我正在尝试创建一个基于AWS的简单架构,该架构会将一些数据从AWS S3传输到SQS,然后触发lambda。我正在使用无服务器框架,但最终在部署时出现此错误
发生错误:PostsRawBucket-无法验证以下目标配置(服务:Amazon S3;状态代码:400;错误代码:InvalidArgument;请求ID:...; S3扩展请求ID:... )
# CloudFormation
resources:
Resources:
PostsTransferQueue:
Type: "AWS::SQS::Queue"
Properties:
VisibilityTimeout: 180
MessageRetentionPeriod: 1209600
QueueName: posts-transfer
PostsRawBucket:
Type: "AWS::S3::Bucket"
DependsOn:
- PostsTransferQueue
Properties:
BucketName: posts-raw
NotificationConfiguration:
QueueConfigurations:
- Event: s3:ObjectCreated:*
Queue: !GetAtt PostsTransferQueue.Arn
编辑1:解决方案(至少对我来说)-我必须添加AWS :: SQS :: QueuePolicy
QueuePolicy:
Type: AWS::SQS::QueuePolicy
DependsOn:
- PostsTransferQueue
Properties:
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
AWS: '*'
Action:
- SQS:SendMessage
# Target a wildcard resource name based on the same format as QueueName
Resource: !Join [ "", [ "arn:aws:sqs:*:*:", !Join [ "-", [ posts, transfer ] ], "*" ] ]
Condition:
ArnLike:
# Static BucketName used to avoid circular dependency with S3 bucket
aws:SourceArn: !Join [ "", ["arn:aws:s3:*:*:", !Join [ "-", [ posts, raw, v2] ] ] ]
Queues:
- !Ref PostsTransferQueue
然后,您还必须更新S3以也依赖于 QueuePolicy
PostsRawBucket:
Type: AWS::S3::Bucket
DependsOn:
- PostsTransferQueue
- QueuePolicy
...
我也将S3存储桶和队列的名称更改为
BucketName: !Join [ "-", [ posts, raw, v2] ]
QueueName: !Join [ "-", [ posts, transfer, v2] ]