Warning: file_get_contents(/data/phpspider/zhask/data//catemap/0/amazon-s3/2.json): failed to open stream: No such file or directory in /data/phpspider/zhask/libs/function.php on line 167

Warning: Invalid argument supplied for foreach() in /data/phpspider/zhask/libs/tag.function.php on line 1116

Notice: Undefined index: in /data/phpspider/zhask/libs/function.php on line 180

Warning: array_chunk() expects parameter 1 to be array, null given in /data/phpspider/zhask/libs/function.php on line 181
Amazon web services AWS Cloudfront不会在域别名上呈现S3 bucket_Amazon Web Services_Amazon S3_Amazon Cloudfront_Amazon Route53 - Fatal编程技术网
Fatal编程技术网

Amazon web services AWS Cloudfront不会在域别名上呈现S3 bucket

amazon-web-services amazon-s3

Amazon web services AWS Cloudfront不会在域别名上呈现S3 bucket,amazon-web-services,amazon-s3,amazon-cloudfront,amazon-route53,Amazon Web Services,Amazon S3,Amazon Cloudfront,Amazon Route53,我有我的静态网站内容放在S3上,它已经得到了公众的许可,如果我访问 http://subdomain.mydomain.com.s3-website-us-east-1.amazonaws.com我看到了HTML 在证书管理器中,我为subdomain.mydomain.com 现在是云锋的转折点 选择了正确的AWS S3 bucket文件夹 bucked在北弗吉尼亚州主持 关联子域证书 在文档中,root填充了index.html 其他设置到位 部署站点后,我打开.cloudfront.n

我有我的静态网站内容放在S3上,它已经得到了公众的许可,如果我访问

http://subdomain.mydomain.com.s3-website-us-east-1.amazonaws.com
我看到了HTML

在证书管理器中,我为
subdomain.mydomain.com

现在是云锋的转折点

  • 选择了正确的AWS S3 bucket文件夹
  • bucked在北弗吉尼亚州主持
  • 关联子域证书
  • 在文档中,root填充了
    index.html
  • 其他设置到位
部署站点后,我打开
.cloudfront.net

这将使静态网站保持原样

最后,我前往route53,在A记录中我创建了一个别名并插入
.cloudfront.net

当我打开subdomain.mydomain.com时,它不会呈现任何响应

可能会出什么问题?

不确定您是否获得403,但本文可能会有所帮助。

或者,您可以尝试创建Cloudfront源站访问标识,并授予其访问S3存储桶的权限。这样,您也可以保持S3存储桶的私密性

  WebsiteBucket:
    Type: AWS::S3::Bucket
    Properties:
      BucketName: !Sub ${DomainName}
      BucketEncryption:
        ServerSideEncryptionConfiguration:
          - ServerSideEncryptionByDefault:
              SSEAlgorithm: AES256
      Tags:
        - Key: Domain
          Value: !Ref DomainName

  CloudFrontOriginAccessIdentity:
    Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
    Properties:
      CloudFrontOriginAccessIdentityConfig:
        Comment: !Sub CloudFront OAI for ${DomainName}

  WebsiteBucketPolicy:
    Type: AWS::S3::BucketPolicy
    Properties:
      Bucket: !Ref WebsiteBucket
      PolicyDocument:
        Statement:
          - Action:
              - s3:GetObject
            Effect: Allow
            Resource: !Join [ "", [ "arn:aws:s3:::", !Ref WebsiteBucket, "/*" ] ]
            Principal:
              CanonicalUser: !GetAtt CloudFrontOriginAccessIdentity.S3CanonicalUserId

  WebsiteCloudFront:
    Type: AWS::CloudFront::Distribution
    DependsOn:
      - WebsiteBucketPolicy
    Properties:
      DistributionConfig:
        Comment: Cloudfront Distribution pointing to S3 bucket
        Origins:
          - DomainName: !GetAtt WebsiteBucket.DomainName
            Id: S3Origin
            S3OriginConfig:
              OriginAccessIdentity:
                !Join [ "", [ "origin-access-identity/cloudfront/", !Ref CloudFrontOriginAccessIdentity ] ]
        Enabled: true
        HttpVersion: 'http2'
        DefaultRootObject: index.html
        Aliases:
          - !Ref DomainName
        CustomErrorResponses:
          - ErrorCode: 404
            ResponseCode: 200
            ResponsePagePath: /index.html
        DefaultCacheBehavior:
          AllowedMethods:
            - GET
            - HEAD
          Compress: true
          TargetOriginId: S3Origin
          ForwardedValues:
            QueryString: true
            Cookies:
              Forward: none
          ViewerProtocolPolicy: redirect-to-https
        PriceClass: PriceClass_100
        ViewerCertificate:
          AcmCertificateArn: !Ref AcmCertificateArn
          SslSupportMethod: sni-only
您是否已将subdomain.mydomain.com作为备用域名添加到CloudFront发行版?不需要,因为我正在映射一个记录。如果您想选择CNAME路线,则需要执行此操作。