我正在通过 cloudformation 创建一个模板,以便在将特定文件插入特定存储桶时,在 eventbridge 中执行一条规则,从而触发粘合工作流执行事件。 问题是,我插入到该存储桶中的所有内容,无论文件是什么,或者甚至创建一个新的文件夹,都会触发该事件。
我的资源:
S3Bucket:
Type: AWS::S3::Bucket
Properties:
BucketName: bucket-data-test-jp
EventRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: Allow
Principal:
Service:
- events.amazonaws.com
Action: sts:AssumeRole
Path: /
Policies:
-
PolicyName: NotifyEventGluePolicy
PolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: Allow
Action: glue:notifyEvent
Resource: arn:aws:glue:us-east-1:accountId:workflow/workflow-move-files-to-s3
-
PolicyName: GetObjectS3Policy
PolicyDocument:
Version: "2012-10-17"
Statement:
-
Effect: Allow
Action:
- s3:GetObject
- s3:GetObjectAcl
Resource: arn:aws:s3:::my-bucket-test-jp/source/*
WorkFlowGlue: It's not important
ScheduledJobsTrigger: It's not important
EventRuleMoveToS3:
Type: AWS::Events::Rule
Properties:
EventBusName: default
EventPattern:
source:
- aws.s3
detail-type:
- Object Created
detail:
bucket:
name:
- bucket-data-test-jp
key:
prefix:
- source/eventbridge.yaml
Name: porcloudformation
State: ENABLED
Targets:
- Id: test
Arn: >-
arn:aws:glue:us-east-1:accountId:workflow/workflow-move-files-to-s3
RoleArn: !GetAtt EventRole.Arn
我在 eventbridge 中的事件模式:
{
"detail-type": ["Object Created"],
"source": ["aws.s3"],
"detail": {
"bucket": {
"name": ["bucket-data-test-jp"]
},
"object": [{
"prefix": "source/eventbridge.yaml"
}]
}
}
我已经尝试过使用后缀,但它也不适合我
我需要仅在插入特定文件(在本例中为 eventbridge.yaml)时执行 eventbridge 规则
以下规则似乎对我有用。由于某种原因,指定
prefix
和 suffix
似乎没有达到预期的过滤效果。
{
"detail-type": ["Object Created"],
"source": ["aws.s3"],
"account": ["account-id"],
"region": ["us-east-1"],
"resources": ["arn:aws:s3:::bucket-name"],
"detail": {
"bucket": {
"name": ["bucket-name"]
},
"reason": ["PutObject"],
"object": {
"key": ["source_go/eventbridge_go.yaml"]
}
}
}