Cloudformation参数ViewerProtocolPolicy:“重定向到https”失败

时间:2019-01-16 20:14:42

标签: amazon-web-services amazon-cloudformation amazon-cloudfront

我正在研究云形成模板,该模板将创建一个s3存储桶,并将Cloud Front和CloudFront原点分配给s3存储桶,并创建一个具有CloudFront原点的s3 bucker策略。当我将下面的代码堆栈上传到云层时,我得到一个错误

错误:ViewerProtocolPolicy:'重定向到https'是属性验证失败:[在{/ DistributionConfig}中遇到了不受支持的属性:

根据上述参数ViewerProtocolPolicy的cloudformation文档:支持重定向到https。

AWSTemplateFormatVersion: '2010-09-09'

Parameters:
BucketName:
Type: String
Description: Allocate the Bucket Name you want to create it
DefaultRootObject:
Type: String
Description: The Default Path of the index.html Document 
Default: 'index.html' 
ErrorPagePath:
Type: String
Description: The Default path of the error.html Document
Default: '/error.html'


Resources:
mys3bucket:
Type: "AWS::S3::Bucket"
Properties:
  AccessControl: Private
  BucketName: !Ref BucketName

  WebsiteConfiguration: 
    IndexDocument: !Ref DefaultRootObject
    ErrorDocument: !Ref ErrorPagePath
  #DeletionPolicy: Retain
 ReadPolicy:
 Type: 'AWS::S3::BucketPolicy'
 Properties:
  Bucket: !Ref mys3bucket
  PolicyDocument:
    Statement:
      - Action: 's3:GetObject'
        Effect: Allow
        Resource: !Sub 'arn:aws:s3:::${mys3bucket}/*'
        Principal:
          CanonicalUser: !GetAtt 
CloudFrontOriginAccessIdentity.S3CanonicalUserId

 CloudFrontDistribution:
Type: 'AWS::CloudFront::Distribution'
Properties:
  DistributionConfig:
    CustomErrorResponses:
      - ErrorCode: 403 # not found
        ResponseCode: 404
        ResponsePagePath: !Ref ErrorPagePath
    DefaultCacheBehavior:
      AllowedMethods:
        - GET
        - HEAD
        - OPTIONS
      CachedMethods:
        - GET
        - HEAD
        - OPTIONS
      Compress: true
      DefaultTTL: 3600 # in seconds
      ForwardedValues:
        Cookies:
          Forward: none
        QueryString: false
      MaxTTL: 86400 # in seconds
      MinTTL: 60 # in seconds
      TargetOriginId: s3origin
    ViewerProtocolPolicy: 'redirect-to-https'
    DefaultRootObject: !Ref DefaultRootObject
    Enabled: true
    HttpVersion: http2
    Origins:
      - DomainName: !GetAtt 'mys3bucket.DomainName'
        Id: s3origin
        S3OriginConfig:
          OriginAccessIdentity: !Sub 'origin-access- 
 identity/cloudfront/${CloudFrontOriginAccessIdentity}'
    PriceClass: 'PriceClass_All'
  #  ViewerCertificate:
   #   AcmCertificateArn: !Ref AcmCertificateArn
  #    SslSupportMethod: sni-only

 CloudFrontOriginAccessIdentity:
Type: 'AWS::CloudFront::CloudFrontOriginAccessIdentity'
Properties:
  CloudFrontOriginAccessIdentityConfig:
    Comment: !Ref mys3bucket


Outputs:
BucketName:
Value:!Ref 'mys3bucket'
Description: Name of the sample Amazon S3 bucket with a lifecycle 
 configuration.

1 个答案:

答案 0 :(得分:1)

您有一个小的缩进错误。 ViewerProtocolPolicy: 'redirect-to-https'应该是DefaultCacheBehavior的子代,您可以在DistributionConfig下找到它

相关问题
最新问题