AWS::CloudFront::TrustStore

CloudFront TrustStore

Resource Type definition for AWS::CloudFront::TrustStore. TrustStores contain CA certificates for mTLS authentication and can be associated with CloudFront distributions.

Properties

3 configurable properties. 1 required. Click a row to see details.

Filter:

Property	Type	Flags
`Name`	`string`	RequiredCreate-only
`CaCertificatesBundleSource`	`CaCertificatesBundleSource`	Write-only
`Tags`	`Array<Tag>`

Return Values

Values returned after the resource is created. Access these with Fn::GetAtt.

Attribute	Type	Description
`Arn`	`string`	The Amazon Resource Name (ARN) of the trust store
`ETag`	`string`	-
`Id`	`string`	The unique identifier for the trust store
`LastModifiedTime`	`string`	The last modification timestamp of the trust store PEM file
`NumberOfCaCertificates`	`integer`	The number of CA certificates in the trust store PEM file
`Status`	`string`	Current status of the trust store

Sample CloudFormation Template

A minimal template with required properties and common optional ones.

template.yaml

AWSTemplateFormatVersion: "2010-09-09"
Description: Sample template for AWS::CloudFront::TrustStore

Resources:
  MyResource:
    Type: AWS::CloudFront::TrustStore
    Properties:
      Name: "my-name"
      Tags:
        - Key: Environment
          Value: Production

Required IAM Permissions

Permissions CloudFormation needs in your IAM role to manage this resource.

create

cloudfront:CreateTrustStorecloudfront:GetTrustStorecloudfront:TagResourcecloudfront:ListTagsForResources3:GetObjectVersions3:GetObjects3:ListBucket

read

cloudfront:GetTrustStorecloudfront:ListTagsForResource

update

cloudfront:GetTrustStorecloudfront:UpdateTrustStorecloudfront:TagResourcecloudfront:UntagResourcecloudfront:ListTagsForResources3:GetObjectVersions3:GetObjects3:ListBucket

delete

cloudfront:DeleteTrustStorecloudfront:GetTrustStore

list

cloudfront:ListTrustStorescloudfront:ListTagsForResource

Get the CloudFront Cheat Sheet

Everything you need to know about CloudFront on one page. HD quality, print-friendly.

Download Free Infographic

Quick Facts

ServiceCloudFront

Properties9

Required1

TaggingSupported

Primary IDId

Supported Operations

CreateReadUpdateDeleteList

Immutable After Creation

These properties cannot be changed after the resource is created. Updating them triggers a replacement.

Name

Related Resources

External Links

AWS Documentation