AWS S3存储使用CloudFront CDN访问
 

aws s3存储使用cdn访问的配置流程

创建CloudFront OAI 创建S3 bucket 授权OAI CloudFront 转发 S3 0x01 创建CloudFront OAI

0x02 创建S3 bucket 授权OAI

权限 - 存储桶策略: game-s3bucket

{
    "Version": "2008-10-17",
    "Id": "PolicyForCloudFrontPrivateContent",
    "Statement": [
        {
            "Sid": "1",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::cloudfront:user/CloudFront Origin Access Identity E21C124AExxx"
            },
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::game-s3/*"
        }
    ]
}

所有get权限

{
    "Version": "2012-10-17",
    "Id": "Policy1605149281822",
    "Statement": [
        {
            "Sid": "Stmt1605148991833",
            "Effect": "Allow",
            "Principal": "*",
            "Action": [
                "s3:GetBucketAcl",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::dev-game",
                "arn:aws:s3:::dev-game/*"
            ]
        }
    ]
}

CORS 配置编辑器(选配解决跨越问题)

<?xml version="1.0" encoding="UTF-8"?>

*

HEAD

PUT

GET

3000

x-amz-server-side-encryption

x-amz-request-id

x-amz-id-2

* </CORSRule> </CORSConfiguration> 0x03 CloudFront 转发 S3


文章作者: 以谁为师
版权声明: 本博客所有文章除特別声明外,均采用 CC BY 4.0 许可协议。转载请注明来源!
              
  目录