SQS, SNS, Lambda Flow

Event Driven Architecture with S3, SNS, SQS, Lambda flow.

S3 Event notifications support SQS, SNS, Lambda to send notification directly.

Main flow

---

SNS Access policy example

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "Service": "s3.amazonaws.com"
      },
      "Action": "sns:Publish",
      "Resource": "<SNS_TOPIC_ARN>",
      "Condition": {
        "ArnLike": {
          "aws:SourceArn": "<S3_BUCKET_ARN>"
        }
      }
    }
  ]
}

SQS queue policy

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": "*",
      "Action": "sqs:SendMessage",
      "Resource": "<SQS_QUEUE_ARN>",
      "Condition": {
        "ArnEquals": {
          "aws:SourceArn": "SNS_TOPIC_ARN"
        }
      }
    }
  ]
}

Lambda permissions

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "sqs:ReceiveMessage",
                "sqs:DeleteMessage",
                "sqs:GetQueueAttributes"
            ],
            "Effect": "Allow",
            "Resource": "<SQS_QUEUE_ARN>"
        },
        {
            "Action": [
                "logs:CreateLogGroup",
                "logs:CreateLogStream",
                "logs:PutLogEvents"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:logs:*:*:*"
        }
    ]
}