{"id":17586,"library":"ember-cli-deploy-cloudfront","title":"Ember CLI Deploy CloudFront Cache Invalidation","description":"`ember-cli-deploy-cloudfront` is an `ember-cli-deploy` plugin designed to automate the invalidation of cached files on AWS CloudFront distributions as part of an Ember application's continuous deployment pipeline. The current stable version is 6.0.0, which notably updates the underlying AWS SDK to v3. The package's release cadence is tied to Node.js LTS support and critical dependency upgrades, such as the AWS SDK. Its primary use case is invalidating `index.html` after a new deployment, though it supports invalidating multiple custom paths and multiple CloudFront distributions. It differentiates itself by providing seamless integration into the `ember-cli-deploy` ecosystem, allowing developers to manage CloudFront cache busts directly from their Ember CLI projects without manual AWS console intervention. It supports various AWS authentication methods, including access keys, IAM roles, and profiles.","status":"active","version":"6.0.0","language":"javascript","source_language":"en","source_url":"https://github.com/kpfefferle/ember-cli-deploy-cloudfront","tags":["javascript","ember-addon","ember-cli-deploy-plugin"],"install":[{"cmd":"npm install ember-cli-deploy-cloudfront","lang":"bash","label":"npm"},{"cmd":"yarn add ember-cli-deploy-cloudfront","lang":"bash","label":"yarn"},{"cmd":"pnpm add ember-cli-deploy-cloudfront","lang":"bash","label":"pnpm"}],"dependencies":[{"reason":"Core peer dependency for all `ember-cli-deploy` plugins; provides the pipeline hooks and overall deployment framework.","package":"ember-cli-deploy","optional":false},{"reason":"Core runtime dependency for interacting with the AWS CloudFront API. Upgraded to v3 in `ember-cli-deploy-cloudfront@6.0.0`.","package":"@aws-sdk/client-cloudfront","optional":false}],"imports":[{"note":"While `ember-cli-deploy-cloudfront` itself is a plugin configured via `config/deploy.js` and not typically imported directly, developers might need to import `CloudFrontClient` when implementing a custom `invalidationClient` option, especially with the AWS SDK v3 update in `6.0.0`.","wrong":"const { CloudFront } = require('aws-sdk');","symbol":"CloudFrontClient","correct":"import { CloudFrontClient } from '@aws-sdk/client-cloudfront';"},{"note":"Similar to `CloudFrontClient`, this command is relevant if a custom `invalidationClient` is being developed to programmatically create invalidations using AWS SDK v3 for `ember-cli-deploy-cloudfront@6.x`.","wrong":"const CreateInvalidationCommand = require('aws-sdk/clients/cloudfront').CreateInvalidationCommand;","symbol":"CreateInvalidationCommand","correct":"import { CreateInvalidationCommand } from '@aws-sdk/client-cloudfront';"},{"note":"This TypeScript type is useful for developers who are creating custom `invalidationClient` implementations and need to type their configuration objects for the AWS SDK v3 client.","symbol":"CloudFrontClientConfig","correct":"import { CloudFrontClientConfig } from '@aws-sdk/client-cloudfront';"}],"quickstart":{"code":"/* config/deploy.js */\nmodule.exports = function(deployTarget) {\n  const ENV = {\n    build: {\n      environment: deployTarget\n    },\n    'cdn-url': {\n      // Example for a paired s3-index plugin, typically used with cloudfront\n      url: process.env.CDN_URL || 'https://your-cloudfront-distribution-domain.com'\n    },\n    cloudfront: {\n      // Recommended: use environment variables for sensitive credentials\n      accessKeyId: process.env.AWS_ACCESS_KEY_ID ?? '',\n      secretAccessKey: process.env.AWS_SECRET_ACCESS_KEY ?? '',\n      distribution: process.env.CLOUDFRONT_DISTRIBUTION_ID ?? '', // REQUIRED: Your CloudFront Distribution ID\n      region: process.env.AWS_REGION ?? 'us-east-1', // Specify your AWS region\n      objectPaths: ['/index.html', '/assets/*'], // Paths to invalidate. Must start with '/'\n      waitForInvalidation: true // Wait for the invalidation to complete (introduced in v2.0.0)\n    }\n  };\n  // Add additional deploy target specific configuration here\n  if (deployTarget === 'production') {\n    // Specific production settings\n  }\n  return ENV;\n};\n\n// To install:\n// ember install ember-cli-deploy-cloudfront\n\n// To run deployment with activation:\n// AWS_ACCESS_KEY_ID='YOUR_KEY' AWS_SECRET_ACCESS_KEY='YOUR_SECRET' CLOUDFRONT_DISTRIBUTION_ID='E123ABCDEFGH' ember deploy production --activate","lang":"typescript","description":"This quickstart demonstrates how to install `ember-cli-deploy-cloudfront` and configure it in `config/deploy.js` to invalidate `index.html` and other assets on a specified CloudFront distribution after deployment, using environment variables for sensitive AWS credentials."},"warnings":[{"fix":"Ensure your deployment environment uses a compatible Node.js version (16+ for v6.x). Upgrade Node.js if necessary.","message":"Minimum Node.js version has been progressively increased across major versions. `ember-cli-deploy-cloudfront@6.x` requires Node.js `16.* || 18.* || >= 20`. Earlier versions of the plugin dropped support for Node 6 (v2), Node 8 (v3), Node 10 (v4), and Node 12 (v5).","severity":"breaking","affected_versions":">=2.0.0"},{"fix":"If you have implemented a custom `invalidationClient`, you must update your code to use the AWS SDK v3 API for `CloudFrontClient` and related commands. Refer to the AWS SDK for JavaScript v3 documentation for migration guides.","message":"`ember-cli-deploy-cloudfront@6.0.0` upgraded the underlying AWS SDK from v2 to v3. This introduces breaking changes in the SDK's API, which will affect any custom `invalidationClient` implementations or direct interactions with the SDK.","severity":"breaking","affected_versions":">=6.0.0"},{"fix":"Carefully review the AWS SDK credential resolution documentation to understand the precedence. For production environments, consider using IAM roles for EC2 instances or OIDC for GitHub Actions instead of hardcoding keys or relying solely on local profiles.","message":"AWS credentials (e.g., `accessKeyId`, `secretAccessKey`, `profile`) are resolved by the AWS SDK in a specific order. Explicitly setting `accessKeyId` and `secretAccessKey` directly in `config/deploy.js` will override environment variables or profile settings, which might lead to unexpected behavior.","severity":"gotcha","affected_versions":">=1.2.0"}],"env_vars":null,"last_verified":"2026-04-23T00:00:00.000Z","next_check":"2026-07-22T00:00:00.000Z","problems":[{"fix":"Ensure `accessKeyId` and `secretAccessKey` are set in `config/deploy.js`, or that a valid `profile` with an associated `region` is configured in `~/.aws/credentials`, or that environment variables like `AWS_ACCESS_KEY_ID` and `AWS_SECRET_ACCESS_KEY` are present and accessible.","cause":"The AWS SDK failed to find valid credentials for authentication. This can happen if required `accessKeyId` and `secretAccessKey` are not provided, or if a `profile` is specified without a corresponding `region` or without the profile being correctly configured.","error":"Missing credentials in config, if using profile make sure region is defined"},{"fix":"Verify that `objectPaths` in `config/deploy.js` is correctly configured with valid paths (e.g., `['/index.html', '/assets/*']`). Remember that all object paths must be relative to the CloudFront distribution root and begin with `/`.","cause":"The `objectPaths` configuration in `config/deploy.js` is empty or does not contain any valid paths for invalidation. CloudFront requires at least one object path to invalidate.","error":"InvalidationBatch contains 0 items"},{"fix":"Double-check the `distribution` ID in your `config/deploy.js` against your AWS CloudFront console to ensure it is accurate and belongs to the correct AWS account/region.","cause":"The `distribution` ID configured in `config/deploy.js` is incorrect, misspelled, or does not exist in the AWS account associated with the provided credentials.","error":"The CloudFront distribution was not found. (DistributionIdNotFound)"},{"fix":"Grant the required `cloudfront:CreateInvalidation` permission to the IAM user or role whose credentials are being used by the `ember-cli-deploy-cloudfront` plugin in your AWS IAM console.","cause":"The IAM user or role associated with the AWS credentials used by the plugin lacks the necessary permissions to create CloudFront invalidations for the specified distribution.","error":"User: arn:aws:iam::... is not authorized to perform: cloudfront:CreateInvalidation on resource: arn:aws:cloudfront::.../distribution/..."}],"ecosystem":"npm","meta_description":null,"install_score":null,"install_tag":null,"quickstart_score":null,"quickstart_tag":null}