DEV Community

Palak Bhawsar
Palak Bhawsar

Posted on • Originally published at palak-bhawsar.hashnode.dev on

S3 Event-Driven Email Notifications using AWS Lambda and SQS

In this project, I will be creating an S3 bucket, Queue, and Lambda function. Whenever an object is uploaded in the S3 bucket, an S3 event will trigger the queue and the lambda function will run which will check if the object name contains the word "sensitive" If so it will send an email notification to the team saying some sensitive file is added in the bucket.

Prerequisite:

AWS account and familiarity with AWS services

Let's first understand these AWS services:

Simple Storage Service(S3): A highly scalable object storage service that allows you to store and retrieve large amounts of data. It provides durability, availability, and security for your data and can be used for various purposes, such as backup, static website hosting, and content distribution.

Simple Queue Service(SQS): A fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications. It allows you to send, store, and receive messages between software components.

Function as a Service(Lambda): A computing service that lets you run code without provisioning or managing servers. It allows you to execute your code in response to events, such as changes in data, HTTP requests, or scheduled intervals.

Simple Email Service(SES): A fully managed service provided by AWS that enables you to send and receive email messages. It handles the underlying infrastructure and scaling aspects, allowing you to focus on sending and managing emails without the need to provision or manage servers.

Step 1: Create an S3 bucket

Go to the AWS console and search for " S3" in services. Click Create bucket and give a unique name to the bucket -> choose the AWS region where you want your bucket to reside. Keep other settings default and click Create bucket.

Step 2: Create SQS

Go to the AWS console and search for " SQS" in services. Click Create queue -> Choose the queue type as Standard -> Give a name to the queue -> Keep other settings default and click Create queue.

Now attach the access policy to the queue so that it can communicate with the S3 bucket when the S3 event is triggered.

Step 3: Attach policy to SQS

Go to the Queue that we have created in the previous step and select access policy. Click edit to update the permissions.

Take the Resource arn from the existing policy shown in your console. Go to the bucket that we have created and in the properties section you will get bucket arn, copy it and paste it into aws:SourceArn in the below policy and save.

{
  "Version": "2012-10-17",
  "Id": "Policy1684249599450",
  "Statement": [
    {
      "Sid": "Stmt1684249581034",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "sqs:*",
      "Resource": "arn:aws:sqs:us-east-1:148418490226:project-orion-queue",
      "Condition": {
        "ArnEquals": {
          "aws:SourceArn": "arn:aws:s3:::project-orion-files"
       }
      }
    }
  ]
}

Enter fullscreen mode Exit fullscreen mode

Step 4: Create S3 Event

Go to your bucket and select Properties, scroll down to Event notifications and click Create event notification. Give a name to your event then checkmark All object create events.

Select destination as SQS queue -> Select the queue that we have created in previous steps -> click save changes.

Step 5: Create Lambda function

Go to AWS services and search for Lambda. Select Lambda and click Create function. Select Author from Scratch-> Give a name to function -> Select runtime as Python3-> Click Create function.

Now go to Configuration -> Permissions -> click Role name

Add permissions to this lambda role so that it can communicate with SQS and SES services. Click Add permissions-> Attach policies-> Search for AmazonSESFullAccess and AmazonSQSFullAccess and add this policy to the Lambda.

Step 6: Add Lambda Trigger

We want this function to run when SQS has something to process. Click Add trigger in the Lambda function and select SQS as the trigger source. Select the SQS name that we have created. Keep the Batch window as 1 then click Add.

Step 7: Create SES and verify the Email

Go to AWS services and search for SES. Select SES and click Verified Identities -> Create identity-> Email address-> Enter email address-> Click Create Identity.

Check your mailbox and verify the email address. Create an identity for both the sender's email address and the receiver's email address. Once the identity is verified move to the next step.

Step 8: Deploy the Lambda function

Go to Lambda and add the Python code which will filter out the object uploaded in the S3 bucket and send the email to the receiver if the object name contains the word "sensitive"

Clone this GitHub repository: https://github.com/palakbhawsar98/AWS-Lambda-SQS-Project

After adding Python code in the Lambda function, click Deploy. Now to test this, upload some objects in the S3 bucket. Go to monitor and click view CloudWatchLogs-> Select the latest Log Stream. Check if the email is sent to the receiver and the queue is empty.

As soon as you upload a file in the S3 bucket and the name of the file contains the word "sensitive" an email will be sent.

Congratulations🥳🥳, we have completed the serverless project successfully.

If you face any issues contact me on my socials 👉 Contact m e

Thank You

Palak Bhawsar

Top comments (0)