拥有 AWS SNS:Topic 资源时无法更新 cloudformation 堆栈

Question

我已经创建了一个 cloudformation 模板，它创建了一个 SNS::Topic 和一堆其他资源。现在的问题是，当我尝试更新堆栈时，它失败并出现以下错误

"Update to resource type AWS::SNS::Topic is not supported"

堆栈策略是：

{
  "Statement" : [
    {
      "Effect" : "Deny",
      "Action" : "Update:*",
      "Principal": "*",
      "Resource" : "*",
      "Condition" : {
        "StringEquals" : {
          "ResourceType" : ["AWS::SNS::Topic", "AWS::EC2::Subnet"]
        }
      }
    },
    {
      "Effect" : "Allow",
      "Action" : "Update:*",
      "Principal": "*",
      "Resource" : "*"
    }
  ]
}

CF 模板是

{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Description": "......",
  "Resources": {
    "MySNSTopic":{
      "Type":"AWS::SNS::Topic",
      "Properties":{
        "DisplayName": "",
        "Subscription": [ ],
        "TopicName": { "Fn::Join": [ "-", [ "Simple", "sns", "topic" ] ] }
      }
    }
  }

有什么我可以改变的（甚至是可破解的）让 aws 在没有 deleting/modifying sns_topic 的情况下完成 aws 更新堆栈？

Answer 1

我认为错误消息 Update to resource type AWS::SNS::Topic is not supported 不是抱怨您的权限，而是抱怨 SNS 主题的 CloudFormation 模板的限制。

documentation for SNS resource templates 声明如下：

Important

After you create an Amazon SNS topic, you cannot update its properties by using AWS CloudFormation. You can modify an Amazon SNS topic by using the AWS Management Console.

相反，您可以尝试添加新主题，切换客户端以使用新主题，然后删除旧主题。如果你是偏执狂，你可以在单独的更新中做这些。

Answer 2

如果您尝试更改主题订阅，也会发生这种情况。如果它适合您，只需在模板中更改主题名称即可重新创建它。

拥有 AWS SNS:Topic 资源时无法更新 cloudformation 堆栈

Not able to update cloudformation stack when having AWS SNS:Topic Resource

amazon-web-services

amazon-sns

amazon-cloudformation