[ aws . cloudfront ]
Add a new public key to CloudFront to use, for example, for field-level encryption. You can add a maximum of 10 public keys with one AWS account.
See also: AWS API Documentation
See ‘aws help’ for descriptions of global parameters.
create-public-key
--public-key-config <value>
[--cli-input-json | --cli-input-yaml]
[--generate-cli-skeleton <value>]
[--cli-auto-prompt <value>]
--public-key-config
(structure)
The request to add a public key to CloudFront.
CallerReference -> (string)
A unique number that ensures that the request can’t be replayed.
Name -> (string)
The name for a public key you add to CloudFront to use with features like field-level encryption.
EncodedKey -> (string)
The encoded public key that you want to add to CloudFront to use with features like field-level encryption.
Comment -> (string)
An optional comment about a public key.
Shorthand Syntax:
CallerReference=string,Name=string,EncodedKey=string,Comment=string
JSON Syntax:
{
"CallerReference": "string",
"Name": "string",
"EncodedKey": "string",
"Comment": "string"
}
--cli-input-json
| --cli-input-yaml
(string)
Reads arguments from the JSON string provided. The JSON string follows the format provided by --generate-cli-skeleton
. If other arguments are provided on the command line, those values will override the JSON-provided values. It is not possible to pass arbitrary binary values using a JSON-provided value as the string will be taken literally. This may not be specified along with --cli-input-yaml
.
--generate-cli-skeleton
(string)
Prints a JSON skeleton to standard output without sending an API request. If provided with no value or the value input
, prints a sample input JSON that can be used as an argument for --cli-input-json
. Similarly, if provided yaml-input
it will print a sample input YAML that can be used with --cli-input-yaml
. If provided with the value output
, it validates the command inputs and returns a sample output JSON for that command.
--cli-auto-prompt
(boolean)
Automatically prompt for CLI input parameters.
See ‘aws help’ for descriptions of global parameters.
To create a CloudFront public key
The following example creates a CloudFront public key by providing the
parameters in a JSON file named pub-key-config.json
. Before you can use
this command, you must have a PEM-encoded public key. For more information, see
Create an RSA Key Pair
in the Amazon CloudFront Developer Guide.
aws cloudfront create-public-key \
--public-key-config file://pub-key-config.json
The file pub-key-config.json
is a JSON document in the current folder that
contains the following. Note that the public key is encoded in PEM format.
{
"CallerReference": "cli-example",
"Name": "ExampleKey",
"EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n",
"Comment": "example public key"
}
Output:
{
"Location": "https://cloudfront.amazonaws.com/2019-03-26/public-key/KDFB19YGCR002",
"ETag": "E2QWRUHEXAMPLE",
"PublicKey": {
"Id": "KDFB19YGCR002",
"CreatedTime": "2019-12-05T18:51:43.781Z",
"PublicKeyConfig": {
"CallerReference": "cli-example",
"Name": "ExampleKey",
"EncodedKey": "-----BEGIN PUBLIC KEY-----\nMIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxPMbCA2Ks0lnd7IR+3pw\nwd3H/7jPGwj8bLUmore7bX+oeGpZ6QmLAe/1UOWcmZX2u70dYcSIzB1ofZtcn4cJ\nenHBAzO3ohBY/L1tQGJfS2A+omnN6H16VZE1JCK8XSJyfze7MDLcUyHZETdxuvRb\nA9X343/vMAuQPnhinFJ8Wdy8YBXSPpy7r95ylUQd9LfYTBzVZYG2tSesplcOkjM3\n2Uu+oMWxQAw1NINnSLPinMVsutJy6ZqlV3McWNWe4T+STGtWhrPNqJEn45sIcCx4\nq+kGZ2NQ0FyIyT2eiLKOX5Rgb/a36E/aMk4VoDsaenBQgG7WLTnstb9sr7MIhS6A\nrwIDAQAB\n-----END PUBLIC KEY-----\n",
"Comment": "example public key"
}
}
}
PublicKey -> (structure)
Returned when you add a public key.
Id -> (string)
A unique ID assigned to a public key you’ve added to CloudFront.
CreatedTime -> (timestamp)
A time you added a public key to CloudFront.
PublicKeyConfig -> (structure)
A complex data type for a public key you add to CloudFront to use with features like field-level encryption.
CallerReference -> (string)
A unique number that ensures that the request can’t be replayed.
Name -> (string)
The name for a public key you add to CloudFront to use with features like field-level encryption.
EncodedKey -> (string)
The encoded public key that you want to add to CloudFront to use with features like field-level encryption.
Comment -> (string)
An optional comment about a public key.
Location -> (string)
The fully qualified URI of the new public key resource just created.
ETag -> (string)
The current version of the public key. For example:
E2QWRUHAPOMQZL
.