Cloudformation模板触发LAMBDA上S3事件
问题描述:
我想用Cloudformation每当S3事件如文件创建,文件删除等Cloudformation模板触发LAMBDA上S3事件
从我的研究发生这样创建一个S3桶,这将触发lambda函数,我有我AWS::Lambda::Function和AWS::S3::Bucket设置,
AWSTemplateFormatVersion: '2010-09-09'
Resources:
HandleFileCreation:
Type: "AWS::Lambda::Function"
Properties:
...
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonS3FullAccess
- arn:aws:iam::aws:policy/AWSLambdaFullAccess
AssumeRolePolicyDocument:
...
ReportsBucket:
Type: AWS::S3::Bucket
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref ReportsBucket
PolicyDocument:
...
我一直在寻找在AWS::Events::Rule,但举例仅为EC2和我找不到实例为S3
EventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "EventRule"
EventPattern:
source:
- "aws.ec2"
detail-type:
- "EC2 Instance State-change Notification"
detail:
state:
- "stopping"
State: "ENABLED"
Targets:
-
Arn:
Fn::GetAtt:
- HandleFileCreation
- Arn
Id: TargetFunctionV1
PermissionForEventsToInvokeLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName:
Ref: HandleFileCreation
Action: "lambda:InvokeFunction"
Principal: "events.amazonaws.com"
SourceArn:
Fn::GetAtt:
- "EventRule"
- "Arn"
如何编写模板以触发S3事件?
答
这里有个例子,
EncryptionServiceBucket:
Type: "AWS::S3::Bucket"
Properties:
BucketName: !Sub ${User}-encryption-service
NotificationConfiguration:
LambdaConfigurations:
-
Function: !Ref LambdaDeploymentArn
Event: "s3:ObjectCreated:*"
Filter:
S3Key:
Rules:
-
Name: suffix
Value: zip
一个问题,我注意到的是,你需要你指定一个触发器之前创建的功能。如果您使用CF,请确保在为其创建触发器之前创建lambda函数。
希望它有帮助。
我收到一个错误:AWS :: S3 :: Bucket \t ReportsBucket \t ARN的格式不正确物理ID:some-prefix-us-west-2-test-43a8dcf',它引用了我的桶名称BucketName: !加入[' - ',['some-prefix',!Ref Region,!Ref Stage]]' –