Home > front end >  AWS Cloudwatch event/rule trigger Lambda Cloudformation Template
AWS Cloudwatch event/rule trigger Lambda Cloudformation Template

Time:11-03

Within AWS I've created a CloudTrail which is then filtered by an Eventbridge Rule to only look for certain events within CloudTrail that correspond to resources being created on AWS. Reason being is that I've created some code for Lambda that will automatically tag resources dependent on events passed to it from Eventbridge. When I manually connect eventbridge rule & lambda together it all works fine. However, when I deploy my stack using Cloudformation my Lambda doesn't show Eventbridge as an eventsource/trigger for the function and I don't know why. Below is my Cloudformation template alongside what is shown on AWS Lambda vs what I expect to be seen.

    AWSTemplateFormatVersion: '2010-09-09'
    Transform: AWS::Serverless-2016-10-31
    
    # ---------------------------------------------------------------------------- #
    #                               Input parameters                               #
    # ---------------------------------------------------------------------------- #
    
    Parameters:
      ProjectName:
        Type: String
        Default: 'AutoTagger'
        Description: ""
    
    # ---------------------------------------------------------------------------- #
    #                                   Resources                                  #
    # ---------------------------------------------------------------------------- #
    
    Resources:
      AutoTaggerLambda:
        Type: AWS::Serverless::Function
        Name: auto-tagger-lambda
        Properties:
          CodeUri: release/archive.zip
          Handler: auto-tagger/main.lambda_handler
          Runtime: python3.9
          Policies: [AWSLambda_FullAccess]
          MemorySize: 128
          Timeout: 30
        Tags:
          - Key: "project_name"
            Value: !Ref ProjectName
    
      TagEvents:
          Type: "AWS::Events::Rule"
          Properties:
            Description: "Rule to trigger lambda"
            Name: "TagEvents"
            EventPattern: {
                            "detail-type": ["AWS API Call via CloudTrail"],
                            "detail": {
                              "eventSource": ["ec2.amazonaws.com", "rds.amazonaws.com", "lambda.amazonaws.com", "s3.amazonaws.com", "dynamodb.amazonaws.com", "elasticfilesystem.amazonaws.com"],
                              "eventName": ["CreateVolume", "RunInstances", "CreateImage", "CreateSnapshot", "CreateDBInstance", "CreateFunction20150331", "UpdateFunctionConfiguration20150331v2", "UpdateFunctionCode20150331v2", "CreateBucket", "CreateTable", "CreateMountTarget"]
                            }
                          }
            State: "ENABLED"
            Targets:
              - Arn: !GetAtt AutoTaggerLambda.Arn
                Id: "TagEventsTargetLambda"

No trigger shown for lambda

Can now see trigger when manually added

Do I need to add an event to the lambda also? I'm a little confused.

CodePudding user response:

You are missing permissions. An AWS::Lambda::Permission resource gives your EventBridge rule permission to invoke the Lambda. It is added to the Lambda's resource-based policy.

PermissionForEventsToInvokeLambda:
  Type: AWS::Lambda::Permission
  Properties:
    FunctionName: !GetAtt AutoTaggerLambda.Arn
    Action: 'lambda:InvokeFunction'
    Principal: 'events.amazonaws.com'
    SourceArn: !GetAtt TagEvents.Arn

Page link:https//www.codepudding.com/frontend/597754.html

Prev:Terraform split all object in a list while using count.index
Next:How to return to the beginning of menu in java
  • Related

About Us:  Contact Us      Terms of Service       Privacy Policy

Copyright © 2010-2023,Powered By CodePudding