CloudFormation：无法使用无服务器框架在 AWS 上为 SNS 主题创建策略

Question

无法弄清楚我做错了什么，如果我注释掉 SNSAddTopicPolicy，一切正常，但是一旦取消注释我得到：

SNSAddTopicPolicy - Invalid parameter: Policy Error: null (Service: AmazonSNS; Status Code: 400; Error Code: InvalidParameter; Request ID: 26870c3b-4829-5080-bd88-59e9524c08e4).

我已经尝试了每一种组合，但都无法正常工作，有什么帮助吗？

BucketAddEventInterfaceSNSTopic:
    Type: AWS::SNS::Topic
    Properties:
      TopicName: accounts-bucket-add-interface-dev

 SNSAddTopicPolicy:
    Type: AWS::SNS::TopicPolicy
    Properties:
        PolicyDocument:
          Id: 'accounts-sns-add-policy-dev'
          Version: 2012-10-17
          Statement:
            Sid: 'accounts-sns-add-statement-dev'
            Effect: Allow
            # this probably needs narrowed down
            Principal:
              AWS: '*'
            Action: sns:Publish
            Resource: { "Ref":"BucketAddEventInterfaceSNSTopic" }
        Topics:
          - { "Ref": "BucketAddEventInterfaceSNSTopic" }

Answer 1

您似乎在为 REF 混合使用 JSON 和 YAML 语法。另外，为了安全起见，您应该在您的版本周围加上引号，如下所示。

您的政策应该更像这样

 SNSAddTopicPolicy:
    Type: AWS::SNS::TopicPolicy
    Properties:
        PolicyDocument:
          Id: 'accounts-sns-add-policy-dev'
          Version: '2012-10-17'
          Statement:
            Sid: 'accounts-sns-add-statement-dev'
            Effect: Allow
            # this probably needs narrowed down
            Principal:
              AWS: '*'
            Action: sns:Publish
            Resource: !Ref BucketAddEventInterfaceSNSTopic
        Topics:
          - !Ref BucketAddEventInterfaceSNSTopic

CloudFormation：无法使用无服务器框架在 AWS 上为 SNS 主题创建策略

CloudFormation: Cannot create policy for SNS topic on AWS using serveless framework

amazon-web-services

amazon-cloudformation

serverless