NOTE: This repo contains only the documentation for the private BoltsOps Pro repo code. Original file: https://github.com/boltopspro/sns/blob/master/README.md The docs are publish so they are available for interested customers. For access to the source code, you must be a paying BoltOps Pro subscriber. If are interested, you can contact us at contact@boltops.com or https://www.boltops.com
This blueprint provisions an SNS topic.
- All AWS::SNS::Topic properties are configurable with Parameters. Additionally, properties that require further customization are configurable with Variables.
- You can add subscriptions with the
@subscriptionvariable.
- Add blueprint to Gemfile
- Configure: configs/sns values
- Deploy
Add the blueprint to your lono project's Gemfile.
gem "sns", git: "git@github.com:boltopspro/sns.git"First you want to configure the configs files. Use lono seed to configure starter values quickly.
LONO_ENV=development lono seed sns
To deploy to additional environments:
LONO_ENV=production lono seed sns
The generated files in config/sns folder look something like this:
configs/sns/
├── params
│ ├── development.txt
│ └── production.txt
└── variables
├── development.rb
└── production.rb
Here's an example of the params config:
configs/sns/params/development.txt
# Parameter Group: AWS::SNS::Topic
# DisplayName= # my display name
# KmsMasterKeyId= # 1234abcd-12ab-34cd-56ef-1234567890ab # also arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
# TopicName= # my-topic-name
Use the lono cfn deploy command to deploy. Example:
LONO_ENV=development lono cfn deploy sns --blueprint sns --sure
LONO_ENV=production lono cfn deploy sns --blueprint sns --sure
If you are using One AWS Account, use these commands instead: One Account.
You can use the @subscription variable to create subscribers. Example:
configs/sns/variables/development.rb:
@subscription = [{
Endpoint: "me@example.com", # String. Examples: http | https | email | email | sms | sqs | application | lambda
Protocol: "email", # String
}]Refer to the SNS Subscribe API docs for more subscription types.
You can also adjust the AWS::SNS::TopicPolicy IAM Document with the @policy_document variable. Example:
@policy_document =<<~JSON
{
"Version": "2008-10-17",
"Id": "example-ID",
"Statement": [
{
"Sid": "example-statement-ID",
"Effect": "Allow",
"Principal": {
"Service": "s3.amazonaws.com"
},
"Action": [
"SNS:Publish"
],
"Resource": "${SnsTopic}",
"Condition": {
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:*:*:my-test-bucket"
}
}
}
]
}
JSONIn this example, it allows s3 to publish to the SNS topic. Make sure to replace the my-test-bucket in the example.
By leveraging the lono Stack Name and CLI conventions, we can organize the configs files in a way that matches the stack name. Example:
lono cfn deploy news --blueprint sns
lono cfn deploy alerts --blueprint sns
Will use the corresponding config files:
configs/sns/development/news.txt
configs/sns/development/alerts.txt
The IAM permissions required for this stack are described below.
| Service | Description |
|---|---|
| cloudformation | To launch the CloudFormation stack. |
| sns | sns instance and security group. |
| s3 | Lono managed s3 bucket |