如何解决Cloudfront 的自定义 DNS 返回 403
我正在使用 Cloudformation 来部署资源。这包括 Cloudfront CDN 和 RecordSet。我希望它为自定义域 test.example.com
创建一个新记录集,它将指向我的 Cloudfront CDN,它指向一个 S3 存储桶。部署成功后,出现以下错误:
403 ERROR
The request Could not be satisfied.
Bad request. We can't connect to the server for this app or website at this time. There might be too much traffic or a configuration error. Try again later,or contact the app or website owner.
If you provide content to customers through CloudFront,you can find steps to troubleshoot and help prevent this error by reviewing the CloudFront documentation.
使用 Cloudfront 域的测试成功。当我检查 AWS 控制台时,我唯一注意到的是备用域名 (CNAME) 是空的:
当我用预期值 test.example.com
填充它时,页面加载得很好。
我曾尝试将 Aliases: test.example.com
添加到 Cloudfront distributionConfig
,但随后我收到了 RecordSet 的循环错误。
如何在 Cloudformation 中同时拥有 CDN 和 RecordSet,并填充备用域名 (CNAME)?
云前线:
distribution:
Type: AWS::CloudFront::distribution
Properties:
distributionConfig:
Origins:
-
# Use the Website as the origin
DomainName: !GetAtt 'Website.DomainName'
Id: !Ref Website
S3OriginConfig:
OriginAccessIdentity: !Join [ '',[ 'origin-access-identity/cloudfront/',!Ref CloudFrontOriginAccessIdentity] ]
Enabled: true
HttpVersion: http2
DefaultRootObject: index.html
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
- ErrorCode: 403
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
DefaultTTL: 60
ForwardedValues:
QueryString: true
Cookies:
Forward: none
# The origin id defined above
TargetoriginId: !Ref Website
ViewerProtocolPolicy: "redirect-to-https" # we want to force https
# The certificate to use when using https
ViewerCertificate:
AcmCertificateArn: arn:aws:acm:us-east-1:<id>:certificate/<certId>
MinimumProtocolVersion: TLSv1
SslSupportMethod: sni-only
DNS:
DNS:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneId: <<id>>
RecordSets:
- Name: test.example.com
Type: A
AliasTarget:
HostedZoneId: Z2FDTNDATAQYW2
DNSName: !GetAtt
- distribution
- DomainName
解决方法
当我将以下内容添加到 Cloudfront 发行版时,看起来它是成功的:
Aliases:
- test.example.com
我的错误是我之前引用了 DNS:
Aliases: !Ref DNS
这是不正确的,导致我的循环依赖问题
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。