在 Cloudformation 中使用 SNS 的代码构建通知
Codebuild notification using SNS in Cloudformation
我创建了以下 cloudformation 模板来创建 SNS 主题、订阅和 Cloudwatch 规则,以便在代码构建失败时发送通知。当我尝试创建时,它在创建 Cloudwatch 规则时失败并出现以下问题:
Invalid InputTemplate for target CodeBuildNotifications : [Source: (String)"Build null for build project null has reached the build status of null. Logs are here: null"; line: 1, column: 6]. (Service: AmazonCloudWatchEvents; Status Code: 400; Error Code: ValidationException; Request ID: 1f2834f6-f809-4f47-9e8f-585c2be81ffb; Proxy: null)
下面是用于此的模板 yaml。
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates SNS topic, SNS subscription and Cloudwatch rule for Codebuild Notification
Parameters:
SubscriptionEndPoint:
Type: String
Description: The endpoint that receives notifications.
SubscriptionProtocol:
Type: String
Description: The subscription protocol
AllowedValues:
- http
- https
- email
- email-json
- sms
- sqs
- application
- lambda
Default: email
Mappings: {}
Conditions: {}
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties: {}
SNSSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol:
Ref: SubscriptionProtocol
Endpoint:
Ref: SubscriptionEndPoint
TopicArn:
Ref: SNSTopic
CodebuildStateFailureEventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "Rule for sending failure notifications to SNS topic"
EventPattern:
source:
- aws.codebuild
detail-type:
- CodeBuild Build State Change
detail:
project-name:
- TestCodeBuildProject
build-status:
- FAILED
State: "ENABLED"
Targets:
- Arn:
Ref: CodebuildNotifications
Id: CodeBuildNotificationTest
InputTransformer:
InputPathsMap:
build-id: "$.detail.build-id"
project-name: "$.detail.project-name"
build-status: "$.detail.build-status"
deep-link: "$.detail.additional-information.logs.deep-link"
InputTemplate:
"Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
Outputs:
QueueName:
Description: Name of the SNS Topic we created
Value:
Fn::GetAtt:
- SNSTopic
- TopicName
TopicARN:
Description: ARN of the SNS Topic we created
Value:
Ref: SNSTopic
我是 cloudformation 的新手,我配置的 InputTransformer 有一些问题。有人可以帮忙吗?
提前致谢
对于 sns 目标,您应该使用 Arn: !Ref SNSTopic。另外,您在 InputTemplate:
中忘记了 |
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates SNS topic, SNS subscription and Cloudwatch rule for Codebuild Notification
Parameters:
SubscriptionEndPoint:
Type: String
Description: The endpoint that receives notifications.
SubscriptionProtocol:
Type: String
Description: The subscription protocol
AllowedValues:
- http
- https
- email
- email-json
- sms
- sqs
- application
- lambda
Default: email
Mappings: {}
Conditions: {}
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties: {}
SNSSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol:
Ref: SubscriptionProtocol
Endpoint:
Ref: SubscriptionEndPoint
TopicArn:
Ref: SNSTopic
SnsPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics: [!Ref SNSTopic]
PolicyDocument: !Sub |
{
"Version": "2012-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"SNS:GetTopicAttributes",
"SNS:SetTopicAttributes",
"SNS:AddPermission",
"SNS:RemovePermission",
"SNS:DeleteTopic",
"SNS:Subscribe",
"SNS:ListSubscriptionsByTopic",
"SNS:Publish",
"SNS:Receive"
],
"Resource": "${SNSTopic}",
"Condition": {
"StringEquals": {
"AWS:SourceOwner": "${AWS::AccountId}"
}
}
},
{
"Sid": "Allow EVENts",
"Effect": "Allow",
"Principal": {
"Service": "events.amazonaws.com"
},
"Action": "sns:Publish",
"Resource": "${SNSTopic}"
}
]
}
CodebuildStateFailureEventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "Rule for sending failure notifications to SNS topic"
EventPattern:
source:
- aws.codebuild
detail-type:
- CodeBuild Build State Change
detail:
project-name:
- TestCodeBuildProject
build-status:
- FAILED
State: "ENABLED"
Targets:
- Arn: !Ref SNSTopic
Id: CodeBuildNotificationTest
InputTransformer:
InputPathsMap:
build-id: "$.detail.build-id"
project-name: "$.detail.project-name"
build-status: "$.detail.build-status"
deep-link: "$.detail.additional-information.logs.deep-link"
InputTemplate: |
"Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
Outputs:
QueueName:
Description: Name of the SNS Topic we created
Value:
Fn::GetAtt:
- SNSTopic
- TopicName
TopicARN:
Description: ARN of the SNS Topic we created
Value:
Ref: SNSTopic
可能您仍需要在 SNS 和事件之间设置权限,但现在应该部署模板。
我创建了以下 cloudformation 模板来创建 SNS 主题、订阅和 Cloudwatch 规则,以便在代码构建失败时发送通知。当我尝试创建时,它在创建 Cloudwatch 规则时失败并出现以下问题:
Invalid InputTemplate for target CodeBuildNotifications : [Source: (String)"Build null for build project null has reached the build status of null. Logs are here: null"; line: 1, column: 6]. (Service: AmazonCloudWatchEvents; Status Code: 400; Error Code: ValidationException; Request ID: 1f2834f6-f809-4f47-9e8f-585c2be81ffb; Proxy: null)
下面是用于此的模板 yaml。
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates SNS topic, SNS subscription and Cloudwatch rule for Codebuild Notification
Parameters:
SubscriptionEndPoint:
Type: String
Description: The endpoint that receives notifications.
SubscriptionProtocol:
Type: String
Description: The subscription protocol
AllowedValues:
- http
- https
- email
- email-json
- sms
- sqs
- application
- lambda
Default: email
Mappings: {}
Conditions: {}
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties: {}
SNSSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol:
Ref: SubscriptionProtocol
Endpoint:
Ref: SubscriptionEndPoint
TopicArn:
Ref: SNSTopic
CodebuildStateFailureEventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "Rule for sending failure notifications to SNS topic"
EventPattern:
source:
- aws.codebuild
detail-type:
- CodeBuild Build State Change
detail:
project-name:
- TestCodeBuildProject
build-status:
- FAILED
State: "ENABLED"
Targets:
- Arn:
Ref: CodebuildNotifications
Id: CodeBuildNotificationTest
InputTransformer:
InputPathsMap:
build-id: "$.detail.build-id"
project-name: "$.detail.project-name"
build-status: "$.detail.build-status"
deep-link: "$.detail.additional-information.logs.deep-link"
InputTemplate:
"Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
Outputs:
QueueName:
Description: Name of the SNS Topic we created
Value:
Fn::GetAtt:
- SNSTopic
- TopicName
TopicARN:
Description: ARN of the SNS Topic we created
Value:
Ref: SNSTopic
我是 cloudformation 的新手,我配置的 InputTransformer 有一些问题。有人可以帮忙吗?
提前致谢
对于 sns 目标,您应该使用 Arn: !Ref SNSTopic。另外,您在 InputTemplate:
|
AWSTemplateFormatVersion: '2010-09-09'
Description: Creates SNS topic, SNS subscription and Cloudwatch rule for Codebuild Notification
Parameters:
SubscriptionEndPoint:
Type: String
Description: The endpoint that receives notifications.
SubscriptionProtocol:
Type: String
Description: The subscription protocol
AllowedValues:
- http
- https
- email
- email-json
- sms
- sqs
- application
- lambda
Default: email
Mappings: {}
Conditions: {}
Resources:
SNSTopic:
Type: AWS::SNS::Topic
Properties: {}
SNSSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol:
Ref: SubscriptionProtocol
Endpoint:
Ref: SubscriptionEndPoint
TopicArn:
Ref: SNSTopic
SnsPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics: [!Ref SNSTopic]
PolicyDocument: !Sub |
{
"Version": "2012-10-17",
"Id": "__default_policy_ID",
"Statement": [
{
"Sid": "__default_statement_ID",
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"SNS:GetTopicAttributes",
"SNS:SetTopicAttributes",
"SNS:AddPermission",
"SNS:RemovePermission",
"SNS:DeleteTopic",
"SNS:Subscribe",
"SNS:ListSubscriptionsByTopic",
"SNS:Publish",
"SNS:Receive"
],
"Resource": "${SNSTopic}",
"Condition": {
"StringEquals": {
"AWS:SourceOwner": "${AWS::AccountId}"
}
}
},
{
"Sid": "Allow EVENts",
"Effect": "Allow",
"Principal": {
"Service": "events.amazonaws.com"
},
"Action": "sns:Publish",
"Resource": "${SNSTopic}"
}
]
}
CodebuildStateFailureEventRule:
Type: "AWS::Events::Rule"
Properties:
Description: "Rule for sending failure notifications to SNS topic"
EventPattern:
source:
- aws.codebuild
detail-type:
- CodeBuild Build State Change
detail:
project-name:
- TestCodeBuildProject
build-status:
- FAILED
State: "ENABLED"
Targets:
- Arn: !Ref SNSTopic
Id: CodeBuildNotificationTest
InputTransformer:
InputPathsMap:
build-id: "$.detail.build-id"
project-name: "$.detail.project-name"
build-status: "$.detail.build-status"
deep-link: "$.detail.additional-information.logs.deep-link"
InputTemplate: |
"Build '<build-id>' for build project '<project-name>' has reached the build status of '<build-status>'."
Outputs:
QueueName:
Description: Name of the SNS Topic we created
Value:
Fn::GetAtt:
- SNSTopic
- TopicName
TopicARN:
Description: ARN of the SNS Topic we created
Value:
Ref: SNSTopic
可能您仍需要在 SNS 和事件之间设置权限,但现在应该部署模板。