key_groups
Creates, updates, deletes or gets a key_group resource or lists key_groups in a region
Overview
| Name | key_groups |
| Type | Resource |
| Description | A key group. A key group contains a list of public keys that you can use with [CloudFront signed URLs and signed cookies](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/PrivateContent.html). |
| Id | awscc.cloudfront.key_groups |
Fields
- get (all properties)
- list (identifiers only)
| Name | Datatype | Description |
|---|---|---|
id | string | |
key_group_config | object | The key group configuration. |
last_modified_time | string | |
region | string | AWS region. |
| Name | Datatype | Description |
|---|---|---|
id | string | |
region | string | AWS region. |
For more information, see AWS::CloudFront::KeyGroup.
Methods
| Name | Resource | Accessible by | Required Params |
|---|---|---|---|
create_resource | key_groups | INSERT | KeyGroupConfig, region |
delete_resource | key_groups | DELETE | Identifier, region |
update_resource | key_groups | UPDATE | Identifier, PatchDocument, region |
list_resources | key_groups_list_only | SELECT | region |
get_resource | key_groups | SELECT | Identifier, region |
SELECT examples
- get (all properties)
- list (identifiers only)
Gets all properties from an individual key_group.
SELECT
region,
id,
key_group_config,
last_modified_time
FROM awscc.cloudfront.key_groups
WHERE
region = 'us-east-1' AND
Identifier = '{{ id }}';
Lists all key_groups in a region.
SELECT
region,
id
FROM awscc.cloudfront.key_groups_list_only
WHERE
region = 'us-east-1';
INSERT example
Use the following StackQL query and manifest file to create a new key_group resource, using stack-deploy.
- Required Properties
- All Properties
- Manifest
/*+ create */
INSERT INTO awscc.cloudfront.key_groups (
KeyGroupConfig,
region
)
SELECT
'{{ key_group_config }}',
'{{ region }}';
/*+ create */
INSERT INTO awscc.cloudfront.key_groups (
KeyGroupConfig,
region
)
SELECT
'{{ key_group_config }}',
'{{ region }}';
version: 1
name: stack name
description: stack description
providers:
- aws
globals:
- name: region
value: '{{ vars.AWS_REGION }}'
resources:
- name: key_group
props:
- name: key_group_config
value:
comment: '{{ comment }}'
items:
- '{{ items[0] }}'
name: '{{ name }}'
UPDATE example
Use the following StackQL query and manifest file to update a key_group resource, using stack-deploy.
/*+ update */
UPDATE awscc.cloudfront.key_groups
SET PatchDocument = string('{{ {
"KeyGroupConfig": key_group_config
} | generate_patch_document }}')
WHERE
region = '{{ region }}' AND
Identifier = '{{ id }}';
DELETE example
/*+ delete */
DELETE FROM awscc.cloudfront.key_groups
WHERE
Identifier = '{{ id }}' AND
region = 'us-east-1';
Permissions
To operate on the key_groups resource, the following permissions are required:
- Create
- Delete
- List
- Read
- Update
cloudfront:CreateKeyGroup
cloudfront:DeleteKeyGroup,
cloudfront:GetKeyGroup
cloudfront:ListKeyGroups
cloudfront:GetKeyGroup
cloudfront:UpdateKeyGroup,
cloudfront:GetKeyGroup