Gar*_* S. 6 amazon-s3 amazon-web-services aws-cloudformation aws-lambda
我的目标是将每个图像上传到存储桶时调用的 lambda 代码打包到 CloudFormation 模板中。到目前为止,我已经实现了创建新资源并从头开始触发,但我需要向现有存储桶添加触发器并在两种情况下出现错误:
创建此更改集时出错
您已修改模板中未导入的资源 [ScaleImages、ScaleImagesRole]。导入操作期间无法执行更新、创建或删除操作。
我的模板如下所示:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"ScaleImages": {
"Type": "AWS::Lambda::Function",
"DeletionPolicy": "Retain",
"Properties": {
"FunctionName": "ScaleImages",
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"ScaleImagesRole",
"Arn"
]
},
"Code": {
"S3Bucket": "example-test",
"S3Key": "example-resize.zip"
},
"Runtime": "nodejs12.x",
"MemorySize": 1024,
"Timeout": 300
}
},
"ScaleImagesRole": {
"Type": "AWS::IAM::Role",
"DeletionPolicy": "Retain",
"Properties": {
"RoleName": "ScaleImagesRole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "AWSLambdaBasicExecutionRole",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": "*"
}
]
}
},
{
"PolicyName": "AmazonS3FullAccess",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::example-test",
"arn:aws:s3:::example-test/*",
"arn:aws:s3:::example-test-output",
"arn:aws:s3:::example-test-output/*"
]
}
]
}
}
]
}
}
}
}
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"PutOriginalImage": {
"Type": "AWS::S3::Bucket",
"DeletionPolicy": "Retain",
"Properties": {
"BucketName": "example-test",
"NotificationConfiguration": {
"LambdaConfigurations": [
{
"Event": "s3:ObjectCreated:Put",
"Filter": {
"S3Key": {
"Rules": [
{
"Name": "prefix",
"Value": "original2/"
}
]
}
},
"Function": {
"Fn::GetAtt": [
"ScaleImages",
"Arn"
]
}
}
]
}
}
}
}
}
在最后一个我也尝试过"Function": "ScaleImages",但在这两种情况下我都遇到了相同的错误:
修改模板中的资源 [ScaleImages, ScaleImagesRole]
有人可以阐明我做错了什么吗?
你必须分阶段进行:
还没有存储桶,只需堆叠您缺少的函数和lambda 权限即可。
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"ScaleImages": {
"Type": "AWS::Lambda::Function",
"Properties": {
"FunctionName": "ScaleImages",
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"ScaleImagesRole",
"Arn"
]
},
"Code": {
"S3Bucket": "example-test",
"S3Key": "example-resize.zip"
},
"Runtime": "nodejs12.x",
"MemorySize": 1024,
"Timeout": 300
}
},
"ScaleImagesRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"RoleName": "ScaleImagesRole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "AWSLambdaBasicExecutionRole",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:s3:::example-test",
"arn:aws:s3:::example-test/*",
"arn:aws:s3:::example-test-output",
"arn:aws:s3:::example-test-output/*"
]
}
]
}
},
{
"PolicyName": "AmazonS3FullAccess",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
}
]
}
},
"s3Permission": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"FunctionName": {
"Fn::GetAtt": [
"ScaleImages",
"Arn"
]
},
"Action": "lambda:InvokeFunction",
"Principal": "s3.amazonaws.com",
"SourceAccount": {
"Ref": "AWS::AccountId"
}
}
}
}
}
使用Import resources into stack选项并使用此模板上传堆栈。它添加了存储桶,但还没有通知
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"ScaleImages": {
"Type": "AWS::Lambda::Function",
"Properties": {
"FunctionName": "ScaleImages",
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"ScaleImagesRole",
"Arn"
]
},
"Code": {
"S3Bucket": "example-test",
"S3Key": "example-resize.zip"
},
"Runtime": "nodejs12.x",
"MemorySize": 1024,
"Timeout": 300
}
},
"ScaleImagesRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"RoleName": "ScaleImagesRole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "AWSLambdaBasicExecutionRole",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:s3:::example-test",
"arn:aws:s3:::example-test/*",
"arn:aws:s3:::example-test-output",
"arn:aws:s3:::example-test-output/*"
]
}
]
}
},
{
"PolicyName": "AmazonS3FullAccess",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
}
]
}
},
"s3Permission": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"FunctionName": {
"Fn::GetAtt": [
"ScaleImages",
"Arn"
]
},
"Action": "lambda:InvokeFunction",
"Principal": "s3.amazonaws.com",
"SourceAccount": {
"Ref": "AWS::AccountId"
}
}
}
,
"PutOriginalImage": {
"Type": "AWS::S3::Bucket",
"DeletionPolicy": "Retain",
"Properties": {
"BucketName": "example-test"
}
}
}
}
通过向存储桶添加通知来更新堆栈。使用以下模板:
{
"AWSTemplateFormatVersion": "2010-09-09",
"Resources": {
"ScaleImages": {
"Type": "AWS::Lambda::Function",
"Properties": {
"FunctionName": "ScaleImages",
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"ScaleImagesRole",
"Arn"
]
},
"Code": {
"S3Bucket": "example-test",
"S3Key": "example-resize.zip"
},
"Runtime": "nodejs12.x",
"MemorySize": 1024,
"Timeout": 300
}
},
"ScaleImagesRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"RoleName": "ScaleImagesRole",
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com"
]
},
"Action": [
"sts:AssumeRole"
]
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "AWSLambdaBasicExecutionRole",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:s3:::example-test",
"arn:aws:s3:::example-test/*",
"arn:aws:s3:::example-test-output",
"arn:aws:s3:::example-test-output/*"
]
}
]
}
},
{
"PolicyName": "AmazonS3FullAccess",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": "s3:*",
"Resource": "*"
}
]
}
}
]
}
}
,
"s3Permission": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"FunctionName": {
"Fn::GetAtt": [
"ScaleImages",
"Arn"
]
},
"Action": "lambda:InvokeFunction",
"Principal": "s3.amazonaws.com",
"SourceAccount": {
"Ref": "AWS::AccountId"
}
}
},
"PutOriginalImage": {
"Type": "AWS::S3::Bucket",
"DeletionPolicy": "Retain",
"Properties": {
"BucketName": "example-test",
"NotificationConfiguration": {
"LambdaConfigurations": [
{
"Event": "s3:ObjectCreated:Put",
"Filter": {
"S3Key": {
"Rules": [
{
"Name": "prefix",
"Value": "original2/"
}
]
}
},
"Function": {
"Fn::GetAtt": [
"ScaleImages",
"Arn"
]
}
}
]
}
}
}
}
}
| 归档时间: |
|
| 查看次数: |
3671 次 |
| 最近记录: |