Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

AWS Cloudfront doesn't support ALB site as an Origin #10572

Closed
a9cQ0Q opened this issue Dec 7, 2016 · 3 comments
Closed

AWS Cloudfront doesn't support ALB site as an Origin #10572

a9cQ0Q opened this issue Dec 7, 2016 · 3 comments
Labels
bug provider/aws

Comments

@a9cQ0Q
Copy link

a9cQ0Q commented Dec 7, 2016

Hello everyone

On document said terraform support S3 or Website be a Origin, but I try many time get same error is: The parameter Origin DomainName does not refer to a valid S3 bucket

Here's my cloudfront.tf

resource "aws_cloudfront_distribution" "my_web_site" {
  origin {
    domain_name = "#{aws_alb.website.dns_name}"
    origin_id = "website_access_id"

  }
  enabled = true

  logging_config {
    include_cookies = false
    bucket          = "mywebsiteaccesslogcf.s3.amazonaws.com"
  }

  default_cache_behavior {
    allowed_methods = [HEAD, DELETE, POST, GET, OPTIONS, PUT, PATCH]
    cached_methods = ["HEAD", "GET"]
    compress = true
    target_origin_id = "website_access_id"

    forwarded_values {
      query_string = false
      cookies {
        forward = "none"
      }
    }

    viewer_protocol_policy = "allow-all"
    min_ttl     = 0
    default_ttl = 3600
    max_ttl     = 86400
  }

  restrictions {
    geo_restriction {
      restriction_type = "none"
    }
  }

  tags {
    Environment = "${var.environment_name}"
  }

  viewer_certificate {
    iam_certificate_id = "${var.elb_cert}"
    ssl_support_method = "sni-only"
  }
}

and I got this error below:

`Error applying plan:

1 error(s) occurred:

  • aws_cloudfront_distribution.my_web_site: InvalidArgument: The parameter Origin DomainName does not refer to a valid S3 bucket.
    status code: 400, request id: 242113c0-bc4d-11e6-afa0-5da45ee7023c
    `
@Stephan1984
Copy link

Stephan1984 commented Jan 31, 2017
edited
Loading

If anyone else got this error: when trying to use S3 website as origin (if index document functions of S3 are required) the custom_origin_config is needed:

  origin {
    origin_id = "my_origin"
    domain_name = "${aws_s3_bucket.website.website_endpoint}"
    custom_origin_config {
      origin_protocol_policy = "http-only"
      http_port = "80"
      https_port = "443"
      origin_ssl_protocols = ["TLSv1"]
    }
  }

... not sure if this is a bug.

@pracucci
Copy link

pracucci commented Feb 7, 2017

I'm experiencing the same issue.

@Stephan1984 suggests to use custom_origin_config but doing so you can't grant CloudFront permissions to read a private bucket via origin_access_identity.

@apparentlymart apparentlymart changed the title AWS cloud front doesn't support ALB site be an Origin AWS Cloudfront doesn't support ALB site as an Origin Feb 7, 2017
@jamesgorrie jamesgorrie mentioned this issue Feb 21, 2017
Merged
@hashibot hashibot mentioned this issue Jun 13, 2017
Open
bookshelfdave pushed a commit to mozmeao/infra that referenced this issue Jun 13, 2017
use s3 website bucket name so index documents work in subdirs
ac202f0 
The custom_origin_config is required because terraform will
insist that the bucket name is incorrect as it doesn't follow
the irlpodcast.s3.amazonaws.com format.

requires terraform 0.9.8

see also:
hashicorp/terraform#10572
hashicorp/terraform#13627
@bookshelfdave bookshelfdave mentioned this issue Jun 13, 2017
Merged
@ghost
Copy link

ghost commented Apr 10, 2020

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues.

If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@ghost ghost locked and limited conversation to collaborators Apr 10, 2020
Sign up for free to subscribe to this conversation on GitHub. Already have an account? Sign in.
Assignees
No one assigned
Labels
bug provider/aws
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
5 participants
@mitchellh @a9cQ0Q @pracucci @Stephan1984 @hashibot