Amazon Web Services 文档中描述的 Amazon Web Services 服务或功能可能因区域而异。要查看适用于中国区域的差异,请参阅中国的 Amazon Web Services 服务入门。本文属于机器翻译版本。若本译文内容与英语原文存在差异,则一律以英文原文为准。
本教程向您展示如何使用 Amazon CloudFormation 创建基本 Amazon Lambda 函数。您将使用Amazon CloudFormation控制台和 YAML 模板来创建堆栈(IAM 角色、Lambda 函数和状态机)。然后,你将使用Amazon Step Functions控制台开始执行状态机。
有关更多信息,请参阅使用 CloudFormation 模板和Amazon CloudFormation用户指南中的AWS::StepFunctions::StateMachine
资源。
步骤 1:设置您的Amazon CloudFormation模板
在使用示例模板之前,您应该了解如何声明 Amazon CloudFormation 模板的不同部分。
为 Lambda 创建 IAM 角色
定义与 Lambda 函数的 IAM 角色关联的信任策略。以下示例使用 YAML 或 JSON 定义信任策略。
- YAML
-
LambdaExecutionRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: "sts:AssumeRole"
- JSON
-
"LambdaExecutionRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
}
创建 Lambda 函数
为将打印消息的 Lambda 函数定义以下属性Hello World
。
确保您的 Lambda 函数与状态机位于相同的Amazon账户和Amazon区域下。
- YAML
-
MyLambdaFunction:
Type: "AWS::Lambda::Function"
Properties:
Handler: "index.handler"
Role: !GetAtt [ LambdaExecutionRole, Arn ]
Code:
ZipFile: |
exports.handler = (event, context, callback) => {
callback(null, "Hello World!");
};
Runtime: "nodejs12.x"
Timeout: "25"
- JSON
-
"MyLambdaFunction": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"LambdaExecutionRole",
"Arn"
]
},
"Code": {
"ZipFile": "exports.handler = (event, context, callback) => {\n callback(null, \"Hello World!\");\n};\n"
},
"Runtime": "nodejs12.x",
"Timeout": "25"
}
},
为状态机执行创建 IAM 角色
定义与状态机执行的 IAM 角色关联的信任策略。
- YAML
-
StatesExecutionRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- !Sub states.${AWS::Region}.amazonaws.com
Action: "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: StatesExecutionPolicy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "lambda:InvokeFunction"
Resource: "*"
- JSON
-
"StatesExecutionRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
{
"Fn::Sub": "states.${AWS::Region}.amazonaws.com"
}
]
},
"Action": "sts:AssumeRole"
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "StatesExecutionPolicy",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:InvokeFunction"
],
"Resource": "*"
}
]
}
}
]
}
},
创建 Lambda 状态机
定义 Lambda 状态机。
- YAML
-
MyStateMachine:
Type: "AWS::StepFunctions::StateMachine"
Properties:
DefinitionString:
!Sub
- |-
{
"Comment": "A Hello World example using an Amazon Lambda function",
"StartAt": "HelloWorld",
"States": {
"HelloWorld": {
"Type": "Task",
"Resource": "${lambdaArn}",
"End": true
}
}
}
- {lambdaArn: !GetAtt [ MyLambdaFunction, Arn ]}
RoleArn: !GetAtt [ StatesExecutionRole, Arn ]
- JSON
-
"MyStateMachine": {
"Type": "AWS::StepFunctions::StateMachine",
"Properties": {
"DefinitionString": {
"Fn::Sub": [
"{\n \"Comment\": \"A Hello World example using an AWS Lambda function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambdaArn}\",\n \"End\": true\n }\n }\n}",
{
"lambdaArn": {
"Fn::GetAtt": [
"MyLambdaFunction",
"Arn"
]
}
}
]
},
"RoleArn": {
"Fn::GetAtt": [
"StatesExecutionRole",
"Arn"
]
}
}
}
步骤 2:使用Amazon CloudFormation模板创建 Lambda 状态机
了解了Amazon CloudFormation模板的组成部分后,就可以将它们组合在一起并使用该模板创建Amazon CloudFormation堆栈。
创建 Lambda 状态机
-
将以下示例数据复制到名为 MyStateMachine.yaml
(适用于 YAML 示例)或 MyStateMachine.json
(适用于 JSON)的文件中。
- YAML
-
AWSTemplateFormatVersion: "2010-09-09"
Description: "An example template with an IAM role for a Lambda state machine."
Resources:
LambdaExecutionRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Principal:
Service: lambda.amazonaws.com
Action: "sts:AssumeRole"
MyLambdaFunction:
Type: "AWS::Lambda::Function"
Properties:
Handler: "index.handler"
Role: !GetAtt [ LambdaExecutionRole, Arn ]
Code:
ZipFile: |
exports.handler = (event, context, callback) => {
callback(null, "Hello World!");
};
Runtime: "nodejs12.x"
Timeout: "25"
StatesExecutionRole:
Type: "AWS::IAM::Role"
Properties:
AssumeRolePolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: "Allow"
Principal:
Service:
- !Sub states.${AWS::Region}.amazonaws.com
Action: "sts:AssumeRole"
Path: "/"
Policies:
- PolicyName: StatesExecutionPolicy
PolicyDocument:
Version: "2012-10-17"
Statement:
- Effect: Allow
Action:
- "lambda:InvokeFunction"
Resource: "*"
MyStateMachine:
Type: "AWS::StepFunctions::StateMachine"
Properties:
DefinitionString:
!Sub
- |-
{
"Comment": "A Hello World example using an Amazon Lambda function",
"StartAt": "HelloWorld",
"States": {
"HelloWorld": {
"Type": "Task",
"Resource": "${lambdaArn}",
"End": true
}
}
}
- {lambdaArn: !GetAtt [ MyLambdaFunction, Arn ]}
RoleArn: !GetAtt [ StatesExecutionRole, Arn ]
- JSON
-
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "An example template with an IAM role for a Lambda state machine.",
"Resources": {
"LambdaExecutionRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": "lambda.amazonaws.com"
},
"Action": "sts:AssumeRole"
}
]
}
}
},
"MyLambdaFunction": {
"Type": "AWS::Lambda::Function",
"Properties": {
"Handler": "index.handler",
"Role": {
"Fn::GetAtt": [
"LambdaExecutionRole",
"Arn"
]
},
"Code": {
"ZipFile": "exports.handler = (event, context, callback) => {\n callback(null, \"Hello World!\");\n};\n"
},
"Runtime": "nodejs12.x",
"Timeout": "25"
}
},
"StatesExecutionRole": {
"Type": "AWS::IAM::Role",
"Properties": {
"AssumeRolePolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"Service": [
{
"Fn::Sub": "states.${AWS::Region}.amazonaws.com"
}
]
},
"Action": "sts:AssumeRole"
}
]
},
"Path": "/",
"Policies": [
{
"PolicyName": "StatesExecutionPolicy",
"PolicyDocument": {
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"lambda:InvokeFunction"
],
"Resource": "*"
}
]
}
}
]
}
},
"MyStateMachine": {
"Type": "AWS::StepFunctions::StateMachine",
"Properties": {
"DefinitionString": {
"Fn::Sub": [
"{\n \"Comment\": \"A Hello World example using an AWS Lambda function\",\n \"StartAt\": \"HelloWorld\",\n \"States\": {\n \"HelloWorld\": {\n \"Type\": \"Task\",\n \"Resource\": \"${lambdaArn}\",\n \"End\": true\n }\n }\n}",
{
"lambdaArn": {
"Fn::GetAtt": [
"MyLambdaFunction",
"Arn"
]
}
}
]
},
"RoleArn": {
"Fn::GetAtt": [
"StatesExecutionRole",
"Arn"
]
}
}
}
}
}
-
打开 Amazon CloudFormation 控制台并选择创建堆栈。
-
在 Select Template (选择模板) 页面上,选择 Upload a template to Amazon S3 (将模板上传到 Amazon S3)。选择您的 MyStateMachine
文件,然后选择 Next。
-
在指定详细信息页面上,为堆栈名称输入 MyStateMachine
,然后选择下一步。
-
在 Options (选项) 页面上,选择 Next (下一步)。
-
在审核页面上,选择我确认这Amazon CloudFormation可能会创建 IAM 资源。 然后选择 “创建”。
Amazon CloudFormation 开始创建 MyStateMachine
堆栈,并显示 CREATE_IN_PROGRESS 状态。在此过程完成后,Amazon CloudFormation 将显示 CREATE_COMPLETE 状态。
-
(可选) 要显示您的堆栈中的资源,请选择堆栈,然后选择 Resources 选项卡。
步骤 3:开始执行状态机
在创建您的 Lambda 状态机后,您就可以开始执行。
启动状态机执行
-
打开 Step Functions 控制台并选择您使用创建的状态机的名称Amazon CloudFormation。
-
在 MyStateMachine-ABCDEFGHIJ1K
页面上,选择 “新建执行”。
此时将显示 New execution 页面。
(可选)要识别您的执行情况,可以在 “名称” 框中为其指定名称。默认情况下,Step Functions 会自动生成唯一的执行名称。
Step Functions 允许您创建包含非 ASCII 字符的状态机、执行和活动名称。这些非 ASCII 名称不适用于亚马逊 CloudWatch。为确保您可以跟踪 CloudWatch 指标,请选择仅使用 ASCII 字符的名称。
-
选择 Start Execution (开始执行)。
此时将启动新的状态机执行,并显示一个说明正在运行的执行的新页面。
-
(可选)在 Execution Details (执行详细信息) 中,查看 Execution Status (执行状态) 以及 Started (已开始) 和 Closed (已关闭) 时间戳。
-
要查看执行结果,请选择 Output。