Fragmentos de código de plantillas de Amazon CloudFront
Utilice estos fragmentos de código de plantillas de ejemplo con su recurso de distribución de Amazon CloudFront en AWS CloudFormation. Para obtener más información, consulte Amazon CloudFront resource type reference.
Temas
Recurso de distribución de Amazon CloudFront con origen Amazon S3
En la siguiente plantilla de ejemplo se muestra una distribución de Amazon CloudFront mediante un identidad de acceso de origen (OAI) heredada y S3Origin. Para obtener información acerca de cómo utilizar un control de acceso de origen (OAC) en su lugar, consulte Restricción del acceso a un origen de Amazon Simple Storage Service en la Guía para desarrolladores de Amazon CloudFront.
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDistribution" : { "Type" : "AWS::CloudFront::Distribution", "Properties" : { "DistributionConfig" : { "Origins" : [ { "DomainName" : "amzn-s3-demo-bucket.s3.amazonaws.com", "Id" : "myS3Origin", "S3OriginConfig" : { "OriginAccessIdentity" : "origin-access-identity/cloudfront/E127EXAMPLE51Z" } }], "Enabled" : "true", "Comment" : "Some comment", "DefaultRootObject" : "index.html", "Logging" : { "IncludeCookies" : "false", "Bucket" : "amzn-s3-demo-logging-bucket.s3.amazonaws.com", "Prefix" : "myprefix" }, "Aliases" : [ "mysite.example.com", "yoursite.example.com" ], "DefaultCacheBehavior" : { "AllowedMethods" : [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId" : "myS3Origin", "ForwardedValues" : { "QueryString" : "false", "Cookies" : { "Forward" : "none" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all" }, "PriceClass" : "PriceClass_200", "Restrictions" : { "GeoRestriction" : { "RestrictionType" : "whitelist", "Locations" : [ "AQ", "CV" ] } }, "ViewerCertificate" : { "CloudFrontDefaultCertificate" : "true" } } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Resources: myDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: Origins: - DomainName: amzn-s3-demo-bucket.s3.amazonaws.com Id: myS3Origin S3OriginConfig: OriginAccessIdentity: origin-access-identity/cloudfront/E127EXAMPLE51Z Enabled: 'true' Comment: Some comment DefaultRootObject: index.html Logging: IncludeCookies: 'false' Bucket: amzn-s3-demo-logging-bucket.s3.amazonaws.com Prefix: myprefix Aliases: - mysite.example.com - yoursite.example.com DefaultCacheBehavior: AllowedMethods: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT TargetOriginId: myS3Origin ForwardedValues: QueryString: 'false' Cookies: Forward: none TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all PriceClass: PriceClass_200 Restrictions: GeoRestriction: RestrictionType: whitelist Locations: - AQ - CV ViewerCertificate: CloudFrontDefaultCertificate: 'true'
Recurso de distribución de Amazon CloudFront con origen personalizado
La siguiente plantilla de ejemplo muestra una Distribución de Amazon CloudFront mediante un CustomOrigin.
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDistribution" : { "Type" : "AWS::CloudFront::Distribution", "Properties" : { "DistributionConfig" : { "Origins" : [ { "DomainName" : "www.example.com", "Id" : "myCustomOrigin", "CustomOriginConfig" : { "HTTPPort" : "80", "HTTPSPort" : "443", "OriginProtocolPolicy" : "http-only" } } ], "Enabled" : "true", "Comment" : "Somecomment", "DefaultRootObject" : "index.html", "Logging" : { "IncludeCookies" : "true", "Bucket" : "amzn-s3-demo-logging-bucket.s3.amazonaws.com", "Prefix": "myprefix" }, "Aliases" : [ "mysite.example.com", "*.yoursite.example.com" ], "DefaultCacheBehavior" : { "TargetOriginId" : "myCustomOrigin", "SmoothStreaming" : "false", "ForwardedValues" : { "QueryString" : "false", "Cookies" : { "Forward" : "all" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all" }, "CustomErrorResponses" : [ { "ErrorCode" : "404", "ResponsePagePath" : "/error-pages/404.html", "ResponseCode" : "200", "ErrorCachingMinTTL" : "30" } ], "PriceClass" : "PriceClass_200", "Restrictions" : { "GeoRestriction" : { "RestrictionType" : "whitelist", "Locations" : [ "AQ", "CV" ] } }, "ViewerCertificate": { "CloudFrontDefaultCertificate" : "true" } } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Resources: myDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: Origins: - DomainName: www.example.com Id: myCustomOrigin CustomOriginConfig: HTTPPort: '80' HTTPSPort: '443' OriginProtocolPolicy: http-only Enabled: 'true' Comment: Somecomment DefaultRootObject: index.html Logging: IncludeCookies: 'true' Bucket: amzn-s3-demo-logging-bucket.s3.amazonaws.com Prefix: myprefix Aliases: - mysite.example.com - "*.yoursite.example.com" DefaultCacheBehavior: TargetOriginId: myCustomOrigin SmoothStreaming: 'false' ForwardedValues: QueryString: 'false' Cookies: Forward: all TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all CustomErrorResponses: - ErrorCode: '404' ResponsePagePath: "/error-pages/404.html" ResponseCode: '200' ErrorCachingMinTTL: '30' PriceClass: PriceClass_200 Restrictions: GeoRestriction: RestrictionType: whitelist Locations: - AQ - CV ViewerCertificate: CloudFrontDefaultCertificate: 'true'
Distribución de Amazon CloudFront con soporte de origen múltiple
La siguiente plantilla de ejemplo muestra cómo declarar una Distribución de CloudFront con soporte de origen múltiple. En la DistributionConfig, se proporciona una lista de orígenes y se establece un DefaultCacheBehavior.
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDistribution" : { "Type" : "AWS::CloudFront::Distribution", "Properties" : { "DistributionConfig" : { "Origins" : [ { "Id" : "myS3Origin", "DomainName" : "amzn-s3-demo-bucket.s3.amazonaws.com", "S3OriginConfig" : { "OriginAccessIdentity" : "origin-access-identity/cloudfront/E127EXAMPLE51Z" } }, { "Id" : "myCustomOrigin", "DomainName" : "www.example.com", "CustomOriginConfig" : { "HTTPPort" : "80", "HTTPSPort" : "443", "OriginProtocolPolicy" : "http-only" } } ], "Enabled" : "true", "Comment" : "Some comment", "DefaultRootObject" : "index.html", "Logging" : { "IncludeCookies" : "true", "Bucket" : "amzn-s3-demo-logging-bucket.s3.amazonaws.com", "Prefix" : "myprefix" }, "Aliases" : [ "mysite.example.com", "yoursite.example.com" ], "DefaultCacheBehavior" : { "TargetOriginId" : "myS3Origin", "ForwardedValues" : { "QueryString" : "false", "Cookies" : { "Forward" : "all" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all", "MinTTL" : "100", "SmoothStreaming" : "true" }, "CacheBehaviors" : [ { "AllowedMethods" : [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId" : "myS3Origin", "ForwardedValues" : { "QueryString" : "true", "Cookies" : { "Forward" : "none" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all", "MinTTL" : "50", "PathPattern" : "images1/*.jpg" }, { "AllowedMethods" : [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId" : "myCustomOrigin", "ForwardedValues" : { "QueryString" : "true", "Cookies" : { "Forward" : "none" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all", "MinTTL" : "50", "PathPattern" : "images2/*.jpg" } ], "CustomErrorResponses" : [ { "ErrorCode" : "404", "ResponsePagePath" : "/error-pages/404.html", "ResponseCode" : "200", "ErrorCachingMinTTL" : "30" } ], "PriceClass" : "PriceClass_All", "ViewerCertificate" : { "CloudFrontDefaultCertificate" : "true" } } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Resources: myDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: Origins: - Id: myS3Origin DomainName: amzn-s3-demo-bucket.s3.amazonaws.com S3OriginConfig: OriginAccessIdentity: origin-access-identity/cloudfront/E127EXAMPLE51Z - Id: myCustomOrigin DomainName: www.example.com CustomOriginConfig: HTTPPort: '80' HTTPSPort: '443' OriginProtocolPolicy: http-only Enabled: 'true' Comment: Some comment DefaultRootObject: index.html Logging: IncludeCookies: 'true' Bucket: amzn-s3-demo-logging-bucket.s3.amazonaws.com Prefix: myprefix Aliases: - mysite.example.com - yoursite.example.com DefaultCacheBehavior: TargetOriginId: myS3Origin ForwardedValues: QueryString: 'false' Cookies: Forward: all TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all MinTTL: '100' SmoothStreaming: 'true' CacheBehaviors: - AllowedMethods: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT TargetOriginId: myS3Origin ForwardedValues: QueryString: 'true' Cookies: Forward: none TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all MinTTL: '50' PathPattern: images1/*.jpg - AllowedMethods: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT TargetOriginId: myCustomOrigin ForwardedValues: QueryString: 'true' Cookies: Forward: none TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all MinTTL: '50' PathPattern: images2/*.jpg CustomErrorResponses: - ErrorCode: '404' ResponsePagePath: "/error-pages/404.html" ResponseCode: '200' ErrorCachingMinTTL: '30' PriceClass: PriceClass_All ViewerCertificate: CloudFrontDefaultCertificate: 'true'
Distribución de Amazon CloudFront con una función de Lambda como origen
En el siguiente ejemplo se crea una distribución de CloudFront que sirve de frente para la URL de una función de Lambda especificada (que se proporciona como parámetro), lo que permite el acceso solo mediante HTTPS, el almacenamiento en caché, la compresión y la entrega global. Configura la URL de Lambda como un origen HTTPS personalizado y aplica una política de almacenamiento en caché de AWS estándar. La distribución está optimizada para el rendimiento con compatibilidad con HTTP/2 e IPv6 y muestra el nombre de dominio de CloudFront, lo que permite a los usuarios acceder a la función de Lambda a través de un punto de conexión seguro respaldado por una CDN. Para obtener más información, consulte Using Amazon CloudFront with AWS Lambda as origin to accelerate your web applications
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "LambdaEndpoint": { "Type": "String", "Description": "The Lambda function URL endpoint without the 'https://'" } }, "Resources": { "MyDistribution": { "Type": "AWS::CloudFront::Distribution", "Properties": { "DistributionConfig": { "PriceClass": "PriceClass_All", "HttpVersion": "http2", "IPV6Enabled": true, "Origins": [ { "DomainName": { "Ref": "LambdaEndpoint" }, "Id": "LambdaOrigin", "CustomOriginConfig": { "HTTPSPort": 443, "OriginProtocolPolicy": "https-only" } } ], "Enabled": "true", "DefaultCacheBehavior": { "TargetOriginId": "LambdaOrigin", "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", "ViewerProtocolPolicy": "redirect-to-https", "SmoothStreaming": "false", "Compress": "true" } } } } }, "Outputs": { "CloudFrontDomain": { "Description": "CloudFront default domain name configured", "Value": { "Fn::Sub": "https://${MyDistribution.DomainName}/" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Parameters: LambdaEndpoint: Type: String Description: The Lambda function URL endpoint without the 'https://' Resources: MyDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: PriceClass: PriceClass_All HttpVersion: http2 IPV6Enabled: true Origins: - DomainName: !Ref LambdaEndpoint Id: LambdaOrigin CustomOriginConfig: HTTPSPort: 443 OriginProtocolPolicy: https-only Enabled: 'true' DefaultCacheBehavior: TargetOriginId: LambdaOrigin CachePolicyId: '658327ea-f89d-4fab-a63d-7e88639e58f6' ViewerProtocolPolicy: redirect-to-https SmoothStreaming: 'false' Compress: 'true' Outputs: CloudFrontDomain: Description: CloudFront default domain name configured Value: !Sub https://${MyDistribution.DomainName}/
Véase también
Para ver un ejemplo de cómo agregar un alias personalizado a un registro de Route 53 para crear un nombre descriptivo para una distribución de CloudFront, consulte Conjunto de registros de recursos de alias para una distribución de CloudFront.
