amazon-web-services - Cloudformation 参数 ViewerProtocolPolicy：“重定向到 https”正在失效

问题描述

我正在研究云形成模板，该模板将创建一个 s3 存储桶并将云前端和 CloudFront 源分配给 s3 存储桶，并创建一个具有 CloudFront 源的 s3 存储桶策略。将以下代码堆栈上传到云形成时出现错误

错误：ViewerProtocolPolicy：“重定向到 https”是属性验证失败：[在 {/DistributionConfig} 中遇到不支持的属性：

根据上面的参数 ViewerProtocolPolicy 的 cloudformation 文档：支持重定向到 https。

AWSTemplateFormatVersion: '2010-09-09'

Parameters:
BucketName:
Type: String
Description: Allocate the Bucket Name you want to create it
DefaultRootObject:
Type: String
Description: The Default Path of the index.html Document 
Default: 'index.html' 
ErrorPagePath:
Type: String
Description: The Default path of the error.html Document
Default: '/error.html'


Resources:
mys3bucket:
Type: "AWS::S3::Bucket"
Properties:
  AccessControl: Private
  BucketName: !Ref BucketName

  WebsiteConfiguration: 
    IndexDocument: !Ref DefaultRootObject
    ErrorDocument: !Ref ErrorPagePath
  #DeletionPolicy: Retain
 ReadPolicy:
 Type: 'AWS::S3::BucketPolicy'
 Properties:
  Bucket: !Ref mys3bucket
  PolicyDocument:
    Statement:
      - Action: 's3:GetObject'
        Effect: Allow
        Resource: !Sub 'arn:aws:s3:::${mys3bucket}/*'
        Principal:
          CanonicalUser: !GetAtt 
CloudFrontOriginAccessIdentity.S3CanonicalUserId

 CloudFrontDistribution:
Type: 'AWS::CloudFront::Distribution'
Properties:
  DistributionConfig:
    CustomErrorResponses:
      - ErrorCode: 403 # not found
        ResponseCode: 404
        ResponsePagePath: !Ref ErrorPagePath
    DefaultCacheBehavior:
      AllowedMethods:
        - GET
        - HEAD
        - OPTIONS
      CachedMethods:
        - GET
        - HEAD
        - OPTIONS
      Compress: true
      DefaultTTL: 3600 # in seconds
      ForwardedValues:
        Cookies:
          Forward: none
        QueryString: false
      MaxTTL: 86400 # in seconds
      MinTTL: 60 # in seconds
      TargetOriginId: s3origin
    ViewerProtocolPolicy: 'redirect-to-https'
    DefaultRootObject: !Ref DefaultRootObject
    Enabled: true
    HttpVersion: http2
    Origins:
      - DomainName: !GetAtt 'mys3bucket.DomainName'
        Id: s3origin
        S3OriginConfig:
          OriginAccessIdentity: !Sub 'origin-access- 
 identity/cloudfront/${CloudFrontOriginAccessIdentity}'
    PriceClass: 'PriceClass_All'
  #  ViewerCertificate:
   #   AcmCertificateArn: !Ref AcmCertificateArn
  #    SslSupportMethod: sni-only

 CloudFrontOriginAccessIdentity:
Type: 'AWS::CloudFront::CloudFrontOriginAccessIdentity'
Properties:
  CloudFrontOriginAccessIdentityConfig:
    Comment: !Ref mys3bucket


Outputs:
BucketName:
Value:!Ref 'mys3bucket'
Description: Name of the sample Amazon S3 bucket with a lifecycle 
 configuration.

标签： amazon-web-servicesamazon-cloudformationamazon-cloudfront