“没有这样的密钥,指定的密钥不存在” HTTP Origin(API)上的云方错误其他行为?
上下文
我目前正在面对我的云层分布中的一个奇怪问题。
它有两种行为。默认行为从S3存储桶中显示静态内容。 其他行为(/api/)是专用HTTP Origin的终点,即后端。
这是CDK代码。
const distribution = new Distribution(this, `${this.constructPrefix}-cloudfront-${this.constructSuffix}`, {
defaultBehavior: {
origin: new S3Origin(bucket, {
originAccessIdentity: oai,
}),
functionAssociations: [
{
function: cloudfrontFunctionRewritePath,
eventType: FunctionEventType.VIEWER_REQUEST,
},
],
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
cachePolicy: frontCachePolicy,
},
additionalBehaviors: {
"/api/*": {
origin: new HttpOrigin(`${buildConfig.ApiURL}`, {
httpsPort: 443,
protocolPolicy: OriginProtocolPolicy.HTTPS_ONLY,
customHeaders: {
"x-cloudfront-secret": `${cloudfrontSecret.secretValueFromJson("password")}`,
},
}),
cachePolicy: apiCachePolicy,
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
allowedMethods: AllowedMethods.ALLOW_ALL,
edgeLambdas: edgeLambdaAssociations,
},
},
logBucket: bucketLog,
logFilePrefix: "cloudfront/",
enabled: true,
defaultRootObject: "index.html",
domainNames: [domainName],
certificate: secureCertificate,
errorResponses: [
{
httpStatus: 404,
responseHttpStatus: 200,
responsePagePath: "/index.html",
ttl: Duration.seconds(86400),
},
],
...(buildConfig.AWSWebAclArn !== "NONE" ? { webAclId: buildConfig.AWSWebAclArn } : {}),
});
问题
现在,我的CloudFront Distribution上的API端点之一(/api/端点)随机返回“不存在这样的键,则没有HTTP状态代码404。
其他API端点效果很好。很奇怪的是,该响应的标题为“服务器:Amazons3”。
似乎CloudFront试图从其默认行为(Bucket S3)而不是其他一个(/api/)中获取“/api/endpoint”。
请注意,大多数情况下它似乎都起作用。我不太明白为什么云方有时会这样。
拜托,你有什么想法吗?
Context
I'm currently facing a weird problem from my cloudfront distribution.
It has two behaviors. Default behavior displays static content from a S3 Bucket.
Additional behavior (/api/) is an endpoint to a dedicated HTTP Origin which is the website backend.
Here is the CDK code.
const distribution = new Distribution(this, `${this.constructPrefix}-cloudfront-${this.constructSuffix}`, {
defaultBehavior: {
origin: new S3Origin(bucket, {
originAccessIdentity: oai,
}),
functionAssociations: [
{
function: cloudfrontFunctionRewritePath,
eventType: FunctionEventType.VIEWER_REQUEST,
},
],
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
cachePolicy: frontCachePolicy,
},
additionalBehaviors: {
"/api/*": {
origin: new HttpOrigin(`${buildConfig.ApiURL}`, {
httpsPort: 443,
protocolPolicy: OriginProtocolPolicy.HTTPS_ONLY,
customHeaders: {
"x-cloudfront-secret": `${cloudfrontSecret.secretValueFromJson("password")}`,
},
}),
cachePolicy: apiCachePolicy,
viewerProtocolPolicy: ViewerProtocolPolicy.REDIRECT_TO_HTTPS,
allowedMethods: AllowedMethods.ALLOW_ALL,
edgeLambdas: edgeLambdaAssociations,
},
},
logBucket: bucketLog,
logFilePrefix: "cloudfront/",
enabled: true,
defaultRootObject: "index.html",
domainNames: [domainName],
certificate: secureCertificate,
errorResponses: [
{
httpStatus: 404,
responseHttpStatus: 200,
responsePagePath: "/index.html",
ttl: Duration.seconds(86400),
},
],
...(buildConfig.AWSWebAclArn !== "NONE" ? { webAclId: buildConfig.AWSWebAclArn } : {}),
});
The Problem
Right now, one of my API endpoint (/api/endpoint) on my Cloudfront distribution randomly returns a "no such key the specified key does not exist" with HTTP status code 404.
Every other API endpoint works well. What's weird is that the response has an header with "Server: AmazonS3".
It seems like Cloudfront tries to get "/api/endpoint" from its default behavior (bucket S3) instead of the additional one (/api/).
Please note that it seems to work most of the time. I can't quite understand why Cloudfront is behaving like that at times.
Please, do you have any idea ?
如果你对这篇内容有疑问,欢迎到本站社区发帖提问 参与讨论,获取更多帮助,或者扫码二维码加入 Web 技术交流群。
绑定邮箱获取回复消息
由于您还没有绑定你的真实邮箱,如果其他用户或者作者回复了您的评论,将不能在第一时间通知您!
发布评论