I would like to connect an sqs queue to an sns topic that is in a different account, using cdk (typescript). Below is the code (this code is in a stack) that I think should work but I have some doubts listed below the code (I have not deployed this yet, still trying to learn how to do this first).
const topic = Topic.fromTopicArn(
this,
`${stackName}-topic`,
`arn:aws:sns:${region}:${accountno}:SubscriptionChanges`
);
topic.addSubscription(
new SqsSubscription(queue, {
filterPolicy: {
type: SubscriptionFilter.stringFilter({
whitelist: [
'filter1',
],
})
},
})
);
}
I have read the documentation, and, there is example code for this, but it only shows how to do this within the same account. Anyone with any experience of this?
So after some research I have some answers.
You are allowed to create a topic construct even if you don't own the topic, and you can connect a queue to it, but you (or more specifically, your account number) have to be granted access by the topic owner.
const queue = make_my_queue();
const topic = sns.Topic.fromTopicArn(
this, // assuming `this` is your Deployment Stack object.
"myTopicId",
"arn:aws:sns:eu-west-1:123123123123:MyFriendsGreatSnsTopic");
topic.addSubscription(new snsSubs.SqsSubscription(queue, {
rawMessageDelivery: true // or false if you want
}));