|
1 | | -**To create a CloudFront distribution tenant** |
| 1 | +**Example 1: To create a CloudFront distribution tenant that uses a custom certificate** |
2 | 2 |
|
3 | | -The following ``create-distribution-tenant`` example creates a CloudFront distribution tenant that specifies customizations to disable WAF, add geo-restrictions, and use another certificate. :: |
| 3 | +The following ``create-distribution-tenant`` example creates a CloudFront distribution tenant that specifies customizations to disable WAF, add geo-restrictions, and uses another TLS certificate. :: |
4 | 4 |
|
5 | 5 | aws cloudfront create-distribution-tenant \ |
6 | 6 | --cli-input-json file://tenant.json |
@@ -96,4 +96,180 @@ Output:: |
96 | 96 | } |
97 | 97 | } |
98 | 98 |
|
99 | | -For more information, see `Create a distribution <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-creating-console.html>`__ in the *Amazon CloudFront Developer Guide*. |
| 99 | +**Example 2: To create a distribution tenant with an inherited certificate** |
| 100 | + |
| 101 | +The following ``create-distribution-tenant`` example creates a distribution tenant and specifies an inherited TLS certificate from the multi-tenant distribution. :: |
| 102 | + |
| 103 | + aws cloudfront create-distribution-tenant \ |
| 104 | + --cli-input-json file://tenant.json |
| 105 | + |
| 106 | +Contents of ``tenant.json``:: |
| 107 | + |
| 108 | + { |
| 109 | + "DistributionId": "E1HVIAU7U12ABC", |
| 110 | + "Domains": [ |
| 111 | + { |
| 112 | + "Domain": "example.com" |
| 113 | + } |
| 114 | + ], |
| 115 | + "Parameters": [ |
| 116 | + { |
| 117 | + "Name": "tenantName", |
| 118 | + "Value": "first-tenant" |
| 119 | + } |
| 120 | + ], |
| 121 | + "Enabled": true, |
| 122 | + "Name": "new-tenant-no-cert" |
| 123 | + } |
| 124 | + |
| 125 | +Output:: |
| 126 | + |
| 127 | + { |
| 128 | + "ETag": "E23ZP02F0ABC", |
| 129 | + "DistributionTenant": { |
| 130 | + "Id": "dt_2zhRB0vBe0B72LZCVy1mgzI1AB", |
| 131 | + "DistributionId": "E1HVIAU7U12ABC", |
| 132 | + "Name": "new-tenant-no-cert", |
| 133 | + "Arn": "arn:aws:cloudfront::123456789012:distribution-tenant/dt_2zhRB0vBe0B72LZCVy1mgzI1AB", |
| 134 | + "Domains": [ |
| 135 | + { |
| 136 | + "Domain": "example.com", |
| 137 | + "Status": "active" |
| 138 | + } |
| 139 | + ], |
| 140 | + "Parameters": [ |
| 141 | + { |
| 142 | + "Name": "tenantName", |
| 143 | + "Value": "first-tenant" |
| 144 | + } |
| 145 | + ], |
| 146 | + "ConnectionGroupId": "cg_2yQEwpipGFN0hhA0ZemPabOABC", |
| 147 | + "CreatedTime": "2025-07-10T20:59:38.414000+00:00", |
| 148 | + "LastModifiedTime": "2025-07-10T20:59:38.414000+00:00", |
| 149 | + "Enabled": true, |
| 150 | + "Status": "InProgress" |
| 151 | + } |
| 152 | + } |
| 153 | + |
| 154 | +**Example 3: To create a CloudFront distribution tenant using a CloudFront-hosted validation token** |
| 155 | + |
| 156 | +The following ``create-distribution-tenant`` example creates a distribution tenant and uses a CloudFront-hosted validation token for your domain name. :: |
| 157 | + |
| 158 | + aws cloudfront create-distribution-tenant \ |
| 159 | + --cli-input-json file://tenant.json |
| 160 | + |
| 161 | +Contents of ``tenant.json``:: |
| 162 | + |
| 163 | + { |
| 164 | + "DistributionId": "E2GJ5J9QN12ABC", |
| 165 | + "Domains": [ |
| 166 | + { |
| 167 | + "Domain": "example.com" |
| 168 | + } |
| 169 | + ], |
| 170 | + "Parameters": [ |
| 171 | + { |
| 172 | + "Name": "tenantName", |
| 173 | + "Value": "first-tenant" |
| 174 | + } |
| 175 | + ], |
| 176 | + "ConnectionGroupId": "cg_2yQEwpipGFN0hhA0ZemPabOABC", |
| 177 | + "Enabled": true, |
| 178 | + "Name": "new-tenant-cf-hosted", |
| 179 | + "ManagedCertificateRequest": { |
| 180 | + "ValidationTokenHost": "cloudfront" |
| 181 | + } |
| 182 | + } |
| 183 | + |
| 184 | +**Important:** To successfully run this command, you must configure a CNAME DNS record that points your new domain (example.com) to the routing endpoint of the connection group that is associated with the distribution tenant. This CNAME record must also be propagated before CloudFront can successfully complete this request. |
| 185 | + |
| 186 | +Output:: |
| 187 | + |
| 188 | + { |
| 189 | + "ETag": "E23ZP02F0ABC", |
| 190 | + "DistributionTenant": { |
| 191 | + "Id": "dt_2zhStKrA524GvvTWJX92Ozl1AB", |
| 192 | + "DistributionId": "E2GJ5J9QN12ABC", |
| 193 | + "Name": "new-tenant-cf-hosted", |
| 194 | + "Arn": "arn:aws:cloudfront::123456789012:distribution-tenant/dt_2zhStKrA524GvvTWJX92Ozl1AB", |
| 195 | + "Domains": [ |
| 196 | + { |
| 197 | + "Domain": "example.com", |
| 198 | + "Status": "inactive" |
| 199 | + } |
| 200 | + ], |
| 201 | + "Parameters": [ |
| 202 | + { |
| 203 | + "Name": "tenantName", |
| 204 | + "Value": "first-tenant" |
| 205 | + } |
| 206 | + ], |
| 207 | + "ConnectionGroupId": "cg_2zhSaGatwwXjTjE42nneZzqABC", |
| 208 | + "CreatedTime": "2025-07-10T21:13:46.416000+00:00", |
| 209 | + "LastModifiedTime": "2025-07-10T21:13:46.416000+00:00", |
| 210 | + "Enabled": true, |
| 211 | + "Status": "InProgress" |
| 212 | + } |
| 213 | + } |
| 214 | + |
| 215 | +**Example 4: To create a CloudFront distribution tenant using a self-hosted validation token** |
| 216 | + |
| 217 | +The following ``create-distribution-tenant`` example creates a CloudFront distribution tenant and uses a self-hosted validation token. :: |
| 218 | + |
| 219 | + aws cloudfront create-distribution-tenant \ |
| 220 | + --cli-input-json file://tenant.json |
| 221 | + |
| 222 | +Contents of ``tenant.json``:: |
| 223 | + |
| 224 | + { |
| 225 | + "DistributionId": "E2GJ5J9QN12ABC", |
| 226 | + "Domains": [ |
| 227 | + { |
| 228 | + "Domain": "example.com" |
| 229 | + } |
| 230 | + ], |
| 231 | + "Parameters": [ |
| 232 | + { |
| 233 | + "Name": "tenantName", |
| 234 | + "Value": "first-tenant" |
| 235 | + } |
| 236 | + ], |
| 237 | + "Enabled": true, |
| 238 | + "Name": "new-tenant-self-hosted", |
| 239 | + "ManagedCertificateRequest": { |
| 240 | + "ValidationTokenHost": "self-hosted" |
| 241 | + } |
| 242 | + } |
| 243 | + |
| 244 | +Output:: |
| 245 | + |
| 246 | + { |
| 247 | + "ETag": "E23ZP02F0ABC", |
| 248 | + "DistributionTenant": { |
| 249 | + "Id": "dt_2zhTFBV93OfFJJ3YMdNM5BC1AB", |
| 250 | + "DistributionId": "E2GJ5J9QN12ABC", |
| 251 | + "Name": "new-tenant-self-hosted", |
| 252 | + "Arn": "arn:aws:cloudfront::123456789012:distribution-tenant/dt_2zhTFBV93OfFJJ3YMdNM5BC1AB", |
| 253 | + "Domains": [ |
| 254 | + { |
| 255 | + "Domain": "example.com", |
| 256 | + "Status": "inactive" |
| 257 | + } |
| 258 | + ], |
| 259 | + "Parameters": [ |
| 260 | + { |
| 261 | + "Name": "tenantName", |
| 262 | + "Value": "first-tenant" |
| 263 | + } |
| 264 | + ], |
| 265 | + "ConnectionGroupId": "cg_2yQEwpipGFN0hhA0ZemPabOABC", |
| 266 | + "CreatedTime": "2025-07-10T21:16:39.828000+00:00", |
| 267 | + "LastModifiedTime": "2025-07-10T21:16:39.828000+00:00", |
| 268 | + "Enabled": true, |
| 269 | + "Status": "InProgress" |
| 270 | + } |
| 271 | + } |
| 272 | + |
| 273 | +**Important:** After you run this command, the distribution tenant will be created without validation. To validate the managed certificate request and configure the DNS when you're ready to start receiving traffic, see `Complete domain setup <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/managed-cloudfront-certificates.html#complete-domain-ownership>`__ in the *Amazon CloudFront Developer Guide*. |
| 274 | + |
| 275 | +For more information about creating distribution tenants, see `Create a distribution <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-creating-console.html>`__ in the *Amazon CloudFront Developer Guide*. |
![github-actions[bot]](https://avatars.githubusercontent.com/in/15368?v=4&size=40){kind=avatar}
0 commit comments