This is the Cloudformation template code related to my problem:
"SNSTopic": {
"Type": "AWS::SNS::Topic",
"Properties": {
"TopicName": "JumpboxPresenceTopic",
"DisplayName": "Jumpbox Presence Topic",
"Subscription": [
{
"Endpoint": {
"Fn::GetAtt": [
"Lambda",
"Arn"
]
},
"Protocol": "lambda"
}
]
}
},
"Lambda": {
"Type": "AWS::Lambda::Function",
"Properties": [...]
I can see the topic in the SNS dashboard:
But it does not display in the lambda function Event Sources panel:
The weird thing about this, is that if I create a new subscription from the SNS dashboard for that same lambda function, no new subscription is created since it would be an exact duplicate. However, now if I check the Event Sources panel in the Lambda dashboard, I can see a new entry for the SNS: JumpboxPresenceTopic
:
I feel like it's an issue on Amazon's side but I could be wrong. Is there something wrong with my approach or is it a limitation of AWS ?
In order to grant a Lambda function access to an SNS topic, we have to attach an IAM policy to the function's execution role. The policy should grant permissions for all the Actions the function needs to perform on the topic.
Amazon SNS and AWS Lambda are integrated so you can invoke Lambda functions with Amazon SNS notifications. When a message is published to an SNS topic that has a Lambda function subscribed to it, the Lambda function is invoked with the payload of the published message.
You must grant SNS permission to invoke Lambda first. Here is a example from AWS. Please change it from S3 to SNS and don't forget to set SourceArn as the SNS Topic ARN.
http://docs.aws.amazon.com/AWSCloudFormation/latest/UserGuide/aws-resource-lambda-permission.html
Adding the proper function name and sourcearn in permissions helped solving the issue
"MySNSTopic": {
"Type": "AWS::SNS::Topic",
"Properties": {
"TopicName": "MyTopic",
"DisplayName": "My Test Topic",
"Subscription": [
{
"Endpoint": { "Fn::GetAtt" : ["Lambda", "Arn"] },
"Protocol": "lambda"
}
]
}
},
"PermissionForEventsToInvokeLambda": {
"Type": "AWS::Lambda::Permission",
"Properties": {
"FunctionName": { "Fn::GetAtt" : ["Lambda", "Arn"] },
"Action": "lambda:InvokeFunction",
"Principal": "sns.amazonaws.com",
"SourceArn": { "Ref": "MySNSTopic" }
}
}
},
If you love us? You can donate to us via Paypal or buy me a coffee so we can maintain and grow! Thank you!
Donate Us With