Project

simnos

0.01
Repository is archived
No commit activity in last 3 years
No release in over 3 years
Manage AWS SNS by DSL
2005
2006
2007
2008
2009
2010
2011
2012
2013
2014
2015
2016
2017
2018
2019
2020
2021
2022
2023
2024
 Dependencies

Development

~> 1.14
~> 10.0
~> 3.0

Runtime

 Project Readme

Simnos

Simons is a tool to manage AWS SNS topic. It defines the state of SNS topic using DSL, and updates SNS topic according to DSL.

Installation

Add this line to your application's Gemfile:

gem 'simnos'

And then execute:

$ bundle

Or install it yourself as:

$ gem install simnos

Usage

export AWS_ACCESS_KEY_ID='...'
export AWS_SECRET_ACCESS_KEY='...'
export AWS_REGION='ap-northeast-1'
simnos -e -f SNSfile  # export SNS topic
vi SNSfile
simnos -a --dry-run
simnos -a             # apply `SNSfile` to SNS

Help

Usage: simnos [options]
    -h, --help                       show help
    -v, --debug                      show debug log
    -a, --apply                      apply DSL
    -e, --export                     export to DSL
    -n, --dry-run                    dry run
    -f, --file FILE                  use selected DSL file
    -s, --split                      split export DSL file to 1 per topic
        --no-color
                                     no color
        --with-subscriptions
                                     manage subscriptions
        --only-create-subscriptions
                                     only create subscriptions(recreation will occur with recreate-subscriptions option, even this option is enabled)
        --recreate-subscriptions
                                     recreate subscriptions
        --secret-provider NAME
                                     use secret value expansion
    -i, --include-names NAMES        include SNS names
    -x, --exclude-names NAMES        exclude SNS names by regex
        --include-endpoints NAMES
                                     include SNS subscriptions by endpoint
        --exclude-endpoints NAMES
                                     exclude SNS subscriptions by endpoint

SNSfile

sns "ap-northeast-1" do
  topic "test-topic" do
    display_name "test topic"

    effective_delivery_policy do
      {"http"=>
        {"defaultHealthyRetryPolicy"=>
          {"minDelayTarget"=>20,
           "maxDelayTarget"=>20,
           "numRetries"=>2,
           "numMaxDelayRetries"=>0,
           "numNoDelayRetries"=>0,
           "numMinDelayRetries"=>0,
           "backoffFunction"=>"linear"},
         "disableSubscriptionOverrides"=>false}}
    end

    policy do
      {"Version"=>"2008-10-17",
       "Id"=>"__default_policy_ID",
       "Statement"=>
        [{"Sid"=>"__default_statement_ID",
          "Effect"=>"Allow",
          "Principal"=>{"AWS"=>"*"},
          "Action"=>"SNS:Subscribe",
          "Resource"=>"arn:aws:sns:ap-northeast-1:XXXXXXXXXXXX:test-topic",
          "Condition"=>{"StringEquals"=>{"AWS:SourceOwner"=>"XXXXXXXXXXXX"}}}]}
    end

    subscriptions opt_out: false do
      subscription protocol: "https", endpoint: "https://your.awesome.site/"
      subscription protocol: "email", endpoint: "simnos@example.com"
      subscription protocol: "email-json", endpoint: "simnos@example.com"
      subscription protocol: "sqs", endpoint: "arn:aws:sqs:ap-northeast-1:XXXXXXXXXXXX:test-queue", attributes: {"DeliveryPolicy" => {}, "FilterPolicy" => {"foo": ["bar"], "RawMessageDelivery": "true"}}
    end
  end
end

Use template

template "default_policy" do
  policy do
    {"Version"=>"2008-10-17",
     "Id"=>"__default_policy_ID",
     "Statement"=>
      [{"Sid"=>"__default_statement_ID",
        "Effect"=>"Allow",
        "Principal"=>{"AWS"=>"*"},
        "Action"=>"SNS:Subscribe",
        "Resource"=>"arn:aws:sns:ap-northeast-1:XXXXXXXXXXXX:#{context.topic_name}",
        "Condition"=>{"StringEquals"=>{"AWS:SourceOwner"=>"XXXXXXXXXXXX"}}}]}
  end
end

sns "ap-northeast-1" do
  include_template "default_policy", topic_name: "test-topic"
end

Secret provider

If you don't want to commit your Basic authentication password, you can use SecretProvider. Use --secret-provider option to select provider.(e.g. --secret-provider=vault) Expression inside ${...} is passed to provider.

    subscriptions do
      subscription protocol: "https", endpoint: "https://user:${password}your.awesome.site/"
    end

Subscriptions

There is no way to UPDATE subscription. So if you want to recreate subscrptions, use --recreate-subscriptions option. It is highly recommended to also path --include-names or exclude-names to select topics. Because of Basic authentication password is not returned from API, recreation is needed to change password.

Similar tools

Contributing

Bug reports and pull requests are welcome on GitHub at https://github.com/codenize-tools/simnos.

License

The gem is available as open source under the terms of the MIT License.