[hashicorp/terraform-provider-aws] CloudFront invalid argument DomainName when origin is S3 Website endpoint - Go
Community Note
- Please vote on this issue by adding a 👍 reaction to the original issue to help the community and maintainers prioritize this request
- Please do not leave "+1" or "me too" comments, they generate extra noise for issue followers and do not help prioritize the request
- If you are interested in working on this issue or have submitted a pull request, please leave a comment
Terraform Version
Terraform v0.11.11 + provider.aws v2.0.0
Affected Resource(s)
- awscloudfrontdistribution
- awss3bucket
Terraform Configuration Files
provider "aws" {
region = "eu-west-1"
profile = "develop"
}
resource "aws_s3_bucket" "bucket-web" {
bucket = "foo"
region = "eu-west-1"
website {
index_document = "index.html"
}
}
resource "aws_cloudfront_distribution" "distribution" {
origin {
domain_name = "${aws_s3_bucket.bucket-web.website_endpoint}"
origin_id = "wiiimeeeeehhhh"
}
default_cache_behavior {
allowed_methods = ["GET", "HEAD"]
cached_methods = ["GET", "HEAD"]
target_origin_id = "wiiimeeeeehhhh"
viewer_protocol_policy = "redirect-to-https"
forwarded_values {
query_string = false
cookies {
forward = "none"
}
}
}
restrictions {
geo_restriction {
restriction_type = "none"
}
}
viewer_certificate {
acm_certificate_arn = "arn:my_certificate_arn"
ssl_support_method = "sni-only"
minimum_protocol_version = "TLSv1.2_2018"
}
enabled = true
price_class = "PriceClass_100"
}
Debug Output
Relevant log below:
origin.3576990599.domain_name: "" => "foo.s3-website-eu-west-1.amazonaws.com"
origin.3576990599.origin_id: "" => "wiiimeeeeehhhh"
* aws_cloudfront_distribution.distribution: error creating CloudFront Distribution: InvalidArgument: The parameter Origin DomainName does not refer to a valid S3 bucket.
Expected Behavior
Two resources should be created:
- A S3 bucket for static web hosting.
- A CloudFront distribution with an origin pointing to the bucket's website endpoint (foo.s3-website-eu-west-1.amazonaws.com).
Actual Behavior
The bucket is created without any issues, however the distribution fails because it considers the domain_name is not valid.
Notice that for using CloudFront to serve a S3 static website, we can't use the bucket's name, we must use the website endpoint. More info on https://aws.amazon.com/premiumsupport/knowledge-center/s3-website-cloudfront-error-403/
Steps to Reproduce
- Copy the configuration file above
2.
terraform apply
2 Answer:
Just found the solution. Maybe the documentation could be improved regarding this case.
When we want to create a CloudFront origin for a S3 static website, we must define a custom_origin_config, otherwise it won't work.
custom_origin_config {
http_port = "80"
https_port = "443"
origin_protocol_policy = "http-only"
origin_ssl_protocols = ["TLSv1", "TLSv1.1", "TLSv1.2"]
}
thanks!!
Read next
- ACTIVE_INSTANCES_CAPACITY_EXCEEDED(104) - Java thingsboard
- How to filter for VEP plug-in annotations in INFO field - slivar
- Error after upgrading to Horizon 5.6.4 - horizon
- GlazeJS Typescript game engine supports TMX format - tiled
- react-syntax-highlighter - SyntaxError: Unexpected token export when using NextJS JavaScript
- Module conditionaly deployed - PowerShell azure-docs
- Magenta support for mac M1 - Python magenta
- Sort accented characters appropiately - obsidian-dataview