如何解决AWS SAM模板中的循环依赖关系

Question

我有一个SAM模板

AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Description: |
  Some infrastructure

Resources:
  S3HomeBucket:
    Type: 'AWS::S3::Bucket'
    Properties:
      AccessControl: PublicRead
      BucketName: the-site-home
    DeletionPolicy: Retain
  BucketPolicy:
    Type: 'AWS::S3::BucketPolicy'
    Properties:
      PolicyDocument:
        Id: S3HomeBucketPolicy
        Version: 2012-10-17
        Statement:
          - Sid: PublicReadForGetBucketObjects
            Effect: Allow
            Principal: '*'
            Action: 's3:GetObject'
            Resource: !Join
              - ''
              - - 'arn:aws:s3:::'
                - !Ref S3HomeBucket
                - /*
      Bucket: !Ref S3HomeBucket
  homePageDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Origins:
        - DomainName: !Join [ "", [!Ref S3HomeBucket, ".s3.amazonaws.com"]]
          Id: myS3Origin
          S3OriginConfig:
            OriginAccessIdentity: origin-access-identity/cloudfront/my-id
        Enabled: 'true'
        Comment: the static home page cdn
        DefaultRootObject: index.html
        Aliases:
        - the.info
        DefaultCacheBehavior:
          AllowedMethods:
          - GET
          - HEAD
          - OPTIONS
          TargetOriginId: myS3Origin
          ForwardedValues:
            QueryString: 'false'
            Cookies:
              Forward: none
          ViewerProtocolPolicy: allow-all
        PriceClass: PriceClass_100
        ViewerCertificate:
          CloudFrontDefaultCertificate: 'true'
  CloudfrontInvalidatingFunction:
    Type: AWS::Serverless::Function
    Properties:
      Runtime: nodejs8.10
      Handler: invalidateStaticFiles.handler
      Timeout: 60
      Policies:
        - AWSLambdaExecute
        - Statement:
            - Effect: Allow
              Action:
                - 'cloudfront:CreateInvalidation'
              Resource: !Join
              - ''
              - - 'arn:aws:cloudfront:'
                - !Ref AWS::Region
                - ':'
                - !Ref AWS::AccountId
                - ':'
                - !Ref homePageDistribution
      Environment:
        Variables:
          DISTRIBUTION_ID: !Ref homePageDistribution
      Events:
        AnyChange:
          Type: S3
          Properties:
            Bucket: !Ref S3HomeBucket
            Events: s3:*
Outputs:
  SiteBucketName:
    Description: the name of the s3 bucket referenced by cloudfront
    Value: !Ref S3HomeBucket
    Export:
      Name: the-site-home-bucket-name
  CloudFrontId:
    Description: the id of the cloudfront distribution for the
    Value: !Ref homePageDistribution
    Export:
      Name: the-site-cloudfront-distribution-id

运行我得到：

无法创建变更集：服务员ChangeSetCreateComplete失败：服务员遇到终端失败状态状态：失败。 原因：资源之间的循环依赖关系：[CloudfrontInvalidatingFunction，BucketPolicy，CloudfrontInvalidatingFunctionAnyChangePermission，S3HomeBucket，homePageDistribution，CloudfrontInvalidatingFunctionRole]

我认为 这另一个问题不适用

而且我真的不理解这个文档 。 情况不一样，但我还是不明白它的建议。

我想做的是：

• 有一个带有静态HTML的存储桶，
• 位于其前面的云前发行版
• 和一个lambda，它将监视存储桶并在文件更改时使缓存无效

那可能吗？

（ 无服务器应用程序模型github项目问题模板向人们提供帮助，而不是github问题）

Answer 1

我认为在这种情况下，如果您只是在homePageDistribution资源中对DomainName进行硬编码（基本上删除!Ref S3HomeBucket ），则会破坏依赖关系周期。

您可以使用存储桶名称定义模板参数，并在整个模板中使用它。

Parameters:
  ImagesBucketName:
    Default: the-site-home
    Type: String