Amazon web services 如何从aws云监视事件调用状态机?
是按事件调用lambda的示例:Amazon web services 如何从aws云监视事件调用状态机?,amazon-web-services,amazon-cloudformation,amazon-cloudwatch,Amazon Web Services,Amazon Cloudformation,Amazon Cloudwatch,是按事件调用lambda的示例: EventRule: Type: AWS::Events::Rule Properties: Description: "EventRule" EventPattern: source: - "aws.ec2" detail-type: - "EC2 Instance State-change Notification" detail: sta
EventRule:
Type: AWS::Events::Rule
Properties:
Description: "EventRule"
EventPattern:
source:
- "aws.ec2"
detail-type:
- "EC2 Instance State-change Notification"
detail:
state:
- "stopping"
State: "ENABLED"
Targets:
-
Arn:
Fn::GetAtt:
- "LambdaFunction"
- "Arn"
Id: "TargetFunctionV1"
PermissionForEventsToInvokeLambda:
Type: AWS::Lambda::Permission
Properties:
FunctionName:
Ref: "LambdaFunction"
Action: "lambda:InvokeFunction"
Principal: "events.amazonaws.com"
SourceArn:
Fn::GetAtt:
- "EventRule"
- "Arn"
如何修改此tp以使其能够调用状态机而不是lambda?我已将“LambdaFunction
替换为“MyStateMachine”
但是如何修改
PermissionForEventsToInvokeLambda
?cloudformation:-(以下是我们用来从S3事件触发状态机处理的模板片段:
InboundBucketPutObjectRule:
Type: 'AWS::Events::Rule'
Properties:
Name: !Sub 'inbound-bucket-put-object-rule'
EventPattern:
source:
- aws.s3
detail-type:
- AWS API Call via CloudTrail
detail:
eventSource:
- s3.amazonaws.com
eventName:
- PutObject
- CopyObject
- CompleteMultipartUpload
requestParameters:
bucketName:
- !Ref InboundBucket
Targets:
- Id: ProcessNewObject
Arn: !Ref StateMachine
RoleArn: !GetAtt
- StateMachineStartExecutionRole
- Arn
StateMachineStartExecutionPolicy:
Type: 'AWS::IAM::ManagedPolicy'
Properties:
ManagedPolicyName: !Sub 'state-machine-start-execution'
Roles:
- !Ref StateMachineStartExecutionRole
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Action:
- 'states:StartExecution'
Resource:
- !Ref StateMachine
StateMachineStartExecutionRole:
Type: 'AWS::IAM::Role'
Properties:
RoleName: !Sub 'state-machine-start-execution'
AssumeRolePolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
Service: events.amazonaws.com
Action: 'sts:AssumeRole'
StateMachine:
Type: 'AWS::StepFunctions::StateMachine'
Properties:
StateMachineName: !Sub 'state-machine'
取自真实的模板,所以我不得不匿名,这可能会引入错误
模板结构:
是在文件上载时触发的CloudWatch事件InboundBucketPutObjectRule
+StateMachineStartExecutionPolicy
基本上允许CloudWatch事件开始执行状态机StateMachineStartExecutionRole
-应启动的状态机(定义省略)状态机