aws-sns-sqs

All classes are under active development and subject to non-backward compatible changes or removal in any future version. These are not subject to the Semantic Versioning model. This means that while you may use them, you may need to update your source code when upgrading to a newer version of this package.

Language	Package
Python	aws_solutions_constructs.aws_sns_sqs
Typescript	@aws-solutions-constructs/aws-sns-sqs
Java	software.amazon.awsconstructs.services.snssqs

This AWS Solutions Construct implements an Amazon SNS topic connected to an Amazon SQS queue.

Here is a minimal deployable pattern definition in TypeScript:

import { SnsToSqs, SnsToSqsProps } from "@aws-solutions-constructs/aws-sns-sqs";
import * as iam from '@aws-cdk/aws-iam';

const snsToSqsStack = new SnsToSqs(this, 'SnsToSqsPattern', {});

// Grant yourself permissions to use the Customer Managed KMS Key
const policyStatement = new iam.PolicyStatement({
    actions: ["kms:Encrypt", "kms:Decrypt"],
    effect: iam.Effect.ALLOW,
    principals: [ new iam.AccountRootPrincipal() ],
    resources: [ "*" ]
});

snsToSqsStack.encryptionKey?.addToResourcePolicy(policyStatement);

Initializer

new SnsToSqs(scope: Construct, id: string, props: SnsToSqsProps);

Parameters

• scope Construct

• id string

• props SnsToSqsProps

Pattern Construct Props

Name	Type	Description
existingTopicObj?	sns.Topic	An optional, existing SNS topic to be used instead of the default topic. If an existing topic is provided, the topicProps property will be ignored.
topicProps?	sns.TopicProps	Optional user-provided properties to override the default properties for the SNS topic. Ignored if an existingTopicObj is provided.
existingQueueObj?	sqs.Queue	An optional, existing SQS queue to be used instead of the default queue. If an existing queue is provided, the queueProps property will be ignored.
queueProps?	sqs.QueueProps	Optional user-provided properties to override the default properties for the SQS queue. Ignored if an existingQueueObj is provided.
deployDeadLetterQueue?	boolean	Whether to create a secondary queue to be used as a dead letter queue. Defaults to true.
deadLetterQueueProps?	sqs.QueueProps	Optional user-provided props to override the default props for the dead letter queue. Only used if the deployDeadLetterQueue property is set to true.
maxReceiveCount?	number	The number of times a message can be unsuccessfully dequeued before being moved to the dead letter queue. Defaults to 15.
enableEncryptionWithCustomerManagedKey?	boolean	Whether to use a customer-managed encryption key, either managed by this CDK app or imported. If importing an encryption key, it must be specified in the encryptionKey property for this construct.
encryptionKey?	kms.Key	An optional, existing encryption key to be used instead of the default encryption key.
encryptionKeyProps?	kms.KeyProps	Optional user-provided properties to override the default properties for the encryption key.

Pattern Properties

Name	Type	Description
snsTopic	sns.Topic	Returns an instance of the SNS topic created by the pattern.
encryptionKey	kms.Key	Returns an instance of the encryption key created by the pattern.
sqsQueue	sqs.Queue	Returns an instance of the SQS queue created by the pattern.
deadLetterQueue?	sqs.Queue	Returns an instance of the dead letter queue created by the pattern, if one is deployed.

Default settings

Out-of-the-box implementation of this pattern without any overrides will set the following defaults:

Amazon SNS topic

• Configure least privilege access permissions for SNS topic.

• Enable server-side encryption using AWS managed KMS key.

• Enforce encryption of data in transit.

Amazon SQS queue

• Configure least privilege access permissions for SQS queue.

• Deploy dead-letter queue for the source SQS queue.

• Enable server-side encryption for SQS queue using customer-managed KMS key.

• Enforce encryption of data in transit.

Architecture

GitHub

To view the code for this pattern, create/view issues and pull requests, and more:
	@aws-solutions-constructs/aws-sns-sqs