本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
Amazon CloudFront 範本程式碼片段
將這些範本程式碼片段與 Amazon CloudFront 分發資源搭配使用 AWS CloudFormation。如需詳細資訊,請參閱 Amazon CloudFront 資源類型參考。
主題
具有 Amazon S3 來源的 Amazon CloudFront 分佈資源
下列範例範本顯示使用 S3Origin 和舊版原始存取身分 (OAI) 的 Amazon CloudFront 分佈。如需改用原始存取控制 (OAC) 的詳細資訊,請參閱《Amazon CloudFront 開發人員指南》中的限制對 Amazon Simple Storage Service 原始伺服器的存取。 Amazon CloudFront
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDistribution" : { "Type" : "AWS::CloudFront::Distribution", "Properties" : { "DistributionConfig" : { "Origins" : [ { "DomainName" : "amzn-s3-demo-bucket.s3.amazonaws.com", "Id" : "myS3Origin", "S3OriginConfig" : { "OriginAccessIdentity" : "origin-access-identity/cloudfront/E127EXAMPLE51Z" } }], "Enabled" : "true", "Comment" : "Some comment", "DefaultRootObject" : "index.html", "Logging" : { "IncludeCookies" : "false", "Bucket" : "amzn-s3-demo-logging-bucket.s3.amazonaws.com", "Prefix" : "myprefix" }, "Aliases" : [ "mysite.example.com", "yoursite.example.com" ], "DefaultCacheBehavior" : { "AllowedMethods" : [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId" : "myS3Origin", "ForwardedValues" : { "QueryString" : "false", "Cookies" : { "Forward" : "none" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all" }, "PriceClass" : "PriceClass_200", "Restrictions" : { "GeoRestriction" : { "RestrictionType" : "whitelist", "Locations" : [ "AQ", "CV" ] } }, "ViewerCertificate" : { "CloudFrontDefaultCertificate" : "true" } } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Resources: myDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: Origins: - DomainName: amzn-s3-demo-bucket.s3.amazonaws.com Id: myS3Origin S3OriginConfig: OriginAccessIdentity: origin-access-identity/cloudfront/E127EXAMPLE51Z Enabled: 'true' Comment: Some comment DefaultRootObject: index.html Logging: IncludeCookies: 'false' Bucket: amzn-s3-demo-logging-bucket.s3.amazonaws.com Prefix: myprefix Aliases: - mysite.example.com - yoursite.example.com DefaultCacheBehavior: AllowedMethods: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT TargetOriginId: myS3Origin ForwardedValues: QueryString: 'false' Cookies: Forward: none TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all PriceClass: PriceClass_200 Restrictions: GeoRestriction: RestrictionType: whitelist Locations: - AQ - CV ViewerCertificate: CloudFrontDefaultCertificate: 'true'
Amazon CloudFront 分佈資源與自訂原始伺服器
以下範例範本顯示使用 CustomOrigin 的 Amazon CloudFront 分佈。
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDistribution" : { "Type" : "AWS::CloudFront::Distribution", "Properties" : { "DistributionConfig" : { "Origins" : [ { "DomainName" : "www.example.com", "Id" : "myCustomOrigin", "CustomOriginConfig" : { "HTTPPort" : "80", "HTTPSPort" : "443", "OriginProtocolPolicy" : "http-only" } } ], "Enabled" : "true", "Comment" : "Somecomment", "DefaultRootObject" : "index.html", "Logging" : { "IncludeCookies" : "true", "Bucket" : "amzn-s3-demo-logging-bucket.s3.amazonaws.com", "Prefix": "myprefix" }, "Aliases" : [ "mysite.example.com", "*.yoursite.example.com" ], "DefaultCacheBehavior" : { "TargetOriginId" : "myCustomOrigin", "SmoothStreaming" : "false", "ForwardedValues" : { "QueryString" : "false", "Cookies" : { "Forward" : "all" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all" }, "CustomErrorResponses" : [ { "ErrorCode" : "404", "ResponsePagePath" : "/error-pages/404.html", "ResponseCode" : "200", "ErrorCachingMinTTL" : "30" } ], "PriceClass" : "PriceClass_200", "Restrictions" : { "GeoRestriction" : { "RestrictionType" : "whitelist", "Locations" : [ "AQ", "CV" ] } }, "ViewerCertificate": { "CloudFrontDefaultCertificate" : "true" } } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Resources: myDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: Origins: - DomainName: www.example.com Id: myCustomOrigin CustomOriginConfig: HTTPPort: '80' HTTPSPort: '443' OriginProtocolPolicy: http-only Enabled: 'true' Comment: Somecomment DefaultRootObject: index.html Logging: IncludeCookies: 'true' Bucket: amzn-s3-demo-logging-bucket.s3.amazonaws.com Prefix: myprefix Aliases: - mysite.example.com - "*.yoursite.example.com" DefaultCacheBehavior: TargetOriginId: myCustomOrigin SmoothStreaming: 'false' ForwardedValues: QueryString: 'false' Cookies: Forward: all TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all CustomErrorResponses: - ErrorCode: '404' ResponsePagePath: "/error-pages/404.html" ResponseCode: '200' ErrorCachingMinTTL: '30' PriceClass: PriceClass_200 Restrictions: GeoRestriction: RestrictionType: whitelist Locations: - AQ - CV ViewerCertificate: CloudFrontDefaultCertificate: 'true'
Amazon CloudFront 分佈與多重原始伺服器支援
以下範例範本說明如何宣告具有多重原始伺服器支援的 CloudFront 分佈。在 DistributionConfig 中,提供原始伺服器清單,並設定 DefaultCacheBehavior。
JSON
{ "AWSTemplateFormatVersion" : "2010-09-09", "Resources" : { "myDistribution" : { "Type" : "AWS::CloudFront::Distribution", "Properties" : { "DistributionConfig" : { "Origins" : [ { "Id" : "myS3Origin", "DomainName" : "amzn-s3-demo-bucket.s3.amazonaws.com", "S3OriginConfig" : { "OriginAccessIdentity" : "origin-access-identity/cloudfront/E127EXAMPLE51Z" } }, { "Id" : "myCustomOrigin", "DomainName" : "www.example.com", "CustomOriginConfig" : { "HTTPPort" : "80", "HTTPSPort" : "443", "OriginProtocolPolicy" : "http-only" } } ], "Enabled" : "true", "Comment" : "Some comment", "DefaultRootObject" : "index.html", "Logging" : { "IncludeCookies" : "true", "Bucket" : "amzn-s3-demo-logging-bucket.s3.amazonaws.com", "Prefix" : "myprefix" }, "Aliases" : [ "mysite.example.com", "yoursite.example.com" ], "DefaultCacheBehavior" : { "TargetOriginId" : "myS3Origin", "ForwardedValues" : { "QueryString" : "false", "Cookies" : { "Forward" : "all" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all", "MinTTL" : "100", "SmoothStreaming" : "true" }, "CacheBehaviors" : [ { "AllowedMethods" : [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId" : "myS3Origin", "ForwardedValues" : { "QueryString" : "true", "Cookies" : { "Forward" : "none" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all", "MinTTL" : "50", "PathPattern" : "images1/*.jpg" }, { "AllowedMethods" : [ "DELETE", "GET", "HEAD", "OPTIONS", "PATCH", "POST", "PUT" ], "TargetOriginId" : "myCustomOrigin", "ForwardedValues" : { "QueryString" : "true", "Cookies" : { "Forward" : "none" } }, "TrustedSigners" : [ "1234567890EX", "1234567891EX" ], "ViewerProtocolPolicy" : "allow-all", "MinTTL" : "50", "PathPattern" : "images2/*.jpg" } ], "CustomErrorResponses" : [ { "ErrorCode" : "404", "ResponsePagePath" : "/error-pages/404.html", "ResponseCode" : "200", "ErrorCachingMinTTL" : "30" } ], "PriceClass" : "PriceClass_All", "ViewerCertificate" : { "CloudFrontDefaultCertificate" : "true" } } } } } }
YAML
AWSTemplateFormatVersion: '2010-09-09' Resources: myDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: Origins: - Id: myS3Origin DomainName: amzn-s3-demo-bucket.s3.amazonaws.com S3OriginConfig: OriginAccessIdentity: origin-access-identity/cloudfront/E127EXAMPLE51Z - Id: myCustomOrigin DomainName: www.example.com CustomOriginConfig: HTTPPort: '80' HTTPSPort: '443' OriginProtocolPolicy: http-only Enabled: 'true' Comment: Some comment DefaultRootObject: index.html Logging: IncludeCookies: 'true' Bucket: amzn-s3-demo-logging-bucket.s3.amazonaws.com Prefix: myprefix Aliases: - mysite.example.com - yoursite.example.com DefaultCacheBehavior: TargetOriginId: myS3Origin ForwardedValues: QueryString: 'false' Cookies: Forward: all TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all MinTTL: '100' SmoothStreaming: 'true' CacheBehaviors: - AllowedMethods: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT TargetOriginId: myS3Origin ForwardedValues: QueryString: 'true' Cookies: Forward: none TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all MinTTL: '50' PathPattern: images1/*.jpg - AllowedMethods: - DELETE - GET - HEAD - OPTIONS - PATCH - POST - PUT TargetOriginId: myCustomOrigin ForwardedValues: QueryString: 'true' Cookies: Forward: none TrustedSigners: - 1234567890EX - 1234567891EX ViewerProtocolPolicy: allow-all MinTTL: '50' PathPattern: images2/*.jpg CustomErrorResponses: - ErrorCode: '404' ResponsePagePath: "/error-pages/404.html" ResponseCode: '200' ErrorCachingMinTTL: '30' PriceClass: PriceClass_All ViewerCertificate: CloudFrontDefaultCertificate: 'true'
使用 Lambda 函數做為原始伺服器的 Amazon CloudFront 分佈
下列範例會建立 CloudFront 分佈,該分佈會面向指定的 Lambda 函數 URL (提供做為參數),啟用僅限 HTTPS 的存取、快取、壓縮和全域交付。它將 Lambda URL 設定為自訂 HTTPS AWS 原始伺服器,並套用標準快取政策。分發已針對 HTTP/2 和 IPv6 支援的效能進行最佳化,並輸出 CloudFront 網域名稱,允許使用者透過安全的 CDN 後端端點存取 Lambda 函數。如需詳細資訊,請參閱 AWS 部落格上的搭配使用 Amazon CloudFront AWS Lambda 做為原始伺服器,以加速您的 Web 應用程式
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "LambdaEndpoint": { "Type": "String", "Description": "The Lambda function URL endpoint without the 'https://'" } }, "Resources": { "MyDistribution": { "Type": "AWS::CloudFront::Distribution", "Properties": { "DistributionConfig": { "PriceClass": "PriceClass_All", "HttpVersion": "http2", "IPV6Enabled": true, "Origins": [ { "DomainName": { "Ref": "LambdaEndpoint" }, "Id": "LambdaOrigin", "CustomOriginConfig": { "HTTPSPort": 443, "OriginProtocolPolicy": "https-only" } } ], "Enabled": "true", "DefaultCacheBehavior": { "TargetOriginId": "LambdaOrigin", "CachePolicyId": "658327ea-f89d-4fab-a63d-7e88639e58f6", "ViewerProtocolPolicy": "redirect-to-https", "SmoothStreaming": "false", "Compress": "true" } } } } }, "Outputs": { "CloudFrontDomain": { "Description": "CloudFront default domain name configured", "Value": { "Fn::Sub": "https://${MyDistribution.DomainName}/" } } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Parameters: LambdaEndpoint: Type: String Description: The Lambda function URL endpoint without the 'https://' Resources: MyDistribution: Type: AWS::CloudFront::Distribution Properties: DistributionConfig: PriceClass: PriceClass_All HttpVersion: http2 IPV6Enabled: true Origins: - DomainName: !Ref LambdaEndpoint Id: LambdaOrigin CustomOriginConfig: HTTPSPort: 443 OriginProtocolPolicy: https-only Enabled: 'true' DefaultCacheBehavior: TargetOriginId: LambdaOrigin CachePolicyId: '658327ea-f89d-4fab-a63d-7e88639e58f6' ViewerProtocolPolicy: redirect-to-https SmoothStreaming: 'false' Compress: 'true' Outputs: CloudFrontDomain: Description: CloudFront default domain name configured Value: !Sub https://${MyDistribution.DomainName}/
另請參閱
如需將自訂別名新增至 Route 53 記錄以建立 CloudFront 分佈易記名稱的範例,請參閱 CloudFront 分佈的別名資源紀錄集。
