gpt4 book ai didi

amazon-web-services - S3 事件的 Cloudformation SQS 策略

转载 作者:行者123 更新时间:2023-12-04 08:14:39 25 4
gpt4 key购买 nike

我正在尝试为 SQS 队列创建一个策略,该策略将允许任何 S3 存储桶将事件发送到队列。我似乎无法对特定的 S3 队列执行此操作,因为我最终会出现循环依赖关系。

我创建了一个 cloudformation 模板,它将创建队列和策略,但是当我尝试手动设置 S3 存储桶来发送事件时,我收到一条消息

Permissions on the destination queue do not allow S3 to publish notifications from this bucket

我用来创建策略的模板部分是:

    "SQSNotifcationFromS3" : {
"Type" : "AWS::SQS::QueuePolicy",
"DependsOn" : "S3Notifications",
"Properties" : {
"PolicyDocument" : {
"Version": "2012-10-17",
"Id": "SQSIDsimon",
"Statement": [
{
"Sid": "example-statement-ID",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": "SQS:*",
"Resource": { "Ref" : "S3Notifications"}
}
]
},
"Queues" : [ { "Ref" : "S3Queue" } ]
}
}

最佳答案

最后,我找到了一个解决方案 - 我在 SQS 上设置权限,以便任何 S3 存储桶都可以将事件添加到队列中:

    "S3EventQueuePolicy" : {
"Type" : "AWS::SQS::QueuePolicy",
"DependsOn" : [ "S3EventQueue" ],
"Properties" : {
"PolicyDocument" : {
"Id": "SQSPolicy",
"Statement": [
{
"Sid": "SQSEventPolicy",
"Effect": "Allow",
"Principal": "*",
"Action": "SQS:*",
"Resource": "*",
"Condition": {
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:::*"
}
}
}
]
},
"Queues" : [ { "Ref" : "S3EventQueue"} ]
}
},

关于amazon-web-services - S3 事件的 Cloudformation SQS 策略,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/39122179/

25 4 0
Copyright 2021 - 2024 cfsdn All Rights Reserved 蜀ICP备2022000587号
广告合作:1813099741@qq.com 6ren.com