使用 CloudFormation 为 CloudFront 配置 S3 源

【问题标题】:Using CloudFormation to configure CloudFront with an S3 origin使用 CloudFormation 为 CloudFront 配置 S3 源
【发布时间】:2016-06-21 10:53:35
【问题描述】:

我第一次尝试使用 CloudFormation 来配置使用 S3 存储桶作为源的 CloudFront 分配。

但是,当模板运行时,我收到了错误 One or more of your origins do not exist。我认为这是由于原始域名配置不正确,但无法找到有效的配置。

我目前有以下模板:

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "AssetBucket": {
      "Type": "AWS::S3::Bucket",
      "Properties": {
        "BucketName": "cdn-assets",
        "AccessControl": "PublicRead",
        "CorsConfiguration": {
          "CorsRules": [
            {
              "AllowedHeaders": [
                "*"
              ],
              "AllowedMethods": [
                "GET"
              ],
              "AllowedOrigins": [
                "*"
              ],
              "Id": "OpenCors",
              "MaxAge": "3600"
            }
          ]
        }
      }
    },
    "AssetCDN": {
      "Type": "AWS::CloudFront::Distribution",
      "Properties": {
        "DistributionConfig": {
          "Origins": [
            {
              "DomainName": {
                "Fn::GetAtt": [
                              "AssetBucket",
                              "DomainName"
                          ]
              },
              "Id": "AssetBucketOrigin",
              "S3OriginConfig": {}
            }
          ],
          "Enabled": "true",
          "DefaultCacheBehavior": {
            "Compress": true,
            "AllowedMethods": [
              "GET",
              "HEAD",
              "OPTIONS"
            ],
            "TargetOriginId": "origin-access-identity/cloudfront/AssetCDN",
            "ForwardedValues": {
              "QueryString": "false",
              "Cookies": {
                "Forward": "none"
              }
            },
            "ViewerProtocolPolicy": "allow-all"
          },
          "PriceClass": "PriceClass_All",
          "ViewerCertificate": {
            "CloudFrontDefaultCertificate": "true"
          }
        }
      },
      "DependsOn": [
        "AssetBucket"
      ]
    }
  }
}

在这方面我找不到太多建议,所以希望有人能指出我正确的方向。

【问题讨论】:

  • 您找到解决方案了吗?

标签: amazon-cloudformation


【解决方案1】:

这里真正的问题是 Cloudfront 有一个依赖项 - S3 存储桶。所以你应该把这个引用放在 cloudfront 对象中,让 CFN 知道它首先应该创建 S3 存储桶。为此,您必须将 Origins.Id 和 DefaultCacheBehavior.TargetOriginId 属性更改为 Ref 到您的存储桶配置:

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "AssetBucket": {
      "Type": "AWS::S3::Bucket",
      "Properties": {
        "BucketName": "cdn-assets",
        "AccessControl": "PublicRead",
        "CorsConfiguration": {
          "CorsRules": [
            {
              "AllowedHeaders": [
                "*"
              ],
              "AllowedMethods": [
                "GET"
              ],
              "AllowedOrigins": [
                "*"
              ],
              "Id": "OpenCors",
              "MaxAge": "3600"
            }
          ]
        }
      }
    },
    "AssetCDN": {
      "Type": "AWS::CloudFront::Distribution",
      "Properties": {
        "DistributionConfig": {
          "Origins": [
            {
              "DomainName": {
                "Fn::GetAtt": [
                              "AssetBucket",
                              "DomainName"
                          ]
              },
              "Id": { "Ref": "AssetBucket" }, /// HERE!!!!
              "S3OriginConfig": {}
            }
          ],
          "Enabled": "true",
          "DefaultCacheBehavior": {
            "Compress": true,
            "AllowedMethods": [
              "GET",
              "HEAD",
              "OPTIONS"
            ],
            "TargetOriginId": { "Ref": "AssetBucket" }, /// HERE!!!!
            "ForwardedValues": {
              "QueryString": "false",
              "Cookies": {
                "Forward": "none"
              }
            },
            "ViewerProtocolPolicy": "allow-all"
          },
          "PriceClass": "PriceClass_All",
          "ViewerCertificate": {
            "CloudFrontDefaultCertificate": "true"
          }
        }
      },
      "DependsOn": [
        "AssetBucket"
      ]
    }
  }
}

【讨论】:

    【解决方案2】:

    您的缓存行为的 TargetOriginId 属性必须与 S3 Origin 的 Id 属性中指定的值匹配。

    在您上面的示例中,TargetOriginIdorigin-access-identity/cloudfront/AssetCDNIdAssetBucketOrigin,这会导致错误。

    【讨论】:

      猜你喜欢
      • 2017-08-08
      • 2016-07-23
      • 2020-03-04
      • 1970-01-01
      • 2020-08-13
      • 2019-05-21
      • 2022-01-01
      • 2012-09-03
      • 2019-03-29
      相关资源
      最近更新 更多
      热门标签
      Java Python linux javascript Mysql C# Docker 算法 前端 SpringBoot Redis Vue spring 设计模式 .net core .net kubernetes c++ 数据库 数据结构 大数据 js 机器学习 微服务 Android Go 程序员 面试 JVM ASP.net core 云原生 人工智能 后端 PHP git CSS golang k8s Nginx Django mybatis 深度学习 多线程 React 架构 devops 爬虫 云计算 Spring Boot LeetCode