Amazon web services 将Cloudformation配置为使用Cloudfront&；获取/subdirectory service/subdirectory/index.html请求；S3

我有一个Cloudformation模板，用于设置AWS:：CloudFront:：Distribution和AWS:：S3:：Bucket。不幸的是，GET/subdirectory请求的响应是403。如何将Cloudformation模板配置为GET/subdirectory service/subdirectory/index.html

我的Cloudfront配置如下所示：

  CloudFrontDistribution:
    Type: 'AWS::CloudFront::Distribution'
    Properties:
      DistributionConfig:
        Aliases:
          - !FindInMap [Domain, !Ref Stage, Domain]
        ViewerCertificate:
          AcmCertificateArn: !Ref Cert
          SslSupportMethod: sni-only
        CustomErrorResponses:
        - ErrorCode: 403 # not found
          ResponseCode: 404
          ResponsePagePath: !Ref ErrorPagePath
        DefaultCacheBehavior:
          AllowedMethods:
          - GET
          - HEAD
          - OPTIONS
          CachedMethods:
          - GET
          - HEAD
          - OPTIONS
          Compress: true
          DefaultTTL: 3600 # in seconds
          ForwardedValues:
            Cookies:
              Forward: none
            QueryString: false
          MaxTTL: 86400 # in seconds
          MinTTL: 60 # in seconds
          TargetOriginId: s3origin
          ViewerProtocolPolicy: redirect-to-https
        DefaultRootObject: !Ref DefaultRootObject
        Enabled: true
        HttpVersion: http2
        Origins:
        - DomainName: !GetAtt 'S3Bucket.DomainName'
          Id: s3origin
          S3OriginConfig:
            OriginAccessIdentity: !Sub 'origin-access-identity/cloudfront/${CloudFrontOriginAccessIdentity}'
        PriceClass: 'PriceClass_All'

除了对GET/子目录的请求之外，其他一切都可以工作

我还尝试：

        - DomainName: !GetAtt 'S3Bucket.RegionalDomainName'
          Id: s3origin
          S3OriginConfig:
            OriginProtocolPolicy: http-only

但是，我收到了错误

属性TemplateURL不能为空。

在

AWS:：CloudFormation:：Stack

上

您可以使用请求中的查询字符串将其更改为指向正确的

path

检查此设置

---

看来我需要建立一个Lambda@Edge函数来修改重写规则。我还不确定如何使用Cloudformation实现这一点，但一旦我做了研究，我会继续跟进。。。

'use strict';

 const querystring = require('querystring');

 exports.handler = (event, context, callback) => {
     const request = event.Records[0].cf.request;

     /**
      * Reads query string to check if S3 origin should be used, and
      * if true, sets S3 origin properties.
      */

     const params = querystring.parse(request.querystring);

     if (params['useS3Origin']) {
         if (params['useS3Origin'] === 'true') {
             const s3DomainName = 'my-bucket.s3.amazonaws.com';

             /* Set S3 origin fields */
             request.origin = {
                 s3: {
                     domainName: s3DomainName,
                     region: '',
                     authMethod: 'none',
                     path: '',
                     customHeaders: {}
                 }
             };
             request.headers['host'] = [{ key: 'host', value: s3DomainName}];
         }
     }

    callback(null, request);
};

Resources:
    CFDistribution:
        Type: AWS::CloudFront::Distribution
        Properties:
          DistributionConfig:
            Enabled: 'true'
            Comment: !Sub '${Stage} - CI/CD for Lambda@Edge'
            Aliases:
              - !FindInMap [AliasMap, !Ref Stage, Alias]
            Origins:
              -
                Id: MyOrigin
                DomainName: aws.amazon.com
                CustomOriginConfig:
                  HTTPPort: 80
                  OriginProtocolPolicy: match-viewer
            DefaultCacheBehavior:
              TargetOriginId: MyOrigin
              LambdaFunctionAssociations:
                - 
                  EventType: origin-request
                  LambdaFunctionARN: !Ref LambdaEdgeFunctionSample.Version