CreateSubscriptionNotificationConfiguration
Notifies the subscriber when new data is written to the data lake for the sources that the subscriber consumes in Security Lake. You can create only one subscriber notification per subscriber.
Request Syntax
POST /subscription-notifications/subscriptionId
HTTP/1.1
Content-type: application/json
{
"createSqs": boolean
,
"httpsApiKeyName": "string
",
"httpsApiKeyValue": "string
",
"httpsMethod": "string
",
"roleArn": "string
",
"subscriptionEndpoint": "string
"
}
URI Request Parameters
The request uses the following URI parameters.
- subscriptionId
-
The subscription ID for the notification subscription.
Pattern:
[a-f0-9]{8}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{4}-[a-f0-9]{12}
Required: Yes
Request Body
The request accepts the following data in JSON format.
- createSqs
-
Create an Amazon Simple Queue Service queue.
Type: Boolean
Required: No
- httpsApiKeyName
-
The key name for the notification subscription.
Type: String
Required: No
- httpsApiKeyValue
-
The key value for the notification subscription.
Type: String
Required: No
- httpsMethod
-
The HTTPS method used for the notification subscription.
Type: String
Valid Values:
POST | PUT
Required: No
- roleArn
-
The Amazon Resource Name (ARN) of the EventBridge API destinations IAM role that you created. For more information about ARNs and how to use them in policies, see Managing data access and AWS Managed Policies in the Amazon Security Lake User Guide.
Type: String
Pattern:
^arn:.*
Required: No
- subscriptionEndpoint
-
The subscription endpoint in Security Lake. If you prefer notification with an HTTPs endpoint, populate this field.
Type: String
Pattern:
^(arn:aws:.+$|https?://.+$)
Required: No
Response Syntax
HTTP/1.1 200
Content-type: application/json
{
"queueArn": "string"
}
Response Elements
If the action is successful, the service sends back an HTTP 200 response.
The following data is returned in JSON format by the service.
- queueArn
-
Returns the Amazon Resource Name (ARN) of the queue.
Type: String
Pattern:
^[\\\w\-_:/.@=+]*$
Errors
For information about the errors that are common to all actions, see Common Errors.
- AccessDeniedException
-
You do not have sufficient access to perform this action. Access denied errors appear when Amazon Security Lake explicitly or implicitly denies an authorization request. An explicit denial occurs when a policy contains a Deny statement for the specific AWS action. An implicit denial occurs when there is no applicable Deny statement and also no applicable Allow statement.
HTTP Status Code: 403
- AccountNotFoundException
-
Amazon Security Lake cannot find an AWS account with the accountID that you specified, or the account whose credentials you used to make this request isn't a member of an organization.
HTTP Status Code: 403
- ConcurrentModificationException
-
More than one process tried to modify a resource at the same time.
HTTP Status Code: 409
- InternalServerException
-
Internal service exceptions are sometimes caused by transient issues. Before you start troubleshooting, perform the operation again.
HTTP Status Code: 500
- InvalidInputException
-
The request was rejected because a value that's not valid or is out of range was supplied for an input parameter.
HTTP Status Code: 400
- ResourceNotFoundException
-
The resource could not be found.
HTTP Status Code: 404
- ValidationException
-
Your signing certificate could not be validated.
HTTP Status Code: 400
See Also
For more information about using this API in one of the language-specific AWS SDKs, see the following: