1 Answer
- Newest
- Most votes
- Most comments
0
Based on the options you listed, sending the payload to an SNS topic would be the best approach. Here are a few reasons why:
- SNS makes it easy to fan-out the message to multiple subscriber endpoints, including an API Gateway endpoint in the other account. This provides redundancy in case one subscriber is unavailable.
- SNS has good scalability and can handle high volumes of messages from the source Lambda function.
- Using SNS as the transport decouples the source Lambda function from knowledge of the destination endpoints. This follows the publish-subscribe messaging pattern.
- The destination account can control access to its API Gateway endpoint by attaching an IAM policy to allow only the SNS topic ARN to invoke it.
- To set this up, the source Lambda function would publish messages to an SNS topic. In the destination account, an API Gateway REST API would subscribe to that SNS topic. The API method could then process the payload and trigger any other resources.
- Let me know if you have any other questions! For implementation details, AWS documentation provides examples of cross-account SNS configurations and integrating with API Gateway.
Relevant content
- asked 5 months ago
- AWS OFFICIALUpdated a year ago
- AWS OFFICIALUpdated 3 years ago
- AWS OFFICIALUpdated 7 months ago
- AWS OFFICIALUpdated 3 years ago