我有一个项目,它有一个cloudfront分布,可以从bucket中提供一些数据。我使用的是Serverless框架,但我认为这主要是一个CloudFormation问题。
我想在Route53托管的域中创建A记录(如果重要的话,是三级域,即:dashboard.domain.com指向Route53,我正在尝试添加.dashboard.domain.com(
我只是不知道如何引用CloudFront资源的输出?
这就是我现在所拥有的,它之所以有效,是因为它都是静态的。然而,我需要自动放入正确的云前端域,该域将由另一个资源创建。我想这是我可以做的某种类型的GetAttr,但我就是无法让它发挥作用。
DNSRecords:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneId: Z09193931V4YGJEPVMLG1
RecordSets:
- Name: prod.dashboard.domain.com
Type: A
AliasTarget:
HostedZoneId: Z2FDTNDATAQYW2
DNSName: someid.cloudfront.net
WebAppCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName:
Fn::Join: [
"", [
{ "Ref": "WebAppS3Bucket" },
".s3.amazonaws.com"
]
]
## An identifier for the origin which must be unique within the distribution
Id: WebApp
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: https-only
Enabled: 'true'
## Uncomment the following section in case you are using a custom domain
Aliases:
- ${self:provider.stage}.dashboard.domain.com
DefaultRootObject: index.html
## Since the Single Page App is taking care of the routing we need to make sure ever path is served with index.html
## The only exception are files that actually exist e.h. app.js, reset.css
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
## The origin id defined above
TargetOriginId: WebApp
## Defining if and how the QueryString and Cookies are forwarded to the origin which in this case is S3
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
## The protocol that users can use to access the files in the origin. To allow HTTP use `allow-all`
ViewerProtocolPolicy: redirect-to-https
## The certificate to use when viewers use HTTPS to request objects.
ViewerCertificate:
AcmCertificateArn:
Ref: SSLCertificate
SslSupportMethod: sni-only
MinimumProtocolVersion: TLSv1
EDIT:更新为包括WebAppCloudFrontDistribution
您还没有提供AWS::CloudFront::Distribution资源定义,所以我只能以一个示例为基础。
MyCloudFrontDistro:
Type: AWS::CloudFront::Distribution
Properties:
# some properties
然后您可以修改DNSRecords
DNSRecords:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneId: Z09193931V4YGJEPVMLG1
RecordSets:
- Name: prod.dashboard.domain.com
Type: A
AliasTarget:
HostedZoneId: !Ref MyCloudFrontDistro
DNSName: !GetAtt MyCloudFrontDistro.DomainName
WebAppCloudFrontDistribution:
Type: AWS::CloudFront::Distribution
Properties:
DistributionConfig:
Origins:
- DomainName:
Fn::Join: [
"", [
{ "Ref": "WebAppS3Bucket" },
".s3.amazonaws.com"
]
]
## An identifier for the origin which must be unique within the distribution
Id: WebApp
CustomOriginConfig:
HTTPPort: 80
HTTPSPort: 443
OriginProtocolPolicy: https-only
Enabled: 'true'
Aliases:
- ${self:provider.stage}.dashboard.domain.com
DefaultRootObject: index.html
CustomErrorResponses:
- ErrorCode: 404
ResponseCode: 200
ResponsePagePath: /index.html
DefaultCacheBehavior:
AllowedMethods:
- DELETE
- GET
- HEAD
- OPTIONS
- PATCH
- POST
- PUT
TargetOriginId: WebApp
ForwardedValues:
QueryString: 'false'
Cookies:
Forward: none
## The protocol that users can use to access the files in the origin. To allow HTTP use `allow-all`
ViewerProtocolPolicy: redirect-to-https
## The certificate to use when viewers use HTTPS to request objects.
ViewerCertificate:
AcmCertificateArn:
Ref: SSLCertificate
SslSupportMethod: sni-only
MinimumProtocolVersion: TLSv1
## Uncomment the following section in case you want to enable logging for CloudFront requests
# Logging:
# IncludeCookies: 'false'
# Bucket: mylogs.s3.amazonaws.com
# Prefix: myprefix
Resources:
DNSRecords:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneName: dashboard.domain.com.
RecordSets:
- Name: ${self:provider.stage}.dashboard.domain.com
Type: A
AliasTarget:
HostedZoneId: Z2FDTNDATAQYW2
DNSName: !GetAtt WebAppCloudFrontDistribution.DomainName
这是我的工作解决方案,请注意一些要点。
- Z2FDTNDATAQYW2的HostedZoneId对于云锋域是特殊的。它需要在引用云前端资源时使用
- 尾部空间需要包含在HostedZoneName上(如果与HostedZoneId相比使用该名称(。在我的情况下,我有云形成之前的领域设置