This is the example code for the article AWS Cross-Account Messaging using EventBridge.
The intent is to allow cross-accounts bidirectional communication in AWS, using EventBridge and Lambda Functions.
This project has 2 different serverless files:
serverless-sender.ymlFor the account that generates the communication (the Emitter Account).serverless-receiver.ymlFor the account that receives the query request (the Receiver Account).
- Node v14+
- NPM 6.14+
- Serverless Framework CLI
- Framework Core: 2.25+
- Plugin: 4.4+
- SDK: 2.3+
- Components: 3.7+
- Administrator Access to the two accounts, and valid credentials for both in the AWS credentials file.
- Clone this repo
cp .env.sample .env- Edit the
.envfile and update it to have your values:REGIONThe AWS Region used for the project (e.g.us-east-1)DEFAULT_EVENT_BUS_NAMEThe name of your default EventBridge event busSENDER_AWS_ACCOUNT_IDThe Emitter AWS Account IDSENDER_BUS_NAMEThe name of your default EventBridge event busSENDER_AWS_PROFILEThe name of the profile for the Emitter Account in your AWS credentials fileRECEIVER_AWS_ACCOUNT_IDThe Receiver AWS Account IDRECEIVER_BUS_NAMEThe name of your default EventBridge event busRECEIVER_AWS_PROFILEThe name of the profile for the Receiver Account in your AWS credentials fileQUERY_CACHE_TABLE_NAMEThe name of your DynamoDB Table used for caching
- Deploy the serverless apps
dotenv -e .env -- serverless deploy -c serverless-sender.ymldotenv -e .env -- serverless deploy -c serverless-receiver.yml- Note: You might need to comment portions of your resources and do partial deployments, since you might be permissioning resources that do not exist yet otherwise.
After deploying you'll get an API Gateway endpoint you can use to send your messages.
You can exercise this endpoint doing requests like this:
POST https://your_api_gateway_base_url/dev/query
Content-Type: application/json
{
"source": "whiteprompt",
"detailType": "query.execute",
"detail": {
"query": "YOUR QUERY HERE"
}
}