Terjemahan disediakan oleh mesin penerjemah. Jika konten terjemahan yang diberikan bertentangan dengan versi bahasa Inggris aslinya, utamakan versi bahasa Inggris.
Untuk mengotomatisasi deployment pengarsipan pesan dan kasus penggunaan contoh analitik Amazon SNS, Anda dapat menggunakan templat YAML berikut ini:
---
AWSTemplateFormatVersion: '2010-09-09'
Description: Template for creating an SNS archiving use case
Resources:
ticketUploadStream:
DependsOn:
- ticketUploadStreamRolePolicy
Type: AWS::KinesisFirehose::DeliveryStream
Properties:
S3DestinationConfiguration:
BucketARN: !Sub 'arn:${AWS::Partition}:s3:::${ticketArchiveBucket}'
BufferingHints:
IntervalInSeconds: 60
SizeInMBs: 1
CompressionFormat: UNCOMPRESSED
RoleARN: !GetAtt ticketUploadStreamRole.Arn
ticketArchiveBucket:
Type: AWS::S3::Bucket
ticketTopic:
Type: AWS::SNS::Topic
ticketPaymentQueue:
Type: AWS::SQS::Queue
ticketFraudQueue:
Type: AWS::SQS::Queue
ticketQueuePolicy:
Type: AWS::SQS::QueuePolicy
Properties:
PolicyDocument:
Statement:
Effect: Allow
Principal:
Service: sns.amazonaws.com
Action:
- sqs:SendMessage
Resource: '*'
Condition:
ArnEquals:
aws:SourceArn: !Ref ticketTopic
Queues:
- !Ref ticketPaymentQueue
- !Ref ticketFraudQueue
ticketUploadStreamSubscription:
Type: AWS::SNS::Subscription
Properties:
TopicArn: !Ref ticketTopic
Endpoint: !GetAtt ticketUploadStream.Arn
Protocol: firehose
SubscriptionRoleArn: !GetAtt ticketUploadStreamSubscriptionRole.Arn
ticketPaymentQueueSubscription:
Type: AWS::SNS::Subscription
Properties:
TopicArn: !Ref ticketTopic
Endpoint: !GetAtt ticketPaymentQueue.Arn
Protocol: sqs
ticketFraudQueueSubscription:
Type: AWS::SNS::Subscription
Properties:
TopicArn: !Ref ticketTopic
Endpoint: !GetAtt ticketFraudQueue.Arn
Protocol: sqs
ticketUploadStreamRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Sid: ''
Effect: Allow
Principal:
Service: firehose.amazonaws.com
Action: sts:AssumeRole
ticketUploadStreamRolePolicy:
Type: AWS::IAM::Policy
Properties:
PolicyName: FirehoseticketUploadStreamRolePolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Action:
- s3:AbortMultipartUpload
- s3:GetBucketLocation
- s3:GetObject
- s3:ListBucket
- s3:ListBucketMultipartUploads
- s3:PutObject
Resource:
- !Sub 'arn:aws:s3:::${ticketArchiveBucket}'
- !Sub 'arn:aws:s3:::${ticketArchiveBucket}/*'
Roles:
- !Ref ticketUploadStreamRole
ticketUploadStreamSubscriptionRole:
Type: AWS::IAM::Role
Properties:
AssumeRolePolicyDocument:
Version: '2012-10-17'
Statement:
- Effect: Allow
Principal:
Service:
- sns.amazonaws.com
Action:
- sts:AssumeRole
Policies:
- PolicyName: SNSKinesisFirehoseAccessPolicy
PolicyDocument:
Version: '2012-10-17'
Statement:
- Action:
- firehose:DescribeDeliveryStream
- firehose:ListDeliveryStreams
- firehose:ListTagsForDeliveryStream
- firehose:PutRecord
- firehose:PutRecordBatch
Effect: Allow
Resource:
- !GetAtt ticketUploadStream.Arn