创建向 SNS 主题发送通知的 S3 存储桶
[英]Create an S3 bucket that sends notification to SNS topic
问题描述
I am trying to create a s3 bucket that sends notification to a SNS topic every time an object is dropped in the s3 bucket.
我正在尝试创建一个 s3 存储桶,每次将 object 放入 s3 存储桶时,它都会向 SNS 主题发送通知。 My S3 bucket is called foo-bucket and my SNS topic is called foo-topic .我的 S3 存储桶称为foo-bucket ,我的 SNS 主题称为foo-topic 。 I know how to setup this in aws console but i am having trouble when trying to do this via cloudformation.我知道如何在 aws 控制台中进行设置,但是在尝试通过 cloudformation 执行此操作时遇到了麻烦。
This is the code i currently have这是我目前拥有的代码
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties:
TopicName: foo-topic
SNSTopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
PolicyDocument:
Id: MyTopicPolicy
Version: '2012-10-17'
Statement:
- Sid: Statement-id
Effect: Allow
Principal:
Service: s3.amazonaws.com
Action: sns:Publish
Resource:
Ref: SNSTopic
Condition:
ArnLike:
aws:SourceArn:
Fn::Join:
- ''
- - 'arn:aws:s3:::'
- Ref: S3Bucket
Topics:
- Ref: SNSTopic
S3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: foo-bucket
AccessControl: BucketOwnerFullControl
NotificationConfiguration:
TopicConfigurations:
- Topic:
Ref: SNSTopic
Event: s3:ObjectCreated:Put
I try to deploy the above and cfn rollsback due to the following error由于以下错误,我尝试部署上述和 cfn 回滚
Unable to validate the following destination configurations (Service: Amazon S3; Status Code: 400; Error Code: InvalidArgument; Request ID: fooooo; S3 Extended Request ID: foooid; Proxy: null)
2 个解决方案
解决方案1
0 2021-12-10 19:02:08
Yep, your problem is dependencies;)是的,你的问题是依赖关系;)
I had the same issue, if you don't specify a dependency order, like create SNS first then get the ID created withe REF in the Bucket part you will get a problem about destination configurations.我遇到了同样的问题,如果您没有指定依赖顺序,例如先创建 SNS,然后在 Bucket 部分获取使用 REF 创建的 ID,您将遇到有关目标配置的问题。
Please follow this link to fix your problem, you will see the DependsOn :请按照此链接解决您的问题,您将看到DependsOn :
https://aws.amazon.com/premiumsupport/knowledge-center/unable-validate-destination-s3/?nc1=h_ls https://aws.amazon.com/premiumsupport/knowledge-center/unable-validate-destination-s3/?nc1=h_ls
解决方案2
0 2021-12-10 19:14:22
I have an example cloudformation creating a bucket, sns topic and a notification configuration.我有一个创建存储桶、sns 主题和通知配置的示例 cloudformation 。 As already mentioned, you need to ensure proper dependency order.如前所述,您需要确保正确的依赖顺序。
The notification configuration doesn't check for the resource existence, so we need to use the DependsOn property to do so通知配置不检查资源是否存在,因此我们需要使用DependsOn属性来执行此操作
As well be aware of potential circular reference, when creating an SNS Topic Policy.在创建 SNS 主题策略时,还要注意潜在的循环引用。 I defined the bucket name as a string, not reference.我将存储桶名称定义为字符串,而不是引用。 It allows to create an SNS with its policy before the notification config of the bucket.它允许在存储桶的通知配置之前使用其策略创建 SNS。
IngestionBucketDev:
Type: AWS::S3::Bucket
DependsOn:
- IngestionTopicDev
- IngestionTopicPolicy
Properties:
BucketName: "ingestion-codebucket-7832df8b-dev"
NotificationConfiguration:
TopicConfigurations:
- Topic: !Ref IngestionTopicDev
Event: 's3:ObjectCreated:*'
Filter:
S3Key:
Rules:
- Name: suffix
Value: ".json"
PublicAccessBlockConfiguration:
RestrictPublicBuckets: true
BlockPublicPolicy: true
IngestionTopicDev:
Type: AWS::SNS::Topic
Properties:
TopicName: "elearn-ingest-topic"
DisplayName: "elearn-ingest-topic"
IngestionTopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics:
- !Ref IngestionTopicDev
PolicyDocument:
Version: 2012-10-17
Statement:
- Action:
- 'sns:Publish'
Effect: Allow
Resource: !Ref IngestionTopicDev
Principal:
Service: "s3.amazonaws.com"
Condition:
ArnEquals:
"aws:SourceArn": "arn:aws:s3:::ingestion-codebucket-7832df8a-dev"
声明:本站的技术帖子网页,遵循CC BY-SA 4.0协议,如果您需要转载,请注明本站网址或者原文地址。任何问题请咨询:yoyou2525@163.com.