Skip to main content

Have QBench trigger your AWS Lambda function

Melvin
Updated

QBench uses the AWS Simple Notification Service (SNS) module for triggering events. You can find your own SNS Topic ARN by navigating to Configuration > Application > Developer > Settings and looking in the Developer Section for a value named AWS SNS Topic ARN.

Screen Shot 2023-11-16 at 1.08.03 PM.png

 

In order to have your own AWS Lambda function get triggered by a QBench SNS Topic, some IAM Policy statements need to be setup on both the QBench AWS account and your own AWS account.

 

Please contact support@qbench.net or your customer representative to have a QBench engineer add an IAM policy. You will need to provide your AWS Account ID along with your Lambda Function ARN. The IAM Policy in the QBench AWS account will look like this:

 

 {
    "Sid": "Allow-other-account-to-subscribe-to-topic",
    "Effect": "Allow",
    "Principal": {
        "AWS": "arn:aws:iam::{{YOUR AWS ACCOUNT ID}}:root"
    },
    "Action": [
        "SNS:Subscribe",
        "SNS:Receive"
    ],
    "Resource": {{YOUR QBENCH SNS TOPIC ARN}}
}

 

Once the IAM Policy is updated in the QBench AWS account, you can follow these steps in your own AWS account to complete the process:

 

1. Create an IAM Policy with the following statement (replacing the placeholders with your own resource ARN):

 

{
  "Condition": {
    "ArnLike": {
      "AWS:SourceArn": {{YOUR QBENCH SNS TOPIC}}
    }
  },
  "Action": "lambda:InvokeFunction",
  "Resource": {{YOUR LAMBDA FUNCTION ARN}},
  "Effect": "Allow",
  "Sid": "allowQbenchSnsInvoke"
}

 

2. Apply this IAM Policy to an IAM Role

3. Ensure your Lambda function uses the IAM Role from step 2

4. Load your Lambda function in the AWS Console

5. Click "+ Add Trigger"

6. Under "Select Trigger", select SNS

7. Under "SNS Topic", enter in your QBench SNS Topic

    7a. Note: Your SNS Topic will not appear in the dropdown, but you can still paste it in

8. Click "Add"

 

Refer to the Events API Documentation for more information about the trigger payloads. Feel free to reach out to support@qbench.net if further assistance is needed

 

Common Problems

Problem: I get an "Invalid Topic ARN" message when I try to subscribe using the AWS Lambda Console UI

Solution: This typically happens if your Lambda function is NOT in the us-east-1 region. You will need to utilize the AWS CLI to create the subscription. Please follow these steps:

1. Using the AWS CLI in terminal, run the following:

aws sns subscribe --protocol lambda \
--topic-arn {{YOUR QBENCH SNS TOPIC}} \
--notification-endpoint {{YOUR LAMBDA FUNCTION ARN}} \
--profile {{YOUR_AWS_PROFILE_NAME}} \
--region us-east-1

2. In the AWS Lambda Console UI, go to "Configuration -> Permissions -> Resource-based policy" and click "Add permissions"

3. Select "AWS Service"

  3a. Select "SNS" as your Service

  3b. Specify any valid string for your Statement ID

  3c. Specify "sns.amazonaws.com" as your Principal

  3d. Paste in your QBench SNS Topic ARN for Source ARN

  3e. Select "lambda:InvokeFunction" as your action

 

Related articles

Comments

0 comments

Please sign in to leave a comment.

Powered by Zendesk