如何解决在 Cloudformation 中使用 SNS 的代码构建通知
我创建了以下 cloudformation 模板来创建 SNS 主题、订阅和 Cloudwatch 规则,以便在代码构建失败时发送通知。当我尝试创建时,在创建 Cloudwatch 规则时失败,出现以下问题:
Invalid InputTemplate for target CodeBuildNotifications : [Source: (String)"Build null for build project null has reached the build status of null. Logs are here: null"; line: 1,column: 6]. (Service: AmazonCloudWatchEvents; Status Code: 400; Error Code: ValidationException; Request ID: 1f2834f6-f809-4f47-9e8f-585c2be81ffb; Proxy: null)
以下是用于此的模板 yaml。
---
AWstemplateFormatVersion: '2010-09-09'
Description: Creates SNS topic,SNS subscription and Cloudwatch rule for Codebuild Notification
Parameters:
SubscriptionEndPoint:
Type: String
Description: The endpoint that receives notifications.
SubscriptionProtocol:
Type: String
Description: The subscription protocol
AllowedValues:
- http
- https
- email
- email-json
- sms
- sqs
- application
- lambda
Default: email
Mappings: {}
Conditions: {}
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties: {}
SNSSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol:
Ref: SubscriptionProtocol
Endpoint:
Ref: SubscriptionEndPoint
TopicArn:
Ref: SNSTopic
CodebuildStateFailureEventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "Rule for sending failure notifications to SNS topic"
EventPattern:
source:
- aws.codebuild
detail-type:
- CodeBuild Build State Change
detail:
project-name:
- TestCodeBuildProject
build-status:
- Failed
State: "ENABLED"
Targets:
- Arn:
Ref: CodebuildNotifications
Id: CodeBuildNotificationTest
InputTransformer:
InputPathsMap:
build-id: "$.detail.build-id"
project-name: "$.detail.project-name"
build-status: "$.detail.build-status"
deep-link: "$.detail.additional-information.logs.deep-link"
InputTemplate:
"Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
Outputs:
QueueName:
Description: Name of the SNS Topic we created
Value:
Fn::GetAtt:
- SNSTopic
- TopicName
TopicARN:
Description: ARN of the SNS Topic we created
Value:
Ref: SNSTopic
我是 cloudformation 的新手,我配置的 InputTransformer 存在一些问题。任何人都可以帮忙吗?
提前致谢
解决方法
对于 sns 目标,您应该使用 Arn: !Ref SNSTopic
。您还忘记了 |
中的 InputTemplate
:
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates SNS topic,SNS subscription and Cloudwatch rule for Codebuild Notification
Parameters:
SubscriptionEndPoint:
Type: String
Description: The endpoint that receives notifications.
SubscriptionProtocol:
Type: String
Description: The subscription protocol
AllowedValues:
- http
- https
- email
- email-json
- sms
- sqs
- application
- lambda
Default: email
Mappings: {}
Conditions: {}
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties: {}
SNSSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol:
Ref: SubscriptionProtocol
Endpoint:
Ref: SubscriptionEndPoint
TopicArn:
Ref: SNSTopic
SnsPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics: [!Ref SNSTopic]
PolicyDocument: !Sub |
{
"Version": "2012-10-17","Id": "__default_policy_ID","Statement": [
{
"Sid": "__default_statement_ID","Effect": "Allow","Principal": {
"AWS": "*"
},"Action": [
"SNS:GetTopicAttributes","SNS:SetTopicAttributes","SNS:AddPermission","SNS:RemovePermission","SNS:DeleteTopic","SNS:Subscribe","SNS:ListSubscriptionsByTopic","SNS:Publish","SNS:Receive"
],"Resource": "${SNSTopic}","Condition": {
"StringEquals": {
"AWS:SourceOwner": "${AWS::AccountId}"
}
}
},{
"Sid": "Allow EVENts","Principal": {
"Service": "events.amazonaws.com"
},"Action": "sns:Publish","Resource": "${SNSTopic}"
}
]
}
CodebuildStateFailureEventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "Rule for sending failure notifications to SNS topic"
EventPattern:
source:
- aws.codebuild
detail-type:
- CodeBuild Build State Change
detail:
project-name:
- TestCodeBuildProject
build-status:
- FAILED
State: "ENABLED"
Targets:
- Arn: !Ref SNSTopic
Id: CodeBuildNotificationTest
InputTransformer:
InputPathsMap:
build-id: "$.detail.build-id"
project-name: "$.detail.project-name"
build-status: "$.detail.build-status"
deep-link: "$.detail.additional-information.logs.deep-link"
InputTemplate: |
"Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
Outputs:
QueueName:
Description: Name of the SNS Topic we created
Value:
Fn::GetAtt:
- SNSTopic
- TopicName
TopicARN:
Description: ARN of the SNS Topic we created
Value:
Ref: SNSTopic
可能您仍然需要在 SNS 和 Events 之间设置权限,但现在应该部署模板。
版权声明:本文内容由互联网用户自发贡献,该文观点与技术仅代表作者本人。本站仅提供信息存储空间服务,不拥有所有权,不承担相关法律责任。如发现本站有涉嫌侵权/违法违规的内容, 请发送邮件至 dio@foxmail.com 举报,一经查实,本站将立刻删除。