'SiteCertificate' 对象在 AWS CDK 中没有属性 'certificate_arn'
'SiteCertificate' object has no attribute 'certificate_arn' with AWS CDK
我正在尝试将 CloudFormation 项目移动到 AWS CDK。我从前端开始,它是一个静态站点,在带有 Certificate Manager 证书的 S3 存储桶前面使用 CloudFront 分发。
以下是我用来构建此堆栈的各种组件:
根目录
from aws_cdk import core
from cert import SiteCertificate
from hosted_zone import HostedZone
from static_site import StaticSite
class AwscdkStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
self.hosted_zone = HostedZone(self, "HostedZone")
self.certificate = SiteCertificate(self, "SiteCert")
self.static_site = StaticSite(
self, 'StaticSite',
hosted_zone=self.hosted_zone,
certificate=self.certificate
)
托管区
import os
from aws_cdk import (
core,
aws_route53 as route53
)
class HostedZone(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs):
super().__init__(scope, id, **kwargs)
self.hosted_zone = route53.HostedZone.from_hosted_zone_attributes(
self, "hosted_zone",
hosted_zone_id=os.environ.get("HOSTED_ZONE_ID", "ABC123"),
zone_name=os.environ.get("DOMAIN_NAME", "mysite.com")
)
证书
import os
from aws_cdk import (
core,
aws_certificatemanager as acm,
)
class SiteCertificate(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
cert = acm.Certificate(
self, "SiteCertificate",
domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"
)
静态站点
这包含 S3 存储桶、策略和 CloudFront 分发(我可能想将它们分成不同的文件)
import os
from aws_cdk import (
aws_certificatemanager as acm,
aws_s3 as s3,
aws_cloudfront as cloudfront,
aws_route53 as route53,
aws_iam as iam,
core
)
class StaticSite(core.Construct):
def __init__(
self,
scope: core.Construct,
id: str,
hosted_zone: route53.IHostedZone,
certificate: acm.ICertificate,
**kwargs
) -> None:
super().__init__(scope, id, **kwargs)
self.static_site_bucket = s3.Bucket(
self, "StaticSiteBucket",
access_control=s3.BucketAccessControl.PUBLIC_READ,
bucket_name=os.environ.get("DOMAIN_NAME", "mysite.com"),
removal_policy=core.RemovalPolicy.DESTROY,
)
self.policy_statement = iam.PolicyStatement(
actions=["s3:GetObject"],
resources=[f"{self.static_site_bucket.bucket_arn}/*"]
)
self.policy_statement.add_any_principal()
self.static_site_policy_document = iam.PolicyDocument(
statements=[self.policy_statement]
)
self.static_site_bucket.add_to_resource_policy(
self.policy_statement
)
self.distribution = cloudfront.CloudFrontWebDistribution(
self, "CloudFrontDistribution",
origin_configs=[
cloudfront.SourceConfiguration(
s3_origin_source=cloudfront.S3OriginConfig(
s3_bucket_source=self.static_site_bucket
),
behaviors=[cloudfront.Behavior(is_default_behavior=True)]
)
],
alias_configuration=cloudfront.AliasConfiguration(
acm_cert_ref=certificate.certificate_arn,
names=[
os.environ.get("DOMAIN_NAME", "mysite.com"),
f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"]
),
error_configurations=[
{
"errorCode": 403,
"errorCachingMinTtl": 0,
"responseCode": 200,
"responsePagePath": "/index.html"
},
{
"errorCode": 404,
"errorCachingMinTtl": 0,
"responseCode": 200,
"responsePagePath": "/index.html"
}
]
)
我还没有部署任何东西,我只是在本地用 cdk synth
测试这个。我在 CDK 文件中所做的每一次添加都 运行ning cdk synth
并且 CloudFormation 输出与我当前用于部署项目的 CloudFormation 模板中的输出类似。当我 运行 cdk sythn
时,出现以下错误:
AttributeError: 'SiteCertificate' object has no attribute 'certificate_arn'
我在这里使用了正确的结构吗?在我可以访问它的 ARN 之前,证书是否需要存在?我试过使用 DnsValidatedCertificate
但我得到了同样的错误。我还注意到此方法是实验性的,所以我不确定这是否与我看到此错误的原因有关。
您似乎缺少 SiteCertificate
上的 属性 定义
self.certificate = SiteCertificate(self, "SiteCert")
self.static_site = StaticSite(
self, 'StaticSite',
hosted_zone=self.hosted_zone,
certificate=self.certificate
)
在 StaticSite 中您引用 certificate.certificate_arn
但 SiteCertificate 没有 属性 定义。
class SiteCertificate(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
cert = acm.Certificate(
self, "SiteCertificate",
domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"
)
// Add this
self.certificate_arn = cert.certificate_arn
或者让您的 SiteCertificate
继承自 acm.Ceritificate
class SiteCertificate(acm.Certificate):
def __init__(self, scope: core.Construct) -> None:
super().__init__(scope, "SiteCertificate",
domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}")
我不是 python 专家,所以我可能遗漏了一些东西。
我正在尝试将 CloudFormation 项目移动到 AWS CDK。我从前端开始,它是一个静态站点,在带有 Certificate Manager 证书的 S3 存储桶前面使用 CloudFront 分发。
以下是我用来构建此堆栈的各种组件:
根目录
from aws_cdk import core
from cert import SiteCertificate
from hosted_zone import HostedZone
from static_site import StaticSite
class AwscdkStack(core.Stack):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
self.hosted_zone = HostedZone(self, "HostedZone")
self.certificate = SiteCertificate(self, "SiteCert")
self.static_site = StaticSite(
self, 'StaticSite',
hosted_zone=self.hosted_zone,
certificate=self.certificate
)
托管区
import os
from aws_cdk import (
core,
aws_route53 as route53
)
class HostedZone(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs):
super().__init__(scope, id, **kwargs)
self.hosted_zone = route53.HostedZone.from_hosted_zone_attributes(
self, "hosted_zone",
hosted_zone_id=os.environ.get("HOSTED_ZONE_ID", "ABC123"),
zone_name=os.environ.get("DOMAIN_NAME", "mysite.com")
)
证书
import os
from aws_cdk import (
core,
aws_certificatemanager as acm,
)
class SiteCertificate(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
cert = acm.Certificate(
self, "SiteCertificate",
domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"
)
静态站点
这包含 S3 存储桶、策略和 CloudFront 分发(我可能想将它们分成不同的文件)
import os
from aws_cdk import (
aws_certificatemanager as acm,
aws_s3 as s3,
aws_cloudfront as cloudfront,
aws_route53 as route53,
aws_iam as iam,
core
)
class StaticSite(core.Construct):
def __init__(
self,
scope: core.Construct,
id: str,
hosted_zone: route53.IHostedZone,
certificate: acm.ICertificate,
**kwargs
) -> None:
super().__init__(scope, id, **kwargs)
self.static_site_bucket = s3.Bucket(
self, "StaticSiteBucket",
access_control=s3.BucketAccessControl.PUBLIC_READ,
bucket_name=os.environ.get("DOMAIN_NAME", "mysite.com"),
removal_policy=core.RemovalPolicy.DESTROY,
)
self.policy_statement = iam.PolicyStatement(
actions=["s3:GetObject"],
resources=[f"{self.static_site_bucket.bucket_arn}/*"]
)
self.policy_statement.add_any_principal()
self.static_site_policy_document = iam.PolicyDocument(
statements=[self.policy_statement]
)
self.static_site_bucket.add_to_resource_policy(
self.policy_statement
)
self.distribution = cloudfront.CloudFrontWebDistribution(
self, "CloudFrontDistribution",
origin_configs=[
cloudfront.SourceConfiguration(
s3_origin_source=cloudfront.S3OriginConfig(
s3_bucket_source=self.static_site_bucket
),
behaviors=[cloudfront.Behavior(is_default_behavior=True)]
)
],
alias_configuration=cloudfront.AliasConfiguration(
acm_cert_ref=certificate.certificate_arn,
names=[
os.environ.get("DOMAIN_NAME", "mysite.com"),
f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"]
),
error_configurations=[
{
"errorCode": 403,
"errorCachingMinTtl": 0,
"responseCode": 200,
"responsePagePath": "/index.html"
},
{
"errorCode": 404,
"errorCachingMinTtl": 0,
"responseCode": 200,
"responsePagePath": "/index.html"
}
]
)
我还没有部署任何东西,我只是在本地用 cdk synth
测试这个。我在 CDK 文件中所做的每一次添加都 运行ning cdk synth
并且 CloudFormation 输出与我当前用于部署项目的 CloudFormation 模板中的输出类似。当我 运行 cdk sythn
时,出现以下错误:
AttributeError: 'SiteCertificate' object has no attribute 'certificate_arn'
我在这里使用了正确的结构吗?在我可以访问它的 ARN 之前,证书是否需要存在?我试过使用 DnsValidatedCertificate
但我得到了同样的错误。我还注意到此方法是实验性的,所以我不确定这是否与我看到此错误的原因有关。
您似乎缺少 SiteCertificate
self.certificate = SiteCertificate(self, "SiteCert")
self.static_site = StaticSite(
self, 'StaticSite',
hosted_zone=self.hosted_zone,
certificate=self.certificate
)
在 StaticSite 中您引用 certificate.certificate_arn
但 SiteCertificate 没有 属性 定义。
class SiteCertificate(core.Construct):
def __init__(self, scope: core.Construct, id: str, **kwargs) -> None:
super().__init__(scope, id, **kwargs)
cert = acm.Certificate(
self, "SiteCertificate",
domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}"
)
// Add this
self.certificate_arn = cert.certificate_arn
或者让您的 SiteCertificate
继承自 acm.Ceritificate
class SiteCertificate(acm.Certificate):
def __init__(self, scope: core.Construct) -> None:
super().__init__(scope, "SiteCertificate",
domain_name=f"*.{os.environ.get('DOMAIN_NAME', 'mysite.com')}")
我不是 python 专家,所以我可能遗漏了一些东西。