cloudfront:*AWS Amazon CloudFront IAM Actions
173 IAM actions for cloudfront:*
Actions
173 actions available. Filter by access level or search by name.
Filter:
| Action | Access Level |
|---|---|
cloudfront:AllowVendedLogDeliveryForResource | Read |
cloudfront:AssociateAlias | Write |
cloudfront:AssociateDistributionTenantWebACL | Write |
cloudfront:AssociateDistributionWebACL | Write |
cloudfront:CopyDistribution | Write |
cloudfront:CreateAnycastIpList | Write |
cloudfront:CreateCachePolicy | Permissions |
cloudfront:CreateCloudFrontOriginAccessIdentity | Write |
cloudfront:CreateConnectionFunction | Write |
cloudfront:CreateConnectionGroup | Write |
cloudfront:CreateContinuousDeploymentPolicy | Permissions |
cloudfront:CreateDistribution | Write |
cloudfront:CreateDistributionTenant | Write |
cloudfront:CreateFieldLevelEncryptionConfig | Write |
cloudfront:CreateFieldLevelEncryptionProfile | Write |
cloudfront:CreateFunction | Write |
cloudfront:CreateInvalidation | Write |
cloudfront:CreateInvalidationForDistributionTenant | Write |
cloudfront:CreateKeyGroup | Write |
cloudfront:CreateKeyValueStore | Write |
cloudfront:CreateMonitoringSubscription | Write |
cloudfront:CreateOriginAccessControl | Write |
cloudfront:CreateOriginRequestPolicy | Permissions |
cloudfront:CreatePublicKey | Write |
cloudfront:CreateRealtimeLogConfig | Write |
cloudfront:CreateResponseHeadersPolicy | Permissions |
cloudfront:CreateSavingsPlan | Write |
cloudfront:CreateStreamingDistribution | Write |
cloudfront:CreateStreamingDistributionWithTags | Tagging |
cloudfront:CreateTrustStore | Write |
cloudfront:CreateVpcOrigin | Write |
cloudfront:DeleteAnycastIpList | Write |
cloudfront:DeleteCachePolicy | Permissions |
cloudfront:DeleteCloudFrontOriginAccessIdentity | Write |
cloudfront:DeleteConnectionFunction | Write |
cloudfront:DeleteConnectionGroup | Write |
cloudfront:DeleteContinuousDeploymentPolicy | Permissions |
cloudfront:DeleteDistribution | Write |
cloudfront:DeleteDistributionTenant | Write |
cloudfront:DeleteFieldLevelEncryptionConfig | Write |
cloudfront:DeleteFieldLevelEncryptionProfile | Write |
cloudfront:DeleteFunction | Write |
cloudfront:DeleteKeyGroup | Write |
cloudfront:DeleteKeyValueStore | Write |
cloudfront:DeleteMonitoringSubscription | Write |
cloudfront:DeleteOriginAccessControl | Write |
cloudfront:DeleteOriginRequestPolicy | Permissions |
cloudfront:DeletePublicKey | Write |
cloudfront:DeleteRealtimeLogConfig | Write |
cloudfront:DeleteResourcePolicy | Permissions |
cloudfront:DeleteResponseHeadersPolicy | Permissions |
cloudfront:DeleteStreamingDistribution | Write |
cloudfront:DeleteTrustStore | Write |
cloudfront:DeleteVpcOrigin | Write |
cloudfront:DescribeConnectionFunction | Read |
cloudfront:DescribeFunction | Read |
cloudfront:DescribeKeyValueStore | Read |
cloudfront:DisassociateDistributionTenantWebACL | Write |
cloudfront:DisassociateDistributionWebACL | Write |
cloudfront:GetAnycastIpList | Read |
cloudfront:GetCachePolicy | Permissions |
cloudfront:GetCachePolicyConfig | Permissions |
cloudfront:GetCloudFrontOriginAccessIdentity | Read |
cloudfront:GetCloudFrontOriginAccessIdentityConfig | Read |
cloudfront:GetConnectionFunction | Read |
cloudfront:GetConnectionGroup | Read |
cloudfront:GetConnectionGroupByRoutingEndpoint | Read |
cloudfront:GetContinuousDeploymentPolicy | Permissions |
cloudfront:GetContinuousDeploymentPolicyConfig | Permissions |
cloudfront:GetDistribution | Read |
cloudfront:GetDistributionConfig | Read |
cloudfront:GetDistributionTenant | Read |
cloudfront:GetDistributionTenantByDomain | Read |
cloudfront:GetFieldLevelEncryption | Read |
cloudfront:GetFieldLevelEncryptionConfig | Read |
cloudfront:GetFieldLevelEncryptionProfile | Read |
cloudfront:GetFieldLevelEncryptionProfileConfig | Read |
cloudfront:GetFunction | Read |
cloudfront:GetInvalidation | Read |
cloudfront:GetInvalidationForDistributionTenant | Read |
cloudfront:GetKeyGroup | Read |
cloudfront:GetKeyGroupConfig | Read |
cloudfront:GetManagedCertificateDetails | Read |
cloudfront:GetMonitoringSubscription | Read |
cloudfront:GetOriginAccessControl | Read |
cloudfront:GetOriginAccessControlConfig | Read |
cloudfront:GetOriginRequestPolicy | Permissions |
cloudfront:GetOriginRequestPolicyConfig | Permissions |
cloudfront:GetPublicKey | Read |
cloudfront:GetPublicKeyConfig | Read |
cloudfront:GetRealtimeLogConfig | Read |
cloudfront:GetResourcePolicy | Permissions |
cloudfront:GetResponseHeadersPolicy | Permissions |
cloudfront:GetResponseHeadersPolicyConfig | Permissions |
cloudfront:GetSavingsPlan | Read |
cloudfront:GetStreamingDistribution | Read |
cloudfront:GetStreamingDistributionConfig | Read |
cloudfront:GetTrustStore | Read |
cloudfront:GetVpcOrigin | Read |
cloudfront:ListAnycastIpLists | List |
cloudfront:ListCachePolicies | List |
cloudfront:ListCloudFrontOriginAccessIdentities | List |
cloudfront:ListConflictingAliases | List |
cloudfront:ListConnectionFunctions | List |
cloudfront:ListConnectionGroups | List |
cloudfront:ListContinuousDeploymentPolicies | List |
cloudfront:ListDistributions | List |
cloudfront:ListDistributionsByAnycastIpListId | List |
cloudfront:ListDistributionsByCachePolicyId | Permissions |
cloudfront:ListDistributionsByConnectionFunction | List |
cloudfront:ListDistributionsByConnectionMode | List |
cloudfront:ListDistributionsByKeyGroup | List |
cloudfront:ListDistributionsByLambdaFunction | List |
cloudfront:ListDistributionsByOriginRequestPolicyId | Permissions |
cloudfront:ListDistributionsByRealtimeLogConfig | List |
cloudfront:ListDistributionsByResponseHeadersPolicyId | Permissions |
cloudfront:ListDistributionsByTrustStore | List |
cloudfront:ListDistributionsByVpcOriginId | List |
cloudfront:ListDistributionsByWebACLId | List |
cloudfront:ListDistributionTenants | List |
cloudfront:ListDistributionTenantsByCustomization | List |
cloudfront:ListDomainConflicts | List |
cloudfront:ListFieldLevelEncryptionConfigs | List |
cloudfront:ListFieldLevelEncryptionProfiles | List |
cloudfront:ListFunctions | List |
cloudfront:ListInvalidations | List |
cloudfront:ListInvalidationsForDistributionTenant | List |
cloudfront:ListKeyGroups | List |
cloudfront:ListKeyValueStores | List |
cloudfront:ListOriginAccessControls | List |
cloudfront:ListOriginRequestPolicies | List |
cloudfront:ListPublicKeys | List |
cloudfront:ListRateCards | List |
cloudfront:ListRealtimeLogConfigs | List |
cloudfront:ListResponseHeadersPolicies | List |
cloudfront:ListSavingsPlans | List |
cloudfront:ListStreamingDistributions | List |
cloudfront:ListTagsForResource | Tagging |
cloudfront:ListTrustStores | List |
cloudfront:ListUsages | List |
cloudfront:ListVpcOrigins | List |
cloudfront:PublishConnectionFunction | Write |
cloudfront:PublishFunction | Write |
cloudfront:PutResourcePolicy | Permissions |
cloudfront:TagResource | Tagging |
cloudfront:TestConnectionFunction | Read |
cloudfront:TestFunction | Read |
cloudfront:UntagResource | Tagging |
cloudfront:UpdateAnycastIpList | Write |
cloudfront:UpdateCachePolicy | Permissions |
cloudfront:UpdateCloudFrontOriginAccessIdentity | Write |
cloudfront:UpdateConnectionFunction | Write |
cloudfront:UpdateConnectionGroup | Write |
cloudfront:UpdateContinuousDeploymentPolicy | Permissions |
cloudfront:UpdateDistribution | Write |
cloudfront:UpdateDistributionTenant | Write |
cloudfront:UpdateDistributionWithStagingConfig | Tagging |
cloudfront:UpdateDomainAssociation | Write |
cloudfront:UpdateFieldLevelEncryptionConfig | Write |
cloudfront:UpdateFieldLevelEncryptionProfile | Write |
cloudfront:UpdateFunction | Write |
cloudfront:UpdateKeyGroup | Write |
cloudfront:UpdateKeyValueStore | Write |
cloudfront:UpdateOriginAccessControl | Write |
cloudfront:UpdateOriginRequestPolicy | Permissions |
cloudfront:UpdatePublicKey | Write |
cloudfront:UpdateRealtimeLogConfig | Write |
cloudfront:UpdateResponseHeadersPolicy | Permissions |
cloudfront:UpdateSavingsPlan | Write |
cloudfront:UpdateStreamingDistribution | Write |
cloudfront:UpdateTrustStore | Write |
cloudfront:UpdateVpcOrigin | Write |
cloudfront:VerifyDnsConfiguration | Read |
Resource Types
ARN patterns for resources in this service.
| Resource | ARN Pattern |
|---|---|
${ResourceType} | arn:aws:cloudfront:${Region}:${Account}:${ResourceType}/${ResourceId} |
Condition Keys
Condition keys you can use in IAM policy conditions for this service.
aws:RequestTag/${TagKey}aws:ResourceTag/${TagKey}aws:TagKeysGet the Amazon CloudFront Cheat Sheet
Everything you need to know about Amazon CloudFront on one page. HD quality, print-friendly.
Download Free InfographicGet the Amazon CloudFront Cheat Sheet
Everything you need to know about Amazon CloudFront on one page. HD quality, print-friendly.
Download Free InfographicQuick Facts
Total Actions173
Prefix
cloudfrontResource Types1
Condition Keys3
Access Level Breakdown
Read38
Write66
List38
Permissions26
Tagging5