[英]Cloudformation template to trigger Lambda on S3 event
我想使用 Cloudformation 創建一個 S3 存儲桶,該存儲桶將在發生文件創建、文件刪除等 S3 事件時觸發 Lambda 函數。
根據我的研究,我有我的AWS::Lambda::Function和AWS::S3::Bucket設置,
AWSTemplateFormatVersion: '2010-09-09'
Resources:
HandleFileCreation:
Type: "AWS::Lambda::Function"
Properties:
...
LambdaExecutionRole:
Type: AWS::IAM::Role
Properties:
ManagedPolicyArns:
- arn:aws:iam::aws:policy/AmazonS3FullAccess
- arn:aws:iam::aws:policy/AWSLambdaFullAccess
AssumeRolePolicyDocument:
...
ReportsBucket:
Type: AWS::S3::Bucket
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref ReportsBucket
PolicyDocument:
...
我正在查看AWS::Events::Rule ,但該示例僅適用於 EC2,我找不到 S3 的示例
EventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "EventRule"
EventPattern:
source:
- "aws.ec2"
detail-type:
- "EC2 Instance State-change Notification"
detail:
state:
- "stopping"
State: "ENABLED"
Targets:
-
Arn:
Fn::GetAtt:
- HandleFileCreation
- Arn
Id: TargetFunctionV1
PermissionForEventsToInvokeLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName:
Ref: HandleFileCreation
Action: "lambda:InvokeFunction"
Principal: "events.amazonaws.com"
SourceArn:
Fn::GetAtt:
- "EventRule"
- "Arn"
如何編寫模板以在 S3 事件上觸發?
這是一個例子,
EncryptionServiceBucket:
Type: "AWS::S3::Bucket"
Properties:
BucketName: !Sub ${User}-encryption-service
NotificationConfiguration:
LambdaConfigurations:
-
Function: !Ref LambdaDeploymentArn
Event: "s3:ObjectCreated:*"
Filter:
S3Key:
Rules:
-
Name: suffix
Value: zip
我注意到的一個問題是,您需要先創建函數,然后再為其分配觸發器。 如果您正在使用 CF,請確保在為其創建觸發器之前創建 lambda 函數。
希望它有幫助。
我在使用 Amazon Toolkit 的 Visual Studio 示例項目之一中找到了答案:
"myBucketName": {
"Type": "AWS::S3::Bucket",
"Properties": { }
},
"csvProcessor" : {
"Type" : "AWS::Serverless::Function",
"Properties": {
"Handler": "appli::appli.csvProcessor::FunctionHandler",
"Runtime": "dotnetcore2.1",
"CodeUri": "",
"Description": "Function processing files when they're dropped in s3 bucket",
"MemorySize": 256,
"Timeout": 30,
"Role": null,
"Policies": [ "AWSLambdaFullAccess" ],
"Events": {
"madeUpEventName" : {
"Type" : "S3",
"Properties" : {
"Bucket" : { "Ref" : "myBucketName" },
"Events" : [
"s3:ObjectCreated:*"
]
}
}
}
}
}
我已經創建了下面的代碼,它正在與 CloudFormation #################################### ########################################### 每當 S3 事件發生時觸發 Lambda 函數
Type: AWS::S3::Bucket
Properties:
BucketName: !Sub '${EnvironmentNameShorthand}.product'
NotificationConfiguration:
LambdaConfigurations:
-
Function: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:function name'
Event: "s3:ObjectCreated:*"
Filter:
S3Key:
Rules:
-
Name: suffix
Value: .json
LambdaInvokePermission:
Type: AWS::Lambda::Permission
Properties:
FunctionName: !Sub 'arn:aws:lambda:${AWS::Region}:${AWS::AccountId}:function:function name '
Action: "lambda:InvokeFunction"
Principal: "s3.amazonaws.com"
SourceArn: !Sub 'arn:aws:s3:::${EnvironmentNameShorthand}.product'
這是一個詳細的答案(來自https://medium.com/@windix/s3-bucket-notification-to-lambda-in-cloudformation-without-circular-reference-f8f56ec5342c )
AWSTemplateFormatVersion: '2010-09-09'
Description: Example Stack
Parameters:
BucketName:
Type: String
Default: unique-bucket-name
Resources:
Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: !Ref BucketName
...
NotificationConfiguration:
LambdaConfigurations:
- Event: 's3:ObjectCreated:*'
Filter:
S3Key:
Rules:
- Name: prefix
Value: test/
- Name: suffix
Value: .txt
Function: !GetAtt Lambda.Arn
Lambda:
Type: AWS::Lambda::Function
...
S3InvokeLambdaPermission:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !Ref Lambda
Principal: s3.amazonaws.com
SourceArn: !Sub arn:aws:s3:::${BucketName}
LambdaRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action:
- sts:AssumeRole
Path: '/'
Policies:
- PolicyName: s3
PolicyDocument:
Statement:
- Effect: Allow
Action:
- s3:Get*
Resource:
- !Sub arn:aws:s3:::${BucketName}
- !Sub arn:aws:s3:::${BucketName}/*
Cloudformation - S3 事件上的 Lambda 觸發器? (桶已經存在)
[英]Cloudformation - Lambda Trigger on S3 Event? (Bucket Already Exists)
無法在現有 S3 存儲桶中放置通知事件以觸發 CloudFormation Lambda
[英]Unable to put notification event to trigger CloudFormation Lambda in existing S3 bucket
如何在CloudFormation中添加帶有S3觸發器的Lambda函數?
[英]How do I add a Lambda Function with an S3 Trigger in CloudFormation?
使用 cloudformation yaml 在 Lambda function 上添加 S3 觸發器
[英]add S3 trigger on a Lambda function with cloudformation yaml
Lambda 和 S3 資源可以存在於同一個 CloudFormation 模板中嗎?
[英]Can Lambda and S3 resources exist in the same CloudFormation template?
Cloud Formation:S3 bucket和Lambda的單獨cloudformation模板
[英]Cloud Formation: separate cloudformation template of S3 bucket and Lambda
在cloudformation中的s3存儲桶ObjectCreated事件上執行lambda
[英]executing lambda on s3 bucket ObjectCreated event in cloudformation
aws lambda - 如果手動創建 s3 存儲桶,如何使用 cloudformation 添加 s3 觸發器
[英]aws lambda - How to add s3 trigger using cloudformation if the s3 bucket is created manually
聲明:本站的技術帖子網頁,遵循CC BY-SA 4.0協議,如果您需要轉載,請注明本站網址或者原文地址。任何問題請咨詢:yoyou2525@163.com.