Aar*_*ong 6 amazon-s3 amazon-ecs amazon-cloudwatch terraform
我正在使用 terraform 创建一个 CloudWatch 事件触发器,其启动类型为 ECS Fargate,事件源为 S3。当我使用该input_transformer字段将存储桶和密钥传递到 ECS 任务时,我的事件规则导致调用失败。
这是aws_cloudwatch_event_rule:
resource "aws_cloudwatch_event_rule" "event_rule" {
name = "dev-gnss-source-put-rule-tf"
description = "Capture S3 events on uploads bucket"
event_pattern = <<PATTERN
{
"source": [
"aws.s3"
],
"detail-type": [
"AWS API Call via CloudTrail"
],
"detail": {
"eventSource": [
"s3.amazonaws.com"
],
"eventName": [
"PutObject"
],
"requestParameters": {
"bucketName": [
"example-bucket-name"
]
}
}
}
PATTERN
}
这是aws_cloudwatch_event_target:
resource "aws_cloudwatch_event_target" "event_target" {
target_id = "dev-gnss-upload-event-target-tf"
arn = "example-cluster-arn"
rule = aws_cloudwatch_event_rule.event_rule.name
role_arn = aws_iam_role.uploads_events.arn
ecs_target {
launch_type = "FARGATE"
task_count = 1 # Launch one container / event
task_definition_arn = "example-task-definition-arn"
network_configuration {
subnets = ["example-subnet"]
security_groups = []
}
}
input_transformer {
input_paths = {
s3_bucket = "$.detail.requestParameters.bucketName"
s3_key = "$.detail.requestParameters.key"
}
input_template = <<TEMPLATE
{
"containerOverrides": [
{
"name": "myproject-task",
"environment": [
{ "name": "S3_BUCKET", "value": <s3_bucket> },
{ "name": "S3_KEY", "value": <s3_key> }
]
}
]
}
TEMPLATE
}
}
如果我删除该input_transformer部分,它会正常工作,但我需要传入 s3 存储桶和密钥来处理特定文件。
我这样做的理由是消除对中间 Lambda 的需求,并受到这篇 Medium 帖子的指导:https://medium.com/@bowbaq/trigger-an-ecs-job-when-an-s3-upload-completes -3559c44c37d1
任何建议表示赞赏。
经过几个小时的转圈,我找到了答案!
所以第一步是检查调用失败的原因是什么。您可以通过导航到 Cloud Trail > 事件历史记录 > 搜索依据Event name并RunTask在搜索框中键入来检查 CloudTrail 日志来执行此操作。您应该看到来自事件源的一系列事件ecs.amazonaws.com。找到与您所经历的失败调用相关的一个。
当您单击进入活动时,您可以在该Event record部分下看到errorMessage。就我而言,情况如下:
"errorCode": "InvalidParameterException",
"errorMessage": "Override for container named myproject-task is not a container in the TaskDefinition.",
这对你来说可能会有所不同。对我来说,这是因为我的containerOverride名称不正确。该字段指的是:The name of the container that receives the override. This parameter is required if any override is specified.参考:https: //docs.aws.amazon.com/AmazonECS/latest/APIReference/API_ContainerOverride.html
更正此字段解决了我的问题。
| 归档时间: |
|
| 查看次数: |
2790 次 |
| 最近记录: |