无法通过CFT在CodeBuild项目上成功设置SNS，但手动工作 [英] Unable to successfully set up SNS on CodeBuild project through CFT but works manually

问题描述

我正在尝试建立一个SNS系统，以便在构建失败时发送一封电子邮件.目前，我只是将它设置为在到达几个不同阶段以进行测试时发送通知.

I'm trying to get an SNS system set up to send out an email whenever a build fails. At the moment I just have it set to send a notification when it reaches several different stages for testing purposes.

我已经多次阅读过AWS的教程，以至于我已经记住了整个过程，但是当我将其转换为CFT时却无法正常工作.

I've followed the tutorial from AWS so many times that I've memorized the entire process but something isn't working when I translate that into a CFT.

创建所有内容后，我会收到确认电子邮件，但是之后，在我的CodeBuild项目中单击开始构建"按钮时，我没有再收到任何有关构建状态的电子邮件.
如果我手动执行此操作，尽管会收到所有预期的电子邮件.

I receive the confirmation email when everything is created but afterwards when I click on the "Start Build" button in my CodeBuild project I don't receive any further emails about the build status.
If I do this manually though I will receive all the expected emails.

sns-build-notifications.yml

###
### Stack Name: sns-build-notifications
###
### Template Name: sns-build-notifications.yml
###
### Description: Creates a notification system that emails users when a
###              specified build fails
###

AWSTemplateFormatVersion : '2010-09-09'

Globals:
  Api:
    OpenApiVersion: 3.0.1

Transform: AWS::Serverless-2016-10-31

Resources:
  rSnsTopicDemo:
    Type: AWS::SNS::Topic
    Properties:
      TopicName: rSnsTopicDemo
      Subscription:
        - Protocol: email
          Endpoint: myEmail@gmail.com

  rCloudWatchEventRuleDemo:
    Type: AWS::Events::Rule
    Properties:
      Description: Delete when finished
      EventPattern:
        source:
          - aws.codebuild
        detail-type:
          - CodeBuild Build State Change
        detail:
          build-status:
            - IN_PROGRESS
            - SUCCEEDED
            - FAILED
            - STOPPED
          project-name:
            - CodeBuildStateChangeDemo
      Targets:
        - Arn: !Ref rSnsTopicDemo
          Id: CodeBuildStateChangeDemo
          InputTransformer:
              InputPathsMap:
                build-status: "$.detail.build-status"
              InputTemplate: |
                "Build has entered status: '<build-status>'"

我要附加一些通过CFT创建的资源图片.
出于安全考虑，其中一些名称可能与我在此处描述的名称有所不同.

I'm attaching some images of my resources created through the CFT.
Some of the names might differ from what I've described here just for security purposes.

CodeBuildStateChangeDemo

rSnsTopicDemo

rSnsTopicDemo订阅

CloudWatch事件规则

推荐答案

从您发布的内容中，我看到没有

From what you posted, I see that there is no AWS::SNS::TopicPolicy allowing CW events to submit any message to it.

需要在CFN中明确创建主题政策.控制台在后台执行此操作.政策示例如下:

The topic policy would need to be explicitly created in CFN. Console does this in the background. Example policy is as follows:

{
  "Sid": "AWSEvents_kkk_Id983908485049",
  "Effect": "Allow",
  "Principal": {
    "Service": "events.amazonaws.com"
  },
  "Action": "sns:Publish",
  "Resource": "<my-sns-topic-arn>"
}

这篇关于无法通过CFT在CodeBuild项目上成功设置SNS，但手动工作的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！