本文為英文版的機器翻譯版本,如內容有任何歧義或不一致之處,概以英文版為準。
篩選條件查看
篩選條件查看
使用這些 Amazon S3 範例範本來協助描述您的 Amazon S3 儲存貯體 AWS CloudFormation。如需更多範例,請參閱 AWS::S3::Bucket 資源中的範例一節。
以預設值建立 Amazon S3 儲存貯體
此範例使用 AWS::S3::Bucket 以預設設定建立儲存貯體。
JSON
"myS3Bucket" : {
"Type" : "AWS::S3::Bucket"
}YAML
MyS3Bucket:
Type: AWS::S3::Bucket建立用於網站託管並具有 DeletionPolicy 的 Amazon S3 儲存貯體
此範例會將儲存貯體建立為網站,並停用封鎖公開存取 (設定用於網站託管的儲存貯體需要公開讀取許可)。然後,公有儲存貯體政策會新增至儲存貯體。由於此儲存貯體資源的 DeletionPolicy 屬性設定為 Retain,因此刪除堆疊時 AWS CloudFormation 不會刪除此儲存貯體。「輸出」區段使用 Fn::GetAtt 來擷取 S3Bucket 資源的 WebsiteURL 屬性和 DomainName 屬性。
注意
下列範例假設帳戶層級已停用 BlockPublicPolicy和 RestrictPublicBuckets 封鎖公開存取設定。
JSON
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"S3Bucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"PublicAccessBlockConfiguration": {
"BlockPublicAcls": false,
"BlockPublicPolicy": false,
"IgnorePublicAcls": false,
"RestrictPublicBuckets": false
},
"WebsiteConfiguration": {
"IndexDocument": "index.html",
"ErrorDocument": "error.html"
}
},
"DeletionPolicy": "Retain",
"UpdateReplacePolicy": "Retain"
},
"BucketPolicy": {
"Type": "AWS::S3::BucketPolicy",
"Properties": {
"PolicyDocument": {
"Id": "MyPolicy",
"Version": "2012-10-17",
"Statement": [
{
"Sid": "PublicReadForGetBucketObjects",
"Effect": "Allow",
"Principal": "*",
"Action": "s3:GetObject",
"Resource": {
"Fn::Join": [
"",
[
"arn:aws:s3:::",
{
"Ref": "S3Bucket"
},
"/*"
]
]
}
}
]
},
"Bucket": {
"Ref": "S3Bucket"
}
}
}
},
"Outputs": {
"WebsiteURL": {
"Value": {
"Fn::GetAtt": [
"S3Bucket",
"WebsiteURL"
]
},
"Description": "URL for website hosted on S3"
},
"S3BucketSecureURL": {
"Value": {
"Fn::Join": [
"",
[
"https://",
{
"Fn::GetAtt": [
"S3Bucket",
"DomainName"
]
}
]
]
},
"Description": "Name of S3 bucket to hold website content"
}
}
}YAML
AWSTemplateFormatVersion: 2010-09-09
Resources:
S3Bucket:
Type: 'AWS::S3::Bucket'
Properties:
PublicAccessBlockConfiguration:
BlockPublicAcls: false
BlockPublicPolicy: false
IgnorePublicAcls: false
RestrictPublicBuckets: false
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: error.html
DeletionPolicy: Retain
UpdateReplacePolicy: Retain
BucketPolicy:
Type: 'AWS::S3::BucketPolicy'
Properties:
PolicyDocument:
Id: MyPolicy
Version: 2012-10-17
Statement:
- Sid: PublicReadForGetBucketObjects
Effect: Allow
Principal: '*'
Action: 's3:GetObject'
Resource: !Join
- ''
- - 'arn:aws:s3:::'
- !Ref S3Bucket
- /*
Bucket: !Ref S3Bucket
Outputs:
WebsiteURL:
Value: !GetAtt
- S3Bucket
- WebsiteURL
Description: URL for website hosted on S3
S3BucketSecureURL:
Value: !Join
- ''
- - 'https://'
- !GetAtt
- S3Bucket
- DomainName
Description: Name of S3 bucket to hold website content使用自訂網域建立靜態網站
您可以將 Route 53 用於已註冊的網域。下列範例假設您已在 Route 53 中為您的網域建立託管區域。此範例會建立兩個用於網站託管的儲存貯體。根儲存貯體會託管內容,而另一個儲存貯體則會將 www. 請求重新導向至根儲存貯體。記錄集會將您的網域名稱映射至 Amazon S3 端點。domainname.com
您也需要新增儲存貯體政策,如上述範例所示。
如需使用自訂網域的詳細資訊,請參閱《Amazon Simple Storage Service 使用者指南》中的教學課程:使用向 Route 53 註冊的自訂網域設定靜態網站。
注意
下列範例假設帳戶層級已停用 BlockPublicPolicy和 RestrictPublicBuckets 封鎖公開存取設定。
JSON
{
"AWSTemplateFormatVersion": "2010-09-09",
"Mappings" : {
"RegionMap" : {
"us-east-1" : { "S3hostedzoneID" : "Z3AQBSTGFYJSTF", "websiteendpoint" : "s3-website-us-east-1.amazonaws.com" },
"us-west-1" : { "S3hostedzoneID" : "Z2F56UZL2M1ACD", "websiteendpoint" : "s3-website-us-west-1.amazonaws.com" },
"us-west-2" : { "S3hostedzoneID" : "Z3BJ6K6RIION7M", "websiteendpoint" : "s3-website-us-west-2.amazonaws.com" },
"eu-west-1" : { "S3hostedzoneID" : "Z1BKCTXD74EZPE", "websiteendpoint" : "s3-website-eu-west-1.amazonaws.com" },
"ap-southeast-1" : { "S3hostedzoneID" : "Z3O0J2DXBE1FTB", "websiteendpoint" : "s3-website-ap-southeast-1.amazonaws.com" },
"ap-southeast-2" : { "S3hostedzoneID" : "Z1WCIGYICN2BYD", "websiteendpoint" : "s3-website-ap-southeast-2.amazonaws.com" },
"ap-northeast-1" : { "S3hostedzoneID" : "Z2M4EHUR26P7ZW", "websiteendpoint" : "s3-website-ap-northeast-1.amazonaws.com" },
"sa-east-1" : { "S3hostedzoneID" : "Z31GFT0UA1I2HV", "websiteendpoint" : "s3-website-sa-east-1.amazonaws.com" }
}
},
"Parameters": {
"RootDomainName": {
"Description": "Domain name for your website (example.com)",
"Type": "String"
}
},
"Resources": {
"RootBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketName" : {"Ref":"RootDomainName"},
"PublicAccessBlockConfiguration": {
"BlockPublicAcls": false,
"BlockPublicPolicy": false,
"IgnorePublicAcls": false,
"RestrictPublicBuckets": false
},
"WebsiteConfiguration": {
"IndexDocument":"index.html",
"ErrorDocument":"404.html"
}
}
},
"WWWBucket": {
"Type": "AWS::S3::Bucket",
"Properties": {
"BucketName": {
"Fn::Join": ["", ["www.", {"Ref":"RootDomainName"}]]
},
"AccessControl": "BucketOwnerFullControl",
"WebsiteConfiguration": {
"RedirectAllRequestsTo": {
"HostName": {"Ref": "RootBucket"}
}
}
}
},
"myDNS": {
"Type": "AWS::Route53::RecordSetGroup",
"Properties": {
"HostedZoneName": {
"Fn::Join": ["", [{"Ref": "RootDomainName"}, "."]]
},
"Comment": "Zone apex alias.",
"RecordSets": [
{
"Name": {"Ref": "RootDomainName"},
"Type": "A",
"AliasTarget": {
"HostedZoneId": {"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "S3hostedzoneID"]},
"DNSName": {"Fn::FindInMap" : [ "RegionMap", { "Ref" : "AWS::Region" }, "websiteendpoint"]}
}
},
{
"Name": {
"Fn::Join": ["", ["www.", {"Ref":"RootDomainName"}]]
},
"Type": "CNAME",
"TTL" : "900",
"ResourceRecords" : [
{"Fn::GetAtt":["WWWBucket", "DomainName"]}
]
}
]
}
}
},
"Outputs": {
"WebsiteURL": {
"Value": {"Fn::GetAtt": ["RootBucket", "WebsiteURL"]},
"Description": "URL for website hosted on S3"
}
}
}YAML
Parameters:
RootDomainName:
Description: Domain name for your website (example.com)
Type: String
Mappings:
RegionMap:
us-east-1:
S3hostedzoneID: Z3AQBSTGFYJSTF
websiteendpoint: s3-website-us-east-1.amazonaws.com
us-west-1:
S3hostedzoneID: Z2F56UZL2M1ACD
websiteendpoint: s3-website-us-west-1.amazonaws.com
us-west-2:
S3hostedzoneID: Z3BJ6K6RIION7M
websiteendpoint: s3-website-us-west-2.amazonaws.com
eu-west-1:
S3hostedzoneID: Z1BKCTXD74EZPE
websiteendpoint: s3-website-eu-west-1.amazonaws.com
ap-southeast-1:
S3hostedzoneID: Z3O0J2DXBE1FTB
websiteendpoint: s3-website-ap-southeast-1.amazonaws.com
ap-southeast-2:
S3hostedzoneID: Z1WCIGYICN2BYD
websiteendpoint: s3-website-ap-southeast-2.amazonaws.com
ap-northeast-1:
S3hostedzoneID: Z2M4EHUR26P7ZW
websiteendpoint: s3-website-ap-northeast-1.amazonaws.com
sa-east-1:
S3hostedzoneID: Z31GFT0UA1I2HV
websiteendpoint: s3-website-sa-east-1.amazonaws.com
Resources:
RootBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Ref RootDomainName
PublicAccessBlockConfiguration:
BlockPublicAcls: false
BlockPublicPolicy: false
IgnorePublicAcls: false
RestrictPublicBuckets: false
WebsiteConfiguration:
IndexDocument: index.html
ErrorDocument: 404.html
WWWBucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub
- www.${Domain}
- Domain: !Ref RootDomainName
AccessControl: BucketOwnerFullControl
WebsiteConfiguration:
RedirectAllRequestsTo:
HostName: !Ref RootBucket
myDNS:
Type: AWS::Route53::RecordSetGroup
Properties:
HostedZoneName: !Sub
- ${Domain}.
- Domain: !Ref RootDomainName
Comment: Zone apex alias.
RecordSets:
- Name: !Ref RootDomainName
Type: A
AliasTarget:
HostedZoneId: !FindInMap [ RegionMap, !Ref 'AWS::Region', S3hostedzoneID]
DNSName: !FindInMap [ RegionMap, !Ref 'AWS::Region', websiteendpoint]
- Name: !Sub
- www.${Domain}
- Domain: !Ref RootDomainName
Type: CNAME
TTL: 900
ResourceRecords:
- !GetAtt WWWBucket.DomainName
Outputs:
WebsiteURL:
Value: !GetAtt RootBucket.WebsiteURL
Description: URL for website hosted on S3