com.pulumi.awsnative.cloudfront.kotlin.inputs.OriginAccessControlConfigArgs.kt Maven / Gradle / Ivy

Go to download
Show more of this group Show more artifacts with this name
Show all versions of pulumi-aws-native-kotlin Show documentation
Build cloud applications and infrastructure by combining the safety and reliability of infrastructure as code with the power of the Kotlin programming language.
There is a newer version: 1.24.0.0
Show newest version
@file:Suppress("NAME_SHADOWING", "DEPRECATION")

package com.pulumi.awsnative.cloudfront.kotlin.inputs

import com.pulumi.awsnative.cloudfront.inputs.OriginAccessControlConfigArgs.builder
import com.pulumi.core.Output
import com.pulumi.core.Output.of
import com.pulumi.kotlin.ConvertibleToJava
import com.pulumi.kotlin.PulumiNullFieldException
import com.pulumi.kotlin.PulumiTagMarker
import kotlin.String
import kotlin.Suppress
import kotlin.jvm.JvmName

/**
 *
 * @property description A description of the origin access control.
 * @property name A name to identify the origin access control. You can specify up to 64 characters.
 * @property originAccessControlOriginType The type of origin that this origin access control is for.
 * @property signingBehavior Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .
 * This field can have one of the following values:
 * - `always` – CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.
 * - `never` – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.
 * - `no-override` – If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*
 * @property signingProtocol The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .
 */
public data class OriginAccessControlConfigArgs(
    public val description: Output? = null,
    public val name: Output,
    public val originAccessControlOriginType: Output,
    public val signingBehavior: Output,
    public val signingProtocol: Output,
) : ConvertibleToJava {
    override fun toJava(): com.pulumi.awsnative.cloudfront.inputs.OriginAccessControlConfigArgs =
        com.pulumi.awsnative.cloudfront.inputs.OriginAccessControlConfigArgs.builder()
            .description(description?.applyValue({ args0 -> args0 }))
            .name(name.applyValue({ args0 -> args0 }))
            .originAccessControlOriginType(originAccessControlOriginType.applyValue({ args0 -> args0 }))
            .signingBehavior(signingBehavior.applyValue({ args0 -> args0 }))
            .signingProtocol(signingProtocol.applyValue({ args0 -> args0 })).build()
}

/**
 * Builder for [OriginAccessControlConfigArgs].
 */
@PulumiTagMarker
public class OriginAccessControlConfigArgsBuilder internal constructor() {
    private var description: Output? = null

    private var name: Output? = null

    private var originAccessControlOriginType: Output? = null

    private var signingBehavior: Output? = null

    private var signingProtocol: Output? = null

    /**
     * @param value A description of the origin access control.
     */
    @JvmName("ibaviwqbvptlyknd")
    public suspend fun description(`value`: Output) {
        this.description = value
    }

    /**
     * @param value A name to identify the origin access control. You can specify up to 64 characters.
     */
    @JvmName("nekecnbdivwjopal")
    public suspend fun name(`value`: Output) {
        this.name = value
    }

    /**
     * @param value The type of origin that this origin access control is for.
     */
    @JvmName("rhbrrpcxrqfppxhn")
    public suspend fun originAccessControlOriginType(`value`: Output) {
        this.originAccessControlOriginType = value
    }

    /**
     * @param value Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .
     * This field can have one of the following values:
     * - `always` – CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.
     * - `never` – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.
     * - `no-override` – If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*
     */
    @JvmName("epvndlewduhbhmdb")
    public suspend fun signingBehavior(`value`: Output) {
        this.signingBehavior = value
    }

    /**
     * @param value The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .
     */
    @JvmName("fisnqqpusqiwvexc")
    public suspend fun signingProtocol(`value`: Output) {
        this.signingProtocol = value
    }

    /**
     * @param value A description of the origin access control.
     */
    @JvmName("fgtcikiulemvutyv")
    public suspend fun description(`value`: String?) {
        val toBeMapped = value
        val mapped = toBeMapped?.let({ args0 -> of(args0) })
        this.description = mapped
    }

    /**
     * @param value A name to identify the origin access control. You can specify up to 64 characters.
     */
    @JvmName("yinvmeyhwpvnfotg")
    public suspend fun name(`value`: String) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.name = mapped
    }

    /**
     * @param value The type of origin that this origin access control is for.
     */
    @JvmName("ixjoxknavaohuvhv")
    public suspend fun originAccessControlOriginType(`value`: String) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.originAccessControlOriginType = mapped
    }

    /**
     * @param value Specifies which requests CloudFront signs (adds authentication information to). Specify `always` for the most common use case. For more information, see [origin access control advanced settings](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/private-content-restricting-access-to-s3.html#oac-advanced-settings) in the *Amazon CloudFront Developer Guide* .
     * This field can have one of the following values:
     * - `always` – CloudFront signs all origin requests, overwriting the `Authorization` header from the viewer request if one exists.
     * - `never` – CloudFront doesn't sign any origin requests. This value turns off origin access control for all origins in all distributions that use this origin access control.
     * - `no-override` – If the viewer request doesn't contain the `Authorization` header, then CloudFront signs the origin request. If the viewer request contains the `Authorization` header, then CloudFront doesn't sign the origin request and instead passes along the `Authorization` header from the viewer request. *WARNING: To pass along the `Authorization` header from the viewer request, you *must* add the `Authorization` header to a [cache policy](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/controlling-the-cache-key.html) for all cache behaviors that use origins associated with this origin access control.*
     */
    @JvmName("xkiyolsjvvqfuvky")
    public suspend fun signingBehavior(`value`: String) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.signingBehavior = mapped
    }

    /**
     * @param value The signing protocol of the origin access control, which determines how CloudFront signs (authenticates) requests. The only valid value is `sigv4` .
     */
    @JvmName("jcbgmnwwjbiycjou")
    public suspend fun signingProtocol(`value`: String) {
        val toBeMapped = value
        val mapped = toBeMapped.let({ args0 -> of(args0) })
        this.signingProtocol = mapped
    }

    internal fun build(): OriginAccessControlConfigArgs = OriginAccessControlConfigArgs(
        description = description,
        name = name ?: throw PulumiNullFieldException("name"),
        originAccessControlOriginType = originAccessControlOriginType ?: throw
            PulumiNullFieldException("originAccessControlOriginType"),
        signingBehavior = signingBehavior ?: throw PulumiNullFieldException("signingBehavior"),
        signingProtocol = signingProtocol ?: throw PulumiNullFieldException("signingProtocol"),
    )
}