🚨 Shai-Hulud Strikes Again:834 Packages Compromised.Technical Analysis →
Socket
Book a DemoInstallSign in
Socket
Book a DemoInstallSign in

@aws-solutions-constructs/aws-eventbridge-sns

Package Overview
Dependencies
Maintainers
1
Versions
190
Alerts
File Explorer

Advanced tools

License
Socket logo

Install Socket

Detect and block malicious and high-risk dependencies

Install

@aws-solutions-constructs/aws-eventbridge-sns

CDK Constructs for deploying AWS Events Rule that invokes AWS SNS

Source
npmnpm
Version
2.63.0
Version published
Weekly downloads
729
67.2%
Maintainers
1
Weekly downloads
 
Created
Source

aws-eventbridge-sns module

Stability: Stable

Reference Documentation:https://docs.aws.amazon.com/solutions/latest/constructs/
LanguagePackage
Python Logo Pythonaws_solutions_constructs.aws_eventbridge_sns
Typescript Logo Typescript@aws-solutions-constructs/aws-eventbridge-sns
Java Logo Javasoftware.amazon.awsconstructs.services.eventbridgesns

Overview

This AWS Solutions Construct implements an AWS Events rule and an AWS SNS Topic.

Here is a minimal deployable pattern definition:

Typescript

import { Construct } from 'constructs';
import { Stack, StackProps, Duration } from 'aws-cdk-lib';
import * as events from 'aws-cdk-lib/aws-events';
import * as iam from 'aws-cdk-lib/aws-iam';
import { EventbridgeToSnsProps, EventbridgeToSns } from "@aws-solutions-constructs/aws-eventbridge-sns";

const constructProps: EventbridgeToSnsProps = {
  eventRuleProps: {
    schedule: events.Schedule.rate(Duration.minutes(5))
  }
};

const constructStack = new EventbridgeToSns(this, 'test-construct', constructProps);

// Grant yourself permissions to use the Customer Managed KMS Key
const policyStatement = new iam.PolicyStatement({
  actions: ["kms:Encrypt", "kms:Decrypt"],
  effect: iam.Effect.ALLOW,
  principals: [new iam.AccountRootPrincipal()],
  resources: ["*"]
});

constructStack.encryptionKey?.addToResourcePolicy(policyStatement);

Python

from aws_solutions_constructs.aws_eventbridge_sns import EventbridgeToSns, EventbridgeToSnsProps
from aws_cdk import (
    aws_events as events,
    aws_iam as iam,
    Duration,
    Stack
)
from constructs import Construct

construct_stack = EventbridgeToSns(self, 'test-construct',
                                    event_rule_props=events.RuleProps(
                                        schedule=events.Schedule.rate(
                                            Duration.minutes(5))
                                    ))

# Grant yourself permissions to use the Customer Managed KMS Key
policy_statement = iam.PolicyStatement(
    actions=["kms:Encrypt", "kms:Decrypt"],
    effect=iam.Effect.ALLOW,
    principals=[iam.AccountRootPrincipal()],
    resources=["*"]
)

construct_stack.encryption_key.add_to_resource_policy(policy_statement)

Java

import software.constructs.Construct;
import java.util.List;

import software.amazon.awscdk.Stack;
import software.amazon.awscdk.StackProps;
import software.amazon.awscdk.Duration;
import software.amazon.awscdk.services.events.*;
import software.amazon.awscdk.services.iam.*;
import software.amazon.awsconstructs.services.eventbridgesns.*;

final EventbridgeToSns constructStack = new EventbridgeToSns(this, "test-construct",
        new EventbridgeToSnsProps.Builder()
                .eventRuleProps(new RuleProps.Builder()
                        .schedule(Schedule.rate(Duration.minutes(5)))
                        .build())
                .build());

// Grant yourself permissions to use the Customer Managed KMS Key
final PolicyStatement policyStatement = PolicyStatement.Builder.create()
        .actions(List.of("kms:Encrypt", "kms:Decrypt"))
        .effect(Effect.ALLOW)
        .principals(List.of(new AccountRootPrincipal()))
        .resources(List.of("*"))
        .build();

constructStack.getEncryptionKey().addToResourcePolicy(policyStatement);

Pattern Construct Props

NameTypeDescription
eventRulePropsevents.RulePropsUser provided eventRuleProps to override the defaults.
existingTopicObj?sns.TopicExisting instance of SNS Topic object, providing both this and topicProps will cause an error.
topicProps?sns.TopicPropsUser provided props to override the default props for the SNS Topic.
existingEventBusInterface?events.IEventBusOptional user-provided custom EventBus for construct to use. Providing both this and eventBusProps results an error.
eventBusProps?events.EventBusPropsOptional user-provided properties to override the default properties when creating a custom EventBus. Setting this value to {} will create a custom EventBus using all default properties. If neither this nor existingEventBusInterface is provided the construct will use the default EventBus. Providing both this and existingEventBusInterface results an error.
enableEncryptionWithCustomerManagedKey?booleanIf no key is provided, this flag determines whether the SNS Topic is encrypted with a new CMK or an AWS managed key. This flag is ignored if any of the following are defined: topicProps.masterKey, encryptionKey or encryptionKeyProps.
encryptionKey?kms.KeyAn optional, imported encryption key to encrypt the SNS Topic with.
encryptionKeyProps?kms.KeyPropsOptional user provided properties to override the default properties for the KMS encryption key used to encrypt the SNS Topic with.

Pattern Properties

NameTypeDescription
eventBus?events.IEventBusReturns the instance of events.IEventBus used by the construct
eventsRuleevents.RuleReturns an instance of events.Rule created by the construct
snsTopicsns.TopicReturns an instance of sns.Topic created by the construct
encryptionKey?kms.KeyReturns an instance of kms Key used for the SNS Topic.

Default settings

Out of the box implementation of the Construct without any override will set the following defaults:

Amazon EventBridge Rule

  • Grant least privilege permissions to EventBridge Rule to publish to the SNS Topic.

Amazon SNS Topic

  • Configure least privilege access permissions for SNS Topic.
  • Enable server-side encryption forSNS Topic using Customer managed KMS Key.
  • Enforce encryption of data in transit.

Architecture

Architecture Diagram

© Copyright Amazon.com, Inc. or its affiliates. All Rights Reserved.

Keywords

aws
cdk
awscdk
AWS Solutions Constructs
Amazon EventBridge
Amazon SNS

FAQs

Package last updated on 19 Jul 2024

Did you know?

Socket

Socket for GitHub automatically highlights issues in each pull request and monitors the health of all your open source dependencies. Discover the contents of your packages and block harmful activity before you install or update your dependencies.

Install

Related posts

Critical Security Vulnerability in React Server Components

Security News

Critical Security Vulnerability in React Server Components

React disclosed a CVSS 10.0 RCE in React Server Components and is advising users to upgrade affected packages and frameworks to patched versions now.

By Sarah Gooding  -  Dec 03, 2025