Reputation: 723
AWS Cloudformation: Give Cloudwatch * Permissions to invoke Lambda
This is what I am trying to do:
LambdaInvokePermission:
Type: AWS::Lambda::Permission
Properties:
--snip--
SourceArn: !Sub arn:aws:events:${AWS::Region}:${AWS::AccountId}:rule/*-${Environment}
However it seems to dislike the * syntax.
I have tried just SourceArn: !Sub arn:aws:events:${AWS::Region}:${AWS::AccountId}:rule/* and SourceArn: '*' but these also give failure messages like
The rule * could not be found.
Does anyone know the correct syntax for this?
Upvotes: 1
Views: 3070
Answers (1)
Reputation: 51
You need to specify the exact name of the cloudwatch rule that will trigger this lambda function. Example: arn:aws:events:us-east-1:123456789012:rule/my-scheduled-rule.
The SourceArn property of AWS::Lambda::Permission expects a String value: https://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html#cfn-lambda-permission-sourcearn. You cannot have multiple cloudwatch rules as the SourceArn(not a list) in a single AWS::Lambda::Permission block with a wildcard '*'. To have multiple cloudwatch rules trigger the same lambda function, you will need to add another AWS::Lambda::Permission block in your cloudformation template.
Upvotes: 2
Related Questions
- How can I give cloudwatch log permission to invoke a lambda?
- Lambda permission not being created when using cloudformation
- CloudFormation created Lambda does not create LogStream/ Logs
- AWS Cloudformation - Invocation of Lambda by Rule Event failed
- Can't link lambda with cloudwatch event trigger
- How to setup Cloudwatch log for a Lambda created in Cloudformation
- Setup Lambda to trigger from CloudWatch using CloudFormation
- Cloudwatch trigger to Aws lambda
- Add permission for triggering lambda in api gateway via cloudformation
- Granting CloudWatch access to a lambda function deployed using the Serverless framework