AgentSkillsCN

aws-cli-cloudfront

在使用AWS CloudFront命令时——分发、源站、缓存行为、失效、函数、源站访问控制、签名URL、持续部署。在创建与管理CloudFront分发、配置S3或ALB源站、设置缓存行为与TTL、创建失效、编写并部署CloudFront函数、为S3配置源站访问控制(OAC)、设置带SSL证书的自定义域名、管理缓存/源站请求策略、配置持续部署,或设置实时日志记录时使用此技能。

SKILL.md
--- frontmatter
name: aws-cli-cloudfront
description: Use when working with AWS CloudFront commands — distributions, origins, cache behaviors, invalidations, functions, origin access control, signed URLs, continuous deployment. Use this skill when creating and managing CloudFront distributions, configuring S3 or ALB origins, setting up cache behaviors and TTLs, creating invalidations, writing and deploying CloudFront Functions, configuring origin access control (OAC) for S3, setting up custom domains with SSL certificates, managing cache/origin request policies, configuring continuous deployment, or setting up real-time logging.

AWS CLI v2 — CloudFront (Content Delivery Network)

Overview

Complete reference for all aws cloudfront subcommands in AWS CLI v2. Covers distribution management, origin configuration (S3, ALB, custom), cache behavior settings, invalidations, CloudFront Functions, Lambda@Edge associations, origin access control (OAC), signed URLs/cookies, continuous deployment (staging distributions), and real-time logs.

Quick Reference — Common Workflows

Create a distribution with S3 origin

bash
aws cloudfront create-distribution --distribution-config file://dist-config.json

Create an invalidation

bash
aws cloudfront create-invalidation --distribution-id E1234 \
  --paths '/*'
aws cloudfront wait invalidation-completed --distribution-id E1234 --id I1234

List distributions

bash
aws cloudfront list-distributions \
  --query 'DistributionList.Items[].{Id:Id,Domain:DomainName,Status:Status}'

Get distribution config (for updates)

bash
aws cloudfront get-distribution-config --id E1234
# Edit the config, then update:
aws cloudfront update-distribution --id E1234 --distribution-config file://updated.json --if-match <ETag>

Create a CloudFront Function

bash
aws cloudfront create-function --name my-func --function-config '{
  "Comment":"URL rewrite","Runtime":"cloudfront-js-2.0"
}' --function-code fileb://function.js
aws cloudfront publish-function --name my-func --if-match <ETag>

Covered Command Groups

GroupCommandsDescription
Distributionscreate, delete, get, list, update, get-configDistribution lifecycle
Invalidationscreate, get, listCache purging
Functionscreate, delete, describe, get, list, publish, test, updateEdge compute
Cache Policiescreate, delete, get, list, updateCaching configuration
Origin Request Policiescreate, delete, get, list, updateOrigin forwarding
Response Headers Policiescreate, delete, get, list, updateSecurity headers
Origin Access Controlcreate, delete, get, list, updateS3 OAC
Continuous Deploymentcreate, delete, get, list, updateStaging distributions
Key Groups & Public Keyscreate, delete, get, list, updateSigned URL keys
Real-Time Logscreate, delete, get, list, updateStreaming logs
Tagstag-resource, untag-resource, list-tags-for-resourceResource tagging

Command Reference

See references/index.md for the quick reference table and global options.

GroupFileCommands
Distributionsdistributions.mdcreate-distribution, create-distribution-with-tags, get-distribution, get-distribution-config, list-distributions, update-distribution, delete-distribution, list-distributions-by-web-acl-id, list-distributions-by-cache-policy-id, list-distributions-by-origin-request-policy-id, list-distributions-by-response-headers-policy-id, list-distributions-by-key-group, list-distributions-by-realtime-log-config, list-conflicting-aliases
Invalidationsinvalidations.mdcreate-invalidation, get-invalidation, list-invalidations
Functionsfunctions.mdcreate-function, delete-function, describe-function, get-function, list-functions, publish-function, test-function, update-function
Cache Policiescache-policies.mdcreate-cache-policy, get-cache-policy, get-cache-policy-config, list-cache-policies, update-cache-policy, delete-cache-policy
Origin Request Policiesorigin-request-policies.mdcreate-origin-request-policy, get-origin-request-policy, get-origin-request-policy-config, list-origin-request-policies, update-origin-request-policy, delete-origin-request-policy
Response Headers Policiesresponse-headers-policies.mdcreate-response-headers-policy, get-response-headers-policy, get-response-headers-policy-config, list-response-headers-policies, update-response-headers-policy, delete-response-headers-policy
Origin Access Controlorigin-access-control.mdcreate-origin-access-control, get-origin-access-control, get-origin-access-control-config, list-origin-access-controls, update-origin-access-control, delete-origin-access-control
Origin Access Identity (Legacy)origin-access-identity.mdcreate-cloud-front-origin-access-identity, get-cloud-front-origin-access-identity, get-cloud-front-origin-access-identity-config, list-cloud-front-origin-access-identities, update-cloud-front-origin-access-identity, delete-cloud-front-origin-access-identity
Continuous Deploymentcontinuous-deployment.mdcreate-continuous-deployment-policy, get-continuous-deployment-policy, get-continuous-deployment-policy-config, list-continuous-deployment-policies, update-continuous-deployment-policy, delete-continuous-deployment-policy, update-distribution-with-staging-config
Key Groupskey-groups.mdcreate-key-group, get-key-group, get-key-group-config, list-key-groups, update-key-group, delete-key-group
Public Keyspublic-keys.mdcreate-public-key, get-public-key, get-public-key-config, list-public-keys, update-public-key, delete-public-key
Real-Time Logsreal-time-logs.mdcreate-realtime-log-config, get-realtime-log-config, list-realtime-log-configs, update-realtime-log-config, delete-realtime-log-config
Key Value Storeskey-value-stores.mdcreate-key-value-store, describe-key-value-store, list-key-value-stores, update-key-value-store, delete-key-value-store
Monitoring Subscriptionsmonitoring-subscriptions.mdcreate-monitoring-subscription, get-monitoring-subscription, delete-monitoring-subscription
Field-Level Encryptionfield-level-encryption.mdcreate-field-level-encryption-config, create-field-level-encryption-profile, get-field-level-encryption, get-field-level-encryption-config, get-field-level-encryption-profile, get-field-level-encryption-profile-config, list-field-level-encryption-configs, list-field-level-encryption-profiles, update-field-level-encryption-config, update-field-level-encryption-profile, delete-field-level-encryption-config, delete-field-level-encryption-profile
Streaming Distributions (Legacy)streaming-distributions.mdcreate-streaming-distribution, get-streaming-distribution, get-streaming-distribution-config, list-streaming-distributions, update-streaming-distribution, delete-streaming-distribution
Tagstags.mdtag-resource, untag-resource, list-tags-for-resource
Wait Commandswait-commands.mdwait distribution-deployed, wait invalidation-completed, wait streaming-distribution-deployed