Cloudwatch 事件规则侦听具有特定键路径的 s3 存储桶 [英] Cloudwatch event rule listen to s3 bucket with specific keypath

问题描述

有没有办法收听 s3 存储桶，但只能在特定的文件夹"内进行，例如，如果我有一个名为 input 的文件夹，我会说在s3://bucket-name/folder1/*"上收听?现在好像只能听整个bucket.我的问题是我想使用同一个bucket根据特定的key path来触发CloudWatch，当然所有的cloudwatch规则都会被触发.这是我的流程:CloudTrail(监控 s3://bucket/path)-> CloudWatch(对于该 s3://bucket/path 中的任何 PUT 都有一个事件规则)trigger-> StepFunction-> LambdaFunctions我还尝试从 CloudWatch 角色中限制这一点，以仅授予该特定 S3 存储桶路径的权限，而没有运气.这是我的活动规则:

Is there a way to listen to an s3 bucket but only inside a specific "folder" so for instance if i had a folder named input i would say listen on "s3://bucket-name/folder1/*"? Right now it seems that you can only listen to the entire bucket.My issue is that I want to use the same bucket to trigger CloudWatch based on specific key path, and of course all cloudwatch rules will be triggered. This is my flow: CloudTrail (monitor s3://bucket/path) -> CloudWatch (will have an Event Rule for any PUT in that s3://bucket/path) trigger-> StepFunction-> LambdaFunctions I also tried to restrict this from CloudWatch role to give permissions only to that specific S3 bucket path without luck. This is my event rule:

{ "source": [ "aws.s3" ], "detail-type": [ "AWS API Call via CloudTrail" ], "detail": { "eventSource": [ "s3.amazonaws.com" ], "eventName": [ "PutObject" ], "requestParameters": { "bucketName": [ " bucketname" ] } } }

有什么解决办法吗?

推荐答案

尝试添加

"requestParameters": { "bucketName": [ " bucketname" ],"key":["folder1"] }

可以工作.

这篇关于Cloudwatch 事件规则侦听具有特定键路径的 s3 存储桶的文章就介绍到这了，希望我们推荐的答案对大家有所帮助，也希望大家多多支持IT屋！