aws-s3-sqs - AWS Solutions Constructs

aws-s3-sqs

All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

Language Package
Python
aws_solutions_constructs.aws_s3_sqs
Typescript
@aws-solutions-constructs/aws-s3-sqs
Java
software.amazon.awsconstructs.services.s3sqs

This AWS Solutions Construct implements an Amazon S3 Bucket that is configured to send notifications to an Amazon SQS queue.

Here is a minimal deployable pattern definition in TypeScript:

import { S3ToSqs } from "@aws-solutions-constructs/aws-s3-sqs"; new S3ToSqs(stack, 'S3ToSQSPattern', {});

Initializer

new S3ToSqs(scope: Construct, id: string, props: S3ToSqsProps);

Parameters

Pattern Construct Props

Name Type Description
existingBucketObj? s3.Bucket An optional, existing S3 bucket to be used instead of the default bucket. If an existing bucket is provided, the bucketProps property will be ignored.
bucketProps? s3.BucketProps Optional user-provided props to override the default props for the S3 bucket.
s3EventTypes? s3.EventType[] The S3 event types that will trigger the notification. Defaults to s3.EventType.OBJECT_CREATED.
s3EventFilters? s3.NotificationKeyFilter[] The S3 object key filter rules to determine which objects trigger this event. If not specified, no filter rules will be applied.
existingQueueObj? sqs.Queue An optional, existing SQS queue to be used instead of the default queue. If an existing queue is provided, the queueProps property will be ignored.
queueProps? sqs.QueueProps Optional user-provided properties to override the default properties for the SQS queue. Ignored if an existingQueueObj is provided.
deadLetterQueueProps? sqs.QueueProps Optional user-provided props to override the default props for the dead letter queue. Only used if the deployDeadLetterQueue property is set to true.
deployDeadLetterQueue? boolean Whether to create a secondary queue to be used as a dead letter queue. Defaults to true.
maxReceiveCount? number The number of times a message can be unsuccessfully dequeued before being moved to the dead letter queue. Defaults to 15.
enableEncryptionWithCustomerManagedKey? boolean Whether to use a KMS Key, either managed by this CDK app, or imported. If importing an encryption key, it must be specified in the encryptionKey property for this construct.
encryptionKey? kms.Key An optional, existing encryption key to be used instead of the default encryption key.
encryptionKeyProps? kms.KeyProps Optional user-provided properties to override the default properties for the encryption key.

Pattern Properties

Name Type Description
sqsQueue sqs.Queue Returns an instance of the SQS queue created by the pattern.
deadLetterQueue? sqs.Queue Returns an instance of the dead letter queue created by the pattern, if one is deployed.
encryptionKey kms.IKey Returns an instance of the encryption key created by the pattern.
s3Bucket? s3.Bucket Returns an instance of the S3 bucket created by the pattern.
s3LoggingBucket? s3.Bucket Returns an instance of the logging bucket created by the pattern for the S3 bucket.

Default settings

Out-of-the-box implementation of this pattern without any overrides will set the following defaults:

Amazon S3 Bucket

  • Configure Access logging for S3 Bucket

  • Enable server-side encryption for S3 Bucket using AWS managed KMS Key

  • Turn on the versioning for S3 Bucket

  • Don't allow public access for S3 Bucket

  • Retain the S3 Bucket when deleting the CloudFormation stack

  • Enforce encryption of data in transit

  • Applies lifecycle rule to move noncurrent object versions to Glacier storage after 90 days

Amazon SQS Queue

  • Configure least privilege access permissions for SQS Queue

  • Deploy SQS dead-letter queue for the source SQS Queue

  • Enable server-side encryption for SQS Queue using Customer managed KMS Key

  • Enforce encryption of data in transit

Architecture

GitHub

To view the code for this pattern, create/view issues and pull requests, and more:
@aws-solutions-constructs/aws-s3-sqs