Terraform : S3触发器代码失败，状态代码: 400

Question

在terraform中，尝试将bucket作为触发器S3到我的lambda，并赋予权限。对于此用例，创建S3资源并尝试在触发逻辑中引用该lambda函数。但是当我引用下面的代码失败时，error.Please可以帮助我解决这个问题。

#########################################
# Creating Lambda resource
###########################################

resource "aws_lambda_function" "test_lambda" {
  filename      = "output/welcome.zip"
  function_name = var.function_name
  role          = var.role_name
  handler       = var.handler_name
  runtime       = var.run_time
}


######################################################
# Creating s3 resource for invoking to lambda function
######################################################

resource "aws_s3_bucket" "bucket" {
  bucket = "source-bucktet-testing"

}

#####################################################################
# Adding S3 bucket as trigger to my lambda and giving the permissions
#####################################################################

resource "aws_s3_bucket_notification" "aws-lambda-trigger" {
  bucket = aws_s3_bucket.bucket.id
  lambda_function {
    lambda_function_arn = aws_lambda_function.test_lambda.arn
    events              = ["s3:ObjectCreated:*"]
    filter_prefix       = "file-prefix"
    filter_suffix       = "file-extension"
}
}




resource "aws_lambda_permission" "test" {
  statement_id  = "AllowS3Invoke"
  action        = "lambda:InvokeFunction"
  function_name = aws_lambda_function.test_lambda.function_name
  principal = "s3.amazonaws.com"
  source_arn = "arn:aws:s3:::aws_s3_bucket.bucket.id"
}

错误消息：

Error: Error putting S3 notification configuration: InvalidArgument: Unable to validate the following destination configurations
        status code: 400, request id: 8D16EE1EF8FC0E63, host id: PlzqurwmHo3hDJdr0nUhOGuJKnghOBCtMImZ+8fEFX3JPjKV2M47UZuJ5Z26FalKxmoF1Xl8lag=

Answer 1

您在aws_lambda_permission中的source_arn不正确。它应该是：

source_arn = aws_s3_bucket.bucket.arn

目前您的source_arn是字面上的字符串"arn:aws:s3:::aws_s3_bucket.bucket.id"，这是不正确的。