无法从 AWS CodePipeline 接收 SNS 通知
问题描述 投票:0回答:1
我目前正在使用 CloudFormation 模板设置 AWS CodePipeline。我已为通知配置了一个 SNS 主题,并将其附加到针对我的 CodePipeline 的 CodeStar 通知规则。但是,我在发送管道事件(例如管道启动、失败和成功)的 SNS 通知时遇到问题。
在 AWS 控制台中我看到 sns 主题无法访问
我已经仔细检查了我的配置,但无法找出问题所在。有人可以帮我解决这个问题吗?
代码示例: 我已设置 AWS CloudFormation 模板来创建必要的资源。以下是我的 CloudFormation 模板的片段:
Parameters:
RepositoryName:
Type: String
Description: Name of the repository to create
Default: sns-alert-adam
artifactBucket:
Type: String
Description: Name of the artifact bucket to create
Default: sns-alert-adam-s3-artifact-bucket
snsTopicName:
Description: Email Address for sending SNS notifications
Type: String
Default: codestar-notifications-sns-alert-adam
EmailAddress:
Description: Email Address for sending SNS notifications
Type: String
Default: [email protected]
Resources:
## IAM Role for CodePipeline
CodePipelineRole:
Type: AWS::IAM::Role
Properties:
RoleName: CodePipelineRole-adam
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service:
- codepipeline.amazonaws.com
Action: sts:AssumeRole
Policies:
- PolicyName: !Sub ${RepositoryName}-codepipeline-adam
PolicyDocument:
Version: '2012-10-17'
Statement:
- Action:
- lambda:InvokeFunction
- lambda:ListFunctions
- opsworks:CreateDeployment
- opsworks:DescribeApps
- opsworks:DescribeCommands
- opsworks:DescribeDeployments
- opsworks:DescribeInstances
- opsworks:DescribeStacks
- opsworks:UpdateApp
- opsworks:UpdateStack
- cloudformation:CreateStack
- cloudformation:DeleteStack
- cloudformation:DescribeStacks
- cloudformation:UpdateStack
- cloudformation:CreateChangeSet
- cloudformation:DeleteChangeSet
- cloudformation:DescribeChangeSet
- cloudformation:ExecuteChangeSet
- cloudformation:SetStackPolicy
- cloudformation:ValidateTemplate
- codebuild:BatchGetBuilds
- codebuild:StartBuild
- codebuild:BatchGetBuildBatches
- codebuild:StartBuildBatch
- cloudformation:ValidateTemplate
- states:DescribeExecution
- states:DescribeStateMachine
- states:StartExecution
- sns:*
Resource: "*"
Effect: Allow
- Action:
- codestar-connections:UseConnection
Resource: "*"
Effect: Allow
- Action:
- elasticbeanstalk:*
- ec2:*
- elasticloadbalancing:*
- autoscaling:*
- cloudwatch:*
- sns:*
- cloudformation:*
- rds:*
- sqs:*
- ecs:*
Resource: "*"
Effect: Allow
- Action:
- s3:GetObject
- s3:GetObjectVersion
- s3:GetBucketVersioning
- s3:PutObject
- s3:PutObjectAcl
- s3:PutObjectVersionAcl
Resource:
- arn:aws:s3:::sns-alert-adam-s3-artifact-bucket
- arn:aws:s3:::sns-alert-adam-s3-artifact-bucket/*
Effect: Allow
- Action:
- codedeploy:CreateDeployment
- codedeploy:GetApplication
- codedeploy:GetApplicationRevision
- codedeploy:GetDeployment
- codedeploy:GetDeploymentConfig
- codedeploy:RegisterApplicationRevision
Resource: "*"
Effect: Allow
- Action:
- codecommit:CancelUploadArchive
- codecommit:GetBranch
- codecommit:GetCommit
- codecommit:GetRepository
- codecommit:GetUploadArchiveStatus
- codecommit:UploadArchive
Resource: "*"
Effect: Allow
- Sid: StatusNotificationsPolicy
Effect: Allow
Action:
- sns:Publish
- sns:Subscribe
- SNS:GetTopicAttributes
- SNS:SetTopicAttributes
- SNS:AddPermission
- SNS:RemovePermission
- SNS:DeleteTopic
- SNS:Subscribe
- SNS:ListSubscriptionsByTopic
Resource: !Sub arn:${AWS::Partition}:sns:${AWS::Region}:${AWS::AccountId}:codestar-notifications-sns-alert-adam
CreateSnsAlertPipeline:
Type: AWS::CodePipeline::Pipeline
Properties:
ArtifactStore:
Type: S3
Location: !Ref artifactBucket
Name: !Sub ${RepositoryName}-sns-alert-pipeline
RoleArn: !GetAtt CodePipelineRole.Arn
Stages:
- Name: Source
Actions:
- Name: Source
ActionTypeId:
Category: Source
Owner: AWS
Version: 1
Provider: CodeCommit
OutputArtifacts:
- Name: SourceOutput
Configuration:
RepositoryName: !Ref RepositoryName
BranchName: main
RunOrder: 1
- Name: Build
Actions:
- Name: Build
ActionTypeId:
Category: Build
Owner: AWS
Version: 1
Provider: CodeBuild
InputArtifacts:
- Name: SourceOutput
Configuration:
ProjectName: !Ref RepositoryName
RunOrder: 1
CodeStar:
Type: AWS::CodeStarNotifications::NotificationRule
Properties:
Name: 'My Notification Rule for Comments on Commits'
DetailType: FULL
Resource: !Sub arn:${AWS::Partition}:codepipeline:${AWS::Region}:${AWS::AccountId}:sns-alert-adam-sns-alert-pipeline
EventTypeIds:
- codepipeline-pipeline-pipeline-execution-started
- codepipeline-pipeline-pipeline-execution-failed
- codepipeline-pipeline-pipeline-execution-succeeded
Targets:
- TargetType: SNS
TargetAddress: !Sub arn:${AWS::Partition}:sns:${AWS::Region}:${AWS::AccountId}:${snsTopicName}
MySNSTopic:
Type: AWS::SNS::Topic
Properties:
TopicName: codestar-notifications-sns-alert-adam
Subscription:
- Endpoint: !Ref EmailAddress
Protocol: email
TopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics:
- !Ref MySNSTopic
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service: codestar-notifications.amazonaws.com
Action:
- SNS:Publish
Resource: !Ref MySNSTopic1个回答
0
投票
投票
要使用 CloudFormation 模板解决在 AWS CodePipeline 设置中无法访问 SNS 主题的问题,您可以按照以下步骤操作:
检查 SNS 主题配置:验证 CloudFormation 模板中的 SNS 主题配置是否正确。确保准确定义主题名称、通知电子邮件地址和订阅。
IAM 角色权限:查看 CloudFormation 模板中定义的 IAM 角色 (CodePipelineRole)。确认该角色具有与 SNS 主题交互所需的权限,包括发布消息。
CodePipeline 配置:仔细检查模板中 CodePipeline (CreateSnsAlertPipeline) 的配置。确保正确设置管道以触发管道事件的 SNS 通知。
CodeStar通知规则:验证模板中CodeStar通知规则(CodeStar)的配置。确认规则针对通知的正确 CodePipeline 和 SNS 主题。
SNS 主题策略:查看 CloudFormation 模板中的 SNS 主题策略(TopicPolicy)。确保策略允许 codestar-notifications.amazonaws.com 服务主体将消息发布到 SNS 主题。
控制台监控:监控 AWS 管理控制台是否有与 SNS 主题相关的任何错误消息或通知。检查是否有任何可能指示主题无法访问的原因的特定错误代码或消息。
通过仔细检查和验证 CloudFormation 模板的这些方面,您可以识别并解决导致 AWS CodePipeline 设置中无法访问 SNS 主题的任何配置错误或问题。
最新问题
- 如何在WINUI 3.0中禁止用户调整窗口大小?
- 当我在单选按钮中输入值或编辑单选按钮时,屏幕会闪烁
- 将带有 JSON 的 Spring Cloud Stream 消息转换为 POJO
- Windows 窗体数据绑定到单选按钮
- 如何在jQuery sortable中获取元素的Id
- 如何在四开中渲染仪表板?
- 在Snowflake中,如何解析JSON对象?
- 如何在浏览器开发者工具中查看cshtml文件的内容?
- Sympy 和 Python - 漂亮的多行打印
- 以十进制格式转换时间输入 - Excel 公式或 VBA
- rails SQL 查询报告使用 postgres 失败,但使用 psql 命令行工具成功
- Python 中的条件异常处理
- React useParams 根本不显示参数,返回具有多个值的对象
- 将数据拆分为单独的列,然后将它们合并为一列
- Oracle 视图查询中添加 If-else 条件
- 无法更新教育访问权限
- 使用sveltekit中的fs库
- 通过asp.net core POST创建EF Core一对多关系数据
- 如何在.Net 5中使用Hot Chocolate修改GraphQL中的响应Cookie
- 在 Django 中的 /cart/ 处返回多个对象
© www.soinside.com 2019 - 2024. All rights reserved.