AWS CLI version 2, the latest major version of AWS CLI, is now stable and recommended for general use. To view this page for the AWS CLI version 2, click here. For more information see the AWS CLI version 2 installation instructions and migration guide.
[ aws . cloudfront ]
Updates a cache policy configuration.
When you update a cache policy configuration, all the fields are updated with the values provided in the request. You cannot update some fields independent of others. To update a cache policy configuration:
GetCachePolicyConfig to get the current configuration.UpdateCachePolicy by providing the entire cache policy configuration, including the fields that you modified and those that you didn’t.Cache-Control: no-cache , no-store , or private directives are present in the origin headers.See also: AWS API Documentation
  update-cache-policy
--cache-policy-config <value>
--id <value>
[--if-match <value>]
[--cli-input-json <value>]
[--generate-cli-skeleton <value>]
[--debug]
[--endpoint-url <value>]
[--no-verify-ssl]
[--no-paginate]
[--output <value>]
[--query <value>]
[--profile <value>]
[--region <value>]
[--version <value>]
[--color <value>]
[--no-sign-request]
[--ca-bundle <value>]
[--cli-read-timeout <value>]
[--cli-connect-timeout <value>]
--cache-policy-config (structure)
A cache policy configuration.
Comment -> (string)
A comment to describe the cache policy. The comment cannot be longer than 128 characters.Name -> (string)
A unique name to identify the cache policy.DefaultTTL -> (long)
The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object’s time to live (TTL) only when the origin does not send
Cache-ControlorExpiresheaders with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .The default value for this field is 86400 seconds (one day). If the value of
MinTTLis more than 86400 seconds, then the default value for this field is the same as the value ofMinTTL.MaxTTL -> (long)
The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends
Cache-ControlorExpiresheaders with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .The default value for this field is 31536000 seconds (one year). If the value of
MinTTLorDefaultTTLis more than 31536000 seconds, then the default value for this field is the same as the value ofDefaultTTL.MinTTL -> (long)
The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .ParametersInCacheKeyAndForwardedToOrigin -> (structure)
The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.
EnableAcceptEncodingGzip -> (boolean)
A flag that can affect whether the
Accept-EncodingHTTP header is included in the cache key and included in requests that CloudFront sends to the origin.This field is related to the
EnableAcceptEncodingBrotlifield. If one or both of these fields istrueand the viewer request includes theAccept-Encodingheader, then CloudFront does the following:
- Normalizes the value of the viewer’s
Accept-Encodingheader- Includes the normalized header in the cache key
- Includes the normalized header in the request to the origin, if a request is necessary
For more information, see Compression support in the Amazon CloudFront Developer Guide .
If you set this value to
true, and this cache behavior also has an origin request policy attached, do not include theAccept-Encodingheader in the origin request policy. CloudFront always includes theAccept-Encodingheader in origin requests when the value of this field istrue, so including this header in an origin request policy has no effect.If both of these fields are
false, then CloudFront treats theAccept-Encodingheader the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually addAccept-Encodingto the headers whitelist like any other HTTP header.EnableAcceptEncodingBrotli -> (boolean)
A flag that can affect whether the
Accept-EncodingHTTP header is included in the cache key and included in requests that CloudFront sends to the origin.This field is related to the
EnableAcceptEncodingGzipfield. If one or both of these fields istrueand the viewer request includes theAccept-Encodingheader, then CloudFront does the following:
- Normalizes the value of the viewer’s
Accept-Encodingheader- Includes the normalized header in the cache key
- Includes the normalized header in the request to the origin, if a request is necessary
For more information, see Compression support in the Amazon CloudFront Developer Guide .
If you set this value to
true, and this cache behavior also has an origin request policy attached, do not include theAccept-Encodingheader in the origin request policy. CloudFront always includes theAccept-Encodingheader in origin requests when the value of this field istrue, so including this header in an origin request policy has no effect.If both of these fields are
false, then CloudFront treats theAccept-Encodingheader the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually addAccept-Encodingto the headers whitelist like any other HTTP header.HeadersConfig -> (structure)
An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.
HeaderBehavior -> (string)
Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:
none– No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set tonone, any headers that are listed in anOriginRequestPolicyare included in origin requests.
whitelist– Only the HTTP headers that are listed in theHeaderstype are included in the cache key and in requests that CloudFront sends to the origin.Headers -> (structure)
Contains a list of HTTP header names.
Quantity -> (integer)
The number of header names in theItemslist.Items -> (list)
A list of HTTP header names.
(string)
CookiesConfig -> (structure)
An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.
CookieBehavior -> (string)
Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:
none– No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set tonone, any cookies that are listed in anOriginRequestPolicyare included in origin requests.
whitelist– Only the cookies in viewer requests that are listed in theCookieNamestype are included in the cache key and in requests that CloudFront sends to the origin.
allExcept– All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, * except * for those that are listed in theCookieNamestype, which are not included.
all– All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.Cookies -> (structure)
Contains a list of cookie names.
Quantity -> (integer)
The number of cookie names in theItemslist.Items -> (list)
A list of cookie names.
(string)
QueryStringsConfig -> (structure)
An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.
QueryStringBehavior -> (string)
Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:
none– No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set tonone, any query strings that are listed in anOriginRequestPolicyare included in origin requests.
whitelist– Only the query strings in viewer requests that are listed in theQueryStringNamestype are included in the cache key and in requests that CloudFront sends to the origin.
allExcept– All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, * except * those that are listed in theQueryStringNamestype, which are not included.
all– All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.QueryStrings -> (structure)
Contains the specific query strings in viewer requests that either * are * or * are not * included in the cache key and in requests that CloudFront sends to the origin. The behavior depends on whether the
QueryStringBehaviorfield in theCachePolicyQueryStringsConfigtype is set towhitelist(the listed query strings * are * included) orallExcept(the listed query strings * are not * included, but all other query strings are).Quantity -> (integer)
The number of query string names in theItemslist.Items -> (list)
A list of query string names.
(string)
JSON Syntax:
{
  "Comment": "string",
  "Name": "string",
  "DefaultTTL": long,
  "MaxTTL": long,
  "MinTTL": long,
  "ParametersInCacheKeyAndForwardedToOrigin": {
    "EnableAcceptEncodingGzip": true|false,
    "EnableAcceptEncodingBrotli": true|false,
    "HeadersConfig": {
      "HeaderBehavior": "none"|"whitelist",
      "Headers": {
        "Quantity": integer,
        "Items": ["string", ...]
      }
    },
    "CookiesConfig": {
      "CookieBehavior": "none"|"whitelist"|"allExcept"|"all",
      "Cookies": {
        "Quantity": integer,
        "Items": ["string", ...]
      }
    },
    "QueryStringsConfig": {
      "QueryStringBehavior": "none"|"whitelist"|"allExcept"|"all",
      "QueryStrings": {
        "Quantity": integer,
        "Items": ["string", ...]
      }
    }
  }
}
--id (string)
The unique identifier for the cache policy that you are updating. The identifier is returned in a cache behavior’sCachePolicyIdfield in the response toGetDistributionConfig.
--if-match (string)
The version of the cache policy that you are updating. The version is returned in the cache policy’sETagfield in the response toGetCachePolicyConfig.
--cli-input-json (string)
Performs service operation based on the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton. If other arguments are provided on the command line, the CLI values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally.
--generate-cli-skeleton (string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input, prints a sample input JSON that can be used as an argument for --cli-input-json. If provided with the value output, it validates the command inputs and returns a sample output JSON for that command.
--debug (boolean)
Turn on debug logging.
--endpoint-url (string)
Override command’s default URL with the given URL.
--no-verify-ssl (boolean)
By default, the AWS CLI uses SSL when communicating with AWS services. For each SSL connection, the AWS CLI will verify SSL certificates. This option overrides the default behavior of verifying SSL certificates.
--no-paginate (boolean)
Disable automatic pagination. If automatic pagination is disabled, the AWS CLI will only make one call, for the first page of results.
--output (string)
The formatting style for command output.
--query (string)
A JMESPath query to use in filtering the response data.
--profile (string)
Use a specific profile from your credential file.
--region (string)
The region to use. Overrides config/env settings.
--version (string)
Display the version of this tool.
--color (string)
Turn on/off color output.
--no-sign-request (boolean)
Do not sign requests. Credentials will not be loaded if this argument is provided.
--ca-bundle (string)
The CA certificate bundle to use when verifying SSL certificates. Overrides config/env settings.
--cli-read-timeout (int)
The maximum socket read time in seconds. If the value is set to 0, the socket read will be blocking and not timeout. The default value is 60 seconds.
--cli-connect-timeout (int)
The maximum socket connect time in seconds. If the value is set to 0, the socket connect will be blocking and not timeout. The default value is 60 seconds.
CachePolicy -> (structure)
A cache policy.
Id -> (string)
The unique identifier for the cache policy.LastModifiedTime -> (timestamp)
The date and time when the cache policy was last modified.CachePolicyConfig -> (structure)
The cache policy configuration.
Comment -> (string)
A comment to describe the cache policy. The comment cannot be longer than 128 characters.Name -> (string)
A unique name to identify the cache policy.DefaultTTL -> (long)
The default amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value as the object’s time to live (TTL) only when the origin does not send
Cache-ControlorExpiresheaders with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .The default value for this field is 86400 seconds (one day). If the value of
MinTTLis more than 86400 seconds, then the default value for this field is the same as the value ofMinTTL.MaxTTL -> (long)
The maximum amount of time, in seconds, that objects stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. CloudFront uses this value only when the origin sends
Cache-ControlorExpiresheaders with the object. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .The default value for this field is 31536000 seconds (one year). If the value of
MinTTLorDefaultTTLis more than 31536000 seconds, then the default value for this field is the same as the value ofDefaultTTL.MinTTL -> (long)
The minimum amount of time, in seconds, that you want objects to stay in the CloudFront cache before CloudFront sends another request to the origin to see if the object has been updated. For more information, see Managing How Long Content Stays in an Edge Cache (Expiration) in the Amazon CloudFront Developer Guide .ParametersInCacheKeyAndForwardedToOrigin -> (structure)
The HTTP headers, cookies, and URL query strings to include in the cache key. The values included in the cache key are also included in requests that CloudFront sends to the origin.
EnableAcceptEncodingGzip -> (boolean)
A flag that can affect whether the
Accept-EncodingHTTP header is included in the cache key and included in requests that CloudFront sends to the origin.This field is related to the
EnableAcceptEncodingBrotlifield. If one or both of these fields istrueand the viewer request includes theAccept-Encodingheader, then CloudFront does the following:
- Normalizes the value of the viewer’s
Accept-Encodingheader- Includes the normalized header in the cache key
- Includes the normalized header in the request to the origin, if a request is necessary
For more information, see Compression support in the Amazon CloudFront Developer Guide .
If you set this value to
true, and this cache behavior also has an origin request policy attached, do not include theAccept-Encodingheader in the origin request policy. CloudFront always includes theAccept-Encodingheader in origin requests when the value of this field istrue, so including this header in an origin request policy has no effect.If both of these fields are
false, then CloudFront treats theAccept-Encodingheader the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually addAccept-Encodingto the headers whitelist like any other HTTP header.EnableAcceptEncodingBrotli -> (boolean)
A flag that can affect whether the
Accept-EncodingHTTP header is included in the cache key and included in requests that CloudFront sends to the origin.This field is related to the
EnableAcceptEncodingGzipfield. If one or both of these fields istrueand the viewer request includes theAccept-Encodingheader, then CloudFront does the following:
- Normalizes the value of the viewer’s
Accept-Encodingheader- Includes the normalized header in the cache key
- Includes the normalized header in the request to the origin, if a request is necessary
For more information, see Compression support in the Amazon CloudFront Developer Guide .
If you set this value to
true, and this cache behavior also has an origin request policy attached, do not include theAccept-Encodingheader in the origin request policy. CloudFront always includes theAccept-Encodingheader in origin requests when the value of this field istrue, so including this header in an origin request policy has no effect.If both of these fields are
false, then CloudFront treats theAccept-Encodingheader the same as any other HTTP header in the viewer request. By default, it’s not included in the cache key and it’s not included in origin requests. In this case, you can manually addAccept-Encodingto the headers whitelist like any other HTTP header.HeadersConfig -> (structure)
An object that determines whether any HTTP headers (and if so, which headers) are included in the cache key and in requests that CloudFront sends to the origin.
HeaderBehavior -> (string)
Determines whether any HTTP headers are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:
none– No HTTP headers are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set tonone, any headers that are listed in anOriginRequestPolicyare included in origin requests.
whitelist– Only the HTTP headers that are listed in theHeaderstype are included in the cache key and in requests that CloudFront sends to the origin.Headers -> (structure)
Contains a list of HTTP header names.
Quantity -> (integer)
The number of header names in theItemslist.Items -> (list)
A list of HTTP header names.
(string)
CookiesConfig -> (structure)
An object that determines whether any cookies in viewer requests (and if so, which cookies) are included in the cache key and in requests that CloudFront sends to the origin.
CookieBehavior -> (string)
Determines whether any cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:
none– No cookies in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set tonone, any cookies that are listed in anOriginRequestPolicyare included in origin requests.
whitelist– Only the cookies in viewer requests that are listed in theCookieNamestype are included in the cache key and in requests that CloudFront sends to the origin.
allExcept– All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, * except * for those that are listed in theCookieNamestype, which are not included.
all– All cookies in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.Cookies -> (structure)
Contains a list of cookie names.
Quantity -> (integer)
The number of cookie names in theItemslist.Items -> (list)
A list of cookie names.
(string)
QueryStringsConfig -> (structure)
An object that determines whether any URL query strings in viewer requests (and if so, which query strings) are included in the cache key and in requests that CloudFront sends to the origin.
QueryStringBehavior -> (string)
Determines whether any URL query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin. Valid values are:
none– No query strings in viewer requests are included in the cache key or in requests that CloudFront sends to the origin. Even when this field is set tonone, any query strings that are listed in anOriginRequestPolicyare included in origin requests.
whitelist– Only the query strings in viewer requests that are listed in theQueryStringNamestype are included in the cache key and in requests that CloudFront sends to the origin.
allExcept– All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin, * except * those that are listed in theQueryStringNamestype, which are not included.
all– All query strings in viewer requests are included in the cache key and in requests that CloudFront sends to the origin.QueryStrings -> (structure)
Contains the specific query strings in viewer requests that either * are * or * are not * included in the cache key and in requests that CloudFront sends to the origin. The behavior depends on whether the
QueryStringBehaviorfield in theCachePolicyQueryStringsConfigtype is set towhitelist(the listed query strings * are * included) orallExcept(the listed query strings * are not * included, but all other query strings are).Quantity -> (integer)
The number of query string names in theItemslist.Items -> (list)
A list of query string names.
(string)
ETag -> (string)
The current version of the cache policy.