Can Amazon Connect instance, without putEvent permissions, still publish Contact Events to default event bus?
Per docs here, I have set up an EventBridge rule to ingest Contact Events from an Amazon Connect Instance and then POST said events to an HTTP endpoint.
Problem: the HTTP endpoint handler has yet to receive a single Contact Event.
I looked at the permissions policies attached to the role created for this instance of Amazon Connect. The role permissions Amazon Connect for access to Kinesis Video Streams (for audio chunking), Kinesis Data Streams (for publishing Agent Events and/or Contract Trace Records), and Directory Service (which I don't grok).
QUESTION: shouldn't the Amazon Connect instance also be permissioned for publishing Contact Events to the default event bus? Eg, I would expect a policy like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "VisualEditor0",
"Action": "events:PutEvents",
"Effect": "Allow",
"Resource": "arn:aws:events:us-west-2:1234567890:event-bus/default"
}
]
}
However, if I create this policy and then attempt to attach it to the Amazon Connect instance role, I see this error:
How can I confirm Amazon Connect instance is publishing Contact Events to the default event bus?
The short answer is, "Yeah, it works."
What I have confirmed is that for Contact Events from Amazon Connect instance, we do not actually require putEvent permissions (to EventBridge resource) in the Amazon Connect role. Instead, we can assume that said Contact Events are simply published to the "default event bus" (see docs), and that an EventBridge rule will pick up said events by screening for Contact Events from a specific instance of Amazon Connect.
For example, the Pattern for the EventBridge rule might look like this:
{
"source": ["aws.connect"],
"detail-type": ["Amazon Connect Contact Event"],
"detail": {
"instanceArn": ["arn:aws:connect:us-west-2:012345678901:instance/65fef175-25fc-4c38-881a-df4dbf150a3a"]
}
}
- AWS Lambda No module named 'regex._regex'
- Unable to resolve " not a valid key=value pair (missing equal-sign) in Authorization header" when POSTing to api gateway
- How to reset EC2 ubuntu instance?
- How to zip files properly on mac for unzipping via python from s3?
- Issues generating CloudFront signed URLs; always Access Denied
- AWS EventBridge Pipeline - Self Managed Kafka filter not working
- aws lambda function triggering multiple times for a single event
- Trying to create AWS spot datafeed, getting error: InaccessibleStorageLocation
- Can't see my EC2 instances on the management console?
- React web app Auth UserPool not configured
- How to retrieve usage on Amazon S3 based on tag?
- AWS Amplify: How to delete the environment, when resources are already partially deleted?
- Interactive shell in Docker image with Amazon ECS with `aws ecs run-task` followed by `aws ecs execute-command`
- Terraform v0.11.1 : Error downloading modules: Error loading modules: open .terraform/modules/3f10921295c292995128e9e36eb: no such file or directory
- Ansible - include vars file from remote host
- How to change AWS Lamp apache root directory?
- AWS Codeartifact and Poetry auth problems with private packages
- S3 Intelligent - Tiering with snowflake managed iceberg tables
- InvalidClientTokenId error aws when trying to get caller identity
- AWS Route 53: cost of having a subdomain on another DNS provider than AWS
- Unable to connect from MySQL Workbench to AWS RDS instance
- Querying timestamp data in Athena when the timestamp format in the underlying JSON files has changed
- Difference between AWS::IAM::Policy and AWS::IAM::ManagedPolicy
- During an aborted deployment, some instances may have deployed the new application version
- API Gateway V2 private integration to application load balancer always returns 503
- AWS ELB -> Backend Server over HTTPS with Self-Signed Certificate
- ELB to backend server using HTTPS with self-signed certificate
- How to pass different principals when deploying a bucket policy using terraform
- Clarification for AWS auto-scaling of instances
- Instances scaling (by ASG) but no new tasks being created