aws-lambda - AWS CloudFormation 将 SNS 触发器设置为 Lambda

标签 aws-lambda aws-cloudformation amazon-sns

我想在 CloudFormation 模板中添加 SNS 作为 Lambda 的触发器,但它对我不起作用。下面是我应用的代码,我获得了 lambda、sns 和 lambda 订阅 SNS,但我无法向 lambda 添加触发器。有人知道该怎么做吗?

LambdaRole:
Type: 'AWS::IAM::Role'
Properties:
  AssumeRolePolicyDocument:
    Version: "2012-10-17"
    Statement:
      - Effect: Allow
        Principal:
          Service:
            - lambda.amazonaws.com
        Action:
          - 'sts:AssumeRole'
  Path: /
  Policies:
    - PolicyName: lambda_policy
      PolicyDocument:
        Version: "2012-10-17"
        Statement:
          - Effect: Allow
            Action: '*'
            Resource: '*'

Lambdafunction:
Type: AWS::Lambda::Function
Properties:
  Handler: index.handler
  Role: !GetAtt LambdaRole.Arn
  # Role: !GettAtt [LambdaRole, Arn]
  Code:
    S3Bucket: lambda-s3
    S3Key: lambda.zip
  Runtime: python3.9
  Timeout: 30

PermissionSNStoLambda:
Type: 'AWS::Lambda::Permission'
Properties:
  Action: 'lambda:InvokeFunction'
  FunctionName: !Ref Lambdafunction
  Principal: sns.amazonaws.com

test2Topic:
Type: 'AWS::SNS::Topic'
Properties:
  DisplayName: Scale of Test Web group
  Subscription:
    - Protocol: lambda
      Endpoint: !GetAtt Lambdafunction.Arn   

  SNSPolicy:
Type: 'AWS::SNS::TopicPolicy'
Properties:
  Topics:
    - !Ref test2Topic
  PolicyDocument:
    Version: '2012-10-17'
    Statement:
      - Effect: Allow
        Principal: AWS: '*'
        Action:
          - 'SNS:GetTopicAttributes'
          - 'SNS:SetTopicAttributes'
          - 'SNS:AddPermission'
          - 'SNS:RemovePermission'
          - 'SNS:DeleteTopic'
          - 'SNS:Subscribe'
          - 'SNS:ListSubscriptionsByTopic'
          - 'SNS:Publish'
          - 'SNS:Receive'
        Resource: !Ref test2Topic

这是我用来添加触发器的最合逻辑的方法,但没有成功:

SNSTriggersLambda:            
Type: AWS::Lambda::EventInvokeConfig
Properties: 
  DestinationConfig: 
      OnFailure:
        Destination: !Ref test2Topic
      OnSuccess:
        Destination: !Ref test2Topic
  FunctionName: !Ref Lambdafunction
  MaximumEventAgeInSeconds: 70
  MaximumRetryAttempts: 1
  Qualifier: $LATEST

最佳答案

我刚刚设法解决了这个问题。我需要在权限部分添加一行,说明 SNS 主题的源 ARN:

  PermissionSNStoLambda:
Type: 'AWS::Lambda::Permission'
Properties:
  Action: 'lambda:InvokeFunction'
  FunctionName: !Ref Lambdafunction
  Principal: sns.amazonaws.com
  SourceArn: !Ref test2Topic

现在可以了!

关于aws-lambda - AWS CloudFormation 将 SNS 触发器设置为 Lambda,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/70975706/

上一篇:amazon-web-services - ARN 作为 Cloudformation Stack 中的参数

下一篇:amazon-web-services - 您知道如何使用 Visual Studio Code 使 cfn-lint 功能正常吗?

相关文章:

amazon-web-services - 使用 HTTPS 终端节点时从 Amazon SNS 获取 "SSLPeerUnverifiedException"

amazon-web-services - Lambda 函数在代码管道中永远不会成功

amazon-web-services - 如何使用 AWS Cloudwatch 将实例名称元数据(来自标签)发送到 SNS?

java - AWS Lambda 与 Java Spring

amazon-web-services - 这些 AWS CloudFormation 内置变量引用的名称是什么?

amazon-web-services - 如何在 VPC 上下文中将我的 AWS::EC2::DBSecurityGroup 连接到我的 AWS::RDS::DBSecurityGroup?

amazon-web-services - 具有 SNS 权限的 Lambda 死信队列

c# - 可以接受内容类型 : text/plain? 的 WCF WebInvoke

aws-lambda - AWS typescript CDK : Lambda Version Internal Failure

bash - 处理可选函数参数

©2024 IT工具网  联系我们