AWSTemplateFormatVersion: '2010-09-09' Transform: AWS::Serverless-2016-10-31 Description: Template to connect DynamoDB Stream to EventBridge Resources: # DynamoDB Stream DynamoDBUsersTable: Type: AWS::DynamoDB::Table Properties: TableName: Users AttributeDefinitions: - AttributeName: id AttributeType: S KeySchema: - AttributeName: id KeyType: HASH ProvisionedThroughput: ReadCapacityUnits: 5 WriteCapacityUnits: 5 StreamSpecification: ## Listen for KEYS_ONLY, NEW_IMAGE, OLD_IMAGE, or NEW_AND_OLD_IMAGES (https://docs.aws.amazon.com/amazondynamodb/latest/APIReference/API_StreamSpecification.html) StreamViewType: NEW_AND_OLD_IMAGES # Event Bus (Target) ApplicationEventBus: Type: AWS::Events::EventBus Properties: Name: UserBus PipeRole: Type: AWS::IAM::Role Properties: AssumeRolePolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: - pipes.amazonaws.com Action: - sts:AssumeRole Policies: - PolicyName: SourcePolicy PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - "dynamodb:DescribeStream" - "dynamodb:GetRecords" - "dynamodb:GetShardIterator" - "dynamodb:ListStreams" Resource: !GetAtt DynamoDBUsersTable.StreamArn - PolicyName: TargetPolicy PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Action: - 'events:PutEvents' Resource: !GetAtt ApplicationEventBus.Arn # EventBridge Pipe Pipe: Type: AWS::Pipes::Pipe Properties: Name: ddb-to-eventbridge-suffix Description: "Pipe to connect DDB stream to EventBridge event bus with suffix matching" RoleArn: !GetAtt PipeRole.Arn Source: !GetAtt DynamoDBUsersTable.StreamArn SourceParameters: FilterCriteria: Filters: - Pattern: '{"dynamodb": {"NewImage": {"avatarUrl": {"S": [{"suffix": ".png"}]}}}}' DynamoDBStreamParameters: StartingPosition: LATEST BatchSize: 1 Target: !GetAtt ApplicationEventBus.Arn TargetParameters: EventBridgeEventBusParameters: DetailType: "UserDetailsChanged" Source: "myapp.users"