Amazon web services 当通过Cloudformation配置时,SNS主题不发送管道事件更改电子邮件
我正在创建一个Amazon web services 当通过Cloudformation配置时,SNS主题不发送管道事件更改电子邮件,amazon-web-services,amazon-cloudformation,amazon-sns,amazon-cloudwatch,Amazon Web Services,Amazon Cloudformation,Amazon Sns,Amazon Cloudwatch,我正在创建一个cloudwatch事件,当我的代码管道中出现状态更改时,将触发该事件,并将其分配给SNS主题。我正在通过Cloudformation堆栈进行上述所有配置。下面是我的堆栈模板 { "Description": "Triggering CodePipeline notifications.", "AWSTemplateFormatVersion": "2010-09-09", "Parameters": { "EmailAddress": {
cloudwatch事件代码管道SNS主题Cloudformation堆栈{
"Description": "Triggering CodePipeline notifications.",
"AWSTemplateFormatVersion": "2010-09-09",
"Parameters": {
"EmailAddress": {
"Description": "Email Address",
"Type": "String"
}
},
"Resources": {
"EventRule": {
"Type": "AWS::Events::Rule",
"Properties": {
"Description": "EventRule",
"EventPattern": {
"source": [
"aws.codepipeline"
],
"detail-type": [
"CodePipeline Pipeline Execution State Change"
],
"detail": {
"state": [
"FAILED"
],
"pipeline": [
"mypipelinename"
]
}
},
"State": "ENABLED",
"Targets": [
{
"Arn": {
"Ref": "MySNSTopic"
},
"Id": "PipelineNotificationTopic",
"InputTransformer": {
"InputTemplate": "\"The Pipeline <pipeline> has failed.\" ",
"InputPathsMap": {
"pipeline": "$.detail.pipeline"
}
}
}
]
}
},
"MySNSTopic": {
"Type": "AWS::SNS::Topic",
"Properties": {
"TopicName": "Huaaa",
"Subscription": [
{
"Endpoint": {
"Ref": "EmailAddress"
},
"Protocol": "email"
}
]
}
}
}
}
{
“说明”:“触发代码管道通知”,
“AWSTemplateFormatVersion”:“2010-09-09”,
“参数”:{
“电子邮件地址”:{
“说明”:“电子邮件地址”,
“类型”:“字符串”
}
},
“资源”:{
“事件规则”:{
“类型”:“AWS::Events::Rule”,
“财产”:{
“说明”:“事件规则”,
“事件模式”:{
“来源”:[
“aws.codepipeline”
],
“详细信息类型”:[
“CodePipeline管道执行状态更改”
],
“细节”:{
“国家”:[
“失败”
],
“管道”:[
“mypipelinename”
]
}
},
“状态”:“已启用”,
“目标”:[
{
“Arn”:{
“Ref”:“mynstopic”
},
“Id”:“PipelineNotificationTopic”,
“输入变压器”:{
“InputTemplate”:“\”管道已失败。\”,
“输入路径映射”:{
“管道”:“$.detail.pipeline”
}
}
}
]
}
},
“mynstopic”:{
“类型”:“AWS::SNS::主题”,
“财产”:{
“主题名称”:“Huaaa”,
“认购”:[
{
“端点”:{
“Ref”:“电子邮件地址”
},
“协议”:“电子邮件”
}
]
}
}
}
}
状态更改时,这不会触发任何电子邮件通知
但是当我创建了一个新的SNSTopic
并使用aws控制台创建了一个subscription
,并将其附加到由cloudformation stack
创建的cloudwatch事件作为目标时,它工作得很好。当发生变化时,我可以接收通知
我的模板中是否缺少任何内容
谢谢
将通知所有帮助您无法设置允许发布的AWS::SNS::TopicPolicy
例如(用.yml编写)
谢谢@MaikaY。我有几个问题:我应该只使用AWS::SNS::TopicPolicy
吗?我不能使用IAM:Role
并授予SNS权限吗?在您的代码片段中,我是否可以将Prinicpal
保留为我的Cloudwatchevent-ARN
?因为当我试图将其保存在mynstopicpolicy
的Principal
中时,我收到一个错误状态400。@Private如果您想将sns:publish
操作仅限于您的CloudWatch事件,您可以轻松地将*
与EventRule
资源的ARN
交换。请记住,每个主题
只能添加一个主题策略
。
MySNSTopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics:
- !Ref MySNSTopic
PolicyDocument:
Version: 2012-10-17
Statement:
- Effect: Allow
Principal:
AWS: '*'
Action: sns:Publish
Resource: !Ref MySNSTopic