Cloudfront 的自定义 DNS 返回 403

如何解决Cloudfront 的自定义 DNS 返回 403

我正在使用 Cloudformation 来部署资源。这包括 Cloudfront CDN 和 RecordSet。我希望它为自定义域 test.example.com 创建一个新记录集，它将指向我的 Cloudfront CDN，它指向一个 S3 存储桶。部署成功后，出现以下错误：

403 ERROR
The request Could not be satisfied.
Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later,or contact the app or website owner.
If you provide content to customers through CloudFront,you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.

使用 Cloudfront 域的测试成功。当我检查 AWS 控制台时，我唯一注意到的是备用域名 (CNAME) 是空的：

当我用预期值 test.example.com 填充它时，页面加载得很好。 我曾尝试将 Aliases: test.example.com 添加到 Cloudfront distributionConfig，但随后我收到了 RecordSet 的循环错误。

如何在 Cloudformation 中同时拥有 CDN 和 RecordSet，并填充备用域名 (CNAME)？

云前线：

  distribution:
    Type: AWS::CloudFront::distribution
    Properties:
      distributionConfig:
        Origins:
          -
            # Use the Website as the origin
            DomainName: !GetAtt 'Website.DomainName'
            Id: !Ref Website
            S3OriginConfig:
              OriginAccessIdentity: !Join [ '',[ 'origin-access-identity/cloudfront/',!Ref CloudFrontOriginAccessIdentity] ]
        Enabled: true
        HttpVersion: http2
        DefaultRootObject: index.html
        CustomErrorResponses:
          - ErrorCode: 404
            ResponseCode: 200
            ResponsePagePath: /index.html
          - ErrorCode: 403
            ResponseCode: 200
            ResponsePagePath: /index.html
        DefaultCacheBehavior:
          AllowedMethods:
            - DELETE
            - GET
            - HEAD
            - OPTIONS
            - PATCH
            - POST
            - PUT
          DefaultTTL: 60
          ForwardedValues:
            QueryString: true
            Cookies:
              Forward: none
          # The origin id defined above
          TargetoriginId: !Ref Website
          ViewerProtocolPolicy: "redirect-to-https" # we want to force https
        # The certificate to use when using https
        ViewerCertificate:
          AcmCertificateArn: arn:aws:acm:us-east-1:<id>:certificate/<certId>
          MinimumProtocolVersion: TLSv1
          SslSupportMethod: sni-only

DNS：

  DNS:
    Type: AWS::Route53::RecordSetGroup
    Properties:
      HostedZoneId: <<id>>
      RecordSets:
        - Name: test.example.com
          Type: A
          AliasTarget:
            HostedZoneId: Z2FDTNDATAQYW2
            DNSName: !GetAtt
              - distribution
              - DomainName

解决方法

Aliases:
  - test.example.com

Aliases: !Ref DNS

版权声明：本文内容由互联网用户自发贡献，该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务，不拥有所有权，不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容， 请发送邮件至 dio@foxmail.com 举报，一经查实，本站将立刻删除。