Search code examples
typescriptamazon-web-servicesamazon-sqsamazon-snsaws-cdk

Subscribe a sqs queue to a sns topic that is in a different account, using aws cdk(typescript)

I would like to connect an sqs queue to an sns topic that is in a different account, using cdk (typescript). Below is the code (this code is in a stack) that I think should work but I have some doubts listed below the code (I have not deployed this yet, still trying to learn how to do this first).

    const topic = Topic.fromTopicArn(
      this,
      `${stackName}-topic`,
      `arn:aws:sns:${region}:${accountno}:SubscriptionChanges`
    );

    topic.addSubscription(
      new SqsSubscription(queue, {
        filterPolicy: {
          type: SubscriptionFilter.stringFilter({
            whitelist: [
              'filter1',
            ],
          })
        },
      })
    );
  }
  • I use fromTopicArn to initiate the topic construct. Am I allowed to do this if I am not the owner of the topic (the topic is defined in a different account so I am trying to do this cross account)?
  • Is there a way to create a sqs subscription without creating the topic variable on the first line above?

I have read the documentation, and, there is example code for this, but it only shows how to do this within the same account. Anyone with any experience of this?

Solution

  • So after some research I have some answers.

    You are allowed to create a topic construct even if you don't own the topic, and you can connect a queue to it, but you (or more specifically, your account number) have to be granted access by the topic owner.

    const queue = make_my_queue();
const topic = sns.Topic.fromTopicArn(
  this, // assuming `this` is your Deployment Stack object.
  "myTopicId",
  "arn:aws:sns:eu-west-1:123123123123:MyFriendsGreatSnsTopic");

topic.addSubscription(new snsSubs.SqsSubscription(queue, {
   rawMessageDelivery: true // or false if you want
}));