QBench uses the AWS Simple Notification Service (SNS) module for triggering events. In order to have your own AWS Lambda function get triggered by a QBench SNS Topic, some IAM Policy statements need to be setup on both the QBench AWS account and your own AWS account.
Please contact support@qbench.net or your customer representative to have a QBench engineer add an IAM policy. You will need to provide your AWS Account ID along with your Lambda Function ARN. The IAM Policy in the QBench AWS account will look like this:
{
"Sid": "Allow-other-account-to-subscribe-to-topic",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::{{YOUR AWS ACCOUNT ID}}:root"
},
"Action": [
"SNS:Subscribe",
"SNS:Receive"
],
"Resource": {{YOUR QBENCH SNS TOPIC ARN}}
}
Once the IAM Policy is updated in the QBench AWS account, you can follow these steps in your own AWS account to complete the process:
1. Create an IAM Policy with the following statement (replacing the placeholders with your own resource ARN):
{
"Condition": {
"ArnLike": {
"AWS:SourceArn": {{YOUR QBENCH SNS TOPIC}}
}
},
"Action": "lambda:InvokeFunction",
"Resource": {{YOUR LAMBDA FUNCTION ARN}},
"Effect": "Allow",
"Principal": {
"Service": "sns.amazonaws.com"
},
"Sid": "allow-qbench-sns-invoke"
}
2. Apply this IAM Policy to an IAM Role
3. Ensure your Lambda function uses the IAM Role from step 2
4. Load your Lambda function in the AWS Console
5. Click "+ Add Trigger"
6. Under "Select Trigger", select SNS
7. Under "SNS Topic", enter in your QBench SNS Topic (provided by a QBench representative)
8. Click "Add"
Refer to the Events API Documentation for more information about the trigger payloads. Feel free to reach out to support@qbench.net if further assistance is needed
Comments
0 comments
Please sign in to leave a comment.