Skip to content

KeyGroup

Source: src/AWS/CloudFront/KeyGroup.ts

A CloudFront key group.

Key groups bundle one or more {@link PublicKey} resources for use as TrustedKeyGroups on a Distribution’s cache behavior. CloudFront uses the keys in the group to verify the signatures on signed URLs and signed cookies for that behavior.

Creating Key Groups

Section titled “Creating Key Groups”
const primary = yield* PublicKey("PrimarySigningKey", {
  encodedKey: yield* fs.readFileString("./primary.pem"),
});
const secondary = yield* PublicKey("SecondarySigningKey", {
  encodedKey: yield* fs.readFileString("./secondary.pem"),
});


const keyGroup = yield* KeyGroup("SignedUrlKeys", {
  comment: "Trusted signers for /private",
  items: [primary.publicKeyId, secondary.publicKeyId],
});