aws-events-rule-sns

All classes are under active development and subject to
non-backward compatible changes or removal in any future version.
These are not subject to the
Semantic Versioning
Language | Package |
---|---|
![]() |
aws_solutions_constructs.aws_events_rule_sns
|
![]() |
@aws-solutions-constructs/aws-events-rule-sns
|
![]() |
software.amazon.awsconstructs.services.eventsrulesns
|
Overview
This pattern implements an Amazon CloudWatch Events rule connected to an Amazon SNS topic.
Here is a minimal deployable pattern definition:
import { Duration } from '@aws-cdk/core'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; import { EventsRuleToSnsProps, EventsRuleToSns } from "@aws-solutions-constructs/aws-events-rule-sns"; const props: EventsRuleToSnsProps = { eventRuleProps: { schedule: events.Schedule.rate(Duration.minutes(5)), } }; const constructStack = new EventsRuleToSns(this, 'test-construct', props); // Grant yourself permissions to use the Customer Managed KMS Key const policyStatement = new iam.PolicyStatement({ actions: ["kms:Encrypt", "kms:Decrypt"], effect: iam.Effect.ALLOW, principals: [ new iam.AccountRootPrincipal() ], resources: [ "*" ] }); constructStack.encryptionKey?.addToResourcePolicy(policyStatement);
Initializer
new EventsRuleToSNS(scope: Construct, id: string, props: EventsRuleToSNSProps);
Parameters
-
scope
Construct
-
id
string
-
props EventsRuleToSnsProps
Pattern Construct Props
Name | Type | Description |
---|---|---|
eventRuleProps |
events.RuleProps
|
User-provided properties to override the default properties for the CloudWatch Events rule. |
existingTopicObj? |
sns.Topic
|
An optional, existing SNS topic to be used instead of the default topic.
If an existing topic is provided, the topicProps property will be ignored.
|
topicProps? |
sns.TopicProps
|
Optional user-provided properties to override the default properties for the
SNS topic. Ignored if an existingTopicObj is provided.
|
enableEncryptionWithCustomerManagedKey? |
boolean
|
Whether to use a customer-managed encryption key, either managed by this CDK app or
imported. If importing an encryption key,
it must be specified in the encryptionKey property for this construct.
|
encryptionKey? |
kms.Key
|
An optional, existing encryption key to be used instead of the default encryption key. |
encryptionKeyProps? |
kms.KeyProps
|
Optional user-provided properties to override the default properties for the encryption key. |
Pattern Properties
Name | Type | Description |
---|---|---|
eventsRule |
events.Rule
|
Returns an instance of the Events rule created by the pattern. |
snsTopic |
sns.Topic
|
Returns an instance of the SNS topic created by the pattern. |
encryptionKey |
kms.Key
|
Returns an instance of the encryption key created by the pattern. |
Default settings
Out-of-the-box implementation of this pattern without any overrides will set the following defaults:
Amazon CloudWatch Events rule
-
Grant least privilege permissions to CloudWatch Events to publish to the SNS topic.
Amazon SNS topic
-
Configure least privilege access permissions for SNS topic.
-
Enable server-side encryption for SNS topic using customer-managed AWS KMS key.
-
Enforce encryption of data in transit.
Architecture

GitHub
To view the code for this pattern, create/view issues and pull requests, and more: | |
---|---|
![]() |
@aws-solutions-constructs/aws-events-rule-sns |