根据this帖子和this的文章,应该在S3存储桶的前面创建第二个Cloudfront分发,该存储桶重定向到另一个包含静态文件的存储桶。
假设前端存储桶名称为www.example.com,重定向存储桶名称为example.com。我已根据以下cloudformation模板设置了我的AWS资源。
但是,会出现一些问题:如果我点击example.com,它不会重定向到www.example.com,仅当我单击该站点上的另一个链接时。此外,它不会加载例如收藏夹图标。 http://example.com被重定向到https://example.com。 http://www.example.com不会重定向到https,找不到Webiste。
我的AWS设置中缺少什么?
This提到未设置Default Root Object属性,而我没有设置。但这可能是某种原因吗?
FrontendBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.frontendBucketName}
AccessControl: PublicRead
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: 404.html
RedirectdBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: ${self:custom.redirectBucketName}
AccessControl: PublicRead
WebsiteConfiguration:
RedirectAllRequestsTo:
HostName: ${self:custom.frontendBucketName}
Protocol: https
WebAppCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName: ${self:custom.frontendBucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: Frontend
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
Enabled: 'true'
Aliases:
- ${self:custom.frontendBucketName}
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
DefaultTTL: 31536000
MaxTTL: 31536000
MinTTL: 31536000
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: Frontend
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
AcmCertificateArn: 'arn:aws:acm:us-east-1:xxxx:certificate/xxxx'
SslSupportMethod: 'sni-only'
RedirectCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName: ${self:custom.redirectBucketName}.s3-website.${self:provider.region}.amazonaws.com
Id: Redirect
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: http-only
Enabled: 'true'
Aliases:
- {self:custom.redirectBucketName}
DefaultCacheBehavior:
DefaultTTL: 31536000
MaxTTL: 31536000
MinTTL: 31536000
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: Redirect
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
ViewerCertificate:
AcmCertificateArn: 'arn:aws:acm:us-east-1:xxxx:certificate/xxxx'
SslSupportMethod: 'sni-only'
DnsRecord:
Type: "AWS::Route53::RecordSet"
Properties:
AliasTarget:
DNSName:
Fn::GetAtt:
- WebAppCloudFrontDistribution
- DomainName
HostedZoneId: XXXXX
HostedZoneId: XXXX
Name: ${self:custom.frontendBucketName}
Type: 'A'
RedirectDnsRecord:
Type: "AWS::Route53::RecordSet"
Properties:
AliasTarget:
DNSName:
Fn::GetAtt:
- RedirectCloudFrontDistribution
- DomainName
HostedZoneId: XXXX
HostedZoneId: XXXX
Name: ${self:custom.redirectBucketName}
Type: 'A'
答案 0 :(得分:1)
当前,您遇到DNS问题,尚未发布“ www.example.com”的DNS记录。
您拥有example.com-> CloudFront的DNS,但没有www.example.com的DNS,即使您将www.example.com添加到CloudFront CNMAE / Alternative字段中(当客户端获得301/302且具有新位置并查看主机中的更改,它将再次解决。
curl -I --resolve www.example.com:443:13.249.210.66 https://www.example.com/index.html HTTP / 1.1 200 OK 内容类型:text / html 内容长度:80232 连接:保持活动状态 日期:2019年6月23日,星期日10:07:43 GMT 上次修改时间:2019年6月21日,星期五,格林尼治标准时间 ETag:“ 8d536768b2173a7f3869f4178f75b331” 服务器:AmazonS3 X-Cache:Cloudfront小姐 通过:1.1 7db8064d915149cac923df11147875f9.cloudfront.net(CloudFront) X-Amz-Cf-Pop:BLR50-C3 X-Amz-Cf-Id:wOpVoz1gVlxYDBORSfGr9fmt8L-Q6vhWyEm1XPgJVQy-sbes9HTuuQ ==
您只需要在Route53中也为www.example.com创建一个别名记录。