Amazon web services 使用路由53重定向Cloudfront
我正在使用Terraform创建Cloudfront发行版。我已经启动并运行了它,但我唯一可以访问它的方法是通过Amazon web services 使用路由53重定向Cloudfront,amazon-web-services,terraform,amazon-cloudfront,Amazon Web Services,Terraform,Amazon Cloudfront,我正在使用Terraform创建Cloudfront发行版。我已经启动并运行了它,但我唯一可以访问它的方法是通过https://.cloudfront.net/地址。我想使用Route 53区域中的一条记录,我必须重定向到Cloudfront分发。你知道怎么做吗 variable "www_domain_name" { default = "example.com" } S3存储桶用于承载静态代码。这对公众可用,并使用允许公众访问的策略 resour
https://.cloudfront.net/
地址。我想使用Route 53区域中的一条记录,我必须重定向到Cloudfront分发。你知道怎么做吗
variable "www_domain_name" {
default = "example.com"
}
S3存储桶用于承载静态代码。这对公众可用,并使用允许公众访问的策略
resource "aws_s3_bucket" "www" {
bucket = var.www_domain_name
acl = "public-read"
policy = <<POLICY
{
"Version":"2012-10-17",
"Statement":[
{
"Sid":"AddPerm",
"Effect":"Allow",
"Principal": "*",
"Action":["s3:GetObject"],
"Resource":["arn:aws:s3:::${var.www_domain_name}/*"]
}
]
}
POLICY
website {
index_document = "index.html"
error_document = "404.html"
}
}
AWS Cloudfront用于将网站负载分配到亚马逊的边缘位置
resource "aws_cloudfront_distribution" "www_distribution" {
/**
* The distribution's origin needs a "custom" setup in order to redirect
* traffic from <domain>.com to www.<domain>.com. The values bellow are the
* defaults.
*/
origin {
custom_origin_config {
http_port = "80"
https_port = "443"
origin_protocol_policy = "http-only"
origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
/**
* This connects the S3 bucket created earlier to the Cloudfront
* distribution.
*/
domain_name = aws_s3_bucket.www.website_endpoint
origin_id = var.www_domain_name
}
enabled = true
default_root_object = "index.html"
default_cache_behavior {
viewer_protocol_policy = "redirect-to-https"
compress = true
allowed_methods = ["GET", "HEAD"]
cached_methods = ["GET", "HEAD"]
target_origin_id = var.www_domain_name
min_ttl = 0
default_ttl = 86400
max_ttl = 31536000
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
}
/**
* This sets the aliases of the Cloudfront distribution. Here, it is being
* set to be accessible by <var.www_domain_name>.
*/
aliases = [ var.www_domain_name ]
restrictions {
geo_restriction {
restriction_type = "none"
}
}
/**
* The AWS ACM Certificate is then applied to the distribution.
*/
viewer_certificate {
acm_certificate_arn = aws_acm_certificate.certificate.arn
ssl_support_method = "sni-only"
}
}
这是重定向到Cloudfront分发的Route 53记录
resource "aws_route53_zone" "zone" {
name = var.root_domain_name
}
resource "aws_route53_record" "www" {
zone_id = aws_route53_zone.zone.zone_id
name = var.www_domain_name
type = "A"
alias {
name = aws_cloudfront_distribution.www_distribution.domain_name
zone_id = aws_cloudfront_distribution.www_distribution.hosted_zone_id
evaluate_target_health = false
}
}
在评论和聊天中反复出现了一些问题之后,似乎Route53区域被错误配置为缺少域名服务器,而域名正是期待这些服务器的 添加名称服务器记录以匹配
whois tylernorland.com | grep“name server”
的输出所显示的内容后,该区域再次可解析,记录也可解析
$ whois tylernorlund.com | grep "Name Server"
Name Server: NS-1398.AWSDNS-46.ORG
Name Server: NS-1571.AWSDNS-04.CO.UK
Name Server: NS-365.AWSDNS-45.COM
Name Server: NS-871.AWSDNS-44.NET
Name Server: ns-1398.awsdns-46.org
Name Server: ns-1571.awsdns-04.co.uk
Name Server: ns-365.awsdns-45.com
Name Server: ns-871.awsdns-44.net
$ dig tylernorlund.com any @8.8.8.8
; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> tylernorlund.com any @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31196
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;tylernorlund.com. IN ANY
;; ANSWER SECTION:
tylernorlund.com. 59 IN A 99.86.119.38
tylernorlund.com. 59 IN A 99.86.119.32
tylernorlund.com. 59 IN A 99.86.119.124
tylernorlund.com. 59 IN A 99.86.119.72
tylernorlund.com. 21599 IN NS ns-1398.awsdns-46.org.
tylernorlund.com. 21599 IN NS ns-1571.awsdns-04.co.uk.
tylernorlund.com. 21599 IN NS ns-365.awsdns-45.com.
tylernorlund.com. 21599 IN NS ns-871.awsdns-44.net.
tylernorlund.com. 899 IN SOA ns-365.awsdns-45.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
tylernorlund.com. 599 IN MX 10 inbound-smtp.us-east-1.amazonaws.com.
tylernorlund.com. 299 IN TXT "v=spf1 include:amazonses.com ~all"
;; Query time: 54 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Mar 03 10:21:44 GMT 2021
;; MSG SIZE rcvd: 402
$whois tylernorlund.com | grep“名称服务器”
名称服务器:NS-1398.AWSDNS-46.ORG
名称服务器:NS-1571.AWSDNS-04.CO.UK
名称服务器:NS-365.AWSDNS-45.COM
名称服务器:NS-871.AWSDNS-44.NET
名称服务器:ns-1398.awsdns-46.org
名称服务器:ns-1571.awsdns-04.co.uk
名称服务器:ns-365.awsdns-45.com
名称服务器:ns-871.awsdns-44.net
$dig tylernorlund.com any@8.8.8.8
; 挖掘9.11.3-1ubuntu1.14-Ubuntu tylernorlund.com any@8.8.8
;; 全局选项:+cmd
;; 得到答案:
;; ->>当你把这些都用光了,你有什么问题?在我看来,这是正确的。问题是,当我在Safari中访问url时,没有页面。当我访问云前端给我的url时,我看到了页面。我想Route 53重定向出现了问题。没有加载页面,或者没有错误页面?如果是,错误显示了什么?您是否尝试过以任何方式调试该错误?没有页面,因为没有加载任何页面。没有错误,只是不加载任何内容。云前端url工作得很好。我想将www.domain.com重定向到cloudfront url。您愿意/能够共享该域吗?在没有看到您看到的问题的情况下进行调试听起来很困难。
$ whois tylernorlund.com | grep "Name Server"
Name Server: NS-1398.AWSDNS-46.ORG
Name Server: NS-1571.AWSDNS-04.CO.UK
Name Server: NS-365.AWSDNS-45.COM
Name Server: NS-871.AWSDNS-44.NET
Name Server: ns-1398.awsdns-46.org
Name Server: ns-1571.awsdns-04.co.uk
Name Server: ns-365.awsdns-45.com
Name Server: ns-871.awsdns-44.net
$ dig tylernorlund.com any @8.8.8.8
; <<>> DiG 9.11.3-1ubuntu1.14-Ubuntu <<>> tylernorlund.com any @8.8.8.8
;; global options: +cmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 31196
;; flags: qr rd ra; QUERY: 1, ANSWER: 11, AUTHORITY: 0, ADDITIONAL: 1
;; OPT PSEUDOSECTION:
; EDNS: version: 0, flags:; udp: 512
;; QUESTION SECTION:
;tylernorlund.com. IN ANY
;; ANSWER SECTION:
tylernorlund.com. 59 IN A 99.86.119.38
tylernorlund.com. 59 IN A 99.86.119.32
tylernorlund.com. 59 IN A 99.86.119.124
tylernorlund.com. 59 IN A 99.86.119.72
tylernorlund.com. 21599 IN NS ns-1398.awsdns-46.org.
tylernorlund.com. 21599 IN NS ns-1571.awsdns-04.co.uk.
tylernorlund.com. 21599 IN NS ns-365.awsdns-45.com.
tylernorlund.com. 21599 IN NS ns-871.awsdns-44.net.
tylernorlund.com. 899 IN SOA ns-365.awsdns-45.com. awsdns-hostmaster.amazon.com. 1 7200 900 1209600 86400
tylernorlund.com. 599 IN MX 10 inbound-smtp.us-east-1.amazonaws.com.
tylernorlund.com. 299 IN TXT "v=spf1 include:amazonses.com ~all"
;; Query time: 54 msec
;; SERVER: 8.8.8.8#53(8.8.8.8)
;; WHEN: Wed Mar 03 10:21:44 GMT 2021
;; MSG SIZE rcvd: 402