cloudwatchevent_ruleデフォルトのラムダ関数の最新バージョン

Question

ラムダ関数の作成とそれに対するクラウドウォッチルールを自動化しようとしています。しかし、cloudwatchevent_ruleのアシスタントタスクでは、ラムダ機能にアタッチするためにバージョンIDが必要なようです。私はラムダ関数を設定した

- name: create cloudwatch rule 
    cloudwatchevent_rule: 
    name: 'name_for_rule' 
    region: "{{region}}" 
    description: 'trigger on new instance creation' 
    state: present 
    event_pattern: |- 
     { 
     "detail-type": [ 
      "AWS API Call via CloudTrail" 
     ], 
     "detail": { 
      "eventSource": [ 
      "ec2.amazonaws.com" 
      ], 
      "eventName": [ 
      "RunInstances" 
      ] 
     } 
     } 
    targets: 
     - id: "{{ lambda.configuration.version }}" 
     arn: "{{ lambda.configuration.function_arn }}" 

Answer 1

：CloudWatchのルールは常に私のラムダ関数の最新バージョンに自分自身を添付するように

No target to arn:aws:lambda:us-east- 
1:MYACCOUNTID:function:MYFUNCTIONNAME could be found on the rule 
MYFUNCTIONNAME. 

がどのように私はこれを変更することができます。これは、エラーの原因となっていますCloudWatchルールでトリガーします。次のSAMテンプレートには、必要なアクセス許可、ポリシー、および役割も含まれています。必要ない場合は無視してください。

{ 
    "AWSTemplateFormatVersion": "2010-09-09", 
    "Transform": "AWS::Serverless-2016-10-31", 
    "Description": "AWS SAM template configuring lambda functions written in test package.", 
    "Resources": { 
    "OrchestratorTestLambdaFunction": { 
     "DependsOn": [ 
     "LambdaPolicy" 
     ], 
     "Type": "AWS::Lambda::Function", 
     "Properties": { 
     "Handler": "com.test.TestClass::orchestrateTestLambda", 
     "FunctionName": "OrchestratorTestLambda", 
     "Runtime": "java8", 
     "MemorySize": 256, 
     "Timeout": 60, 
     "Code": { 
      "S3Bucket": "BATS::SAM::CodeS3Bucket", 
      "S3Key": "BATS::SAM::CodeS3Key" 
     }, 
     "Role": { 
      "Fn::GetAtt": [ 
      "LambdaRole", 
      "Arn" 
      ] 
     }, 
     "Description": "Lambda reads from SQS provided in the cloud watch." 
     } 
    }, 
    "LambdaRole": { 
     "Type": "AWS::IAM::Role", 
     "Properties": { 
     "RoleName": "LambdaRole", 
     "AssumeRolePolicyDocument": { 
      "Version": "2008-10-17", 
      "Statement": [ 
      { 
       "Sid": "", 
       "Effect": "Allow", 
       "Principal": { 
       "Service": "lambda.amazonaws.com" 
       }, 
       "Action": "sts:AssumeRole" 
      } 
      ] 
     } 
     } 
    }, 
    "LambdaPolicy": { 
     "Type": "AWS::IAM::Policy", 
     "Properties": { 
     "PolicyName": "lambda_policy", 
     "PolicyDocument": { 
      "Version": "2012-10-17", 
      "Statement": [ 
      { 
       "Sid": "", 
       "Effect": "Allow", 
       "Action": [ 
       "sqs:DeleteMessage", 
       "sqs:ReceiveMessage" 
       ], 
       "Resource": [ 
       { 
        "Fn::Sub": "arn:aws:sqs:eu-west-1:${AWS::AccountId}:TestUpdates" 
       } 
       ] 
      }, 
      { 
       "Sid": "", 
       "Action": [ 
       "lambda:InvokeAsync" 
       ], 
       "Effect": "Allow", 
       "Resource": "*" 
      }, 
      { 
       "Sid": "", 
       "Effect": "Allow", 
       "Action": [ 
       "logs:CreateLogGroup", 
       "logs:CreateLogStream", 
       "logs:PutLogEvents" 
       ], 
       "Resource": "arn:aws:logs:*:*:*" 
      } 
      ] 
     }, 
     "Roles": [ 
      { 
      "Ref": "LambdaRole" 
      } 
     ] 
     } 
    }, 
    "PermissionForEventsToInvokeLambda": { 
     "Type": "AWS::Lambda::Permission", 
     "Properties": { 
     "FunctionName": { 
      "Ref": "OrchestratorTestLambdaFunction" 
     }, 
     "Action": "lambda:InvokeFunction", 
     "Principal": "events.amazonaws.com", 
     "SourceArn": { 
      "Fn::GetAtt": [ 
      "TestRule", 
      "Arn" 
      ] 
     } 
     } 
    }, 
    "TestRule": { 
     "Type": "AWS::Events::Rule", 
     "Properties": { 
     "Name": "TestRule", 
     "Description": "Rule to Trigger OrchestratorTestLambdaFunction", 
     "ScheduleExpression": "rate(1 minute)", 
     "State": "ENABLED", 
     "Targets": [ 
      { 
      "Arn": { 
       "Fn::GetAtt": [ 
       "OrchestratorTestLambdaFunction", 
       "Arn" 
       ] 
      }, 
      "Id": "TestRuleV1", 
      "Input": { 
       "Fn::Sub": "{\"queueUrl\":\"https://sqs.eu-west-1.amazonaws.com/${AWS::AccountId}/TestUpdates\"}" 
      } 
      } 
     ] 
     } 
    } 
    }, 
    "Outputs": { 
    "StackArn": { 
     "Value": { 
     "Ref": "AWS::StackId" 
     }, 
     "Description": "Use this as the stack_arn in your cloud_formation_deployment_stack override." 
    } 
    } 
}