我的问题

我试图build立一个个人CDN与我的联系人共享静态文件。 该devise包括一个S3存储桶，一个CloudFront分配和一个通过Route53注册的子域，全部使用Terraform进行configuration。

但是，我可以通过S3和Cloudfront访问我的文件，但不能通过我的子域（ cdn.adamatan.com ）访问。

什么工作

S3

 curl http://cdn.adamatan.com.s3.amazonaws.com/index.html 

CloudFront的

 curl https://d36tl9ayobqfgg.cloudfront.net/index.html 

什么坏了

我无法使用子域名获取文件。 而且， cdn.adamatan.com和adamatan.con的nslookup不起作用。 我认为我错误地configuration了Route53。

组态

域

• CloudFormation / EC2 – 在模板中访问EC2实例的IP地址？
• 我想要什么样的EC2设置？
• CloudFront – 用户请求不间断的静态文件，使您的帐单高？
• Cloudfront本身比S3更快（不考虑距离）？
• 亚马逊CloudFormation：如何获得一个特定子网的ELB的私有IP？

托pipe区域

Terraformconfiguration

 variable "hosted_zone" { default = "adamatan.com" } variable "domain" { default = "cdn.adamatan.com" } variable "aws_region" { default = "us-east-1" } provider "aws" { region = "${var.aws_region}" profile = "personal" version = "~> 1.1" } /* The S3 bucket storing the files. It must bear the same name as the domain pointing to it. See https://gist.github.com/danihodovic/a51eb0d9d4b29649c2d094f4251827dd, and http://stackoverflow.com/a/5048129/2966951 */ resource "aws_s3_bucket" "adamatan_cdn_bucket" { bucket = "${var.domain}" acl = "public-read" policy = <<EOF { "Version":"2008-10-17", "Statement":[{ "Sid":"AllowPublicRead", "Effect":"Allow", "Principal": {"AWS": "*"}, "Action":["s3:GetObject"], "Resource":["arn:aws:s3:::${var.domain}/*"] }] } EOF tags { Description = "Origin bucket for my personal CDN" } } resource "aws_route53_zone" "cdn_zone" { name = "${var.hosted_zone}" } resource "aws_route53_record" "root_domain" { zone_id = "${aws_route53_zone.cdn_zone.zone_id}" name = "${var.domain}" type = "A" alias { name = "${aws_cloudfront_distribution.adamatan_cdn_distribution.domain_name}" zone_id = "${aws_cloudfront_distribution.adamatan_cdn_distribution.hosted_zone_id}" evaluate_target_health = false } } resource "aws_cloudfront_distribution" "adamatan_cdn_distribution" { origin { domain_name = "${var.domain}.s3.amazonaws.com" origin_id = "${var.domain}" } enabled = true is_ipv6_enabled = true comment = "Permanent public file distribution" default_root_object = "index.html" aliases = ["${var.domain}"] default_cache_behavior { allowed_methods = ["GET", "HEAD", "OPTIONS"] cached_methods = ["GET", "HEAD"] target_origin_id = "${var.domain}" forwarded_values { query_string = false cookies { forward = "none" } } viewer_protocol_policy = "allow-all" min_ttl = 60 default_ttl = 300 max_ttl = 86400 } price_class = "PriceClass_All" restrictions { geo_restriction { restriction_type = "none" } } viewer_certificate { cloudfront_default_certificate = true } } output "domain" { value = "${var.domain}" } output "cdn_domain" { value = "${aws_cloudfront_distribution.adamatan_cdn_distribution.domain_name}" } 

我的问题

如何使用Terraform（最好是使用SSL支持）将我的子域（ cdn.adamatan.com ）映射到我的cloudfront发行版（ d36tl9ayobqfgg.cloudfront.net ）？

 Domain Name: ADAMATAN.COM Registrar: Gandi SAS Name Server: NS-1193.AWSDNS-21.ORG Name Server: NS-1889.AWSDNS-44.CO.UK Name Server: NS-4.AWSDNS-00.COM Name Server: NS-1193.AWSDNS-21.ORG 

 ;; ANSWER SECTION: cdn.adamatan.com. 60 IN A 13.33.23.245 cdn.adamatan.com. 60 IN A 13.33.23.59 cdn.adamatan.com. 60 IN A 13.33.23.22 cdn.adamatan.com. 60 IN A 13.33.23.89 cdn.adamatan.com. 60 IN A 13.33.23.45 cdn.adamatan.com. 60 IN A 13.33.23.248 cdn.adamatan.com. 60 IN A 13.33.23.169 cdn.adamatan.com. 60 IN A 13.33.23.94 ;; AUTHORITY SECTION: adamatan.com. 172800 IN NS ns-1511.awsdns-60.org. adamatan.com. 172800 IN NS ns-1730.awsdns-24.co.uk. adamatan.com. 172800 IN NS ns-378.awsdns-47.com. adamatan.com. 172800 IN NS ns-936.awsdns-53.net.