以 SQS 队列为目标的 CloudWatch 事件无法工作
Posted
技术标签:
【中文标题】以 SQS 队列为目标的 CloudWatch 事件无法工作【英文标题】:CloudWatch Event that targets SQS Queue fails to work 【发布时间】:2019-01-30 02:57:19 【问题描述】:根据本文,可以将 SQS 设置为预定 CloudWatch 事件的目标:
https://aws.amazon.com/ru/about-aws/whats-new/2016/03/cloudwatch-events-now-supports-amazon-sqs-queue-targets/
我创建了一个简单的 Cloud Formation 模板,旨在每分钟触发 CloudWatch 事件,因此新消息应出现在 SQS 中,但由于 SQS 中没有消息,因此缺少某些内容。
代码:
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "stack 1",
"Parameters":
,
"Resources":
"MyQueue":
"Type": "AWS::SQS::Queue",
"Properties":
"QueueName": "MyQueue"
,
"MyRole":
"Type": "AWS::IAM::Role",
"Properties":
"RoleName": "MyRole",
"AssumeRolePolicyDocument":
"Version": "2012-10-17",
"Statement": [
"Effect": "Allow",
"Principal":
"Service": ["events.amazonaws.com", "lambda.amazonaws.com"]
,
"Action": "sts:AssumeRole"
]
,
"Path": "/",
"Policies": [
"PolicyName": "CloudWatchPolicy",
"PolicyDocument":
"Version": "2012-10-17",
"Statement": [
"Effect": "Allow",
"Action": "*",
"Resource": "*"
]
]
,
"MyRule":
"Type": "AWS::Events::Rule",
"Properties":
"Description": "A rule to schedule data update",
"Name": "MyRule",
"ScheduleExpression": "rate(1 minute)",
"State": "ENABLED",
"RoleArn":
"Fn::GetAtt": ["MyRole",
"Arn"]
,
"Targets": [
"Arn":
"Fn::GetAtt": ["MyQueue",
"Arn"]
,
"Id": "MyRule"
]
,
"Outputs":
那里可能有什么问题?我应该添加一个队列侦听器来显示消息吗?
问题 #2:
关于 CloudWatch 事件规则目标 的文档声明 Id 是必填字段:
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-events-rule-target.html
虽然 AWS::SQS::Queue 根本没有这样的属性(只有 Name 存在):
https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-properties-sqs-queues.html#aws-properties-sqs-queues-prop
当使用 SQS 作为目标时,CloudWatch 事件规则目标 Id 属性应该放什么?
非常感谢。
【问题讨论】:
您的模板有效吗?我认为RoleArn
应该是 Amazon CloudWatch 事件规则目标的属性。除此之外,你的模板应该按照你说的做,(AFAIK)
感谢您的帮助,@yorodm。是的,基于此模板成功创建了堆栈(尽管队列中没有消息)。如果我将 RoleArn 添加到 Rule Traget 堆栈创建过程中会显示以下错误:RoleArn is not supported for target arn:aws:sqs:eu-west-1:***:MyQueue
【参考方案1】:
我的模板中缺少的部分是 AWS::SQS::QueuePolicy。
工作模板:
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "stack 1",
"Parameters": ,
"Resources":
"MyPolicy":
"Type": "AWS::IAM::Policy",
"Properties":
"PolicyDocument":
"Statement": [
"Action": "sqs:*",
"Effect": "Allow",
"Resource":
"Fn::GetAtt": ["MyQueue",
"Arn"]
],
"Version": "2012-10-17"
,
"PolicyName": "MyPolicyName",
"Roles": [
"Ref": "MyRole"
]
,
"MyRole":
"Type": "AWS::IAM::Role",
"Properties":
"AssumeRolePolicyDocument":
"Statement": [
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal":
"Service": ["events.amazonaws.com",
"sqs.amazonaws.com"]
],
"Version": "2012-10-17"
,
"MyQueue":
"Type": "AWS::SQS::Queue",
"Properties":
"QueueName": "MyQueue2"
,
"MyRule":
"Type": "AWS::Events::Rule",
"Properties":
"Description": "A rule to schedule data update",
"Name": "MyRule",
"ScheduleExpression": "rate(1 minute)",
"State": "ENABLED",
"RoleArn":
"Fn::GetAtt": ["MyRole",
"Arn"]
,
"Targets": [
"Arn":
"Fn::GetAtt": ["MyQueue",
"Arn"]
,
"Id": "MyRule1",
"Input": "\"a\":\"b\""
]
,
"MyQueuePolicy":
"DependsOn": ["MyQueue", "MyRule"],
"Type": "AWS::SQS::QueuePolicy",
"Properties":
"PolicyDocument":
"Version": "2012-10-17",
"Id": "MyQueuePolicy",
"Statement": [
"Effect": "Allow",
"Principal":
"Service": ["events.amazonaws.com",
"sqs.amazonaws.com"]
,
"Action": "sqs:SendMessage",
"Resource":
"Fn::GetAtt": ["MyQueue",
"Arn"]
]
,
"Queues": [
"Ref": "MyQueue"
]
,
"Outputs":
【讨论】:
以上是关于以 SQS 队列为目标的 CloudWatch 事件无法工作的主要内容,如果未能解决你的问题,请参考以下文章
CloudWatch SQS 指标问题上的 AWS Autoscaling