Skip to content

Cdn

Reference doc for the `sst.aws.Cdn` component.

The Cdn component is internally used by other components to deploy a CDN to AWS. It uses Amazon CloudFront and Amazon Route 53 to manage custom domains.

You’ll find this component exposed in the transform of other components. And you can customize the args listed here. For example:

sst.config.ts
new sst.aws.Nextjs("MyWeb", {
transform: {
cdn: (args) => {
args.wait = false;
}
}
});

Constructor

new Cdn(name, args, opts?)

Parameters

CdnArgs

comment?

Type Input<string>

A comment to describe the distribution. It cannot be longer than 128 characters.

customErrorResponses?

Type Input<Input<DistributionCustomErrorResponse>[]>

One or more custom error responses.

defaultCacheBehavior

Type Input<DistributionDefaultCacheBehavior>

The default cache behavior for this distribution.

defaultRootObject?

Type Input<string>

An object you want CloudFront to return when a user requests the root URL. For example, the index.html.

domain?

Type Input<string | Object>

Set a custom domain for your distribution.

Automatically manages domains hosted on AWS Route 53, Cloudflare, and Vercel. For other providers, you’ll need to pass in a cert that validates domain ownership and add the DNS records.

By default this assumes the domain is hosted on Route 53.

{
domain: "example.com"
}

For domains hosted on Cloudflare.

{
domain: {
name: "example.com",
dns: sst.cloudflare.dns()
}
}

Specify a www. version of the custom domain.

{
domain: {
name: "domain.com",
redirects: ["www.domain.com"]
}
}

domain.aliases?

Type Input<string[]>

Alias domains that should be used. Unlike the redirect option, this keeps your visitors on this alias domain.

So if your users visit app2.domain.com, they will stay on app2.domain.com in their browser.

{
domain: {
name: "app1.domain.com",
aliases: ["app2.domain.com"]
}
}

domain.cert?

Type Input<string>

The ARN of an ACM (AWS Certificate Manager) certificate that proves ownership of the domain. By default, a certificate is created and validated automatically.

The certificate will be created in the us-east-1 region as required by AWS CloudFront. If you are creating your own certificate, you must also create it in us-east-1.

To manually set up a domain on an unsupported provider, you’ll need to:

  1. Validate that you own the domain by creating an ACM certificate. You can either validate it by setting a DNS record or by verifying an email sent to the domain owner.
  2. Once validated, set the certificate ARN as the cert and set dns to false.
  3. Add the DNS records in your provider to point to the CloudFront distribution URL.
{
domain: {
name: "domain.com",
dns: false,
cert: "arn:aws:acm:us-east-1:112233445566:certificate/3a958790-8878-4cdc-a396-06d95064cf63"
}
}

domain.dns?

Type Input<false | sst.aws.dns | sst.cloudflare.dns | sst.vercel.dns>

Default sst.aws.dns

The DNS provider to use for the domain. Defaults to the AWS.

Takes an adapter that can create the DNS records on the provider. This can automate validating the domain and setting up the DNS routing.

Supports Route 53, Cloudflare, and Vercel adapters. For other providers, you’ll need to set dns to false and pass in a certificate validating ownership via cert.

Specify the hosted zone ID for the Route 53 domain.

{
domain: {
name: "example.com",
dns: sst.aws.dns({
zone: "Z2FDTNDATAQYW2"
})
}
}

Use a domain hosted on Cloudflare, needs the Cloudflare provider.

{
domain: {
name: "example.com",
dns: sst.cloudflare.dns()
}
}

Use a domain hosted on Vercel, needs the Vercel provider.

{
domain: {
name: "example.com",
dns: sst.vercel.dns()
}
}

domain.name

Type Input<string>

The custom domain you want to use.

{
domain: {
name: "example.com"
}
}

Can also include subdomains based on the current stage.

{
domain: {
name: `${$app.stage}.example.com`
}
}

domain.redirects?

Type Input<string[]>

Alternate domains to be used. Visitors to the alternate domains will be redirected to the main name.

Use this to create a www. version of your domain and redirect visitors to the apex domain.

{
domain: {
name: "domain.com",
redirects: ["www.domain.com"]
}
}

invalidation?

Type Input<boolean | Object>

Default false

Configure how the CloudFront cache invalidations are handled.

Enable invalidations. Setting this to true will invalidate all paths. It is equivalent to passing in { paths: ["/*"] }.

{
invalidation: true
}

invalidation.paths?

Type Input<Input<string>[]>

Default [”/*”]

Specify an array of glob pattern of paths to invalidate.

Invalidate the index.html and all files under the products/ route. This counts as two invalidations.

{
invalidation: {
paths: ["/index.html", "/products/*"]
}
}

invalidation.token?

Type Input<string>

Default A unique value is auto-generated on each deploy

The invalidation token is used to determine if the cache should be invalidated. If the token is the same as the previous deployment, the cache will not be invalidated.

{
invalidation: {
token: "foo123"
}
}

invalidation.wait?

Type Input<boolean>

Default false

Configure if sst deploy should wait for the CloudFront cache invalidation to finish.

Waiting for this process to finish ensures that new content will be available after the deploy finishes. However, this process can sometimes take more than 5 mins.

{
invalidation: {
wait: true
}
}

orderedCacheBehaviors?

Type Input<Input<DistributionOrderedCacheBehavior>[]>

An ordered list of cache behaviors for this distribution. Listed in order of precedence. The first cache behavior will have precedence 0.

originGroups?

Type Input<Input<DistributionOriginGroup>[]>

One or more origin groups for this distribution.

origins

Type Input<Input<DistributionOrigin>[]>

One or more origins for this distribution.

transform?

Type Object

Transform how this component creates its underlying resources.

transform.distribution

Type DistributionArgs | (args: DistributionArgs, opts: ComponentResourceOptions, name: string) => void

Transform the CloudFront distribution resource.

wait?

Type Input<boolean>

Default true

Whether to wait for the CloudFront distribution to be deployed before completing the deployment of the app. This is necessary if you need to use the distribution URL in other resources.

Properties

domainUrl

Type undefined | Output<string>

If the custom domain is enabled, this is the URL of the distribution with the custom domain.

nodes

Type Object

The underlying resources this component creates.

nodes.distribution

Type Output<Distribution>

The Amazon CloudFront distribution.

url

Type Output<string>

The CloudFront URL of the distribution.

CdnDomainArgs

aliases?

Type Input<string[]>

Alias domains that should be used. Unlike the redirect option, this keeps your visitors on this alias domain.

So if your users visit app2.domain.com, they will stay on app2.domain.com in their browser.

{
domain: {
name: "app1.domain.com",
aliases: ["app2.domain.com"]
}
}

cert?

Type Input<string>

The ARN of an ACM (AWS Certificate Manager) certificate that proves ownership of the domain. By default, a certificate is created and validated automatically.

The certificate will be created in the us-east-1 region as required by AWS CloudFront. If you are creating your own certificate, you must also create it in us-east-1.

To manually set up a domain on an unsupported provider, you’ll need to:

  1. Validate that you own the domain by creating an ACM certificate. You can either validate it by setting a DNS record or by verifying an email sent to the domain owner.
  2. Once validated, set the certificate ARN as the cert and set dns to false.
  3. Add the DNS records in your provider to point to the CloudFront distribution URL.
{
domain: {
name: "domain.com",
dns: false,
cert: "arn:aws:acm:us-east-1:112233445566:certificate/3a958790-8878-4cdc-a396-06d95064cf63"
}
}

dns?

Type Input<false | sst.aws.dns | sst.cloudflare.dns | sst.vercel.dns>

Default sst.aws.dns

The DNS provider to use for the domain. Defaults to the AWS.

Takes an adapter that can create the DNS records on the provider. This can automate validating the domain and setting up the DNS routing.

Supports Route 53, Cloudflare, and Vercel adapters. For other providers, you’ll need to set dns to false and pass in a certificate validating ownership via cert.

Specify the hosted zone ID for the Route 53 domain.

{
domain: {
name: "example.com",
dns: sst.aws.dns({
zone: "Z2FDTNDATAQYW2"
})
}
}

Use a domain hosted on Cloudflare, needs the Cloudflare provider.

{
domain: {
name: "example.com",
dns: sst.cloudflare.dns()
}
}

Use a domain hosted on Vercel, needs the Vercel provider.

{
domain: {
name: "example.com",
dns: sst.vercel.dns()
}
}

name

Type Input<string>

The custom domain you want to use.

{
domain: {
name: "example.com"
}
}

Can also include subdomains based on the current stage.

{
domain: {
name: `${$app.stage}.example.com`
}
}

redirects?

Type Input<string[]>

Alternate domains to be used. Visitors to the alternate domains will be redirected to the main name.

Use this to create a www. version of your domain and redirect visitors to the apex domain.

{
domain: {
name: "domain.com",
redirects: ["www.domain.com"]
}
}