当我尝试创建aws_s3_bucket_notification时,出现以下Terrerform异常:aws_s3_bucket_notification.input_notification: Error putting S3 notification configuration: InvalidArgument: Unable to validate the following destination configurations
status code: 400, request id: 4E17F794B9BC67C9, host id: QmeEFS+T1cvr1xFEMmAlqBKxzX1Fg+qOpwJFXDl4sR1hVcHa4swLN87BiPI8BToGuNQ3oYD0pYk=
据我所知,我遵循了以下terraform文档中概述的规格:https://www.terraform.io/docs/providers/aws/r/s3_bucket_notification.html
有人遇到过这个问题吗?
resource "aws_sqs_queue" "sqs_queue" {
name = "${var.env}-${var.subenv}-${var.appname}"
delay_seconds = 5
max_message_size = 262144
message_retention_seconds = 86400
receive_wait_time_seconds = 10
visibility_timeout_seconds = 90
redrive_policy = "{\"deadLetterTargetArn\":\"${aws_sqs_queue.sqs_dlq.arn}\",\"maxReceiveCount\":${var.sqs_max_receive_count}}"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "sqs:SendMessage",
"Resource": "arn:aws:sqs:*:*:s3-event-notification-queue",
"Condition": {
"ArnEquals": { "aws:SourceArn": "${aws_s3_bucket.input.arn}" }
}
}
]
}
POLICY
}
resource "aws_s3_bucket" "input" {
bucket = "${var.env}-${var.subenv}-${var.appname}-input"
}
resource "aws_s3_bucket_notification" "input_notification" {
depends_on = [
"aws_s3_bucket.input",
"aws_sqs_queue.sqs_queue"
]
bucket = "${aws_s3_bucket.input.id}"
queue {
queue_arn = "${aws_sqs_queue.sqs_queue.arn}"
events = ["s3:ObjectCreated:*"]
filter_suffix = ".gz"
}
}
答案 0 :(得分:0)
SQS政策有误,应如下所示:
resource "aws_sqs_queue" "sqs_queue" {
name = "${var.env}-${var.subenv}-${var.appname}"
delay_seconds = 5
max_message_size = 262144
message_retention_seconds = 86400
receive_wait_time_seconds = 10
visibility_timeout_seconds = 90
redrive_policy = "{\"deadLetterTargetArn\":\"${aws_sqs_queue.sqs_dlq.arn}\",\"maxReceiveCount\":${var.sqs_max_receive_count}}"
policy = <<POLICY
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": "*",
"Action": "sqs:SendMessage",
"Resource": "arn:aws:sqs:*:*:${var.env}-${var.subenv}-${var.appname}",
"Condition": {
"ArnEquals": { "aws:SourceArn": "${aws_s3_bucket.input.arn}" }
}
}
]
}
POLICY
}