Add new examples for CloudFront (#9556)

Author: daniil-millwood

awscli/examples/cloudfront/associate-distribution-tenant-web-acl.rst

@@ -0,0 +1,18 @@
+**To associate a web ACL with a CloudFront distribution tenant**
+
+The following ``associate-distribution-tenant-web-acl`` example associates a web ACL with a CloudFront distribution with ETag ``E13V1IB3VIYABC``. ::
+
+    aws cloudfront associate-distribution-tenant-web-acl \
+        --id dt_2wjDZi3hD1ivOXf6rpZJO1AB \
+        --if-match E13V1IB3VIYABC \
+        --web-acl-arn arn:aws:wafv2:us-east-1:123456789012:global/webacl/web-global-example/626900da-5f64-418b-ba9b-743f37123ABC
+
+Output::
+
+    {
+        "ETag": "E1VC38T7YXBABC",
+        "Id": "dt_2wjDZi3hD1ivOXf6rpZJO1AB",
+        "WebACLArn": "arn:aws:wafv2:us-east-1:123456789012:global/webacl/web-global-example/626900da-5f64-418b-ba9b-743f37123ABC"
+    }
+
+For more information, see `Use AWS WAF protections <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-awswaf.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/associate-distribution-web-acl.rst

@@ -0,0 +1,18 @@
+**To associate a web ACL with a CloudFront distribution**
+
+The following ``associate-distribution-web-acl`` example associates a web ACL with a CloudFront distribution. ::
+
+    aws cloudfront associate-distribution-web-acl \
+        --id E1XNX8R2GOAABC \
+        --if-match E2YWS1C2J3OABC \
+        --web-acl-arn arn:aws:wafv2:us-east-1:123456789012:global/webacl/web-global-example/626900da-5f64-418b-ba9b-743f3746cABC
+
+Output::
+
+    {
+        "ETag": "E3QE7ED60U0ABC",
+        "Id": "E1XNX8R2GOAABC",
+        "WebACLArn": "arn:aws:wafv2:us-east-1:123456789012:global/webacl/web-global-example/626900da-5f64-418b-ba9b-743f3746cABC"
+    }
+
+For more information, see `Use AWS WAF protections <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-awswaf.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/create-connection-group.rst

@@ -0,0 +1,39 @@
+**To create a connection group in CloudFront**
+
+The following ``create-connection-group`` example creates an enabled connection group, specifies an Anycast static IP list, and disables IPv6. ::
+
+    aws cloudfront create-connection-group \
+        --name cg-with-anycast-ip-list \
+        --no-ipv6-enabled \
+        --enabled \
+        --anycast-ip-list-id aip_CCkW6gKrDiBD4n78123ABC \
+        --tags "Items=[{Key=abc,Value=123}]"
+
+Output::
+
+    {
+        "ETag": "E23ZP02F085ABC",
+        "ConnectionGroup": {
+            "Id": "cg_2yb6uj74B4PCbfhT31WFdiSABC",
+            "Name": "cg-with-anycast-ip-list",
+            "Arn": "arn:aws:cloudfront::123456789012:connection-group/cg_2yb6uj74B4PCbfhT31WFdiSABC",
+            "CreatedTime": "2025-06-16T16:25:50.061000+00:00",
+            "LastModifiedTime": "2025-06-16T16:25:50.061000+00:00",
+            "Tags": {
+                "Items": [
+                    {
+                        "Key": "abc",
+                        "Value": "123"
+                    }
+                ]
+            },
+            "Ipv6Enabled": false,
+            "RoutingEndpoint": "dj6xusxq65abc.cloudfront.net",
+            "AnycastIpListId": "aip_CCkW6gKrDiBD4n78123ABC",
+            "Status": "InProgress",
+            "Enabled": true,
+            "IsDefault": false
+        }
+    }
+
+For more information, see `Create custom connection group (optional) <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-connection-group.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/create-distribution-tenant.rst

@@ -0,0 +1,99 @@
+**To create a CloudFront distribution tenant**
+
+The following ``create-distribution-tenant`` example creates a CloudFront distribution tenant that specifies customizations to disable WAF, add geo-restrictions, and use another certificate. ::
+
+    aws cloudfront create-distribution-tenant \
+        --cli-input-json file://tenant.json
+
+Contents of ``tenant.json``::
+
+    {
+        "DistributionId": "E1XNX8R2GOAABC",
+        "Domains": [
+            {
+                "Domain": "example.com"
+            }
+        ],
+        "Parameters": [
+            {
+                "Name": "testParam",
+                "Value": "defaultValue"
+            }
+        ],
+        "ConnectionGroupId": "cg_2whCJoXMYCjHcxaLGrkllvyABC",
+        "Enabled": false,
+        "Tags": {
+            "Items": [
+                {
+                    "Key": "tag",
+                    "Value": "tagValue"
+                }
+            ]
+        },
+        "Name": "new-tenant-customizations",
+        "Customizations": {
+            "GeoRestrictions": {
+                "Locations": ["DE"],
+                "RestrictionType": "whitelist"
+            },
+            "WebAcl": {
+                "Action": "disable"
+            },
+            "Certificate": {
+                "Arn": "arn:aws:acm:us-east-1:123456789012:certificate/ec53f564-ea5a-4e4a-a0a2-e3c989449abc"
+            }
+        }
+    }
+
+Output::
+
+    {
+        "ETag": "E23ZP02F085ABC",
+        "DistributionTenant": {
+            "Id": "dt_2yN5tYwVbPKr7m2IB69M1yp1AB",
+            "DistributionId": "E1XNX8R2GOAABC",
+            "Name": "new-tenant-customizations",
+            "Arn": "arn:aws:cloudfront::123456789012:distribution-tenant/dt_2yN5tYwVbPKr7m2IB69M1yp1AB",
+            "Domains": [
+                {
+                    "Domain": "example.com",
+                    "Status": "active"
+                }
+            ],
+            "Tags": {
+                "Items": [
+                    {
+                        "Key": "tag",
+                        "Value": "tagValue"
+                    }
+                ]
+            },
+            "Customizations": {
+                "WebAcl": {
+                    "Action": "disable"
+                },
+                "Certificate": {
+                    "Arn": "arn:aws:acm:us-east-1:123456789012:certificate/ec53f564-ea5a-4e4a-a0a2-e3c989449abc"
+                },
+                "GeoRestrictions": {
+                    "RestrictionType": "whitelist",
+                    "Locations": [
+                        "DE"
+                    ]
+                }
+            },
+            "Parameters": [
+                {
+                    "Name": "testParam",
+                    "Value": "defaultValue"
+                }
+            ],
+            "ConnectionGroupId": "cg_2whCJoXMYCjHcxaLGrkllvyABC",
+            "CreatedTime": "2025-06-11T17:20:06.432000+00:00",
+            "LastModifiedTime": "2025-06-11T17:20:06.432000+00:00",
+            "Enabled": false,
+            "Status": "InProgress"
+        }
+    }
+
+For more information, see `Create a distribution <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/distribution-web-creating-console.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/create-invalidation-for-distribution-tenant.rst

@@ -0,0 +1,29 @@
+**To create a CloudFront invalidation for a distribution tenant**
+
+The following ``create-invalidation-for-distribution-tenant`` example creates an invalidation for all files in a CloudFront distribution tenant. ::
+
+    aws cloudfront create-invalidation-for-distribution-tenant \
+        --id dt_2wjDZi3hD1ivOXf6rpZJO1AB \
+        --invalidation-batch '{"Paths": {"Quantity": 1, "Items": ["/*"]}, "CallerReference": "invalidation-$(date +%s)"}'
+
+Output::
+
+    {
+        "Location": "https://cloudfront.amazonaws.com/2020-05-31/distribution-tenant/dt_2wjDZi3hD1ivOXf6rpZJO1AB/invalidation/I2JGL2F1ZAA426PGG0YLLKABC",
+        "Invalidation": {
+            "Id": "I2JGL2F1ZAA426PGG0YLLKABC",
+            "Status": "InProgress",
+            "CreateTime": "2025-05-07T16:59:25.947000+00:00",
+            "InvalidationBatch": {
+                "Paths": {
+                    "Quantity": 1,
+                    "Items": [
+                        "/*"
+                    ]
+                },
+                "CallerReference": "invalidation-$(date +%s)"
+            }
+        }
+    }
+
+For more information, see `Invalidate files to remove content <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/Invalidation.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/delete-connection-group.rst

@@ -0,0 +1,11 @@
+**To delete a connection group**
+
+The following ``delete-connection-group`` example deletes a connection group. The connection group must be disabled and can't be associated with any CloudFront resources. ::
+
+    aws cloudfront delete-connection-group \
+        --id cg_2wjLpjbHkLUdhWAjHllcOeABC \
+        --if-match ETVPDKIKX0DABC
+
+When successful, this command has no output.
+
+For more information about managing connection groups, see `Create custom connection group (optional) <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-connection-group.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/delete-distribution-tenant.rst

@@ -0,0 +1,11 @@
+**To delete a distribution tenant**
+
+The following ``delete-distribution-tenant`` example deletes a distribution tenant with ETag ``ETVPDKIKX0DABC``. The distribution tenant must be disabled and can't be associated with any CloudFront resources. ::
+
+    aws cloudfront delete-distribution-tenant \
+        --id dt_2wjMUbg3NHZEQ7OfoalP5zi1AB \
+        --if-match ETVPDKIKX0DABC
+
+When successful, this command has no output.
+
+For more information, see `Delete a distribution <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/HowToDeleteDistribution.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/disassociate-distribution-tenant-web-acl.rst

@@ -0,0 +1,16 @@
+**To disassociate a web ACL from a distribution tenant**
+
+The following ``disassociate-distribution-tenant-web-acl`` example disassociates a web ACL from a distribution tenant with ETag ``E1PA6795UKMABC``. ::
+
+    aws cloudfront disassociate-distribution-tenant-web-acl \
+        --id dt_2wjDZi3hD1ivOXf6rpZJOSNE1AB \
+        --if-match E1PA6795UKMABC
+
+Output::
+
+    {
+        "ETag": "E13V1IB3VIYABC",
+        "Id": "dt_2wjDZi3hD1ivOXf6rpZJOSNE1AB"
+    }
+
+For more information, see `Disable AWS WAF security protections <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/disable-waf.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/disassociate-distribution-web-acl.rst

@@ -0,0 +1,16 @@
+**To disassociate a web ACL from a CloudFront distribution**
+
+The following ``disassociate-distribution-web-acl`` example removes the association between a web ACL and a CloudFront distribution with ETag ``E13V1IB3VIYABC``. ::
+
+    aws cloudfront disassociate-distribution-web-acl \
+        --id E1XNX8R2GOAABC \
+        --if-match EEZQ9Z24VM1ABC
+
+Output::
+
+    {
+        "ETag": "E2YWS1C2J3OABC",
+        "Id": "E1XNX8R2GOAABC"
+    }
+
+For more information, see `Disable AWS WAF security protections <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/disable-waf.html>`__ in the *Amazon CloudFront Developer Guide*.

awscli/examples/cloudfront/get-connection-group-by-routing-endpoint.rst

@@ -0,0 +1,26 @@
+**To get a connection group by routing endpoint**
+
+The following ``get-connection-group-by-routing-endpoint`` example retrieves information about a connection group using its routing endpoint. ::
+
+    aws cloudfront get-connection-group-by-routing-endpoint \
+        --routing-endpoint dvdg9gprgabc.cloudfront.net
+
+Output::
+
+    {
+        "ETag": "E23ZP02F085ABC",
+        "ConnectionGroup": {
+            "Id": "cg_2wjDWTBKTlRB87cAaUQFaakABC",
+            "Name": "connection-group-2",
+            "Arn": "arn:aws:cloudfront::123456789012:connection-group/cg_2wjDWTBKTlRB87cAaUQFaakABC",
+            "CreatedTime": "2025-05-06T15:42:00.790000+00:00",
+            "LastModifiedTime": "2025-05-06T15:42:00.790000+00:00",
+            "Ipv6Enabled": true,
+            "RoutingEndpoint": "dvdg9gprgabc.cloudfront.net",
+            "Status": "Deployed",
+            "Enabled": true,
+            "IsDefault": false
+        }
+    }
+
+For more information, see `Create custom connection group (optional) <https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/custom-connection-group.html>`__ in the *Amazon CloudFront Developer Guide*.