v4
Search…
⌃K
Links

Setting up an SNS message integration

Below are the steps to set up a new AWS SNS message integration with Rightsline:
  1. 1.
    Determine the actions and char types of the messages in which you are interested.
  2. 2.
    Create an SQS queue in your AWS account. The queue can be either Standard or FIFO.
  3. 3.
    Modify the access policy for the SQS queue to allow the Rightsline AWS account to publish messages to the queue. The Rightsline AWS account ID 013474081760 should be granted the sqs:SendMessage permission like the following:
    {
    "Statement": [{
    "Effect":"Allow",
    "Principal": {
    "Service": "sns.amazonaws.com"
    },
    "Action":"sqs:SendMessage",
    "Resource":"{your_queue_ARN}",
    "Condition":{
    "ArnEquals":{
    "aws:SourceArn":"arn:aws:sns:us-west-2:013474081760:*"
    }
    }
    }]
    }
  4. 4.
    Ensure the message retention period on the SQS queue is set to at least 4 days to ensure that subscription confirmation messages are not automatically deleted. More information can be found here.
  5. 5.
    Contact Rightsline Support with the actions and the char types (from Step 1), your AWS Account ID number, and the Rightsline environment(s) that you would like messages for so that we can create the necessary SNS topics with the proper permissions.
  6. 6.
    Rightsline will create the SNS topics and an AWS IAM role that will be provided to you (per environment). The IAM role will have the form {environment}-rtl-div{client_id}-sns-subscribe
  7. 7.
    Assume the Rightsline role by either:
    1. 1.
      ​Getting temporary credentials via the sts assume-role CLI command
    2. 2.
      ​Add a profile to the AWS config file to assume the role with a profile flag
  8. 8.
    ​Subscribe the SQS queue to the SNS topic(s) using either the temporary credentials or the profile set up in the previous step. This will put the subscription in a Pending Confirmation status.
  9. 9.
    Rightsline will then send the confirmation message for each subscription to the SQS queue. The subscription confirmation token is valid for 3 days, and cannot be changed.
  10. 10.
    You should see these messages appear on your SQS queue. Poll for messages and open each individual message. There will be a field in the message body called SubscribeURL. Open this URL in a browser window to confirm the subscription. Repeat for each of the subscription confirmation messages.