Amazon web services AWS Cloudfront不会在域别名上呈现S3 bucket
我有我的静态网站内容放在S3上,它已经得到了公众的许可,如果我访问Amazon web services AWS Cloudfront不会在域别名上呈现S3 bucket,amazon-web-services,amazon-s3,amazon-cloudfront,amazon-route53,Amazon Web Services,Amazon S3,Amazon Cloudfront,Amazon Route53,我有我的静态网站内容放在S3上,它已经得到了公众的许可,如果我访问 http://subdomain.mydomain.com.s3-website-us-east-1.amazonaws.com我看到了HTML 在证书管理器中,我为subdomain.mydomain.com 现在是云锋的转折点 选择了正确的AWS S3 bucket文件夹 bucked在北弗吉尼亚州主持 关联子域证书 在文档中,root填充了index.html 其他设置到位 部署站点后,我打开.cloudfront.n
http://subdomain.mydomain.com.s3-website-us-east-1.amazonaws.com
我看到了HTML
在证书管理器中,我为subdomain.mydomain.com
现在是云锋的转折点
- 选择了正确的AWS S3 bucket文件夹李>
- bucked在北弗吉尼亚州主持
- 关联子域证书
- 在文档中,root填充了
index.html
- 其他设置到位李>
.cloudfront.net
这将使静态网站保持原样
最后,我前往route53,在A记录中我创建了一个别名并插入.cloudfront.net
当我打开subdomain.mydomain.com时,它不会呈现任何响应
可能会出什么问题?不确定您是否获得403,但本文可能会有所帮助。 或者,您可以尝试创建Cloudfront源站访问标识,并授予其访问S3存储桶的权限。这样,您也可以保持S3存储桶的私密性
WebsiteBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub ${DomainName}
BucketEncryption:
ServerSideEncryptionConfiguration:
- ServerSideEncryptionByDefault:
SSEAlgorithm: AES256
Tags:
- Key: Domain
Value: !Ref DomainName
CloudFrontOriginAccessIdentity:
Type: AWS::CloudFront::CloudFrontOriginAccessIdentity
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: !Sub CloudFront OAI for ${DomainName}
WebsiteBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref WebsiteBucket
PolicyDocument:
Statement:
- Action:
- s3:GetObject
Effect: Allow
Resource: !Join [ "", [ "arn:aws:s3:::", !Ref WebsiteBucket, "/*" ] ]
Principal:
CanonicalUser: !GetAtt CloudFrontOriginAccessIdentity.S3CanonicalUserId
WebsiteCloudFront:
Type: AWS::CloudFront::Distribution
DependsOn:
- WebsiteBucketPolicy
Properties:
DistributionConfig:
Comment: Cloudfront Distribution pointing to S3 bucket
Origins:
- DomainName: !GetAtt WebsiteBucket.DomainName
Id: S3Origin
S3OriginConfig:
OriginAccessIdentity:
!Join [ "", [ "origin-access-identity/cloudfront/", !Ref CloudFrontOriginAccessIdentity ] ]
Enabled: true
HttpVersion: 'http2'
DefaultRootObject: index.html
Aliases:
- !Ref DomainName
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
Compress: true
TargetOriginId: S3Origin
ForwardedValues:
QueryString: true
Cookies:
Forward: none
ViewerProtocolPolicy: redirect-to-https
PriceClass: PriceClass_100
ViewerCertificate:
AcmCertificateArn: !Ref AcmCertificateArn
SslSupportMethod: sni-only
您是否已将subdomain.mydomain.com作为备用域名添加到CloudFront发行版?不需要,因为我正在映射一个记录。如果您想选择CNAME路线,则需要执行此操作。