3:::mywebsite.com/*\"},{\"Sid\":\"PublicListBucket\",\"Effect\":\"Allow\",\"Principal\":\"*\",\"Action\":\"s3:ListBucket\",\"Resource\":\"arn:aws:s3:::mywebsite.com\"}]}"
}
get-bucket-website:
{
"IndexDocument": {
"Suffix": "index.html"
}
}
It's difficult to see what is causing the redirects, but it is clear that your CloudFront configuration is not really ideal. You've got the same origin configured twice (while only using one) and they are configured to also use HTTPS to access S3, which is not supported. They are also configured using a custom HTTP origin, while it is a little more secure to use the S3 origin configuration with an Origin Access Identity (OAI).
You can use this blog as a base to set it up using an OAI. This will probably/hopefully also fix your redirection issues.
Adding an AAA record fixed the issue.
I have a post man request. Which returns a response data as:
[
{
"id": "7ca27c09-2b67-417e-b367-f97d49824a2f",
"tags": [],
"type": "ApplicationProfile",
"userId": "2f2c8684-874d-49ea-bfa4-977069c1e3e2",
"profile": {
"User-Profile": {
"PHI": {
"gender": "Male",
"surgeryDate": {
"value": "2017-06-06"
},
"surgeryType": {
"value": "gastricBand"
},
"heightInches": "72",
"approvalPhase": "2",
"profileImageUrl": "",
"motivationalImageUrl": ""
},
"PII": {
"mail": "c11#c111.com",
"lastName": "",
"firstName": "name1",
"shouldReceiveNotifications": true
}
},
"motivationalGoals": [
{
"goal": "Improving health",
"goalId": "2957"
},
{
"goal": "Relieving pain",
"goalId": "2958"
},
{
"goal": "Feeling better",
"goalId": "2960"
}
]
},
"version": 35,
"createdBy": "2f2c8684-874d-49ea-bfa4-977069c1e3e2",
"lastModifiedBy": "2f2c8684-874d-49ea-bfa4-977069c1e3e2",
"applicationName": "Health Partner",
"createdDateTime": "2017-06-08T16:08:32.497Z",
"lastModifiedDateTime": "2017-06-09T13:23:03.503Z"
},
{
"id": "091b5ebd-b096-436e-a703-f97f0ae77baf",
"tags": [
"Application-Profile"
],
"type": "ApplicationProfile",
"userId": "2f2c8684-874d-49ea-bfa4-977069c1e3e2",
"profile": {
"User-Profile": {
"PHI": {
"gender": "",
"surgeryDate": {
"value": "2017-06-01"
},
"surgeryType": {
"value": ""
},
"heightInches": "72",
"approvalPhase": "2",
"profileImageUrl": "",
"motivationalImageUrl": ""
},
"PII": {
"mail": "c11#c111.com",
"lastName": "Dev",
"firstName": "Kat",
"shouldReceiveNotifications": true
}
},
"motivationalGoals": [
{
"goal": "Improving health",
"goalId": "2957"
},
{
"goal": "Relieving pain",
"goalId": "2958"
},
{
"goal": "Feeling better",
"goalId": "2960"
}
]
},
"version": 41,
"createdBy": "2f2c8684-874d-49ea-bfa4-977069c1e3e2",
"lastModifiedBy": "2f2c8684-874d-49ea-bfa4-977069c1e3e2",
"applicationName": "Health Partner Weightloss",
"createdDateTime": "2017-06-03T16:19:57.811Z",
"lastModifiedDateTime": "2017-06-08T16:07:49.555Z"
}
]
I need to extract the value of the emailid and set as global variable.
here is my code:
var jsonData1 = JSON.parse(responseBody);
postman.setGlobalVariable("jsonData1",jsonData1.profile.User-Profile.PII.mail);
But I am getting error. "User is undefined".
The problem here is that the hyphen / minus sign is interpreted as the subtraction operator.
Consider changing your API and using "userProfile" instead of "User-Profile".
I was looking to create AWS cloudfront web distribution using CLI, everything was working fine until I tried to add "Compress": True to the distribution's JSON.
Following is my configuration
{
"CallerReference": "string",
"Aliases": {
"Items": [
"test.example.com"
],
"Quantity": 1
},
"DefaultRootObject": "",
"Origins": {
"Items": [
{
"OriginPath": "",
"CustomOriginConfig": {
"OriginProtocolPolicy": "match-viewer",
"HTTPPort": 80,
"HTTPSPort": 443
},
"Id": "Custom-example.com",
"DomainName": "example.com"
}
],
"Quantity": 1
},
"DefaultCacheBehavior": {
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TargetOriginId": "Custom-example.com",
"ViewerProtocolPolicy": "allow-all",
"ForwardedValues": {
"Headers": {
"Quantity": 0
},
"Cookies": {
"Forward": "none"
},
"QueryString": false
},
"MaxTTL": 31536000,
"Compress": true,
"SmoothStreaming": false,
"DefaultTTL": 86400,
"AllowedMethods": {
"Items": [
"HEAD",
"GET"
],
"CachedMethods": {
"Items": [
"HEAD",
"GET"
],
"Quantity": 2
},
"Quantity": 2
},
"MinTTL": 0
},
"CacheBehaviors": {
"Quantity": 2,
"Items": [ {
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TargetOriginId": "Custom-example.com",
"ViewerProtocolPolicy": "allow-all",
"ForwardedValues": {
"Headers": {
"Quantity": 0
},
"Cookies": {
"Forward": "none"
},
"QueryString": false
},
"MaxTTL": 31536000,
"Compress": true,
"PathPattern": "*.jpeg",
"SmoothStreaming": false,
"DefaultTTL": 86400,
"AllowedMethods": {
"Items": [
"HEAD",
"GET"
],
"CachedMethods": {
"Items": [
"HEAD",
"GET"
],
"Quantity": 2
},
"Quantity": 2
},
"MinTTL": 60
}
,
{
"TrustedSigners": {
"Enabled": false,
"Quantity": 0
},
"TargetOriginId": "Custom-example.com",
"ViewerProtocolPolicy": "allow-all",
"ForwardedValues": {
"Headers": {
"Quantity": 0
},
"Cookies": {
"Forward": "none"
},
"QueryString": false
},
"MaxTTL": 31536000,
"Compress": true,
"PathPattern": "*.png",
"SmoothStreaming": false,
"DefaultTTL": 86400,
"AllowedMethods": {
"Items": [
"HEAD",
"GET"
],
"CachedMethods": {
"Items": [
"HEAD",
"GET"
],
"Quantity": 2
},
"Quantity": 2
},
"MinTTL": 100
}
]
},
"CustomErrorResponses": {
"Quantity": 0
},
"Comment": "my distro",
"Logging": {
"Bucket": "",
"Prefix": "",
"Enabled": false,
"IncludeCookies": false
},
"PriceClass": "PriceClass_100",
"Enabled": true,
"ViewerCertificate": {
"CloudFrontDefaultCertificate": true,
"MinimumProtocolVersion": "SSLv3"
},
"Restrictions": {
"GeoRestriction": {
"Items": [
"IN",
"GB",
"IR"
],
"RestrictionType": "whitelist",
"Quantity": 3
}
},
"WebACLId": ""
}
This is the error I get
If I remove the compress parameter It works fine.
Parameter validation failed:
Unknown parameter in DistributionConfig.DefaultCacheBehavior: "Compress", must be one of: TargetOriginId, ForwardedValues, TrustedSigners, ViewerProtocolPolicy, MinTTL, AllowedMethods, SmoothStreaming, DefaultTTL, MaxTTL
Unknown parameter in DistributionConfig.CacheBehaviors.Items[0]: "Compress", must be one of: PathPattern, TargetOriginId, ForwardedValues, TrustedSigners, ViewerProtocolPolicy, MinTTL, AllowedMethods, SmoothStreaming, DefaultTTL, MaxTTL
Unknown parameter in DistributionConfig.CacheBehaviors.Items[1]: "Compress", must be one of: PathPattern, TargetOriginId, ForwardedValues, TrustedSigners, ViewerProtocolPolicy, MinTTL, AllowedMethods, SmoothStreaming, DefaultTTL, MaxTTL
After raising a ticket with AWS I got to know that my cloudfront distribution JSON is absolutely fine, the thing which was giving the headache was the CLI version
I was using AWS CLI version 1.9.12 while compress supports only with CLI version >= 1.9.14