问题
I have a subdomain (dev.example.com) and I need to point it to my cloudfront distribution (xyz.cloudfront.net). I did the following steps
1) Created the cloudfront distribution. DID NOT specify anything in the Cname field while creating the cloud front distribution.
2) Created an Alias record in Route53 with 'A' record and pointed dev.example.com to xyz.cloudfront.net.
But this setup does not work. It works only if I specify cname field in the cloudfront distribution.
Any ideas to get this working ?
回答1:
Unless you only plan to use the CloudFront domain names, you must include one or more custom domain names, such as dev.example.com, in the Alternate Domain Names box if you want CloudFront to serve those domains.
回答2:
When accessing a CloudFront distribution, from anything other than the *.cloudfront.net URL, you must specify the CNAME. Even if you're using an A record.
You are creating an ALIAS record in Route 53. Even though you are not creating a CNAME record, you must specify your DNS entry dev.example.com in the CNAME field of your distribution.
Otherwise, CloudFront will not know what distribution you are requesting.
The alternative is to use a dedicated IP address, but that will cost you $600.
回答3:
CloudFront needs the so-called CNAME entry (Alternate Domain Name) in its configuration order to associate the incoming request with the distribution, and for this reason, they must be globally unique.
There is, however, an exception for wildcards that appear to conflict with single subdomains... they don't.
If you are using a subdomain, it should be possible to work around the CloudFront limitation on Alternate Domain Name assignments by provisioning the two distributions like this:
blue: dev.example.com
green: *.example.com
Point the DNS record for dev.example.com to the CloudFront endpoint for green. (And don't get ahead of me...)
You will find that in spite of the DNS setup, the blue side will handle dev.example.com requests because CloudFront does not actually know or care how the request was routed to it -- it uses SNI and the Host header to select the correct distribution. Requests for dev.example.com will match blue regardless of which DNS record is used for the intermediate routing.
To switch traffic to green, remove the Alternate Domain Name from blue, and the wildcard on green will automatically start carrying the traffic. No DNS change needed.
This is documented behavior:
You cannot add an alternate domain name to a CloudFront distribution if the alternate domain name already exists in another CloudFront distribution, even if your AWS account owns the other distribution.
However, you can add a wildcard alternate domain name, such as *.example.com, that includes (that overlaps with) a non-wildcard alternate domain name, such as www.example.com. Overlapping domain names can be in the same distribution or in separate distributions as long as both distributions were created by using the same AWS account. (emphasis added)
http://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/CNAMEs.html#alternate-domain-names-restrictions
回答4:
You can do that with,
Dedicated IP Custom SSL feature
It will cost you $600 for dedicated IP Address at Cloudfront POP's.
More details here
Once you have the dedicated IP, then you can create A record in DNS pointing to those IP Address(s).
Cloudfront works based on SNI (Server Name Indication) which needs a CNAME to map your distribution to.
Hope it helps.
来源:https://stackoverflow.com/questions/47185740/point-a-subdomain-from-route53-to-cloudfront-without-using-cname