How to configure event notifications in S3 Bucket on AWS

AWS S3 event notification helps us to receive notifications when certain events take place in an S3 Bucket. We can enable available Amazon S3 bucket events to send a notification message. So, whenever the specified event takes place in S3 Bucket, the event is triggered and notifications are sent. 

In this article, we will see how to get notified on Email when certain events take place on our S3 Bucket.

AWS S3 Event notification supports the following destination where notifications/messages can be sent.

  1. Amazon Simple Notification Service (Amazon SNS) topic:
    Messages are sent to subscribed endpoints.
  2. Amazon Simple Queue Service (Amazon SQS) queue:
    Messages are sent to SQS Queue where they can be stored.
  3. AWS Lambda:
    Can be used to invoke a Lambda function and provide the event message as an argument.

Before we proceed, I assume that you are familiar with S3 Bucket and SNS and have an S3 Bucket and SNS Topic already created in your account. If you do not have these resources then click here to learn to create an S3 Bucket from the AWS Console and Search for "How to create an SNS Topic and a Subscriber on AWS?" to create an SNS Topic with Email Subscriber in it.

Pre-requisites

  1. AWS Account (Create if you don’t have one). 
  2. S3 Bucket.
  3. SNS Topic.

What will we do?

  1. Login to AWS.
  2. Configure S3 event notifications.

Login to AWS

Click here to go to AWS Login Page.

When we hit the above link, we will see a web page as follows where we are required to login using our login details.

Once you successfully login into your account, you will see the screen as follows.

Configure S3 event notifications.

Click on Services and search for S3 to go to S3 Dashboard.

On the S3 Dashboard, click on the S3 bucket on which you want to configure event notifications.

Click on "Properties" and you will see a screen as follows, here click on "Events"

Now you can create notifications by clicking on "Add notifications".

Give a name to the notification to be created, select the Events which you want to be notified, select the SNS topic on which you want to send the notifications and click on "Save".

We can also set up a prefix/suffix filter so that we receive notifications only when files are added to a specific folder. This can be achieved by adding a Prefix/Suffix. For now, I am not adding this, you can give it a try if you want. 

You will see an error when you save the notification. This is because the SNS Topic that we have selected to send your notifications does not have permissions to receive notifications from this bucket. Hence we get this type of error. To resolve this error we need to add permissions to the SNS bucket so that it can receive notifications from this S3 bucket.

To go to SNS, search for SNS and click on the result.

On the main dashboard, click on "Topics" in the left panel.

Click on your SNS topic.

Under "Access Policy" you can see the current policy SNS has. We need to edit this policy. Click on "Edit".

Replace the SNS Policy with the following policy.

{
  "Version": "2012-10-17",
  "Id": "__default_policy_ID",
  "Statement": [
    {
      "Sid": "__default_statement_ID",
      "Effect": "Allow",
      "Principal": {
        "AWS": "*"
      },
      "Action": [
        "SNS:GetTopicAttributes",
        "SNS:SetTopicAttributes",
        "SNS:AddPermission",
        "SNS:RemovePermission",
        "SNS:DeleteTopic",
        "SNS:Subscribe",
        "SNS:ListSubscriptionsByTopic",
        "SNS:Publish",
        "SNS:Receive"
      ],
      "Resource": "arn:aws:sns:eu-west-3:064827688814:rahul-test",
      "Condition": {
        "StringEquals": {
          "AWS:SourceOwner": "064827688814"
        }
      }
    },
    {
      "Sid": "AWSEvents_all-events_Id2377506854031",
      "Effect": "Allow",
      "Principal": {
        "Service": "events.amazonaws.com"
      },
      "Action": "sns:Publish",
      "Resource": "arn:aws:sns:eu-west-3:064827688814:rahul-test"
    },
    {
      "Sid": "AWSEvents_S3_Event",
      "Effect": "Allow",
      "Principal": {
        "Service": "s3.amazonaws.com"
      },
      "Action": "sns:Publish",
      "Resource": "arn:aws:sns:eu-west-3:064827688814:rahul-test"
    }
  ]
}

In the SNS policy, we have added only the statement which is bold+italic. Also, do not forget to replace fields which are highlighted in red.

Save the changes to the SNS.

Coming back to S3 Events, now try to recreate the same event and save it. You will see that you now have 1 event created.

Go to main page of your S3 Bucket to test whether events are being notified or not.

Upload a sample object to your S3 Bucket, this will be a "PUT" action in the S3 Bucket. This will trigger our event notification and send a notification to us.

So when I uploaded the object, the event notification we created was triggered and SNS sent a notification to me on the Email Subscription I had in it.

Conclusion

In this article, we learned to create an Event Notification in S3 and trigger SNS when specified events like PUT/COPY/POST take place in S3 Bucket.

Share this page:

0 Comment(s)