Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Add support for CloudFront limits #539

Closed
TagadaPoe opened this issue May 11, 2021 · 2 comments
Closed

Add support for CloudFront limits #539

TagadaPoe opened this issue May 11, 2021 · 2 comments
Labels
unreleased fix

Comments

@TagadaPoe
Copy link
Contributor

Feature Request

Support for the limits of the CloudFront service.

Feature Description

I am especially interested in checking the usage of the following Quotas:

  • Data transfer rate per distribution
  • Requests per second per distribution
  • Distributions per AWS account
  • Cache behaviors per distribution
  • Public keys in a single key group
  • Key groups associated with a single cache behavior
  • Key groups per AWS account
  • Distributions associated with a single key group

List of available Quotas:

L-AAD4943E      Alternate domain names (CNAMEs) per distribution
L-F432D044      Cache behaviors per distribution
L-7D134442      Cache policies per AWS account
L-67B0F006      Concurrent executions
L-B688C4FA      Connection attempts per origin
L-64FCDDBC      Connection timeout per origin
L-BEBABC60      Cookies per cache policy
L-68CBA03E      Cookies per origin request policy
L-EDD87744      Custom headers: maximum length of a header name
L-B0EC47BA      Custom headers: maximum length of a header value
L-21FF7335      Custom headers: maximum length of all header values and names combined
L-BE7788E4      Custom headers: maximum number of custom headers that you can configure CloudFront to add to origin requests
L-0F1E9017      Data transfer rate per distribution
L-C19110C4      Distributions associated with a single key group
L-D50EE3A2      Distributions associated with the same cache policy
L-8D662304      Distributions associated with the same origin request policy
L-D0C8D03A      Distributions per AWS account that you can create triggers for
L-DAD40481      File invalidation: maximum number of active wildcard invalidations allowed
L-AAB20803      File invalidation: maximum number of files allowed in active invalidation requests, excluding wildcard invalidations
L-B7908DC8      Function memory size (Viewer request and response event)
L-F36E9CEF      Function timeout (Origin request and response event)
L-A2E53DC5      Function timeout for a viewer request and response event
L-4C99C1B4      Headers per cache policy
L-C646B44B      Headers per origin request policy
L-E7E9ACEB      Key groups associated with a single distribution
L-D64DA6E2      Key groups per AWS account
L-5DCCC36C      Maximum compressed size of a Lambda function and any included libraries. (Origin request and response event)
L-3AD6E5FC      Maximum compressed size of a Lambda function and any included libraries. (Viewer request and response event)
L-5AA18B98      Maximum file size for HTTP GET, POST, and PUT requests 
L-7CFFA62C      Maximum length of a URL
L-AEB8FB8D      Maximum length of a field to encrypt
L-3668F694      Maximum length of a request body when field-level encryption is configured
L-A1A2AB28      Maximum length of a request, including headers and query strings, but not including the body content
L-A2076525      Maximum number of CloudFront distributions that can be associated with a field-level encryption configuration
L-AACE0BFB      Maximum number of characters in a whitelisted query string
L-4C005807      Maximum number of characters total for all whitelisted query strings in the same parameter
L-DE0FED64      Maximum number of field-level encryption configurations that can be associated with one AWS account
L-469B97CA      Maximum number of field-level encryption profiles that can be associated with one AWS account
L-1E9C8594      Maximum number of fields in a request body when field-level encryption is configured
L-55A85849      Maximum number of fields to encrypt that can be specified in one profile
L-302B5900      Maximum number of public keys that can be added to one AWS account
L-D92991FD      Maximum number of query argument profile mappings that can be included in a field-level encryption configuration
L-08884E5C      Origin access identities per account
L-1B2BD627      Origin groups per distribution
L-C3659C43      Origin request policies per AWS account
L-E1147159      Origin response timeout (idle timeout)
L-B4048FB4      Origins per distribution
L-9EBD26CA      Public keys in a single key group
L-50C9D326      Query strings per cache policy
L-E47A582D      Query strings per origin request policy
L-7F663A86      RTMP distributions per AWS account
L-3D146566      Range of file sizes that CloudFront compresses
L-0EB0396F      Request body size for origin requests exposed to a Lambda@Edge function.
L-7917BC7C      Request body size for origin requests when returning from a Lambda function (base64 encoding)
L-E6A19CDA      Request body size for origin requests when returning from a Lambda function (text encoding)
L-6078EAE8      Request body size for viewer requests exposed to a Lambda@Edge function.
L-B62B1AE4      Request body size for viewer requests when returning from a Lambda function (base64 encoding)
L-AF199A9F      Request body size for viewer requests when returning from a Lambda function (text encoding)
L-C65EE6F0      Request timeout
L-A3F2DA32      Requests per second
L-A2C80159      Requests per second per distribution
L-AECE9FA7      Response timeout per origin
L-DA9DCC93      SSL certificates per AWS account when serving HTTPS requests using dedicated IP addresses
L-18CCB0CF      SSL certificates that can be associated with a CloudFront web distribution
L-83718F29      Size of a response that is generated by a Lambda function, including headers and body (Origin request and response event)
L-D6622F18      Size of a response that is generated by a Lambda function, including headers and body (Viewer request and response event)
L-EBD1DF93      Tags that can be added to a distribution
L-DEB56C13      Total length of the URI including query string in a Lambda@Edge function
L-677CE719      Total number of bytes in whitelisted cookie names (doesn’t apply if you configure CloudFront to forward all cookies to the origin)
L-C57D59CB      Triggers per distribution
L-24B04930      Web distributions per AWS account
L-9D26CF6B      Whitelisted cookies per cache behavior
L-1685304C      Whitelisted headers per cache behavior
L-779C7A0B      Whitelisted query strings per cache behavior

Note: the CloudFront service, and the related Quotas are available only in the "us-east-1" region, this is a global service.

Unfortunatly, the applied Quotas are not available through the Quotas API.

Testing Assistance

I will be able to assist in testing pre-release code for the feature.
@TagadaPoe
Copy link
Contributor Author

I am currently working on a PR to implement some CloudFront limit checks.

TagadaPoe added a commit to quortex/awslimitchecker that referenced this issue May 24, 2021
@TagadaPoe
Implement limit checking for CloudFront service
4f48b98 
Related to issue jantman#539

List of implemented limits:
- Alternate domain names (CNAMEs) per distribution
- Cache behaviors per distribution
- Origin groups per distribution
- Key groups associated with a single distribution
- Origins per distribution
- Whitelisted cookies per cache behavior
- Whitelisted headers per cache behavior
- Whitelisted query strings per cache behavior
- Key groups associated with a single cache behavior
- Public keys in a single key group
- Distributions associated with a single key group
- Cookies per cache policy
- Headers per cache policy
- Query strings per cache policy
- Distributions associated with the same cache policy
- Cookies per origin request policy
- Headers per origin request policy
- Query strings per origin request policy
- Distributions associated with the same origin request policy

Unit tests implemented.

The CloudFront service is considered as global, so the same usage will be reported for CloudFront, no matter which region we are using.

Note: in the "Service Quotas" service, the CloudFront quotas are listed in the region "us-east-1".

The AWS "Service Quotas" service does not return the applied service quotas for CloudFront, only the default quotas.
antonincms pushed a commit to quortex/awslimitchecker that referenced this issue Jul 22, 2021
@TagadaPoe @antonincms
Implement limit checking for CloudFront service
9e4f162 
Related to issue jantman#539

List of implemented limits:
- Alternate domain names (CNAMEs) per distribution
- Cache behaviors per distribution
- Origin groups per distribution
- Key groups associated with a single distribution
- Origins per distribution
- Whitelisted cookies per cache behavior
- Whitelisted headers per cache behavior
- Whitelisted query strings per cache behavior
- Key groups associated with a single cache behavior
- Public keys in a single key group
- Distributions associated with a single key group
- Cookies per cache policy
- Headers per cache policy
- Query strings per cache policy
- Distributions associated with the same cache policy
- Cookies per origin request policy
- Headers per origin request policy
- Query strings per origin request policy
- Distributions associated with the same origin request policy

Unit tests implemented.

The CloudFront service is considered as global, so the same usage will be reported for CloudFront, no matter which region we are using.

Note: in the "Service Quotas" service, the CloudFront quotas are listed in the region "us-east-1".

The AWS "Service Quotas" service does not return the applied service quotas for CloudFront, only the default quotas.
@jantman
Copy link
Owner

jantman commented Aug 4, 2021

A fix for this has been released in 12.0.0, which is now live on PyPI and Docker Hub. Thank you so much!

@jantman jantman closed this as completed Aug 4, 2021
derrix060 pushed a commit to derrix060/awslimitchecker that referenced this issue Jun 28, 2024
@TagadaPoe @derrix060
Implement limit checking for CloudFront service
991d5f6 
Related to issue jantman#539

List of implemented limits:
- Alternate domain names (CNAMEs) per distribution
- Cache behaviors per distribution
- Origin groups per distribution
- Key groups associated with a single distribution
- Origins per distribution
- Whitelisted cookies per cache behavior
- Whitelisted headers per cache behavior
- Whitelisted query strings per cache behavior
- Key groups associated with a single cache behavior
- Public keys in a single key group
- Distributions associated with a single key group
- Cookies per cache policy
- Headers per cache policy
- Query strings per cache policy
- Distributions associated with the same cache policy
- Cookies per origin request policy
- Headers per origin request policy
- Query strings per origin request policy
- Distributions associated with the same origin request policy

Unit tests implemented.

The CloudFront service is considered as global, so the same usage will be reported for CloudFront, no matter which region we are using.

Note: in the "Service Quotas" service, the CloudFront quotas are listed in the region "us-east-1".

The AWS "Service Quotas" service does not return the applied service quotas for CloudFront, only the default quotas.
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Assignees
No one assigned
Labels
unreleased fix
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
2 participants
@jantman @TagadaPoe