Event notification on s3 bucket to trigger lambda

Validate and debug the cloudformation template
October 1, 2018
What are advantages and disadvantages of Cloud Computing
October 3, 2018
0

Event notification on s3 bucket to trigger lambda

at
Categories
Tags

If you want to capture the s3 events (Put, Post, copy, delete etc), you can do with s3 event notification. in simple language, The Amazon S3 notification feature enables you to receive notifications when certain events happen in your s3 bucket.

Amazon S3 can publish the following events:

  • A new object creation: s3:ObjectCreated:*, s3:ObjectCreated:Put, s3:ObjectCreated:Post, s3:ObjectCreated:Copy, s3:ObjectCreated:CompleteMultipartUpload
  • An object removal: s3:ObjectRemoved:*, s3:ObjectRemoved:Delete, s3:ObjectRemoved:DeleteMarkerCreated
  • A Reduced Redundancy Storage (RRS) object lost: s3:ReducedRedundancyLostObject

S3 can send events to the following destinations:

  • Amazon Simple Notification Service (Amazon SNS) topic
  • Amazon Simple Queue Service (Amazon SQS) queue
  • AWS Lambda

How to Enable s3 Event Notifications to trigger lambda using Terraform:

1. Create IAM role for lambda

data "aws_iam_policy_document" "iam_assume_role_policy" {
statement {
actions = [
"sts:AssumeRole",
]
principals {
type = "Service"

identifiers = [
"lambda.amazonaws.com"
	]
     }
  }
}

resource "aws_iam_role" "lambda_role" {
  name = "LAMBDA-ROLE"
  assume_role_policy = "${data.aws_iam_policy_document.iam_assume_role_policy.json}"
}

2. Create lambda function if you want a new one

resource "aws_lambda_function" "s3lambda" {
  filename      = "code.zip"
  function_name = "s3_event_lambda"
  role          = "${aws_iam_role.lambda_role.arn}"
  handler       = "lambda_function.lambda_handler"
  runtime   = "python2.7"
}

3. Creates a Lambda permission

It will allow external sources invoking the Lambda function (e.g. CloudWatch Event Rule, SNS or S3).

resource "aws_lambda_permission" "allow_bucket" {
  statement_id  = "AllowExecutionFromS3Bucket"
  action        = "lambda:InvokeFunction"
  function_name = "${aws_lambda_function.s3lambda.arn}"
  principal     = "s3.amazonaws.com"
  source_arn    = "${data.aws_s3_bucket.bucket.arn}"
}

Create s3 bucket if needed or use existing bucket, on which you want event notifications

resource "aws_s3_bucket" "bucket" {
bucket = "event_bucket_name"
}

4. Configure the notification

Let add the notification for all create events

resource "aws_s3_bucket_notification" "bucket_notification" {
  bucket = "${aws_s3_bucket.bucket.id}"

  lambda_function {
    lambda_function_arn = "${aws_lambda_function.s3lambda.arn}"
    events              = ["s3:ObjectCreated:*"]
    filter_prefix       = "<_prefix_if_any_dir_in_s3>/"
    filter_suffix       = "<_suffix_of_file_put_in_s3>"
  }
}

 

That’s all. This will add the event notification on the s3 bucket for all the create events.

Rohit T
Rohit T

Related posts

November 30, 2018

AWS Lambda new features announced in AWS reinvent

Read more
October 11, 2018

AWS Lambda functions can run up to 15 minutes

Read more
October 1, 2018

Validate and debug the cloudformation template

Read more
September 21, 2018

AWS KMS Python : Upload & download file in S3

Read more
August 2, 2018

Access AWS S3 bucket from another account using bucket policy

Read more
May 3, 2018

AWS cli installation Procedure on MacOS

Read more
Bitnami