Delivery Targets

The platform event service provides mechanisms to deliver system events to delivery targets including:

  • Amazon SNS

  • Amazon SQS

  • Workflow Execution Service (WES)

Amazon Resource Policy Settings

In order to allow the platform to deliver events to Amazon SQS or SNS delivery targets, a cross-account policy needs to be added to the target Amazon service.

{
   "Version":"2012-10-17",
   "Statement":[
      {
         "Effect":"Allow",
         "Principal":{
            "AWS":"arn:aws:iam::<platform_aws_account>:root"
         },
         "Action":"<action>",
         "Resource": "<arn>"
      }
   ]
}

Substitute the variables in the example above according to the table below.

Variable
Description

platform_aws_account

The platform AWS account ID: 079623148045

action

For SNS use SNS:Publish. For SQS, use SQS:SendMessage

arn

The Amazon Resource Name (ARN) of the target SNS topic or SQS queue

See examples for setting policies in Amazon SQS and Amazon SNS

Amazon SNS Topic

To create a subscription to deliver events to an Amazon SNS topic, use the --aws-sns-topic flag from the CLI.

$ ica subscriptions create --name aws-sns-example --type tes.runs --actions updated --aws-sns-topic arn:aws:sns:us-east-1:<aws-account-id>:<sns-topic>
actions.0                           updated
deliveryTarget.awsSnsTopic.topicArn arn:aws:sns:us-east-1:<aws-account-id>:<sns-topic>
id                                  sub.EXAMPLE
matchIdentities.0                   cid:EXAMPLE
name                                aws-sns-example
type                                tes.runs
...

Amazon SQS Queue

To create a subscription to deliver events to an Amazon SQS queue, use the --aws-sqs-queue flag from the CLI.

$ ica subscriptions create --name aws-sqs-example --type tes.runs --actions updated --aws-sqs-queue https://sqs.us-east-1.amazonaws.com/<account>/EXAMPLE
actions.0                           updated
deliveryTarget.awsSqsQueue.queueUrl https://sqs.us-east-1.amazonaws.com/<account>/EXAMPLE
id                                  sub.EXAMPLE
matchIdentities.0                   cid:EXAMPLE
name                                aws-sqs-example
type                                tes.runs
...

WES Workflow

To create a subscription to trigger a WES workflow, use the --workflow-id, --workflow-version, --workflow-run-name, and --workflow-run-input flags.

$ ica subscriptions create --name aws-sqs-example --type tes.runs --actions updated --workflow-id wfl.EXAMPLE --workflow-version EXAMPLE --workflow-run-name wes-run-example --workflow-run-input input.json
actions.0                                          updated
deliveryTarget.workflowRunLaunch.id                wfl.EXAMPLE
deliveryTarget.workflowRunLaunch.input.customInput example
deliveryTarget.workflowRunLaunch.name              wes-run-example
deliveryTarget.workflowRunLaunch.version           EXAMPLE
id                                                 sub.EXAMPLE
matchIdentities.0                                  cid:EXAMPLE
name                                               aws-sqs-example
type                                               tes.runs
...
PreviousAvailable EventsNextEvent Filtering

Last updated