aws-fargate-sns - AWS Solutions Constructs
OverviewPattern Construct PropsPattern PropertiesDefault settingsArchitectureGithub

aws-fargate-sns

Stability:Experimental
Reference Documentation: https://docs.aws.amazon.com/solutions/latest/constructs/
Language Package

Python Logo Python

aws_solutions_constructs.aws_fargate_sns

Typescript Logo Typescript

@aws-solutions-constructs/aws-fargate-sns

Java Logo Java

software.amazon.awsconstructs.services.fargatesns

Overview

This AWS Solutions Construct implements an AWS Fargate service that can write to an Amazon SNS topic

Here is a minimal deployable pattern definition:

Typescript
import { Construct } from 'constructs';
import { Stack, StackProps } from 'aws-cdk-lib';
import { FargateToSns, FargateToSnsProps } from '@aws-solutions-constructs/aws-fargate-sns';

const constructProps: FargateToSnsProps = {
    publicApi: true,
    ecrRepositoryArn: "arn:aws:ecr:us-east-1:123456789012:repository/your-ecr-repo"
};

new FargateToSns(this, 'test-construct', constructProps);
Python
from aws_solutions_constructs.aws_fargate_sns import FargateToSns, FargateToSnsProps
from aws_cdk import (
    Stack
)
from constructs import Construct

FargateToSns(self, 'test_construct',
            public_api=True,
            ecr_repository_arn="arn:aws:ecr:us-east-1:123456789012:repository/your-ecr-repo")
Java
import software.constructs.Construct;

import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
import software.amazon.awsconstructs.services.fargatesns.*;

new FargateToSns(this, "test_construct", new FargateToSnsProps.Builder()
        .publicApi(true)
        .ecrRepositoryArn("arn:aws:ecr:us-east-1:123456789012:repository/your-ecr-repo")
        .build());

Pattern Construct Props

Name Type Description

publicApi

boolean

Whether the construct is deploying a private or public API. This has implications for the VPC.

vpcProps?

ec2.VpcProps

Optional custom properties for a VPC the construct will create. This VPC will be used by any Private Hosted Zone the construct creates (that’s why loadBalancerProps and privateHostedZoneProps can’t include a VPC). Providing both this and existingVpc is an error.

existingVpc?

ec2.IVpc

An existing VPC in which to deploy the construct. Providing both this and vpcProps is an error. If the client provides an existing load balancer and/or existing Private Hosted Zone, those constructs must exist in this VPC.

clusterProps?

ecs.ClusterProps

Optional properties to create a new ECS cluster. To provide an existing cluster, use the cluster attribute of fargateServiceProps.

ecrRepositoryArn?

string

The arn of an ECR Repository containing the image to use to generate the containers. Either this or the image property of containerDefinitionProps must be provided. format: arn:aws:ecr:_region_:_account number_:repository/Repository Name

ecrImageVersion?

string

The version of the image to use from the repository. Defaults to "Latest"

containerDefinitionProps?

ecs.ContainerDefinitionProps | any

Optional props to define the container created for the Fargate Service (defaults found in fargate-defaults.ts)

fargateTaskDefinitionProps?

ecs.FargateTaskDefinitionProps | any

Optional props to define the Fargate Task Definition for this construct (defaults found in fargate-defaults.ts)

fargateServiceProps?

ecs.FargateServiceProps | any

Optional values to override default Fargate Task definition properties (fargate-defaults.ts). The construct will default to launching the service is the most isolated subnets available (precedence: Isolated, Private and Public). Override those and other defaults here.

existingFargateServiceObject?

ecs.FargateService

A Fargate Service already instantiated (probably by another Solutions Construct). If this is specified, then no props defining a new service can be provided, including: ecrImageVersion, containerDefinitionProps, fargateTaskDefinitionProps, ecrRepositoryArn, fargateServiceProps, clusterProps

existingContainerDefinitionObject?

ecs.ContainerDefinition

A container definition already instantiated as part of a Fargate service. This must be the container in the existingFargateServiceObject

existingTopicObj?

sns.Topic

Existing instance of SNS Topic object, providing both this and topicProps will cause an error.

topicProps?

sns.TopicProps

Optional user provided properties to override the default properties for the SNS topic.

topicArnEnvironmentVariableName?

string

Optional Name for the container environment variable set to the ARN of the topic. Default: SNS_TOPIC_ARN

topicNameEnvironmentVariableName?

string

Optional Name for the container environment variable set to the name of the topic. Default: SNS_TOPIC_NAME

enableEncryptionWithCustomerManagedKey?

boolean

If no key is provided, this flag determines whether the SNS Topic is encrypted with a new CMK or an AWS managed key. This flag is ignored if any of the following are defined: topicProps.masterKey, encryptionKey or encryptionKeyProps.

encryptionKey?

kms.Key

An optional, imported encryption key to encrypt the SNS Topic with.

encryptionKeyProps?

kms.KeyProps

Optional user provided properties to override the default properties for the KMS encryption key used to encrypt the SNS Topic with.

Pattern Properties

Name Type Description

vpc

ec2.IVpc

The VPC used by the construct (whether created by the construct or provided by the client)

service

ecs.FargateService

The AWS Fargate service used by this construct (whether created by this construct or passed to this construct at initialization)

container

ecs.ContainerDefinition

The container associated with the AWS Fargate service in the service property.

snsTopic

sns.Topic

Returns an instance of the SNS topic created by the pattern.

Default settings

Out of the box implementation of the Construct without any override will set the following defaults:

AWS Fargate Service

  • Sets up an AWS Fargate service

    • Uses the existing service if provided

    • Creates a new service if none provided.

      • Service will run in isolated subnets if available, then private subnets if available and finally public subnets

    • Adds environment variables to the container with the ARN and Name of the SNS topic

    • Add permissions to the container IAM role allowing it to publish to the SNS topic

Amazon SNS Topic

  • Sets up an Amazon SNS topic

    • Uses an existing topic if one is provided, otherwise creates a new one

  • Adds an Interface Endpoint to the VPC for SNS (the service by default runs in Isolated or Private subnets)

Architecture

Diagram showing the Fargate service, SNS topic and IAM role created by the construct

Github

Go to the Github repo for this pattern to view the code, read/create issues and pull requests and more.