简体繁体 English

AWS：如何为自定义域名配置 Cloudfront

[英]AWS: How to configure Cloudfront for Custom Domain Names

原文 2021-05-05 15:05:59 2 2 amazon-web-services/ aws-api-gateway/ amazon-cloudfront

My setup:我的设置：

API Gateway - 10 APis (api1, api2,...), all mapped to one custom domain name (api.xxx.com) API 网关- 10 个 API (api1, api2,...)，全部映射到一个自定义域名 (api.xxx.com)

Route53 - api.xxx.com pointed to my Cloudfront distribution Route53 - api.xxx.com 指向我的 Cloudfront 分布

Cloudfront - distribution created, api.xxx.com set as a CNAME Cloudfront - 已创建分发，api.xxx.com 设置为 CNAME

What I need to know - I would like to set Origin of this Cloudfront to the this custom domain name, so I can call APIs like api.xxx.com/api1/endpoint , api.xxx.com/api2/endpoint .我需要知道的- 我想将此 Cloudfront 的 Origin 设置为此自定义域名，因此我可以调用诸如api.xxx.com/api1/endpoint 、 api.xxx.com/api2/endpoint 之类的 API。 But how?但是怎么做？ I used API Gateway Name of my api.xxx.com Custom Domain name (xxxxxxx.execute-api.us-east-1.amazonaws.com) for default behaviour Origin name and assumed that requests to all 10 APIs will be routed correctly, but it´s not happening, I used API Gateway Name of my api.xxx.com Custom Domain name (xxxxxxx.execute-api.us-east-1.amazonaws.com) for default behaviour Origin name and assumed that requests to all 10 APIs will be routed correctly,但它没有发生，

What works: I created Origin name using the Invoke Url of api1 and assigned it to the Default behaviour.什么有效：我使用 api1 的 Invoke Url 创建了 Origin 名称并将其分配给默认行为。 So now, when I call "https://api.xxx.com/endpoint", api1 gets called.所以现在，当我调用“https://api.xxx.com/endpoint”时，会调用 api1。 That makes sense, but the problem is - I need the path to the API to be the part of the url, such as "https://api.xxx.com/api1/endpoint" so I can differentiate between them.这是有道理的，但问题是 -我需要 API 的路径成为 url 的一部分，例如“https://api.xxx.com/api1/endpoint”，以便我可以区分它们。

What doesnt work: But I need several APIs set in the distribution so I can call them like "https://api.xxx.com/api1/endpoint" and so on.什么不起作用：但我需要在发行版中设置几个 API，以便我可以将它们称为“https://api.xxx.com/api1/endpoint”等。 And if I use Invoke URL as the Origin name for the API, I cannot attach this api name also to the URL, that returns 403. I was hoping that if I used "API Gateway domain name" of "Custom Domain Names" (after all, it has a format of xxxxx.execute-api.us-east-1.amazonaws.com), I could then use APIs in the URL, but that doesnt work. And if I use Invoke URL as the Origin name for the API, I cannot attach this api name also to the URL, that returns 403. I was hoping that if I used "API Gateway domain name" of "Custom Domain Names" (after所有，它的格式为 xxxxx.execute-api.us-east-1.amazonaws.com），然后我可以在 URL 中使用 API，但这不起作用。 I cannot even use this "API Gateway domain name" to call individual apis through Postman.我什至不能使用这个“API 网关域名”通过 Postman 调用单个 api。 Could someone advice me how to do it?有人可以建议我怎么做吗？ How can I configure Cloudfront so it can call various APIs and use their routes in url?如何配置 Cloudfront 以便它可以调用各种 API 并在 url 中使用它们的路由？

2 个解决方案

my setup is a bit different then yours but it seems we want to accomplish the same goal.我的设置与你的有点不同，但似乎我们想要实现相同的目标。

I have four S3 buckets which I serve through cloudfront.我有四个通过云端提供服务的 S3 存储桶。 One bucket is the root website;一桶是根网站； 3 other buckets contain 3 different admin panels其他 3 个存储桶包含 3 个不同的管理面板

For each s3 bucket I created an seperate origin;对于每个 s3 存储桶，我创建了一个单独的来源； I believe you should create an origin for each seperate api.我相信您应该为每个单独的 api 创建一个原点。

I added for each origin group two path patterns;我为每个原点组添加了两个路径模式； I believe for your api you can have one pattern per api.我相信对于您的 api，每个 api 可以有一个模式。 A path pattern could look like /api1/* which points to the origin of api1路径模式可能看起来像 /api1/* ，它指向 api1 的原点

Not sure if you tried adding origins for all your api's;不确定您是否尝试为所有 api 添加来源； Please let me know if this helped.请让我知道这是否有帮助。

Finally found a solution, described in more detail in this discussion thread.终于找到了一个解决方案，在这个讨论线程中有更详细的描述。 My problem was that I was trying to use link to custom domain name (xxxxxxxxxxxx.execute-api.us-east-1.amazonaws.com) directly from Cloudfront, but I should have used "nice", readable address as Origin name and do the redirect in Route53我的问题是我试图直接从 Cloudfront 使用指向自定义域名 (xxxxxxxxxxxx.execute-api.us-east-1.amazonaws.com) 的链接，但我应该使用“好”、可读的地址作为源名称和在 Route53 中进行重定向

Working setup:工作设置：

In API Gateway, Custom Domain Name regional-api.xxx.com is created, endpoint type Regional (xxxxxxxxxxxx.execute-api.us-east-1.amazonaws.com).在API网关中，创建自定义域名regional-api.xxx.com，端点类型Regional（xxxxxxxxxxxx.execute-api.us-east-1.amazonaws.com）。
In Route53, A and AAAA records map regional-api.xxx.com to the Regional endpoint target domain name.在Route53中，A和AAAA记录mapregional-api.xxx.com到Region endpoint目标域名。
Cloudfront distribution created that uses regional-api.xxx.com as the Origin Domain Name and api.xxx.com as a CNAME.创建的 Cloudfront 分发使用 region-api.xxx.com 作为源域名，使用 api.xxx.com 作为 CNAME。
In Route53, A and AAAA records map api.xxx.com to the Domain name of a newly created CF distribution.在Route53中，A和AAAA将map api.xxx.com记录到新创建的CF分布的域名中。