AWS CLI CloudFront Invalidate All Files

Question

I am attempting to invalidate an entire static website. The following command does not seem to invalidate /index.html and gives an odd output of items to be invalided, as shown below. Is this AWS CLI behaviour normal or am I missing something? Thanks!

aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths /*

Output:

{
    "Invalidation": {
    "Status": "InProgress", 
    "InvalidationBatch": {
        "Paths": {
            "Items": [
                "/lib32", 
                "/home", 
                "/vmlinuz", 
                "/core", 
                "/proc", 
                "/var", 
                "/dev", 
                "/usr", 
                "/etc", 
                "/initrd.img", 
                "/cdrom", 
                "/lost+found", 
                "/root", 
                "/tmp", 
                "/lib", 
                "/dead.letter", 
                "/lib64", 
                "/boot", 
                "/sys", 
                "/run", 
                "/bin", 
                "/sbin", 
                "/mnt", 
                "/opt", 
                "/snap", 
                "/media", 
                "/copyright", 
                "/srv"
            ], 
            "Quantity": 28
        },

Michael - sqlbot · Accepted Answer · 2017-07-18T21:21:50.500

80

That's your shell doing expansion of local filenames.

That's what you're essentially asking for since the * isn't quoted.

~~Either --paths '*' or~~ Specifying --paths '/*'¹ will do what you intend. Quoting the wildcard keeps it as a literal string rather than what you're seeing.

¹The CloudFront console allows you to specify either * or /* to invalidate the entire distribution; by contrast, the CLI expects /*. This, in turn, is because the underlying API also expects /*. When you use * in the console, the leading slash is silently added by the console before the console makes the request to the CloudFront API.

edited Jul 18 '17 at 21:21

answered Jun 11 '16 at 05:09

Michael - sqlbot

169,571
25
353
427

2

This did the trick for me. Thank you Michael. To further contribute, on version `aws-cli/1.11.36 Python/2.7.12 Darwin/16.4.0 botocore/1.4.93`, using the `--paths '*'` value gives the error: `An error occurred (InvalidArgument) when calling the CreateInvalidation operation: Your request contains one or more invalid invalidation paths.` You should use `--paths '/*'` instead for a successful response – damusix Jul 18 '17 at 19:14
2

@damusix thanks for the tip on the need for the leading `/`. Updated accordingly. – Michael - sqlbot Jul 18 '17 at 21:22
this was not entire correct path specification. Atleast on my windows console using this kind of path cause an error. This should be in double quotes (windows atleast) You must use --paths "/*" – Vladyslav Didenko Sep 29 '19 at 09:41
2

I was using gitbash with windows and having a problem. I had to add `MSYS_NO_PATHCONV=1` prefix to my command. eg: `MSYS_NO_PATHCONV=1 aws cloudfront create-invalidation ...` – Josh Woodcock Jan 15 '21 at 13:31

score 46 · Answer 2 · answered Sep 29 '19 at 09:46

Example of invalidation of cloudfront distribution via aws cli :

aws cloudfront create-invalidation --distribution-id <DistributionID> --paths "/*"

Example :

aws cloudfront create-invalidation --distribution-id E1B1A4GHK9TTE --paths "/*"

To list or get cloudfront distribution id you can use console or via cli :

aws cloudfront list-distributions 
aws cloudfront list-distributions | grep Id

score 12 · Answer 3 · answered Aug 31 '21 at 14:56

Maybe on windows (using cmd) you can use the path without quotes, but on bash environment (linux, mac) the character * it's a special char. You need to pass the path inside quotes to work cross-platform:

aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths '/*'

score 3 · Answer 4 · answered Mar 15 '23 at 00:26

Given the above answers, you can use this one command:

aws cloudfront create-invalidation --distribution-id $(aws cloudfront list-distributions --query 'DistributionList.Items[*].Id | [0]' | tr -d '"') --paths "/*"

This basically takes the first CloudFront Distribution in your environment, retrieves the ID, removes the double quotes, and requests the invalidation.

You should see a response similar to:

{
"Location": "https://cloudfront.amazonaws.com/2020-05-31/distribution/E8D4M8HG5JSRS/invalidation/I87QDOK5CWC6O4KWOWBZX75EWN",
"Invalidation": {
    "Id": "I87QDOK5CWC6O4KWOWBZX75EWN",
    "Status": "InProgress",
    "CreateTime": "2023-03-15T00:21:40.285000+00:00",
    "InvalidationBatch": {
        "Paths": {
            "Quantity": 1,
            "Items": [
                "/*"
            ]
        },
        "CallerReference": "cli-1678839700-773660"
    }
}

}

It is a good answer, but assumes that your account only has one cloudfront distributtion, maybe getting in trouble confusion — danipenaperez, Aug 11 '23 at 11:24

score 0 · Answer 5 · answered May 17 '23 at 16:59

In my case, surprisingly, quoting the wildcard didn't work. To solve this, I had to temporarily disable globbing, create the invalidation and then reenable globbing with:

set -f
aws cloudfront create-invalidation --distribution-id $DISTRIBUTION_ID --paths "/*"
set +f

This shouldn't be your first solution. Use it just in case nothing else works.

AWS CLI CloudFront Invalidate All Files

5 Answers5