1. Sending SNS notifications for AWS resource state changes

    TypeScript

    To send SNS notifications for AWS resource state changes, you would typically use Amazon CloudWatch Events to monitor the state changes of your AWS resources and trigger actions. You can then configure a CloudWatch Event rule to publish these events to an Amazon SNS topic, which in turn can notify the subscribed endpoints such as email, SMS, HTTP, or invoke AWS Lambda functions.

    Below is a Pulumi program written in TypeScript that illustrates how you can set this up. This program does the following:

    1. Creates an SNS topic to which notifications will be published.
    2. Sets up a CloudWatch Event rule to capture specific AWS resource state changes.
    3. Associates the SNS topic with the CloudWatch Event rule so that the rule's targets include the SNS topic.
    4. Demonstrates subscribing an email address to the SNS topic to receive notifications.

    Please note that when using SNS email subscriptions, the subscriber needs to confirm the subscription by clicking a link in an email sent by AWS SNS.

    Let's start with the Pulumi program that accomplishes these tasks:

    import * as aws from "@pulumi/aws"; // Step 1: Create an SNS topic const snsTopic = new aws.sns.Topic("my-sns-topic", {}); // Documentation: https://www.pulumi.com/registry/packages/aws/api-docs/sns/topic/ // Step 2: Create a CloudWatch Event Rule that triggers on instance state changes const cloudwatchEventRule = new aws.cloudwatch.EventRule("my-event-rule", { eventPattern: JSON.stringify({ "source": [ "aws.ec2" ], "detail-type": [ "EC2 Instance State-change Notification" ], "detail": { "state": [ "pending", "running", "stopping", "stopped" ] }, }), }); // Documentation: https://www.pulumi.com/registry/packages/aws/api-docs/cloudwatch/eventrule/ // Step 3: Set the SNS topic as a target for the CloudWatch Event Rule new aws.cloudwatch.EventTarget("my-event-rule-target", { rule: cloudwatchEventRule.name, arn: snsTopic.arn, }); // Documentation: https://www.pulumi.com/registry/packages/aws/api-docs/cloudwatch/eventtarget/ // Step 4: Subscribe to the SNS topic const emailSubscription = new aws.sns.TopicSubscription("my-topic-subscription", { topic: snsTopic.arn, protocol: "email", endpoint: "example@email.com", // Replace with your email address }); // Documentation: https://www.pulumi.com/registry/packages/aws/api-docs/sns/topicsubscription/ // Export the names of the resources export const topicName = snsTopic.name; export const topicArn = snsTopic.arn; export const ruleName = cloudwatchEventRule.name; export const subscriptionArn = emailSubscription.arn;

    Here's an explanation of the Pulumi resources used in the program:

    • aws.sns.Topic: This resource creates an SNS topic. SNS topics are a pub/sub system where messages are pushed to topics and delivered to subscribers. In this case, it will be used to dispatch notifications based on the state changes of the AWS resources you are monitoring.

    • aws.cloudwatch.EventRule: This resource allows you to create a rule that matches incoming events and routes them to one or more target functions or streams. Here, it's watching for state-change notifications from the EC2 service.

    • aws.cloudwatch.EventTarget: With an event target, you can set an SNS topic to respond to an event matching the rule defined in the EventRule. When a matching event is detected, it is sent to this SNS topic.

    • aws.sns.TopicSubscription: This creates a subscription to an SNS topic. Subscriptions define how the notifications are sent out from the topic. In this example, we're subscribing using an "email" protocol, meaning that SNS will send an email to the specified address whenever a message is published to the topic. Don't forget to confirm the subscription by clicking the confirmation link that AWS SNS will send to the email address!

    Finally, the program exports the names and ARNs of the created resources, which can be useful for reference or integration with other systems.

    Once you deploy this Pulumi program, any state changes for EC2 instances will trigger a CloudWatch Event, which in turn will notify the subscribed email addresses through the SNS Topic. Remember to replace "example@email.com" with your real email address.