本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
Amazon S3 範本程式碼片段
使用這些 Amazon S3 範例範本來協助描述您的 Amazon S3 儲存貯體 AWS CloudFormation。有關更多示例,請參閱AWS::S3::Bucket資源中的示例部分。
以預設值建立 Amazon S3 儲存貯體
此範例使用:: S3AWS:: Bucket 建立具有預設設定的儲存貯體。
JSON
"myS3Bucket" : { "Type" : "AWS::S3::Bucket" }
YAML
MyS3Bucket: Type: AWS::S3::Bucket
建立用於網站託管並具有 DeletionPolicy 的 Amazon S3 儲存貯體
此範例會將值區建立為網站,並停用「封鎖公用存取」(為網站託管設定的值區需要公開讀取權限)。接著會將公用值區政策新增至值區。由於此值區資源的DeletionPolicy 屬性設定為Retain,因此在刪除堆疊時不 AWS CloudFormation 會刪除此值區。「輸出」區段使用 Fn::GetAtt 來擷取 S3Bucket 資源的 WebsiteURL 屬性和 DomainName 屬性。
注意
下列範例假設帳戶層級已停用BlockPublicPolicy和RestrictPublicBuckets封鎖公用存取設定。
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Resources": { "S3Bucket": { "Type": "AWS::S3::Bucket", "Properties": { "PublicAccessBlockConfiguration": { "BlockPublicAcls": false, "BlockPublicPolicy": false, "IgnorePublicAcls": false, "RestrictPublicBuckets": false }, "WebsiteConfiguration": { "IndexDocument": "index.html", "ErrorDocument": "error.html" } }, "DeletionPolicy": "Retain", "UpdateReplacePolicy": "Retain" }, "BucketPolicy": { "Type": "AWS::S3::BucketPolicy", "Properties": { "PolicyDocument": { "Id": "MyPolicy", "Version": "2012-10-17", "Statement": [ { "Sid": "PublicReadForGetBucketObjects", "Effect": "Allow", "Principal": "*", "Action": "s3:GetObject", "Resource": { "Fn::Join": [ "", [ "arn:aws:s3:::", { "Ref": "S3Bucket" }, "/*" ] ] } } ] }, "Bucket": { "Ref": "S3Bucket" } } } }, "Outputs": { "WebsiteURL": { "Value": { "Fn::GetAtt": [ "S3Bucket", "WebsiteURL" ] }, "Description": "URL for website hosted on S3" }, "S3BucketSecureURL": { "Value": { "Fn::Join": [ "", [ "https://", { "Fn::GetAtt": [ "S3Bucket", "DomainName" ] } ] ] }, "Description": "Name of S3 bucket to hold website content" } } }
YAML
AWSTemplateFormatVersion: 2010-09-09 Resources: S3Bucket: Type: 'AWS::S3::Bucket' Properties: PublicAccessBlockConfiguration: BlockPublicAcls: false BlockPublicPolicy: false IgnorePublicAcls: false RestrictPublicBuckets: false WebsiteConfiguration: IndexDocument: index.html ErrorDocument: error.html DeletionPolicy: Retain UpdateReplacePolicy: Retain BucketPolicy: Type: 'AWS::S3::BucketPolicy' Properties: PolicyDocument: Id: MyPolicy Version: 2012-10-17 Statement: - Sid: PublicReadForGetBucketObjects Effect: Allow Principal: '*' Action: 's3:GetObject' Resource: !Join - '' - - 'arn:aws:s3:::' - !Ref S3Bucket - /* Bucket: !Ref S3Bucket Outputs: WebsiteURL: Value: !GetAtt - S3Bucket - WebsiteURL Description: URL for website hosted on S3 S3BucketSecureURL: Value: !Join - '' - - 'https://' - !GetAtt - S3Bucket - DomainName Description: Name of S3 bucket to hold website content
使用自訂網域建立靜態網站
您可以將 Route 53 用於已註冊的網域。下列範例假設您已在 Route 53 中為您的網域建立託管區域。此範例會建立兩個用於網站託管的儲存貯體。根儲存貯體會託管內容,而另一個儲存貯體則會將 www. 請求重新導向至根儲存貯體。記錄集會將您的網域名稱映射至 Amazon S3 端點。domainname.com
您也需要新增儲存貯體政策,如上述範例所示。
如需有關使用自訂網域的詳細資訊,請參閱 Amazon 簡單儲存服務使用指南中的教學課程:使用 Route 53 註冊的自訂網域設定靜態網站。
注意
下列範例假設帳戶層級已停用BlockPublicPolicy和RestrictPublicBuckets封鎖公用存取設定。
JSON
{ "AWSTemplateFormatVersion": "2010-09-09", "Mappings" : { "RegionMap" : { "us-east-1" : { "S3hostedzoneID" : "Z3AQBSTGFYJSTF", "websiteendpoint" : "s3-website-us-east-1.amazonaws.com" }, "us-west-1" : { "S3hostedzoneID" : "Z2F56UZL2M1ACD", "websiteendpoint" : "s3-website-us-west-1.amazonaws.com" }, "us-west-2" : { "S3hostedzoneID" : "Z3BJ6K6RIION7M", "websiteendpoint" : "s3-website-us-west-2.amazonaws.com" }, "eu-west-1" : { "S3hostedzoneID" : "Z1BKCTXD74EZPE", "websiteendpoint" : "s3-website-eu-west-1.amazonaws.com" }, "ap-southeast-1" : { "S3hostedzoneID" : "Z3O0J2DXBE1FTB", "websiteendpoint" : "s3-website-ap-southeast-1.amazonaws.com" }, "ap-southeast-2" : { "S3hostedzoneID" : "Z1WCIGYICN2BYD", "websiteendpoint" : "s3-website-ap-southeast-2.amazonaws.com" }, "ap-northeast-1" : { "S3hostedzoneID" : "Z2M4EHUR26P7ZW", "websiteendpoint" : "s3-website-ap-northeast-1.amazonaws.com" }, "sa-east-1" : { "S3hostedzoneID" : "Z31GFT0UA1I2HV", "websiteendpoint" : "s3-website-sa-east-1.amazonaws.com" } } }, "Parameters": { "RootDomainName": { "Description": "Domain name for your website (example.com)", "Type": "String" } }, "Resources": { "RootBucket": { "Type": "AWS::S3::Bucket", "Properties": { "BucketName" : {"Ref":"RootDomainName"}, "PublicAccessBlockConfiguration": { "BlockPublicAcls": false, "BlockPublicPolicy": false, "IgnorePublicAcls": false, "RestrictPublicBuckets": false }, "WebsiteConfiguration": { "IndexDocument":"index.html", "ErrorDocument":"404.html" } } }, "WWWBucket": { "Type": "AWS::S3::Bucket", "Properties": { "BucketName": { "Fn::Join": ["", ["www.", {"Ref":"RootDomainName"}]] }, "AccessControl": "BucketOwnerFullControl", "WebsiteConfiguration": { "RedirectAllRequestsTo": { "HostName": {"Ref": "RootBucket"} } } } }, "myDNS": { "Type": "AWS::Route53::RecordSetGroup", "Properties": { "HostedZoneName": { "Fn::Join": ["", [{"Ref": "RootDomainName"}, "."]] }, "Comment": "Zone apex alias.", "RecordSets": [ { "Name": {"Ref": "RootDomainName"}, "Type": "A", "AliasTarget": { "HostedZoneId": {"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "S3hostedzoneID"]}, "DNSName": {"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "websiteendpoint"]} } }, { "Name": { "Fn::Join": ["", ["www.", {"Ref":"RootDomainName"}]] }, "Type": "CNAME", "TTL" : "900", "ResourceRecords" : [ {"Fn::GetAtt":["WWWBucket", "DomainName"]} ] } ] } } }, "Outputs": { "WebsiteURL": { "Value": {"Fn::GetAtt": ["RootBucket", "WebsiteURL"]}, "Description": "URL for website hosted on S3" } } }
YAML
Parameters: RootDomainName: Description: Domain name for your website (example.com) Type: String Mappings: RegionMap: us-east-1: S3hostedzoneID: Z3AQBSTGFYJSTF websiteendpoint: s3-website-us-east-1.amazonaws.com us-west-1: S3hostedzoneID: Z2F56UZL2M1ACD websiteendpoint: s3-website-us-west-1.amazonaws.com us-west-2: S3hostedzoneID: Z3BJ6K6RIION7M websiteendpoint: s3-website-us-west-2.amazonaws.com eu-west-1: S3hostedzoneID: Z1BKCTXD74EZPE websiteendpoint: s3-website-eu-west-1.amazonaws.com ap-southeast-1: S3hostedzoneID: Z3O0J2DXBE1FTB websiteendpoint: s3-website-ap-southeast-1.amazonaws.com ap-southeast-2: S3hostedzoneID: Z1WCIGYICN2BYD websiteendpoint: s3-website-ap-southeast-2.amazonaws.com ap-northeast-1: S3hostedzoneID: Z2M4EHUR26P7ZW websiteendpoint: s3-website-ap-northeast-1.amazonaws.com sa-east-1: S3hostedzoneID: Z31GFT0UA1I2HV websiteendpoint: s3-website-sa-east-1.amazonaws.com Resources: RootBucket: Type: AWS::S3::Bucket Properties: BucketName: !Ref RootDomainName PublicAccessBlockConfiguration: BlockPublicAcls: false BlockPublicPolicy: false IgnorePublicAcls: false RestrictPublicBuckets: false WebsiteConfiguration: IndexDocument: index.html ErrorDocument: 404.html WWWBucket: Type: AWS::S3::Bucket Properties: BucketName: !Sub - www.${Domain} - Domain: !Ref RootDomainName AccessControl: BucketOwnerFullControl WebsiteConfiguration: RedirectAllRequestsTo: HostName: !Ref RootBucket myDNS: Type: AWS::Route53::RecordSetGroup Properties: HostedZoneName: !Sub - ${Domain}. - Domain: !Ref RootDomainName Comment: Zone apex alias. RecordSets: - Name: !Ref RootDomainName Type: A AliasTarget: HostedZoneId: !FindInMap [ RegionMap, !Ref 'AWS::Region', S3hostedzoneID] DNSName: !FindInMap [ RegionMap, !Ref 'AWS::Region', websiteendpoint] - Name: !Sub - www.${Domain} - Domain: !Ref RootDomainName Type: CNAME TTL: 900 ResourceRecords: - !GetAtt WWWBucket.DomainName Outputs: WebsiteURL: Value: !GetAtt RootBucket.WebsiteURL Description: URL for website hosted on S3
