aws-events-rule-sqs - AWS Solutions Constructs


All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

Language Package


This pattern implements an Amazon CloudWatch Events rule connected to an Amazon SQS queue.

Here is a minimal deployable pattern definition:

import { Duration } from '@aws-cdk/core'; import * as events from '@aws-cdk/aws-events'; import * as iam from '@aws-cdk/aws-iam'; import { EventsRuleToSqsProps, EventsRuleToSqs } from "@aws-solutions-constructs/aws-events-rule-sqs"; const props: EventsRuleToSqsProps = { eventRuleProps: { schedule: events.Schedule.rate(Duration.minutes(5)) } }; const constructStack = new EventsRuleToSqs(this, 'test-construct', props); // Grant yourself permissions to use the Customer Managed KMS Key const policyStatement = new iam.PolicyStatement({ actions: ["kms:Encrypt", "kms:Decrypt"], effect: iam.Effect.ALLOW, principals: [ new iam.AccountRootPrincipal() ], resources: [ "*" ] }); constructStack.encryptionKey?.addToResourcePolicy(policyStatement);


new EventsRuleToSqs(scope: Construct, id: string, props: EventsRuleToSqsProps);


Pattern Construct Props

Name Type Description
eventRuleProps events.RuleProps User-provided properties to override the default properties for the CloudWatch Events rule.
existingQueueObj? sqs.Queue An optional, existing SQS queue to be used instead of the default queue. If an existing queue is provided, the queueProps property will be ignored.
queueProps? sqs.QueueProps Optional user-provided properties to override the default properties for the SQS queue. Ignored if an existingQueueObj is provided.
enableQueuePurging? boolean Whether to grant additional permissions to the Lambda function enabling it to purge the SQS queue. Defaults to false.
deployDeadLetterQueue? boolean Whether to create a secondary queue to be used as a dead letter queue. Defaults to true.
deadLetterQueueProps? sqs.QueueProps Optional user-provided props to override the default props for the dead letter queue. Only used if the deployDeadLetterQueue property is set to true.
maxReceiveCount? number The number of times a message can be unsuccessfully dequeued before being moved to the dead letter queue. Defaults to 15.
enableEncryptionWithCustomerManagedKey? boolean Whether to use a customer-managed encryption key, either managed by this CDK app or imported. If importing an encryption key, it must be specified in the encryptionKey property for this construct.
encryptionKey? kms.Key An optional, existing encryption key to be used instead of the default encryption key.
encryptionKeyProps? kms.KeyProps Optional user-provided properties to override the default properties for the encryption key.

Pattern Properties

Name Type Description
eventsRule events.Rule Returns an instance of the Events rule created by the pattern.
sqsQueue sqs.Queue Returns an instance of the SQS queue created by the pattern.
encryptionKey kms.Key Returns an instance of the encryption key created by the pattern.
deadLetterQueue? sqs.Queue Returns an instance of the dead letter queue created by the pattern, if one is deployed.

Default settings

Out-of-the-box implementation of this pattern without any overrides will set the following defaults:

Amazon CloudWatch Events rule

  • Grant least privilege permissions to CloudWatch Events to publish to the SQS Queue.

Amazon SQS queue

  • Deploy a dead-letter queue for the source queue.

  • Enable server-side encryption for the source queue using a customer-managed AWS KMS key.

  • Enforce encryption of data in transit.



To view the code for this pattern, create/view issues and pull requests, and more: