'SiteCertificate' 对象在 AWS CDK 中没有属性 'certificate_arn'

'SiteCertificate' object has no attribute 'certificate_arn' with AWS CDK

我正在尝试将 CloudFormation 项目移动到 AWS CDK。我从前端开始,它是一个静态站点,在带有 Certificate Manager 证书的 S3 存储桶前面使用 CloudFront 分发。

以下是我用来构建此堆栈的各种组件:

根目录

from aws_cdk import core

from cert import SiteCertificate
from hosted_zone import HostedZone
from static_site import StaticSite


class AwscdkStack(core.Stack):

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        self.hosted_zone = HostedZone(self, "HostedZone")

        self.certificate = SiteCertificate(self, "SiteCert")

        self.static_site = StaticSite(
            self, 'StaticSite',
            hosted_zone=self.hosted_zone,
            certificate=self.certificate
        )

托管区

import os

from aws_cdk import (
    core,
    aws_route53 as route53
)


class HostedZone(core.Construct):

    def __init__(self, scope: core.Construct, id: str, **kwargs):
        super().__init__(scope, id, **kwargs)

        self.hosted_zone = route53.HostedZone.from_hosted_zone_attributes(
            self, "hosted_zone",
            hosted_zone_id=os.environ.get("HOSTED_ZONE_ID", "ABC123"),
            zone_name=os.environ.get("DOMAIN_NAME", "mysite.com")
        )

证书

import os

from aws_cdk import (
    core,
    aws_certificatemanager as acm,
)

class SiteCertificate(core.Construct):

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        cert = acm.Certificate(
            self, "SiteCertificate",
            domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"
        )

静态站点

这包含 S3 存储桶、策略和 CloudFront 分发(我可能想将它们分成不同的文件)

import os

from aws_cdk import (
    aws_certificatemanager as acm,
    aws_s3 as s3,
    aws_cloudfront as cloudfront,
    aws_route53 as route53,
    aws_iam as iam,
    core
)


class StaticSite(core.Construct):

    def __init__(
        self,
        scope: core.Construct,
        id: str,
        hosted_zone: route53.IHostedZone,
        certificate: acm.ICertificate,
        **kwargs
    ) -> None:
        super().__init__(scope, id, **kwargs)

        self.static_site_bucket = s3.Bucket(
            self, "StaticSiteBucket",
            access_control=s3.BucketAccessControl.PUBLIC_READ,
            bucket_name=os.environ.get("DOMAIN_NAME", "mysite.com"),
            removal_policy=core.RemovalPolicy.DESTROY,
        )

        self.policy_statement = iam.PolicyStatement(
            actions=["s3:GetObject"],
            resources=[f"{self.static_site_bucket.bucket_arn}/*"]
        )

        self.policy_statement.add_any_principal()

        self.static_site_policy_document = iam.PolicyDocument(
            statements=[self.policy_statement]
        )

        self.static_site_bucket.add_to_resource_policy(
            self.policy_statement
        )

        self.distribution = cloudfront.CloudFrontWebDistribution(
            self, "CloudFrontDistribution",
            origin_configs=[
                cloudfront.SourceConfiguration(
                    s3_origin_source=cloudfront.S3OriginConfig(
                        s3_bucket_source=self.static_site_bucket
                    ),
                    behaviors=[cloudfront.Behavior(is_default_behavior=True)]
                )
            ],
            alias_configuration=cloudfront.AliasConfiguration(
                acm_cert_ref=certificate.certificate_arn,
                names=[
                    os.environ.get("DOMAIN_NAME", "mysite.com"),
                    f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"]
            ),
            error_configurations=[
                {
                    "errorCode": 403,
                    "errorCachingMinTtl": 0,
                    "responseCode": 200,
                    "responsePagePath": "/index.html"
                },
                {
                    "errorCode": 404,
                    "errorCachingMinTtl": 0,
                    "responseCode": 200,
                    "responsePagePath": "/index.html"
                }
            ]
        )

我还没有部署任何东西,我只是在本地用 cdk synth 测试这个。我在 CDK 文件中所做的每一次添加都 运行ning cdk synth 并且 CloudFormation 输出与我当前用于部署项目的 CloudFormation 模板中的输出类似。当我 运行 cdk sythn 时,出现以下错误:

AttributeError: 'SiteCertificate' object has no attribute 'certificate_arn'

我在这里使用了正确的结构吗?在我可以访问它的 ARN 之前,证书是否需要存在?我试过使用 DnsValidatedCertificate 但我得到了同样的错误。我还注意到此方法是实验性的,所以我不确定这是否与我看到此错误的原因有关。

您似乎缺少 SiteCertificate

上的 属性 定义
        self.certificate = SiteCertificate(self, "SiteCert")

        self.static_site = StaticSite(
            self, 'StaticSite',
            hosted_zone=self.hosted_zone,
            certificate=self.certificate
        )

在 StaticSite 中您引用 certificate.certificate_arn 但 SiteCertificate 没有 属性 定义。

class SiteCertificate(core.Construct):

    def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
        super().__init__(scope, id, **kwargs)

        cert = acm.Certificate(
            self, "SiteCertificate",
            domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"
        )
        // Add this
        self.certificate_arn = cert.certificate_arn

或者让您的 SiteCertificate 继承自 acm.Ceritificate

class SiteCertificate(acm.Certificate):

    def __init__(self, scope: core.Construct) -> None:
        super().__init__(scope, "SiteCertificate",
            domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}")

我不是 python 专家,所以我可能遗漏了一些东西。