Receiving error when trying to add Event Notification for SQS via CDK: botocore.exceptions.ClientError: An error occurred (InvalidArgument) when calling the PutBucketNotificationConfiguration

0

Error: botocore.exceptions.ClientError: An error occurred (InvalidArgument) when calling the PutBucketNotificationConfiguration operation

Hello AWS,

I am currently working on a project where I am working with a third party team. The team has an SQS that all of our buckets have an event notification for. I currently added a new bucket and I am receiving this error when I try to deploy it via CDK.

The team does not seem to be to well familiar with AWS but I asked if I have permissions to call the SQS and they said yes. Is there a way to confirm this on my end? Or is is there documentation on the configuration the team needs to set up for their SQS Que? If so, is there any other problems that could cause this error message?

I'm confident it's on the third party team ends because this is done through our CDK stack and everything else works fine. But I do want to know I am updating an existing stack, before our bucket did not send via event notifications but was created.

Any solutions or troubleshooting will help.

One source I found on stackoverflow except it's for lambda: https://stackoverflow.com/questions/36973134/cant-add-s3-notification-for-lambda-using-boto3

1 回答
0

Hello,

Greetings of the day!! Thank you for contacting AWS.

I understand you are getting the following error when trying to add Event Notification for SQS via CDK:

"botocore.exceptions.ClientError: An error occurred (InvalidArgument) when calling the PutBucketNotificationConfiguration"

Please note here that this error usually occur if the destination which we are configuring don't allow Amazon S3 from pushing the configured events. Therefore, in order to troubleshoot the issue, you need to check the SQS queue policy as per the documentation[+]. Basically, the SQS queue policy needs to be checked for the permissions for the particular bucket you are configuring.

[+]https://docs.aws.amazon.com/AmazonS3/latest/userguide/grant-destinations-permissions-to-s3.html

{ "Version": "2012-10-17", "Id": "example-ID", "Statement": [ { "Sid": "Example SNS topic policy", "Effect": "Allow", "Principal": { "Service": "s3.amazonaws.com" }, "Action": [ "SNS:Publish" ], "Resource": "SNS-topic-ARN", "Condition": { "ArnLike": { "aws:SourceArn": "arn:aws:s3:::bucket-name" //should contain all the buckets that need to be configured. }, "StringEquals": { "aws:SourceAccount": "bucket-owner-account-id" } } } ] }

Also, to better address the issue, we require details that are non-public information. Thus, I request you to kindly open a support case with AWS using the following link from the account that owns the SQS queue.

https://console.aws.amazon.com/support/home#/case/create

Thank you and have a nice day!!

AWS
支持工程师
Palak
已回答 1 年前

您未登录。 登录 发布回答。

一个好的回答可以清楚地解答问题和提供建设性反馈,并能促进提问者的职业发展。

回答问题的准则