任务描述:
(1)在S3上面新建两个bucket,一个bucket A是存放lambda代码压缩文件的地方,一个bucketB当做收货的地方;
(2)cloudformation中写yaml脚本创建template,yaml脚本中实现的功能有:把lambda代码压缩包从bucket A取出来,创建lambda函数并启动,在s3新建一个指定名字的bucket。接着利用此template继续新建一个stack。
(3)步骤(2)完毕后,可以在s3中看到一个带有source字眼的bucket生成了,在这个bucket中上传一张.jpg图片,跑起来的lambda函数从此bucket中取到图片,并把大小改了,再存入bucket B。
1. 在s3页面,创建两个bucket,一个作为source,一个作为destination。选择一个bucket,上传lambda的zip文件(下载地址为https://download.csdn.net/download/daiqinge/12006492)。
我自己的情况,两个bucket的那么分别是:cfst-694-d88cad3582794cda5c0a9f2b857647df-bucketa-skln4rf5zz8g
和cfst-694-d88cad3582794cda5c0a9f2b857647df-bucketb-i65demszsd95
2. 创建一个cloudformation
cloudformation页面,点击 新建stack:
下图中的template区域的代码如下,里面配置了只监控上传bucket中的图片后缀为.jpg的文件,才会触发调用lambda函数:
AWSTemplateFormatVersion: '2010-09-09'
Description: CloudFormation Template for Student Use
Resources:
LambdaRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- lambda.amazonaws.com
Action:
- sts:AssumeRole
Path: /
Policies:
- PolicyName: root
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- cloudwatch:DeleteAlarms
- cloudwatch:DescribeAlarmHistory
- cloudwatch:DescribeAlarms
- cloudwatch:DescribeAlarmsForMetric
- cloudwatch:GetMetricStatistics
- cloudwatch:ListMetrics
- cloudwatch:PutMetricAlarm
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
- iam:GetRole
- iam:ListRoles
- lambda:*
- s3:GetBucketPolicy
- s3:GetObject
- s3:HeadBucket
- s3:ListAllMyBuckets
- s3:ListBucket
- s3:ListObjects
- s3:PutBucketNotification
- s3:GetBucketNotification
- s3:PutObject
- s3:PutObjectTagging
Resource: '*'
RoleName: lambda_exec_role
SourceBucket:
Type: AWS::S3::Bucket
DependsOn: S3InvokeRole
Properties:
Tags:
-
Key: "Bucket"
Value: "TriggerBucket"
NotificationConfiguration:
LambdaConfigurations:
-
Event: "s3:ObjectCreated:*"
Function: !GetAtt LambdaFunction.Arn
Filter:
S3Key:
Rules:
-
Name: suffix
Value: .jpg
S3InvokeRole:
Type: AWS::Lambda::Permission
Properties:
Action: lambda:InvokeFunction
FunctionName: !GetAtt 'LambdaFunction.Arn'
Principal: s3.amazonaws.com
LambdaRolePolicy:
DependsOn:
- LambdaRole
Type: AWS::IAM::Policy
Properties:
PolicyName: LambdaRolePolicy
Roles:
- !Ref 'LambdaRole'
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- cloudwatch:DeleteAlarms
- cloudwatch:DescribeAlarmHistory
- cloudwatch:DescribeAlarms
- cloudwatch:DescribeAlarmsForMetric
- cloudwatch:GetMetricStatistics
- cloudwatch:ListMetrics
- cloudwatch:PutMetricAlarm
- logs:CreateLogGroup
- logs:CreateLogStream
- logs:PutLogEvents
- iam:GetRole
- iam:ListRoles
- lambda:*
Resource: '*'
LambdaFunction:
Type: AWS::Lambda::Function
DependsOn:
- LambdaRole
- LambdaRolePolicy
Properties:
Code:
S3Bucket: !Ref 'CodeBucket'
S3Key: !Ref 'LambdaFileName'
Role: !GetAtt 'LambdaRole.Arn'
Description: This function creates a thumbnail version of an uploaded image!
Timeout: 15
Handler: index.handler
Runtime: nodejs8.10
MemorySize: 1024
ReservedConcurrentExecutions: 500
Environment:
Variables:
DST_BUCKET: !Ref 'DestinationBucket'
Parameters:
DestinationBucket:
Type: String
Description: Enter the destination bucket for the thumbnail here!
CodeBucket:
Type: String
Description: Enter the bucket name where you uploaded your Lambda function ZIP
file.
LambdaFileName:
Type: String
Description: Enter the file name of the Lambda function ZIP file.
Default: lambda_function.zip
然后点击上图中左上角的 云里面有个小箭头的按钮,跳转后的页面选择
接着填写信息,下图中配置的parameters,其实是lambda function代码中要用到的环境变量:
点击创建,如果有I acknowledge.. 的复选框,就选中即可。马上stack页面就看到 新建好的cloudformation的状态是CREATE_IN_PROGRESS,等几分钟就好了。
去s3页面查看,发现自动多了两个bucket,一个是cloudformation页面,创建template的时候自动生成的;另外一个是利用创建好的template创建新的stack,自动生成的当做发货地的bucket,名字里带source字眼那个。
点开这个带有source字眼的bucket,选择properties选项卡---再选择event,可以看到配置。在此bucket中上传后缀为.jpg的图片,会触发cloudformation中的template,从而调用lambda函数,处理照片,然后保持到bucket b中。
3. 去lambda页面,可以看到由步骤2的成功,而自动创建好的lambda函数
4. s3页面的作为source作用的bucket中上传一个照片,可以看到destination作用的bucket中,被resize了的这个照片。