{
"AWSTemplateFormatVersion" : "2010-09-09",
"Parameters": {
"AlternateDomainNames": {
"Description": "CNAMEs (alternate domain names), if any, for the distribution. Example. test.codavel.com",
"Type": "String",
"Default": "test.example.com"
}
},
"Resources" : {
"myDistribution" : {
"Type" : "AWS::CloudFront::Distribution",
"Properties" : {
"DistributionConfig" : {
"Origins" : [ {
"DomainName" : "ELBfor-1234.region.elb.amazonaws.com",
"Id" : "myCustomOrigin",
"CustomOriginConfig" : {
"HTTPPort" : "80",
"HTTPSPort" : "443",
"OriginProtocolPolicy" : "match-viewer",
"OriginSSLProtocols" : [
"TLSv1",
"TLSv1.1",
"TLSv1.2",
"SSLv3"
]
}
} ],
"HttpVersion": "http2",
"Aliases": [
{
"Ref": "AlternateDomainNames"
}
],
"Enabled" : "true",
"Comment" : "example-cdn",
"DefaultCacheBehavior" : {
"TargetOriginId" : "myCustomOrigin",
"SmoothStreaming" : "false",
"AllowedMethods": [
"HEAD",
"GET",
"OPTIONS"
],
"MaxTTL": "31536000",
"MinTTL": "0",
"Compress" : "true",
"ForwardedValues" : {
"QueryString" : "false",
"Cookies" : { "Forward" : "all" }
},
"ViewerProtocolPolicy" : "allow-all"
},
"PriceClass" : "PriceClass_All",
"Restrictions" : {
"GeoRestriction": {
"RestrictionType": "none",
"Locations": []
}
},
"ViewerCertificate": {
"SslSupportMethod": "sni-only",
"AcmCertificateArn" : {
"Fn::Sub": "arn:aws:acm:us-east-1:<ID>:certificate/2345f-534234"
}
}
}
}
}
}
}
大家好,
我在我的cloudfront模板中使用它来添加我的自定义SSL,它向我显示了一些错误:- 需要指定 [AcmCertificateArn、CloudFrontDefaultCertificate、IamCertificateId] 之一。
因此,请让我知道如何添加此证书,或者是否有任何选项可以添加到参数中,以便它列出该证书。请指导我同样的事情。这是我的证书 ARN - arn:aws:acm:us-east-1::certificate/2345f-534234
最佳答案
ViewerCertificate block 在您的情况下应如下所示:
"ViewerCertificate": {
"SslSupportMethod": "sni-only",
"AcmCertificateArn": " arn:aws:acm:us-east-1::certificate/2345f-534234"
}
此外,您应该始终注意的是,证书是在 us-east1 区域中配置的(您的证书是基于 ARN 的:)
关于json - 使用CloudFormation在CloudFront中添加SSL证书时出现错误(需要指定),我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/62717613/