将 CloudFormation 移植到 Terraform：S3 存储桶 NotificationConfiguration

Question

在将 cloudformation 模板移植到 terraform 的过程中，无法将以下 NotificationConfiguration、LambdaConfiguration 属性映射到 terraform 中的等效属性。

 "CloudTrailS3Bucket" : {
  "DependsOn" : "TriggerLambdaPermission",
  "Type" : "AWS::S3::Bucket",
  "Properties" : {
    "BucketName" : { "Ref" : "CloudTrailBucketName" },
    "NotificationConfiguration" : {
      "LambdaConfigurations" : [
        {
          "Event" : "s3:ObjectCreated:*",
          "Function" : { "Fn::GetAtt" : [ "AutoTagLambdaFunction", "Arn" ] }
        }
      ]
    }
  }
}

到目前为止，我的 terraform 模块中的内容如下，但不确定我是否以正确的方式进行：

resource "aws_s3_bucket" "CloudTrailS3Bucket" {
 bucket = "${var.CloudTrailBucketName}"
}


resource "aws_s3_bucket_notification" "bucket_notification" {
 bucket = "${aws_s3_bucket.CloudTrailS3Bucket.id}"

 topic {
  topic_arn     = "${aws_sns_topic.topic.arn}"
  events        = ["s3:ObjectCreated:*"]
 }
}

Answer 1

不，在 cloudformation 模板中，触发器是 lambda 事件 (s3:ObjectCreated)，但在您的代码中，您使用简单通知服务 (SNS)

请仔细阅读本文档中的部分

s3 bucket notification - Add notification configuration to Lambda Function

示例代码：

resource "aws_s3_bucket" "bucket" {
  bucket = "your_bucket_name"
}

resource "aws_s3_bucket_notification" "bucket_notification" {
  bucket = "${aws_s3_bucket.bucket.id}"

  lambda_function {
    lambda_function_arn = "${aws_lambda_function.func.arn}"
    events              = ["s3:ObjectCreated:*"]
    filter_prefix       = "AWSLogs/"
    filter_suffix       = ".log"
  }
}