terraform - 将 CloudFormation 移植到 Terraform : S3 bucket NotificationConfiguration

Question

在将 cloudformation 模板移植到 terraform 的过程中，在将以下 NotificationConfiguration、LambdaConfiguration 属性映射到 terraform 中的等效属性时遇到问题。

 "CloudTrailS3Bucket" : {
  "DependsOn" : "TriggerLambdaPermission",
  "Type" : "AWS::S3::Bucket",
  "Properties" : {
    "BucketName" : { "Ref" : "CloudTrailBucketName" },
    "NotificationConfiguration" : {
      "LambdaConfigurations" : [
        {
          "Event" : "s3:ObjectCreated:*",
          "Function" : { "Fn::GetAtt" : [ "AutoTagLambdaFunction", "Arn" ] }
        }
      ]
    }
  }
}

到目前为止，我的 terraform 模块中的内容如下，但不确定我是否以正确的方式处理此问题:

resource "aws_s3_bucket" "CloudTrailS3Bucket" {
 bucket = "${var.CloudTrailBucketName}"
}


resource "aws_s3_bucket_notification" "bucket_notification" {
 bucket = "${aws_s3_bucket.CloudTrailS3Bucket.id}"

 topic {
  topic_arn     = "${aws_sns_topic.topic.arn}"
  events        = ["s3:ObjectCreated:*"]
 }
}

Answer 1

不，在cloudformation模板中，触发器是lambda事件(s3:ObjectCreated)，但在您的代码中，您使用简单通知服务(SNS)

请仔细阅读本文档中的部分

s3 bucket notification - Add notification configuration to Lambda Function

示例代码:

resource "aws_s3_bucket" "bucket" {
  bucket = "your_bucket_name"
}

resource "aws_s3_bucket_notification" "bucket_notification" {
  bucket = "${aws_s3_bucket.bucket.id}"

  lambda_function {
    lambda_function_arn = "${aws_lambda_function.func.arn}"
    events              = ["s3:ObjectCreated:*"]
    filter_prefix       = "AWSLogs/"
    filter_suffix       = ".log"
  }
}