-
Notifications
You must be signed in to change notification settings - Fork 136
/
SNS-Payload-Based-Filtering-SAM.template
93 lines (83 loc) · 2.69 KB
/
SNS-Payload-Based-Filtering-SAM.template
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
AWSTemplateFormatVersion: '2010-09-09'
Transform: AWS::Serverless-2016-10-31
Description: >
SAM Template for insurance-events-sam-app
Resources:
# SNS topic policy that grants the S3 service principal access to publish messages to the SNS topic
InsuranceEventsTopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics:
- !Ref InsuranceEventsTopic
PolicyDocument:
Id: TopicPolicy
Version: "2012-10-17"
Statement:
- Sid: Allow-S3-Publish
Effect: Allow
Principal:
Service: s3.amazonaws.com
Action:
- sns:Publish
Resource: "*"
InsuranceEventsTopic:
Type: AWS::SNS::Topic
Properties:
TopicName: insurance-events-topic
AutoInsuranceEventsQueue:
Type: AWS::SQS::Queue
Properties:
QueueName: auto-insurance-events-queue
HomeInsuranceEventsQueue:
Type: AWS::SQS::Queue
Properties:
QueueName: home-insurance-events-queue
AutoInsuranceEventsSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol: sqs
Endpoint: !GetAtt AutoInsuranceEventsQueue.Arn
TopicArn: !Ref InsuranceEventsTopic
FilterPolicyScope: MessageBody
FilterPolicy:
'{"Records":{"s3":{"object":{"key":[{"prefix":"auto-"}]}},"eventName":[{"prefix":"ObjectCreated:"}]}}'
HomeInsuranceEventsSubscription:
Type: AWS::SNS::Subscription
Properties:
Protocol: sqs
Endpoint: !GetAtt HomeInsuranceEventsQueue.Arn
TopicArn: !Ref InsuranceEventsTopic
FilterPolicyScope: MessageBody
FilterPolicy:
'{"Records":{"s3":{"object":{"key":[{"prefix":"home-"}]}},"eventName":[{"prefix":"ObjectCreated:"}]}}'
InsuranceEventsBucket:
Type: AWS::S3::Bucket
DeletionPolicy: Retain
DependsOn: InsuranceEventsTopicPolicy
Properties:
NotificationConfiguration:
TopicConfigurations:
- Topic: !Ref InsuranceEventsTopic
Event: 's3:ObjectCreated:*'
InsuranceEventsQueuePolicy:
Type: AWS::SQS::QueuePolicy
Properties:
Queues:
- !Ref AutoInsuranceEventsQueue
- !Ref HomeInsuranceEventsQueue
PolicyDocument:
Statement:
- Sid: Allow-SNS-SendMessage
Effect: Allow
Principal:
Service : "sns.amazonaws.com"
Action:
- SQS:SendMessage
Resource: "*"
Condition:
ArnEquals:
aws:SourceArn: !Ref InsuranceEventsTopic
Outputs:
InsuranceEventsBucketName:
Description: The name of the S3 bucket to which insurance documents are uploaded, and from which events are triggered
Value: !Ref InsuranceEventsBucket