我想实现我的lambda函数,它基于ecr中的docker映像,由计划的cloudwatch事件触发。
问题是我无法从模块"中附加函数名称myFunction;函数容器图像;到aws_lambda_permission。
当我有一个普通的lambda函数时,它就可以工作了,比如,但不使用来自图像URI:的lambda功能
resource "aws_lambda_function" "myFunction" {
function_name = "myFunction"
role = aws_iam_role.lambda_execution_role.arn
handler = "exports.handler"
runtime = "python3.8"
}
我有以下代码:
AWS CloudWatch事件:
resource "aws_cloudwatch_event_rule" "every_five_minutes" {
name = "every-five-minutes"
description = "Fires every five minutes"
schedule_expression = "rate(5 minutes)"
}
基于容器图像的Lambda函数:
module "lambda_function_container_image" {
source = "terraform-aws-modules/lambda/aws"
function_name = "myFunction"
description = "awesome function"
create_package = false
image_uri = "${data.aws_caller_identity.current.account_id}.dkr.ecr${var.aws_region}.amazonaws.com/container_name"
package_type = "Image"
}
Lambda权限:
resource "aws_lambda_permission" "allow_cloudwatch_to_call_myFunction" {
statement_id = "AllowExecutionFromCloudWatch"
action = "lambda:InvokeFunction"
function_name = aws_lambda_function.myFunction.function_name
principal = "events.amazonaws.com"
source_arn = aws_cloudwatch_event_rule.every_five_minutes.arn
}
当前aws_lambda_permission出现以下错误:
错误消息:
Error: Reference to undeclared resource
-> points to function_name in aws_lambda_permission
您需要通过正在使用的module引用function_name。根据terraform aws模块的文档,该模块有一个名为lambda_function_name的输出。
这意味着,以下内容应该适用于您:
resource "aws_lambda_permission" "allow_cloudwatch_to_call_myFunction" {
[...]
function_name = module.lambda_function_container_image.lambda_function_name
[...]
}