stackoom
  简体   繁体   中英

Cross account, cross region SNS message processing

 原文  2017-07-29 16:47:04       amazon-web-services/ amazon-sns

Question

We are working on SNS to HTTPS API integration between 2 teams. So, another team has SNS topic configured in us-east-1 region and our HTTPS API is running in us-west-2 region.

Just wanted to check if we can process SNS messages generated from us-east-1 and a different AWS account in us-west-2 region.

I read somewhere (can't remember the blog post link now), that if SNS messages are generated in us-east-1 , they have to be processed in us-east-1 only. If we try to process in us-east-2 , message signature verification will fail and throws an invalid TopicArn exception.

Please guide if this is correct.

2 answers

solution1
 3 ACCPTED  2017-07-29 21:53:06

So, another team has SNS topic configured in us-east-1 region and our HTTPS API is running in us-west-2 region.

When SNS is publishing to an HTTPS endpoint, the endpoint can be anywhere on the Internet. It doesn't even need to be in AWS at all. As long as your HTTPS endpoint is accessible from the Internet and has a valid SSL certificate (matches the hostname, not expired, signed by an accredited certificate authority, not self-signed), that is all SNS will require.

The destination region and destination AWS account lose all meaningfulness in such a setup. There is no constraint, here.

If the topic is in us-east-1 then all requests sent to SNS must be sent to the us-east-1 endpoint (eg Subscribe or Publish ) but even then, they can be sent from anywhere on the Internet.

solution2
 -1  2021-10-06 18:50:08

SNS can be configured across regions via HTTPS endpoint of lambda by attaching the API Gateway to that lambda and copying the HTTPS URL of same.

After getting the HTTPS URL of the lambda may be whichever region. It may be that you just add in SNS service subscription part in SNS service by creating the subscription in the service.

After that, just publish a message. You will see entries in your Cloudwatch logs if you print an event in lambda. You will see something like "Subscribe URL". Copy that URL and paste it in the SNS service where you will be able to see "Pending on Subscription". This will work with latest amazon SNS service.

I tried and tested it to verify that this works.

暂无
暂无

The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.

Related Question AWS Cross Account SNS Publish Cross Account SNS Subscribe to Lambda in second account AWS SNS cross region vs same region cost and time difference SNS cross account subscription with additional layer AWS Lambda cross-region output processing AWS Firehose cross region/account policy AWS Lambda & SNS: Invoke Lambda cross-region Is there a way to copy EBS snapshot to another account in other region? (cross-region,cross-account) Cross account SNS SQS subscription set up (CDK) Error while doing AWS Lambda Cross Account integration with AWS SNS
Related Tags
 
粤ICP备18138465号  © 2020-2024 STACKOOM.COM