I have a question regarding the relationship between Lambda functions and Amazon SNS as a service.
In SNS you create subscriptions to a topic, one being a Lambda function. In my head I'd imagine this is to invoke and trigger the function when a message is sent out from that topic. But on the Lambda side you can create triggers to do that same thing, one of them being SNS.
What exactly is the difference, it kinda seems like they do the same thing. But if I create a subscription for a topic using a Lambda, it does not show up in the the triggers of the function in the Lambda services, which makes me wonder what exactly is the difference between these two?
What exactly is the difference?
There is no difference from the functional point of view. What you are observing are just console imperfections.
To make sure, I manually verified using my SNS and my lambda function.
When you use Create subscription in the SNS console, and add a lambda function, it does show up as a trigger in lambda console.
Similarly, if you use lambda console and add SNS trigger, you will find the function in the Subscriptions section of SNS console.
However, AWS console is not perfect. For example, if you remove the lambda function from Subscriptions, it will not remove it from triggers on lambda console. Instead you will see the following error:
For some this may be a bug, for others a feature. I learned not to rely heavily on what AWS console shows. Just double check if the subscription works or not.
Related
I have a lambda function which is triggered by an Eventbridge rule. When I delete that Eventbridge rule, the trigger still appears in the lambda console.
screenshot of lambda console, under configuration tab
Is there any api or sdk method like deleteTrigger or something?
However aws internally call this post method https://ap-south-1.console.aws.amazon.com/lambda/services/ajax?operation=deleteRelation&locale=en
I have created lambda and SNS using cloudformation. Here first lambda is invoking a SNS which has a subscription of another lambda. Here SNS is supposed to invoke alias of lambda. In SNS topic lambda ARN is showing as subscriber but in lambda it is not added as trigger. There is not a single invocation log of the lambda invoked from SNS. So is this problem about some kind of permission or else ? need help...
Yes, this is a permissions issue. You need to add a permission to the lambda function to allow SNS to invoke it.
Use the AWS::Lambda::Permission resource to add permissions to allow SNS to invoke the lambda function.
I had a heck of a time with one. I had originally set my lambda function to look for an event source of "aws:s3". In order to get the event source from an s3 event, I used "event.Records[0].eventSource". When I tested event.Records[0].eventSource == "aws:sns" to check if my SNS trigger had fired, it wouldn't work. It wasn't until I found sample SNS event JSON that I noticed that SNS events have an event source node of "EventSource". It's capital case. I changed my test to
event.Records[0].EventSource == "aws:sns"
and it worked. So much for consistency in event message formats.
I am trying to use boto3 to programmatically subscribe my lambda function to a sns topic. When I execute my script, I see the integration in the AWS Lambda Console but publishing to the SNS topic does not invoke the function.
I then created the integration between the SNS topic and Lambda function directly in the AWS console itself. The AWS Console adds an Identifier field with the sns arn as the value. Now, publishing to the topic invokes the function.
In my script,I have added permissions(lambda_client.add_permission) using the values:,
{'Action': 'lambda:InvokeFunction',
'FunctionName':'my_lambda',
'Principal': 'sns.amazonaws.com',
'SourceArn': 'arn:aws:sns:us-east-1:redacted_acct_no:my-topic',
'StatementId': 'lambda-03a99f95-f490-4b9c-8bf8-20ee85fb2bff'}
I also do
sns_client.subscribe() and have successfully subscribed the lambda function to the topic
For testing purposes, I created two integrations, to two different topics and I called lambda_client.get_policy() and the policies are identical(of course, the StatementIds are different.
I have a similar setup for S3 which works.
Can we subscribe an Amazon SNS topic using an AWS Lambda function?
Yes. With help of sns.subscribe()
Please keep in mind: dont forget to confirm it sns.confirmSubscription()
If you mean can you use a message from a SNS topic as the trigger for a lambda function, then the answer is yes.
If you mean can you write a lambda function that adds a subscription to an SNS topic then the answer is yes. Towards the bottom are links for the language-specific AWS SDKs. Your Lambda function would need to have the appropriate permissions to be able to add a subscription as well.
Is that possible if the user create a ticket in freshdesk that needs to be trigger the AWS lambda function.
That shouldn't be that hard. I would like to recommend using the following architecture
FreshDesk Ticket Trigger
FreshDesk Ticket Trigger Handler Published Message to SNS Topic
AWS Lambda Configured to SNS Topic as Event Source
AWS Lambda Code Accepts the SNS topic message (as Input) and performs the necessary processing
The advantages of using SNS rather directly calling Lambda are
Reducing the exposure of AWS API to only SNS topic and completely sealing rest of the API (IAM Privileges)
Possibility of Fan-Out Architecture [Multiple Lambda Functions can listen to the same SNS topic - near zero configuration]
For anyone landing on this topic.
It's possible with Freshdesk Marketplace app. With onTicketCreate product event, any actions can be written to execute with a Serverless function. It's completely run in Freshworks platform cloud.
If required, it can call your AWS Lambda.