如何解決AWS SAM模板中的循環依賴關系

Question

我有一個SAM模板

AWSTemplateFormatVersion : '2010-09-09'
Transform: AWS::Serverless-2016-10-31

Description: |
  Some infrastructure

Resources:
  S3HomeBucket:
    Type: 'AWS::S3::Bucket'
    Properties:
      AccessControl: PublicRead
      BucketName: the-site-home
    DeletionPolicy: Retain
  BucketPolicy:
    Type: 'AWS::S3::BucketPolicy'
    Properties:
      PolicyDocument:
        Id: S3HomeBucketPolicy
        Version: 2012-10-17
        Statement:
          - Sid: PublicReadForGetBucketObjects
            Effect: Allow
            Principal: '*'
            Action: 's3:GetObject'
            Resource: !Join
              - ''
              - - 'arn:aws:s3:::'
                - !Ref S3HomeBucket
                - /*
      Bucket: !Ref S3HomeBucket
  homePageDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Origins:
        - DomainName: !Join [ "", [!Ref S3HomeBucket, ".s3.amazonaws.com"]]
          Id: myS3Origin
          S3OriginConfig:
            OriginAccessIdentity: origin-access-identity/cloudfront/my-id
        Enabled: 'true'
        Comment: the static home page cdn
        DefaultRootObject: index.html
        Aliases:
        - the.info
        DefaultCacheBehavior:
          AllowedMethods:
          - GET
          - HEAD
          - OPTIONS
          TargetOriginId: myS3Origin
          ForwardedValues:
            QueryString: 'false'
            Cookies:
              Forward: none
          ViewerProtocolPolicy: allow-all
        PriceClass: PriceClass_100
        ViewerCertificate:
          CloudFrontDefaultCertificate: 'true'
  CloudfrontInvalidatingFunction:
    Type: AWS::Serverless::Function
    Properties:
      Runtime: nodejs8.10
      Handler: invalidateStaticFiles.handler
      Timeout: 60
      Policies:
        - AWSLambdaExecute
        - Statement:
            - Effect: Allow
              Action:
                - 'cloudfront:CreateInvalidation'
              Resource: !Join
              - ''
              - - 'arn:aws:cloudfront:'
                - !Ref AWS::Region
                - ':'
                - !Ref AWS::AccountId
                - ':'
                - !Ref homePageDistribution
      Environment:
        Variables:
          DISTRIBUTION_ID: !Ref homePageDistribution
      Events:
        AnyChange:
          Type: S3
          Properties:
            Bucket: !Ref S3HomeBucket
            Events: s3:*
Outputs:
  SiteBucketName:
    Description: the name of the s3 bucket referenced by cloudfront
    Value: !Ref S3HomeBucket
    Export:
      Name: the-site-home-bucket-name
  CloudFrontId:
    Description: the id of the cloudfront distribution for the
    Value: !Ref homePageDistribution
    Export:
      Name: the-site-cloudfront-distribution-id

運行我得到：

無法創建變更集：服務員ChangeSetCreateComplete失敗：服務員遇到終端失敗狀態狀態：失敗。 原因：資源之間的循環依賴關系：[CloudfrontInvalidatingFunction，BucketPolicy，CloudfrontInvalidatingFunctionAnyChangePermission，S3HomeBucket，homePageDistribution，CloudfrontInvalidatingFunctionRole]

我認為 這另一個問題不適用

而且我真的不理解這個文檔 。 情況不一樣，但我還是不明白它的建議。

我想做的是：

• 有一個帶有靜態HTML的存儲桶，
• 位於其前面的雲前發行版
• 和一個lambda，它將監視存儲桶並在文件更改時使緩存無效

那可能嗎？

（ 無服務器應用程序模型github項目問題模板向人們提供幫助，而不是github問題）

Answer 1

我認為在這種情況下，如果您只是在homePageDistribution資源中對DomainName進行硬編碼（基本上刪除!Ref S3HomeBucket ），則會破壞依賴關系周期。

您可以使用存儲桶名稱定義模板參數，並在整個模板中使用它。

Parameters:
  ImagesBucketName:
    Default: the-site-home
    Type: String