amazon-web-services - Cloudfront 与 cloudformation:AWS::CloudFront::Distribution:您的请求包含一个或多个无效位置代码

Question

尝试使用 Cloudformaton 创建此 CloudFront 发行版时，我不断收到您的请求包含一个或多个无效位置代码。错误，并且我无法弄清楚错误来自何处

下面是我的资源的副本

CloudFrontDistribution:
Type: AWS::CloudFront::Distribution
DependsOn: ESRVApiGatewayDeployment
Properties:
  DistributionConfig:
    ViewerCertificate:
      AcmCertificateArn: !Ref ACM
      MinimumProtocolVersion: TLSv1.2_2021
      SslSupportMethod: sni-only          
      CloudFrontDefaultCertificate: 'false'
    Origins:
      - DomainName: !ImportValue FrontEndBucketWebsiteURL
        Id: !Sub '${EnvTags}-W3S3Origin'
        S3OriginConfig:
          OriginAccessIdentity: 
            !Join
              - ""
              - - 'origin-access-identity/cloudfront/'
                -  !Ref ESRVOAI
      - DomainName: !Sub "${ESRVApiGatewayDeployment}.execute-api.${AWS::Region}.amazonaws.com"
        Id: !Sub '${EnvTags}-ApiGwOrigin'
        CustomOriginConfig: 
          HTTPPort: 80
          HTTPSPort: 443
          OriginKeepaliveTimeout: 15
          OriginProtocolPolicy: 'https-only'
          OriginReadTimeout: 45
          OriginSSLProtocols: 
            - 'TLSv1.2'
        OriginCustomHeaders:
          - HeaderName: 'X-API-Key'
            HeaderValue: !Ref ApiKey
    Enabled: "true"
    DefaultRootObject: index.html
    IPV6Enabled: 'true'
    Comment: !Sub '${EnvTags}-Cloudfront distribution to distribute frontend resources from S3 bucket'
    Logging: 
      Bucket: !ImportValue LoggingBucketDNS
      Prefix: cloudfront/
      IncludeCookies: 'true'
    DefaultCacheBehavior: 
      FunctionAssociations:
        - FunctionARN: !GetAtt CloudfrontFunction.FunctionARN
          EventType: 'viewer-request'
      AllowedMethods:
        - DELETE
        - GET
        - HEAD
        - OPTIONS
        - PATCH
        - POST
        - PUT
      CachedMethods:
        - GET
        - HEAD
      TargetOriginId: !Sub '${EnvTags}-W3S3Origin'
      ResponseHeadersPolicyId: !Ref ResponseHeadersPolicy
      ForwardedValues: 
        QueryString: 'true'
        Cookies:         
          Forward: "none"
      ViewerProtocolPolicy: redirect-to-https
    CacheBehaviors:
      - 
        AllowedMethods:
          - DELETE
          - GET
          - HEAD
          - OPTIONS
          - PATCH
          - POST
          - PUT
        CachedMethods:
          - GET
          - HEAD
        Compress: 'true'
        DefaultTTL: 0
        MaxTTL: 0
        MinTTL: 0
        SmoothStreaming: 'false'
        PathPattern: !Sub
          - '/${envPath}*'
          - envPath: !Ref EnvTags
        TargetOriginId: !Sub 
          - '${EnvTags}-ApiGwOrigin'
          - EnvTags: !Ref EnvTags
        ViewerProtocolPolicy: 'https-only'
        ForwardedValues: 
          Headers: 
            - 'Authorization'
          QueryString: "true"
          Cookies:
            Forward: "none"
    CustomErrorResponses:
      - ErrorCode: 404
        ResponseCode: 200
        ResponsePagePath: /index.html
    PriceClass: 'PriceClass_All'
    Restrictions:
      GeoRestriction:
        Locations: 
          - "none"
        RestrictionType: "none"
    Aliases:
      - !Ref DomainName

我已经仔细检查以确保我拥有所有缩进权限和值正确。也许我缺少一些东西。 任何帮助将不胜感激

Answer 1

位置字段需要有一个两个字母，即您想要包含在黑名单中的国家/地区的大写国家/地区代码，或者白名单。 None 不是有效值。由于您有 RestrictionType: "none"，因此未启用地理限制，这意味着对内容的访问不受客户端地理位置的限制。在这种情况下，您不需要传递 locations 字段。但是，如果您想按国家/地区限制内容的分发，您可以执行以下操作:-

Restrictions:
          GeoRestriction:
            RestrictionType: whitelist
            Locations:
            - AQ
            - CV

希望这会有所帮助。