在使用Fn :: GetAtt函数创建CloudFront分配时,我们可以选择在cloudformation模板中获取DomainName的值。但是我找不到任何地方可以动态获取Origin的ID和DefaultCacheBehaviour的TargetOriginId?
我可以只使用Ref to S3和ELB吗?
这是我的代码,我也使用了一些参数,还更改了Cloudfront代码。请检查一次是否正确。
这引发了一个错误,即“属性验证失败:[{/ DistributionConfig / Origins / 1 / S3OriginConfig}中遇到了不受支持的属性:[HTTPSPort,HTTPPort,OriginProtocolPolicy]]”
{
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"ClientName": {
"Type": "String",
"Description": "Name of the Client"
},
"EnvName": {
"Type": "String",
"Description": "Name of the Environment"
}
},
"Resources": {
"distd2v0l803ay8odocloudfrontnet": {
"Type": "AWS::CloudFront::Distribution",
"Properties": {
"DistributionConfig": {
"Enabled": true,
"DefaultRootObject": "index.html",
"PriceClass": "PriceClass_All",
"CacheBehaviors": [
{
"TargetOriginId": {
"Ref": "elbhtlbetaelb"
},
"PathPattern": "/app*",
"ViewerProtocolPolicy": "allow-all",
"MinTTL": 0,
"AllowedMethods": [
"HEAD",
"DELETE",
"POST",
"GET",
"OPTIONS",
"PUT",
"PATCH"
],
"CachedMethods": [
"HEAD",
"GET"
],
"ForwardedValues": {
"QueryString": true,
"Cookies": {
"Forward": "all"
}
}
},
{
"TargetOriginId": {
"Ref": "elbhtlbetaelb"
},
"PathPattern": "/api*",
"ViewerProtocolPolicy": "allow-all",
"MinTTL": 0,
"AllowedMethods": [
"HEAD",
"DELETE",
"POST",
"GET",
"OPTIONS",
"PUT",
"PATCH"
],
"CachedMethods": [
"HEAD",
"GET"
],
"ForwardedValues": {
"QueryString": true,
"Cookies": {
"Forward": "all"
}
}
}
],
"DefaultCacheBehavior": {
"TargetOriginId": {
"Ref": "s3htlbeta"
},
"ViewerProtocolPolicy": "allow-all",
"MinTTL": 0,
"AllowedMethods": [
"HEAD",
"DELETE",
"POST",
"GET",
"OPTIONS",
"PUT",
"PATCH"
],
"CachedMethods": [
"HEAD",
"GET"
],
"ForwardedValues": {
"Cookies": {
"Forward": "none"
}
}
},
"Origins": [
{
"DomainName": {
"Fn::GetAtt": [
"s3htlbeta",
"DomainName"
]
},
"Id": {
"Ref": "s3htlbeta"
},
"S3OriginConfig": {
"OriginAccessIdentity": "origin-access-identity/cloudfront/EYD1QGO9CUDA2"
}
},
{
"DomainName": {
"Fn::GetAtt": [
"elbhtlbetaelb",
"DNSName"
]
},
"Id": {
"Ref": "elbhtlbetaelb"
},
"S3OriginConfig": {
"HTTPPort": "80",
"HTTPSPort": "443",
"OriginProtocolPolicy": "http-only"
}
}
],
"Restrictions": {
"GeoRestriction": {
"RestrictionType": "none",
"Locations": []
}
},
"ViewerCertificate": {
"CloudFrontDefaultCertificate": "true",
"MinimumProtocolVersion": "TLSv1"
}
}
}
},
"s3htlbeta": {
"Type": "AWS::S3::Bucket",
"Properties": {
"AccessControl": "Private",
"VersioningConfiguration": {
"Status": "Suspended"
}
}
}
},
"Description": "xxx-beta cloudformation template"
}
答案 0 :(得分:0)
DistributionConfig / Origins / ID字段应该只是一个文本名称,它不需要引用任何内容。
即。将DistributionConfig / Origins / ID设置为字符串,例如“ MyOriginBucket”
然后您的CacheBehaviour TargetOriginId也是设置为'MyOriginBucket'的字符串
新存储桶所需的唯一参考是在Origins / DomainName中。
TargetOriginId的目的是指向您在“来源”列表中指定的来源ID,而不是指向存储桶名称。