1. Using aws lambda with sns

    TypeScript

    To use AWS Lambda with Amazon Simple Notification Service (SNS), you'll need to perform two main tasks: creating a Lambda function and setting up an SNS topic that can trigger the Lambda. Here's how these AWS resources work together:

    1. AWS Lambda: This is a serverless compute service that lets you run code without provisioning or managing servers. You only pay for the computing time you consume.
    2. Amazon SNS: This is a fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication. SNS can trigger Lambda functions in response to published messages.

    Here's a program that accomplishes the integration:

    1. Creates an SNS topic: This is where messages are sent. Any message sent to this topic can trigger Lambda functions subscribed to it.
    2. Creates a Lambda function: The function contains the logic that processes messages received from the SNS topic.
    3. Grants permission to the SNS topic: This lets the SNS topic invoke the Lambda function when a message is published.
    4. Subscribes the Lambda function to the SNS topic: This creates a subscription that dictates that messages published to the topic should trigger the Lambda function.
    import * as pulumi from "@pulumi/pulumi"; import * as aws from "@pulumi/aws"; // Create an SNS topic const topic = new aws.sns.Topic("myTopic", { displayName: "My SNS Topic", // Optional: A human-readable name for the SNS topic. }); // Create an AWS Lambda function const lambdaFunction = new aws.lambda.Function("myFunction", { runtime: aws.lambda.NodeJS12dXRuntime, // Runtime environment for the Lambda function. code: new pulumi.asset.AssetArchive({ ".": new pulumi.asset.FileArchive("./function"), // Specify the path to the Lambda function's code. }), role: role.arn, // IAM role with Lambda execution policy. handler: "index.handler", // The function within your code that Lambda calls to begin execution. }); // Grant permission for the SNS topic to invoke the Lambda function const lambdaPermission = new aws.lambda.Permission("lambdaPermission", { action: "lambda:InvokeFunction", function: lambdaFunction.arn, principal: "sns.amazonaws.com", sourceArn: topic.arn, // Restrict invocation to this particular SNS topic. }, { dependsOn: [lambdaFunction] }); // Subscribe the Lambda to the SNS topic const topicSubscription = new aws.sns.TopicSubscription("myTopicSubscription", { topic: topic.arn, protocol: "lambda", endpoint: lambdaFunction.arn, }, { dependsOn: [lambdaPermission] }); // Export the SNS topic ARN and Lambda function ARN as stack outputs export const snsTopicArn = topic.arn; export const lambdaFunctionArn = lambdaFunction.arn;

    To get this working:

    • Replace ./function with the path to the directory containing your Lambda function code.
    • The Lambda function's IAM role (role.arn in the example) should have policies allowing it to be invoked by SNS and to log to Amazon CloudWatch Logs, among any other permissions it needs.
    • Cloud resource names (like "myFunction" or "myTopic") are logical names in Pulumi. They can be different from the actual names AWS assigns to these resources.

    This program sets up an SNS topic and a Lambda function, grants the necessary permission for the SNS topic to invoke the Lambda, and subscribes the Lambda to the SNS topic.

    When a message is published to the SNS topic, AWS executes the Lambda function, handling the message as specified in your Lambda function code.

    Remember to install @pulumi/aws package using npm or yarn if you haven't done so already:

    npm install @pulumi/aws

    After you have the function's code ready and your Pulumi script is set, you can deploy your stack using the following Pulumi CLI command:

    pulumi up

    Pulumi will handle the provisioning of all resources in AWS for you, based on the configuration details you've specified in your script.