Terraform AWS Cloudwatch Rule with Event Pattern incorrectly updated
Question
I'm trying ot configure cloudwatch event rule that'll tigger sns topic. I have been facing problem to trigger sns topic from cloutwatch rule with event pattern created from terraform. Below is my terraform code:
resource "aws_cloudwatch_event_rule" "s3-event" {
name = "s3-event"
description = "Capture each AWS s3 event"
event_pattern = <<EOF
{
"source": ["aws.s3"],
"detail-type": ["AWS API Call via CloudTrail"],
"detail": {
"eventSource": ["s3.amazonaws.com"],
"eventName": ["CreateBucket"]
}
}
EOF
}
After apply the checked the event pattern on aws ui it look like :
Event pattern
{
"detail": {
"eventName": ["CreateBucket"],
"eventSource": ["s3.amazonaws.com"]
},
"detail-type": ["AWS API Call via CloudTrail"],
"source": ["aws.s3"]
}
IT gave invocation failed error on creation of s3 bucket. then I resaved as from aws console:
{
"source": ["aws.s3"],
"detail-type": ["AWS API Call via CloudTrail"],
"detail": {
"eventSource": ["s3.amazonaws.com"],
"eventName": ["CreateBucket"]
}
}
then it passed.
Can someone suggest how I disable the terraform to rearrange event pattern.
1 answers
solution1
0 2021-10-14 09:47:48
Rearranging the pattern is not the resolution here when I creating the cloudwatch event from the terraform by default it doesn't create an access policy for sns but after editing the pattern from the AWS console access policy are getting created, so we have to define the access policy in terraform like below and attach to sns topic:
statement {
effect = "Allow"
actions = ["SNS:Publish"]
principals {
type = "Service"
identifiers = ["events.amazonaws.com"]
}
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.