使用 AWS re:Post 即表示您同意 使用條款
AWS re:Postre:Post

How do I subscribe a private HTTP or HTTPS endpoint to my Amazon SNS topic?

4 分的閱讀內容
0

I want to subscribe a private HTTP or HTTPS endpoint to my Amazon Simple Notification Service (Amazon SNS) topic. How do I set that up?

Short description

To subscribe a private HTTP or HTTPS endpoint to an Amazon SNS topic, do the following:

Resolution

Create an Amazon VPC security group (LambdaSG) in the same Amazon VPC as the private endpoint

1.    Open the Amazon VPC console.

2.    In the left navigation panel, under Security, choose Security Groups. Then, choose Create security group.

3.    For Security group name, enter LambdaSG.

4.    For VPC, choose the Amazon VPC that the private endpoint is in.

5.    Choose Create security group.

Create a Lambda function inside the same Amazon VPC and subnet as the private endpoint and add it to the LambdaSG security group

1.    Open the Lambda console.

2.    Choose Create function.

3.    Choose Author from scratch.

4.    For Function name, enter a name that describes the purpose of your function. For example, Private-endpoint-Amazon-SNS-topic-subscription.

5.    For Runtime, choose Python 3.8.

6.    Choose Advanced settings.

7.    For VPC - optional, choose the Amazon VPC that the private endpoint is in. Dropdown lists for Subnets and Security groups appear.

8.    For Subnets, choose the subnet that the private endpoint is in.

9.    For Security groups, choose LambdaSG.

10.    Choose Create function.

Edit the private endpoint's security group's rules to allow inbound connection from the Lambda function's security group

1.    Open the Amazon VPC console.

2.    In the left navigation panel, under Security, choose Security Groups.

3.    Choose the name of the private endpoint's security group.

4.    Choose Edit inbound rules.

5.    For Type, choose HTTP or HTTPS, depending on your use case. The Protocol and Port range fields are populated automatically.

6.    For Source, choose Custom. Then, choose the LambdaSG security group.

7.    Choose Save rules.

Configure the Lambda function so that it passes incoming Amazon SNS notifications to the private endpoint

1.    Create a Lambda deployment package that includes your Lambda function's Python requests library. Follow the instructions in Create the deployment package in Tutorial: Creating a Lambda function in Python 3.8. For step 3, replace the code provided in the tutorial with the following example code snippet.

Python code snippet that uses the requests library to post the incoming notifications from Amazon SNS to the private endpoint

Important: Replace the url value with the URL of your private endpoint.

import json
import requests
 
def lambda_handler(event, context):
    url = "<PRIVATE_HTTP/S_ENDPOINT_URL>"
 
    sns_message_payload = event["Records"][0]["Sns"]
 
    sns_message_headers = {
        "x-amz-sns-message-id": sns_message_payload['MessageId'],
        "x-amz-sns-message-type": sns_message_payload["Type"],
        "x-amz-sns-subscription-arn" : event["Records"][0]["EventSubscriptionArn"],
        "x-amz-sns-topic-arn" : sns_message_payload["TopicArn"]
    }
 
    try:
        r = requests.post(url = url, data = json.dumps(sns_message_payload), headers = sns_message_headers)
    except Exceptions as e:
        print(e)
 
    print(r.content)
 
    return {
        'statusCode': 200,
        'body': json.dumps(r.content)
    }

2.    Use the deployment package to update the Lambda function that you created earlier.

Subscribe the Lambda function to your Amazon SNS topic

Follow the instructions in How do I subscribe a Lambda function to an Amazon SNS topic in the same account?

主題
應用程式整合
標籤
Amazon Simple Notification Service (SNS)
語言
English
AWS 官方
AWS 官方已更新 10 個月前
沒有評論

相關內容