1+ // Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.
2+ // SPDX-License-Identifier: Apache-2.0
3+
4+ package com .example .cloudfront ;
5+
6+ // snippet-start:[cloudfront.java2.createdistributiontenant.import]
7+ import software .amazon .awssdk .core .internal .waiters .ResponseOrException ;
8+ import software .amazon .awssdk .services .cloudfront .CloudFrontClient ;
9+ import software .amazon .awssdk .services .cloudfront .model .ConnectionMode ;
10+ import software .amazon .awssdk .services .cloudfront .model .CreateConnectionGroupResponse ;
11+ import software .amazon .awssdk .services .cloudfront .model .CreateDistributionResponse ;
12+ import software .amazon .awssdk .services .cloudfront .model .CreateDistributionTenantResponse ;
13+ import software .amazon .awssdk .services .cloudfront .model .Distribution ;
14+ import software .amazon .awssdk .services .cloudfront .model .DistributionTenant ;
15+ import software .amazon .awssdk .services .cloudfront .model .GetConnectionGroupResponse ;
16+ import software .amazon .awssdk .services .cloudfront .model .GetDistributionResponse ;
17+ import software .amazon .awssdk .services .cloudfront .model .HttpVersion ;
18+ import software .amazon .awssdk .services .cloudfront .model .Method ;
19+ import software .amazon .awssdk .services .cloudfront .model .SSLSupportMethod ;
20+ import software .amazon .awssdk .services .cloudfront .model .ValidationTokenHost ;
21+ import software .amazon .awssdk .services .cloudfront .model .ViewerProtocolPolicy ;
22+ import software .amazon .awssdk .services .cloudfront .waiters .CloudFrontWaiter ;
23+ import software .amazon .awssdk .services .route53 .Route53Client ;
24+ import software .amazon .awssdk .services .route53 .model .RRType ;
25+ import software .amazon .awssdk .services .s3 .S3Client ;
26+
27+ import java .time .Instant ;
28+ // snippet-end:[cloudfront.java2.createdistributiontenant.import]
29+
30+ // snippet-start:[cloudfront.java2.createdistributiontenant.title]
31+ public class CreateMultiTenantDistribution {
32+ // snippet-end:[cloudfront.java2.createdistributiontenant.title]
33+ // snippet-start:[cloudfront.java2.createdistributiontenant.nocert]
34+ public static DistributionTenant createDistributionTenantNoCert (CloudFrontClient cloudFrontClient ,
35+ Route53Client route53Client ,
36+ String distributionId ,
37+ String domain ,
38+ String hostedZoneId ) {
39+ CreateDistributionTenantResponse createResponse = cloudFrontClient .createDistributionTenant (builder -> builder
40+ .distributionId (distributionId )
41+ .domains (b1 -> b1
42+ .domain (domain ))
43+ .parameters (b2 -> b2
44+ .name ("tenantName" )
45+ .value ("myTenant" ))
46+ .enabled (true )
47+ .name ("no-cert-tenant" )
48+ );
49+
50+ final DistributionTenant distributionTenant = createResponse .distributionTenant ();
51+
52+ // Then update the Route53 hosted zone to point your domain at the distribution tenant
53+ // We fetch the RoutingEndpoint to point to via the default connection group that was created for your tenant
54+ final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient .getConnectionGroup (builder -> builder
55+ .identifier (distributionTenant .connectionGroupId ()));
56+
57+ route53Client .changeResourceRecordSets (builder -> builder
58+ .hostedZoneId (hostedZoneId )
59+ .changeBatch (b1 -> b1
60+ .comment ("ChangeBatch comment" )
61+ .changes (b2 -> b2
62+ .resourceRecordSet (b3 -> b3
63+ .name (domain )
64+ .type ("CNAME" )
65+ .ttl (300L )
66+ .resourceRecords (b4 -> b4
67+ .value (fetchedConnectionGroup .connectionGroup ().routingEndpoint ())))
68+ .action ("CREATE" ))
69+ ));
70+ return distributionTenant ;
71+ }
72+ // snippet-end:[cloudfront.java2.createdistributiontenant.nocert]
73+
74+ // snippet-start:[cloudfront.java2.createdistributiontenant.withcert]
75+ public static DistributionTenant createDistributionTenantWithCert (CloudFrontClient cloudFrontClient ,
76+ Route53Client route53Client ,
77+ String distributionId ,
78+ String domain ,
79+ String hostedZoneId ,
80+ String certificateArn ) {
81+ CreateDistributionTenantResponse createResponse = cloudFrontClient .createDistributionTenant (builder -> builder
82+ .distributionId (distributionId )
83+ .domains (b1 -> b1
84+ .domain (domain ))
85+ .enabled (true )
86+ .name ("tenant-with-cert" )
87+ .parameters (b2 -> b2
88+ .name ("tenantName" )
89+ .value ("myTenant" ))
90+ .customizations (b3 -> b3
91+ .certificate (b4 -> b4
92+ .arn (certificateArn ))) // NOTE: Cert must be in Us-East-1 and cover the domain provided in this request
93+
94+ );
95+
96+ final DistributionTenant distributionTenant = createResponse .distributionTenant ();
97+
98+ // Then update the Route53 hosted zone to point your domain at the distribution tenant
99+ // We fetch the RoutingEndpoint to point to via the default connection group that was created for your tenant
100+ final GetConnectionGroupResponse fetchedConnectionGroup = cloudFrontClient .getConnectionGroup (builder -> builder
101+ .identifier (distributionTenant .connectionGroupId ()));
102+
103+ route53Client .changeResourceRecordSets (builder -> builder
104+ .hostedZoneId (hostedZoneId )
105+ .changeBatch (b1 -> b1
106+ .comment ("ChangeBatch comment" )
107+ .changes (b2 -> b2
108+ .resourceRecordSet (b3 -> b3
109+ .name (domain )
110+ .type ("CNAME" )
111+ .ttl (300L )
112+ .resourceRecords (b4 -> b4
113+ .value (fetchedConnectionGroup .connectionGroup ().routingEndpoint ())))
114+ .action ("CREATE" ))
115+ ));
116+ return distributionTenant ;
117+ }
118+ // snippet-end:[cloudfront.java2.createdistributiontenant.withcert]
119+
120+ // snippet-start:[cloudfront.java2.createdistributiontenant.cfhosted]
121+ public static DistributionTenant createDistributionTenantCfHosted (CloudFrontClient cloudFrontClient ,
122+ Route53Client route53Client ,
123+ String distributionId ,
124+ String domain ,
125+ String hostedZoneId ) {
126+ CreateConnectionGroupResponse createConnectionGroupResponse = cloudFrontClient .createConnectionGroup (builder -> builder
127+ .ipv6Enabled (true )
128+ .name ("cf-hosted-connection-group" )
129+ .enabled (true ));
130+
131+ route53Client .changeResourceRecordSets (builder -> builder
132+ .hostedZoneId (hostedZoneId )
133+ .changeBatch (b1 -> b1
134+ .comment ("cf-hosted domain validation record" )
135+ .changes (b2 -> b2
136+ .resourceRecordSet (b3 -> b3
137+ .name (domain )
138+ .type (RRType .CNAME )
139+ .ttl (300L )
140+ .resourceRecords (b4 -> b4
141+ .value (createConnectionGroupResponse .connectionGroup ().routingEndpoint ())))
142+ .action ("CREATE" ))
143+ ));
144+
145+ // Give the R53 record time to propagate, if it isn't being returned by servers yet, the following call will fail
146+ sleep (60000 );
147+
148+ CreateDistributionTenantResponse createResponse = cloudFrontClient .createDistributionTenant (builder -> builder
149+ .distributionId (distributionId )
150+ .domains (b1 -> b1
151+ .domain (domain ))
152+ .enabled (true )
153+ .name ("cf-hosted-tenant" )
154+ .parameters (b2 -> b2
155+ .name ("tenantName" )
156+ .value ("myTenant" ))
157+ .managedCertificateRequest (b3 -> b3
158+ .validationTokenHost (ValidationTokenHost .SELF_HOSTED )
159+ );
160+
161+ final DistributionTenant distributionTenant = createResponse .distributionTenant ();
162+ }
163+ // snippet-end:[cloudfront.java2.createdistributiontenant.cfhosted]
164+
165+ // snippet-start:[cloudfront.java2.createdistributiontenant.selfhosted]
166+ public static DistributionTenant createDistributionTenantSelfHosted (CloudFrontClient cloudFrontClient ,
167+ Route53Client route53Client ,
168+ String distributionId ,
169+ String domain ,
170+ String hostedZoneId ) {
171+ CreateDistributionTenantResponse createResponse = cloudFrontClient .createDistributionTenant (builder -> builder
172+ .distributionId (distributionId )
173+ .domains (b1 -> b1
174+ .domain (domain ))
175+ .parameters (b2 -> b2
176+ .name ("tenantName" )
177+ .value ("myTenant" ))
178+ .enabled (true )
179+ .name ("self-hosted-tenant" )
180+ );
181+
182+ return createResponse .distributionTenant ();
183+ }
184+ // snippet-end:[cloudfront.java2.createdistributiontenant.selfhosted]
185+
186+ // snippet-start:[cloudfront.java2.createdistributiontenant.closebrace]
187+ }
188+ // snippet-end:[cloudfront.java2.createdistributiontenant.closebrace]
0 commit comments