如何在CloudFormation中将签名的S3 URL指定为模板? [英] How can I specify a signed S3 URL as template in CloudFormation?
问题描述
在AWS CloudFormation中,您可以通过上传模板文件或通过向模板指定S3 URL来指定模板。 (指定Amazon S3模板URL)
In AWS CloudFormation, you can specify a template by uploading a template file or by specifying a S3 URL to a template. (Specify an Amazon S3 template URL)
如果存储桶是公共的,则可以构造一个URL,任何人都可以访问该对象/模板。只要S3模板URL是简单URL,此方法就可以正常工作:
If the bucket is public, you can construct a URL for anyone to access the object/template. This works fine as long as the S3 template URL is a simple URL:
https://s3.amazonaws.com/public-bucket/ unsigned.template
但是如果存储桶是私有的,如果您想与他人共享对象,则可以生成一个签名的S3 URL。我得到的URL是专用存储桶中模板的签名S3 URL:
But if the bucket is private, you can generate a signed S3 URL if you want to share an object to others. I am given a URL that is a signed S3 URL for a template in a private bucket:
https://s3.amazonaws.com/ private-bucket / signed.template?Signature = Cs6sqUABadcfZAuFu5FSMWAQ%3D& Expires = 1459636414& AWSAccessKeyId = AKIAJ23456AXIOUBCNQ
不幸的是CF不尊重已签名的人URL并剥离 .template
之后的所有内容。因此,我收到 Access Denied
错误。有人知道在CloudFormation中将签名的S3 URL指定为模板的方法吗?
Unfortunately CF is not honoring the signed URL and strips everything after .template
. Due to this I get Access Denied
error. Does anyone know a way to specify a signed S3 URL as a template in CloudFormation?
推荐答案
AWS最终承认这是一个错误在CloudFormation中,他们正在努力解决。到目前为止,还没有预计到达时间。
AWS finally acknowledged that it is a bug in CloudFormation and they are working on a fix. No ETA on that yet.
这篇关于如何在CloudFormation中将签名的S3 URL指定为模板?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!