amazon-web-services - Cloudformation 参数 ViewerProtocolPolicy:“重定向到 https”正在失效
问题描述
我正在研究云形成模板,该模板将创建一个 s3 存储桶并将云前端和 CloudFront 源分配给 s3 存储桶,并创建一个具有 CloudFront 源的 s3 存储桶策略。将以下代码堆栈上传到云形成时出现错误
错误:ViewerProtocolPolicy:“重定向到 https”是属性验证失败:[在 {/DistributionConfig} 中遇到不支持的属性:
根据上面的参数 ViewerProtocolPolicy 的 cloudformation 文档:支持重定向到 https。
AWSTemplateFormatVersion: '2010-09-09'
Parameters:
BucketName:
Type: String
Description: Allocate the Bucket Name you want to create it
DefaultRootObject:
Type: String
Description: The Default Path of the index.html Document
Default: 'index.html'
ErrorPagePath:
Type: String
Description: The Default path of the error.html Document
Default: '/error.html'
Resources:
mys3bucket:
Type: "AWS::S3::Bucket"
Properties:
AccessControl: Private
BucketName: !Ref BucketName
WebsiteConfiguration:
IndexDocument: !Ref DefaultRootObject
ErrorDocument: !Ref ErrorPagePath
#DeletionPolicy: Retain
ReadPolicy:
Type: 'AWS::S3::BucketPolicy'
Properties:
Bucket: !Ref mys3bucket
PolicyDocument:
Statement:
- Action: 's3:GetObject'
Effect: Allow
Resource: !Sub 'arn:aws:s3:::${mys3bucket}/*'
Principal:
CanonicalUser: !GetAtt
CloudFrontOriginAccessIdentity.S3CanonicalUserId
CloudFrontDistribution:
Type: 'AWS::CloudFront::Distribution'
Properties:
DistributionConfig:
CustomErrorResponses:
- ErrorCode: 403 # not found
ResponseCode: 404
ResponsePagePath: !Ref ErrorPagePath
DefaultCacheBehavior:
AllowedMethods:
- GET
- HEAD
- OPTIONS
CachedMethods:
- GET
- HEAD
- OPTIONS
Compress: true
DefaultTTL: 3600 # in seconds
ForwardedValues:
Cookies:
Forward: none
QueryString: false
MaxTTL: 86400 # in seconds
MinTTL: 60 # in seconds
TargetOriginId: s3origin
ViewerProtocolPolicy: 'redirect-to-https'
DefaultRootObject: !Ref DefaultRootObject
Enabled: true
HttpVersion: http2
Origins:
- DomainName: !GetAtt 'mys3bucket.DomainName'
Id: s3origin
S3OriginConfig:
OriginAccessIdentity: !Sub 'origin-access-
identity/cloudfront/${CloudFrontOriginAccessIdentity}'
PriceClass: 'PriceClass_All'
# ViewerCertificate:
# AcmCertificateArn: !Ref AcmCertificateArn
# SslSupportMethod: sni-only
CloudFrontOriginAccessIdentity:
Type: 'AWS::CloudFront::CloudFrontOriginAccessIdentity'
Properties:
CloudFrontOriginAccessIdentityConfig:
Comment: !Ref mys3bucket
Outputs:
BucketName:
Value:!Ref 'mys3bucket'
Description: Name of the sample Amazon S3 bucket with a lifecycle
configuration.
解决方案
你有一个小的缩进错误。ViewerProtocolPolicy: 'redirect-to-https'
应该是DefaultCacheBehavior
你的孩子DistributionConfig
推荐阅读
- android - Android中使用ArrayAdapter创建列表
- c - 无法将函数的指针值返回给 main
- c - 如何查看多个用户组?
- floating-point - IEEE 754 和机器编号
- javascript - Microsoft Graph API 的全局应用程序配置
- angular - 角度:输入“可观察”
' 没有兼容的调用签名 - javascript - Bootstrap 4 导航栏下拉菜单不起作用
- python - 如何在 Mac 上的 bash 脚本中激活 Python 虚拟环境并启动 python 脚本?
- go - 如何导入其他项目的子模块
- r - 如何为数据点选择唯一颜色