AWSTemplateFormatVersion: 2010-09-09 Transform: AWS::Serverless-2016-10-31 Description: aws-s3-sqs-lambda Globals: Function: Runtime: java11 MemorySize: 3072 Timeout: 30 Resources: ### Lambda Function FileAudit: Type: AWS::Serverless::Function Properties: FunctionName: FileAudit Handler: com.example.FileAudit::handleRequest CodeUri: target/sourceCode.zip ### S3 S3FileBucket: Type: AWS::S3::Bucket DependsOn: - SNSTopicPolicy Properties: BucketName: filebucket78273ueoiqwdadui NotificationConfiguration: TopicConfigurations: - Event: "s3:ObjectRemoved:*" Topic: !Ref AuditSNSTopic Filter: S3Key: Rules: - Name: suffix Value: '.png' ### SNS AuditSNSTopic: Type: AWS::SNS::Topic Properties: TopicName: AuditSNSTopic Subscription: - Protocol: lambda Endpoint: !GetAtt FileAudit.Arn - Protocol: sqs Endpoint: !GetAtt AuditQueue.Arn ### SQS AuditQueue: Type: AWS::SQS::Queue Properties: QueueName: AuditQueue ###Policies SNSTopicPolicy: Type: AWS::SNS::TopicPolicy Properties: PolicyDocument: Version: 2012-10-17 Statement: - Effect: Allow Principal: Service: 's3.amazonaws.com' Action: sns:Publish Resource: !Ref AuditSNSTopic Topics: - !Ref AuditSNSTopic SnsToSqsPolicy: Type: AWS::SQS::QueuePolicy Properties: PolicyDocument: Version: "2012-10-17" Statement: - Sid: "Allow SNS publish to SQS" Effect: Allow Principal: Service: "sns.amazonaws.com" Resource: !GetAtt AuditQueue.Arn Action: SQS:SendMessage Condition: ArnEquals: aws:SourceArn: !Ref AuditSNSTopic Queues: - Ref: AuditQueue SNSInvokeFileAuditLambda: Type: 'AWS::Lambda::Permission' Properties: Action: 'lambda:InvokeFunction' FunctionName: !Ref FileAudit Principal: sns.amazonaws.com