如何在CloudFormation中将签名的S3 URL指定为模板？ [英] How can I specify a signed S3 URL as template in CloudFormation?

问题描述

在AWS CloudFormation中，您可以通过上传模板文件或通过向模板指定S3 URL来指定模板。 （指定Amazon S3模板URL）

In AWS CloudFormation, you can specify a template by uploading a template file or by specifying a S3 URL to a template. (Specify an Amazon S3 template URL)

如果存储桶是公共的，则可以构造一个URL，任何人都可以访问该对象/模板。只要S3模板URL是简单URL，此方法就可以正常工作：

If the bucket is public, you can construct a URL for anyone to access the object/template. This works fine as long as the S3 template URL is a simple URL:

https://s3.amazonaws.com/public-bucket/ unsigned.template

但是如果存储桶是私有的，如果您想与他人共享对象，则可以生成一个签名的S3 URL。我得到的URL是专用存储桶中模板的签名S3 URL：

But if the bucket is private, you can generate a signed S3 URL if you want to share an object to others. I am given a URL that is a signed S3 URL for a template in a private bucket:

https://s3.amazonaws.com/ private-bucket / signed.template？Signature = Cs6sqUABadcfZAuFu5FSMWAQ％3D& Expires = 1459636414& AWSAccessKeyId = AKIAJ23456AXIOUBCNQ

不幸的是CF不尊重已签名的人URL并剥离 .template 之后的所有内容。因此，我收到 Access Denied 错误。有人知道在CloudFormation中将签名的S3 URL指定为模板的方法吗？

Unfortunately CF is not honoring the signed URL and strips everything after .template. Due to this I get Access Denied error. Does anyone know a way to specify a signed S3 URL as a template in CloudFormation?

推荐答案

AWS最终承认这是一个错误在CloudFormation中，他们正在努力解决。到目前为止，还没有预计到达时间。

AWS finally acknowledged that it is a bug in CloudFormation and they are working on a fix. No ETA on that yet.

这篇关于如何在CloudFormation中将签名的S3 URL指定为模板？的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！