-
Notifications
You must be signed in to change notification settings - Fork 4.1k
/
Copy pathsns.ts
29 lines (26 loc) · 980 Bytes
/
sns.ts
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
import * as iam from '@aws-cdk/aws-iam';
import * as s3 from '@aws-cdk/aws-s3';
import * as sns from '@aws-cdk/aws-sns';
import { Construct } from '@aws-cdk/core';
/**
* Use an SNS topic as a bucket notification destination
*/
export class SnsDestination implements s3.IBucketNotificationDestination {
constructor(private readonly topic: sns.ITopic) {
}
public bind(_scope: Construct, bucket: s3.IBucket): s3.BucketNotificationDestinationConfig {
this.topic.addToResourcePolicy(new iam.PolicyStatement({
principals: [new iam.ServicePrincipal('s3.amazonaws.com')],
actions: ['sns:Publish'],
resources: [this.topic.topicArn],
conditions: {
ArnLike: { 'aws:SourceArn': bucket.bucketArn },
},
}));
return {
arn: this.topic.topicArn,
type: s3.BucketNotificationDestinationType.TOPIC,
dependencies: [this.topic], // make sure the topic policy resource is created before the notification config
};
}
}