awesome/devops-exercises
1
0
Fork 0
mirror of https://github.com/bregman-arie/devops-exercises.git synced 2025-07-12 23:50:28 +02:00
Code Issues Releases Activity
Files
master
devops-exercises/scripts/aws s3 event triggering/aws_s3_event_trigger.sh

123 lines
3.5 KiB
Bash
Raw Permalink Blame History

#!/bin/bash
# always put up the detail of scripts . version, author, what it does, what event triggers and all ..
###
# Author: Adarsh Rawat
# Version: 1.0.0
# Objective: Automate Notification for a object uploaded or created in s3 bucket.
###
# debug what is happening
set -x
# all these cmds are aws cli commands | abhishek veermalla day 4-5 devops
# store aws account id in a variable
aws_account_id=$(aws sts get-caller-identity --query 'Account' --output text)
# print the account id from the variable
echo "aws account id: $aws_account_id"
# set aws region, bucket name and other variables
aws_region="us-east-1"
aws_bucket="s3-lambda-event-trigger-bucket"
aws_lambda="s3-lambda-function-1"
aws_role="s3-lambda-sns"
email_address="adarshrawat8304@gmail.com"
# create iam role for the project
role_response=$(aws iam create-role --role-name s3-lambda-sns --assume-role-policy-document '{
"Version": "2012-10-17",
"Statement": [{
"Action": "sts:AssumeRole",
"Effect": "Allow",
"Principal": {
"Service": [
"lambda.amazonaws.com",
"s3.amazonaws.com",
"sns.amazonaws.com"
]
}
}]
}')
# jq is json parser here parse the role we created
# extract the role arn from json resposne and store in variable
role_arn=$(echo "$role_response" | jq -r '.Role.Arn')
# print the role arn
echo "Role ARN: $role_arn"
# attach permissions to the role
aws iam attach-role-policy --role-name $aws_role --policy-arn arn:aws:iam::aws:policy/AWSLambda_FullAccess
aws iam attach-role-policy --role-name $aws_role --policy-arn arn:aws:iam::aws:policy/AmazonSNSFullAccess
# create s3 bucket and get the output in a variable
bucket_output=$(aws s3api create-bucket --bucket "$aws_bucket" --region "$aws_region")
# print the output from the variable
echo "bucket output: $bucket_output"
# upload a file to the bucket
aws s3 cp ./sample.png s3://"$aws_bucket"/sample.png
# create a zip file to upload lambda function
zip -r s3-lambda.zip ./s3-lambda
sleep 5
# create a lambda function
aws lambda create-function \
--region $aws_region \
--function $aws_lambda \
--runtime "python3.8" \
--handler "s3-lambda/s3-lambda.lambda_handler" \
--memory-size 128 \
--timeout 30 \
--role "arn:aws:iam::$aws_account_id:role/$aws_role" \
--zip-file "fileb://./s3-lambda.zip"
# add permissions to s3 bucket to invoke lambda
LambdaFunctionArn="arn:aws:lambda:us-east-1:$aws_account_id:function:s3-lambda"
aws s3api put-bucket-notification-configuration \
--region "$aws_region" \
--bucket "$aws_bucket" \
--notification-configuration '{
"LambdaFunctionConfigurations": [{
"LambdaFunctionArn": "'"$LambdaFunctionArn"'",
"Events": ["s3:ObjectCreated:*"]
}]
}'
aws s3api put-bucket-notification-configuration \
--region "$aws_region" \
--bucket "$aws_bucket" \
--notification-configuration '{
"LambdaFunctionConfigurations": [{
"LambdaFunctionArn": "'"$LambdaFunctionArn"'",
"Events": ["s3:ObjectCreated:*"]
}]
}'
# create an sns topic and save the topic arn to a variable
topic_arn=$(aws sns create-topic --name s3-lambda-sns --output json | jq -r '.TopicArn')
# print the topic arn
echo "SNS Topic ARN: $topic_arn"
# Trigger SNS topic using lambda function
# Add sns topic using lambda function
aws sns subscribe \
--topic-arn "$topic_arn" \
--protocol email \
--notification-endpoint "$email_address"
# publish sns
aws sns publish \
--topic-arn "$topic_arn" \
--subject "A new object created in s3 bucket" \
--message "Hey, a new data object just got delievered into the s3 bucket $aws_bucket"
Reference in New Issue View Git Blame Copy Permalink