AWS CloudFront via CloudFormation

Amazon Web ServicesCloudFormation is a great way to define stacks of related resources. I don’t tend to find myself making more than one version of each stack, but have still seen some big advantages:

  • I no longer have to configure resources through the AWS management console, saving a heap of time.
  • Stack configuration is now in source control so all changes are logged.
  • I’ve learnt a great deal more about AWS and how its components interact.

Unfortunately I’ve had to pay for these with another heap of time: spent learning how to use CloudFormation and how to deal with it when things don’t quite work. I’ve wasted a lot of time trying to set up CloudFront CDN distributions, and thought I’d write up a couple of the gremlins I found in case this proves useful to anyone (including me).

S3 domain name isn’t a suitable domain name

Pointing a distribution at an S3 bucket is harder than you might think. All you need is the domain name, but CloudFormation won’t give it up easily.

According to the documentation:

Returns the DNS name of the specified bucket.

Unfortunately that’s not quite what happens. As described on the AWS forum, the domain name is slightly different and CloudFront won’t accept it. Unfortunately you have to build it yourself:

{ "Fn::Join" : [ "", [ { "Ref" : "BucketName" }, "" ] ] }

It sometimes doesn’t work

Unfortunately I can’t currently do any better than that. This forum post implies that adding aliases might break things but I’ve managed to define distributions with aliases.

A second or so after the distribution starts being created it decides to delete itself again, with the message “Resource creation cancelled”. One day I’ll try to put together a reduced testcase. Try defining a very small template, and adding in other resources by updating the stack after it’s worked for the first time. This is good general advice for CloudFormation: test parts of a large template in isolation to save time on each iteration.

This entry was posted in Computing. Bookmark the permalink. Post a comment or leave a trackback: Trackback URL.

Post a Comment

Your email is never published nor shared. Required fields are marked *

You may use these HTML tags and attributes <a href="" title=""> <abbr title=""> <acronym title=""> <b> <blockquote cite=""> <cite> <code> <del datetime=""> <em> <i> <q cite=""> <s> <strike> <strong>