1

我有一个 SAM 模板

AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Description: |
  Some infrastructure

Resources:
  S3HomeBucket:
    Type: 'AWS::S3::Bucket'
    Properties:
      AccessControl: PublicRead
      BucketName: the-site-home
    DeletionPolicy: Retain
  BucketPolicy:
    Type: 'AWS::S3::BucketPolicy'
    Properties:
      PolicyDocument:
        Id: S3HomeBucketPolicy
        Version: 2012-10-17
        Statement:
          - Sid: PublicReadForGetBucketObjects
            Effect: Allow
            Principal: '*'
            Action: 's3:GetObject'
            Resource: !Join
              - ''
              - - 'arn:aws:s3:::'
                - !Ref S3HomeBucket
                - /*
      Bucket: !Ref S3HomeBucket
  homePageDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Origins:
        - DomainName: !Join [ "", [!Ref S3HomeBucket, ".s3.amazonaws.com"]]
          Id: myS3Origin
          S3OriginConfig:
            OriginAccessIdentity: origin-access-identity/cloudfront/my-id
        Enabled: 'true'
        Comment: the static home page cdn
        DefaultRootObject: index.html
        Aliases:
        - the.info
        DefaultCacheBehavior:
          AllowedMethods:
          - GET
          - HEAD
          - OPTIONS
          TargetOriginId: myS3Origin
          ForwardedValues:
            QueryString: 'false'
            Cookies:
              Forward: none
          ViewerProtocolPolicy: allow-all
        PriceClass: PriceClass_100
        ViewerCertificate:
          CloudFrontDefaultCertificate: 'true'
  CloudfrontInvalidatingFunction:
    Type: AWS::Serverless::Function
    Properties:
      Runtime: nodejs8.10
      Handler: invalidateStaticFiles.handler
      Timeout: 60
      Policies:
        - AWSLambdaExecute
        - Statement:
            - Effect: Allow
              Action:
                - 'cloudfront:CreateInvalidation'
              Resource: !Join
              - ''
              - - 'arn:aws:cloudfront:'
                - !Ref AWS::Region
                - ':'
                - !Ref AWS::AccountId
                - ':'
                - !Ref homePageDistribution
      Environment:
        Variables:
          DISTRIBUTION_ID: !Ref homePageDistribution
      Events:
        AnyChange:
          Type: S3
          Properties:
            Bucket: !Ref S3HomeBucket
            Events: s3:*
Outputs:
  SiteBucketName:
    Description: the name of the s3 bucket referenced by cloudfront
    Value: !Ref S3HomeBucket
    Export:
      Name: the-site-home-bucket-name
  CloudFrontId:
    Description: the id of the cloudfront distribution for the
    Value: !Ref homePageDistribution
    Export:
      Name: the-site-cloudfront-distribution-id

运行我得到:

未能创建变更集:Waiter ChangeSetCreateComplete 失败:Waiter 遇到终端故障状态状态:FAILED。原因:资源之间的循环依赖:[CloudfrontInvalidatingFunction, BucketPolicy, CloudfrontInvalidatingFunctionAnyChangePermission, S3HomeBucket, homePageDistribution, CloudfrontInvalidatingFunctionRole]

认为这个其他问题不适用

而且我真的不明白这个文档。这不是同样的情况,但我不明白它在提议什么。

我想做的是:

  • 有一个包含静态 HTML 的存储桶,
  • 将位于其前面的云端发行版
  • 和一个 lambda,它将在文件更改时监视存储桶并使缓存无效

那可能吗?

无服务器应用程序模型 github 项目问题模板指向人们在这里寻求帮助,而不是 github 问题)

4

1 回答 1

1

我认为在这种情况下,如果你只是硬编码资源DomainName中的homePageDistribution- 基本上删除!Ref S3HomeBucket- 它会打破依赖循环。

您可以使用存储桶名称定义模板参数,并在整个模板中使用它。

Parameters:
  ImagesBucketName:
    Default: the-site-home
    Type: String
于 2018-09-21T18:04:18.510 回答