如何从 CloudFormation 模板启用/禁用 Cloudfront 日志记录？

Question

In DistributionConfig we have the logging configuration:在DistributionConfig中，我们有日志记录配置：

Logging:
  IncludeCookies: 'true'
  Bucket: !Sub '${BucketName}-logs.s3.amazonaws.com'
  Prefix: 'CF'

However is there a config parameter to enable/disable logging, similar to the option in the AWS Console?但是，是否有一个配置参数来启用/禁用日志记录，类似于 AWS 控制台中的选项？

Answer 1

There is no such parameter for disabling logging in the AWS::CloudFront::Distribution DistributionConfig resource.在AWS::CloudFront::Distribution DistributionConfig资源中没有用于禁用日志记录的此类参数。

It is the presence of the Logging property in the resource definition that enables logging.启用日志记录的资源定义中存在Logging属性。 To disable logs, you can simply remove the Logging property section from your resource, and update the stack.要禁用日志，您只需从资源中删除Logging属性部分，然后更新堆栈。

See https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html请参阅https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-cloudfront-distribution-distributionconfig.html

Answer 2

There is a Logging toggle in the CloudFront distribution settings page. CloudFront 分配设置页面中有一个Logging切换开关。 Click and edit the CloudFront distribution settings where there is the toggle to turn on/off logging .单击并编辑 CloudFront 分配设置，其中有打开on/off logging on/off 。

You can also set the Enabled flag to false in the cloudformation resource for Cloudfront.您还可以在 Cloudfront 的 cloudformation 资源中将Enabled标志设置为false 。

AWSTemplateFormatVersion: 2010-09-09
Resources:
  cloudfrontdistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Logging:
          Enabled: false

Enabled Specifies whether you want CloudFront to save access logs to an Amazon S3 bucket.已启用指定您是否希望 CloudFront 将访问日志保存到 Amazon S3 存储桶。 If you don't want to enable logging when you create a distribution or if you want to disable logging for an existing distribution, specify false for Enabled, and specify empty Bucket and Prefix elements.如果您不想在创建分发时启用日志记录，或者如果您想禁用现有分发的日志记录，请为 Enabled 指定 false，并指定空的 Bucket 和 Prefix 元素。 If you specify false for Enabled but you specify values for Bucket, prefix, and IncludeCookies, the values are automatically deleted.如果您为 Enabled 指定了 false，但您为 Bucket、prefix 和 IncludeCookies 指定了值，则这些值将被自动删除。

Type: Boolean类型：布尔型

reference: https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_LoggingConfig.html参考： https : //docs.aws.amazon.com/cloudfront/latest/APIReference/API_LoggingConfig.html

Hope this helps.希望这可以帮助。

Answer 3

Adding the attribute - "Enabled": "false" inside the Logging object will disable logging.在Logging对象中添加属性 - "Enabled": "false"将禁用日志记录。

Here is the change that can be applied to the cloud-formation template:以下是可应用于云形成模板的更改：

"Logging" : {
    "IncludeCookies" : "false",
    "Bucket" : "s3-bucket-name",
    "Prefix" : "logging-prefix",
    "Enabled": "false"
}

More information:更多信息：

https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-cloudfront.html https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/quickref-cloudfront.html

如何从 CloudFormation 模板启用/禁用 Cloudfront 日志记录？

问题描述

2 个解决方案

解决方案1
1 2020-01-23 13:15:34

解决方案2
0 2020-01-23 11:23:44

解决方案3
0 2020-01-23 11:43:50

如何从 CloudFormation 模板启用/禁用 Cloudfront 日志记录？

问题描述

2 个解决方案

解决方案1 1 2020-01-23 13:15:34

解决方案2 0 2020-01-23 11:23:44

解决方案3 0 2020-01-23 11:43:50

解决方案1
1 2020-01-23 13:15:34

解决方案2
0 2020-01-23 11:23:44

解决方案3
0 2020-01-23 11:43:50