个人中心
文章发布
退出
作者热门文章
- html - 出于某种原因,IE8 对我的 Sass 文件中继承的 html5 CSS 不友好?
- JMeter 在响应断言中使用 span 标签的问题
- html - 在 :hover and :active? 上具有不同效果的 CSS 动画
- html - 相对于居中的 html 内容固定的 CSS 重复背景?
24
4
我正在我们账户的每个 AWS 区域中部署一个 Lambda 函数,但遇到了一些奇怪的问题,即应用失败并为某些 AWS 区域显示以下错误消息
应用 Terraform 时出错
Error: Error creating Lambda function: ResourceConflictException: Function already exist: log-forwarder
{
RespMetadata: {
StatusCode: 409,
RequestID: "8cfd7260-7c4a-42d2-98c6-6619c7b2804f"
},
Message_: "Function already exist: log-forwarder",
Type: "User"
}
.
├── log_forwarder.tf
├── log_forwarder_lambdas
│ └── main.tf
└── providers.tf
providers.tf文件
provider "aws" {
region = "us-east-1"
version = "3.9.0"
}
provider "aws" {
alias = "us-east-2"
region = "us-east-2"
version = "3.9.0"
}
provider "aws" {
alias = "us-west-2"
region = "us-west-2"
version = "3.9.0"
}
provider "aws" {
alias = "us-west-1"
region = "us-west-1"
version = "3.9.0"
}
provider "aws" {
alias = "ca-central-1"
region = "ca-central-1"
version = "3.9.0"
}
... with all the AWS Regions.
log_forwarder.tf 的 tf 配置
terraform {
required_version = "0.12.25"
backend "s3" {
All the backend Config
}
}
resource "aws_iam_role" "log_forwarder" {
name = "LogForwarder"
assume_role_policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "",
"Effect": "Allow",
"Principal": {
"Service": ["lambda.amazonaws.com"]
},
"Action": "sts:AssumeRole"
}
]
}
EOF
}
resource "aws_iam_role_policy" "log_forwarder" {
name = "LogForwarder"
role = aws_iam_role.log_forwarder.id
policy = <<EOF
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:ListTags",
"logs:CreateLogGroup",
"logs:CreateLogStream",
"logs:PutLogEvents"
],
"Resource": [
"arn:aws:logs:*",
"arn:aws:lambda:*"
]
},
{
"Effect": "Allow",
"Action": [
"lambda:InvokeFunction"
],
"Resource": "*"
},
{
"Sid": "AWSDatadogPermissionsForCloudtrail",
"Effect": "Allow",
"Action": ["s3:ListBucket", "s3:GetBucketLocation", "s3:GetObject", "s3:ListObjects"],
"Resource": [
"arn:aws:s3:::BucketName",
"arn:aws:s3:::BucketName/*"
]
}
]
}
EOF
}
module "DDLogForwarderUSEast1" {
source = "./log_forwarder_lambdas"
dd_log_forwarder_role = aws_iam_role.log_forwarder.arn
region = "us-east-1"
}
module "DDLogForwarderUSEast2" {
source = "./log_forwarder_lambdas"
dd_log_forwarder_role = aws_iam_role.log_forwarder.arn
providers = { aws = aws.us-east-2 }
region = "us-east-2"
}
module "DDLogForwarderUSWest1" {
source = "./log_forwarder_lambdas"
dd_log_forwarder_role = aws_iam_role.log_forwarder.arn
providers = { aws = aws.us-west-1 }
region = "us-west-1"
}
module "DDLogForwarderUSWest2" {
source = "./log_forwarder_lambdas"
dd_log_forwarder_role = aws_iam_role.log_forwarder.arn
region = "us-west-2"
providers = { aws = aws.us-west-2 }
}
module "DDLogForwarderAPEast1" {
source = "./log_forwarder_lambdas"
dd_log_forwarder_role = aws_iam_role.log_forwarder.arn
providers = { aws = aws.ap-east-1 }
region = "ap-east-1"
}
module "DDLogForwarderAPSouth1" {
source = "./log_forwarder_lambdas"
dd_log_forwarder_role = aws_iam_role.log_forwarder.arn
region = "ap-south-1"
providers = { aws = aws.ap-south-1 }
}
... All AWS Regions with different providers
log_forwarder_lambdas/main.tf 的 TF 配置
variable "region" {}
variable "account_id" {
default = "AWS Account Id"
}
variable "dd_log_forwarder_role" {}
variable "exclude_at_match" {
default = "([A-Z]* RequestId: .*)"
}
data "aws_s3_bucket" "cloudtrail_bucket" {
count = var.region == "us-west-2" ? 1 : 0
bucket = "BucketName"
}
resource "aws_lambda_function" "log_forwarder" {
filename = "${path.cwd}/log_forwarder_lambdas/aws-dd-forwarder-3.16.3.zip"
function_name = "log-forwarder"
role = var.dd_log_forwarder_role
description = "Gathers logs from targetted Cloudwatch Log Groups and sends them to DataDog"
handler = "lambda_function.lambda_handler"
runtime = "python3.7"
timeout = 600
memory_size = 1024
layers = ["arn:aws:lambda:${var.region}:464622532012:layer:Datadog-Python37:11"]
environment {
variables = {
DD_ENHANCED_METRICS = false
EXCLUDE_AT_MATCH = var.exclude_at_match
}
}
}
resource "aws_cloudwatch_log_group" "log_forwarder" {
name = "/aws/lambda/${aws_lambda_function.log_forwarder.function_name}"
retention_in_days = 90
}
resource "aws_lambda_permission" "cloudtrail_bucket" {
count = var.region == "us-west-2" ? 1 : 0
statement_id = "AllowExecutionFromS3Bucket"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.log_forwarder.arn
principal = "s3.amazonaws.com"
source_arn = element(data.aws_s3_bucket.cloudtrail_bucket.*.arn, count.index)
}
resource "aws_s3_bucket_notification" "cloudtrail_bucket_notification" {
count = var.region == "us-west-2" ? 1 : 0
bucket = element(data.aws_s3_bucket.cloudtrail_bucket.*.id, count.index)
lambda_function {
lambda_function_arn = aws_lambda_function.log_forwarder.arn
events = ["s3:ObjectCreated:*"]
}
depends_on = [aws_lambda_permission.cloudtrail_bucket, aws_cloudwatch_log_group.log_forwarder]
}
最佳答案
乍一看,Lambda 函数似乎不在您的 Terraform 状态中(无论出于何种原因)。您是否更改了后端/从后端删除了数据?
运行 terraform show和/或 terraform state show并查看冲突的 Lambda 函数是否处于您的状态。
如果不是,但它已经存在于 AWS 中,您可以导入它。
看这里:https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/lambda_function#import
更新:
根据您的评论,由于资源存在于 AWS 中但不在状态中,因此这是预期错误。 (Terraform 不知道资源存在,因此尝试创建它;AWS 知道它已经存在,因此返回错误。)
你有两个选择:
terraform import module.DDLogForwarderUSEast1.aws_lambda_function.log-forwarder log-forwarder
关于Terraform 创建 Lambda 函数时出错 : ResourceConflictException with the resource just created by Terraform apply,我们在Stack Overflow上找到一个类似的问题: https://stackoverflow.com/questions/64247733/
24
4
0
我被这种奇怪的事情难住了。 假设我有这个数组: var array = [{ something: 'special' }, 'and', 'a', 'bunch', 'of', 'paramet
假设我们有这样的代码: let fn1 = Function.apply.bind(Math.max, null); fn1([1, 10, 5]); // returns 10 我知道它是 ES6
所以我尝试通过数据绑定(bind)调用我的 viewModel 原型(prototype)上的方法。我通过“单击”将两个不同的元素数据绑定(bind)到同一方法。当我单击第一个按钮(“新游戏”按钮)时
观察以下代码 trait Example { type O def apply(o: O) def f(o: O) = this.apply(o) } 在Scala中编译良好。我希望我可以
我知道 apply f in H 可用于将假设应用于函数,并且我知道 apply f with a b c 可用于提供参数直接应用 f 时,它无法自行推断。 是否可以以某种方式将两者结合使用? 最佳答
这个问题已经有答案了: How to override apply in a case class companion (10 个回答) 已关闭 6 年前。 我正在尝试重载案例类的 apply 方法:
我有一个自定义的Grails 4.x配置文件。我想为我的应用程序生成一个“apply from”条目。 apply from:"${rootProject.projectDir}/gradle/clo
传统上对象继承如下所示: function Parent() { console.log('parent constructor'); } Parent.prototype.method = f
今天在检查Jasmine 的源代码时here我偶然发现了以下内容: if (queueableFn.timeout) { timeoutId = Function.prototype.appl
据我所知,关键字new会使用this创建一个包含函数中定义的属性的对象。但我不知道如何应用 使用 apply 将其他函数链接到该函数。并且创建的对象在这些函数中具有属性。有人能弄清楚代码中发生了什么吗
我一直在我的 InitComponent 中使用 Ext.Apply,就像这样 Ext.apply(that, { xtype: 'form', items: [.
我们有数百个存储库,并定期从上游接收补丁。作业应用这些补丁 git apply --check .如果没有错误,则应用补丁 git apply 并且更改已提交。如果有任何错误,补丁将标记为 conf
我最近通过调用 console.log.toString() 查看了 firebugs console.log 的代码并得到了这个: function () { return Function.app
拿这个代码: $scope.$apply(function(){ $scope.foo = 'test'; }); 对比这个: $scope.foo = 'test'; $scope.$app
我在 Oracle-12c 中有一个类似于典型论坛的架构 accounts , posts , comments .我正在编写一个查询来获取... 一位用户 该用户的所有帖子 对每个帖子的评论 以及每
我试图更好地理解在 Angular 中使用 $timeout 服务作为一种“安全 $apply”方法的细微差别。基本上在一段代码可以运行以响应 Angular 事件或非 Angular 事件(例如 j
到目前为止,我使用的是 this当我有多个时间序列要预测时,我使用了 Hyndman 教授的方法。但是当我有大量的 ts 时它相当慢。 现在我正在尝试使用 apply() 函数,如下所示 librar
我听说过很多关于 pandas apply 很慢的说法,应该尽可能少用。 我这里有个情况: df = pd.DataFrame({'Date': ['2019-01-02', '2019-01-03'
在学习Javascript时,我尝试重新声明函数的apply属性。到目前为止没有问题。 function foo() { return 1; } alert(foo()); // 1 alert(fo
所以我正在做 learnRx http://reactive-extensions.github.io/learnrx/我有一个关于制作 mergeAll() 函数的问题(问题 10)。 这是我的答案
我是一名优秀的程序员,十分优秀!