CDK constructs for defining an interaction between an Amazon Kinesis Data Stream (KDS), Amazon Kinesis Data Firehose (KDF) delivery stream and an Amazon S3 bucket.
Project description
aws-kinesisstreams-kinesisfirehose-s3 module
---Reference Documentation: | https://docs.aws.amazon.com/solutions/latest/constructs/ |
---|
Language | Package |
---|---|
Python | aws_solutions_constructs.aws_kinesisstreams_kinesisfirehose_s3 |
Typescript | @aws-solutions-constructs/aws-kinesis-streams-kinesis-firehose-s3 |
Java | software.amazon.awsconstructs.services.kinesisstreamskinesisfirehoses3 |
This AWS Solutions Construct implements an Amazon Kinesis Data Stream (KDS) connected to Amazon Kinesis Data Firehose (KDF) delivery stream connected to an Amazon S3 bucket.
Here is a minimal deployable pattern definition in Typescript:
import { KinesisStreamsToKinesisFirehoseToS3 } from '@aws-solutions-constructs/aws-kinesisstreams-kinesisfirehose-s3';
new KinesisStreamsToKinesisFirehoseToS3(this, 'test-stream-firehose-s3', {});
Initializer
new KinesisStreamsToKinesisFirehoseToS3(scope: Construct, id: string, props: KinesisStreamsToKinesisFirehoseToS3Props);
Parameters
- scope
Construct
- id
string
- props
KinesisStreamsToKinesisFirehoseToS3Props
Pattern Construct Props
Name | Type | Description |
---|---|---|
bucketProps? | s3.BucketProps |
Optional user provided props to override the default props for the S3 Bucket. |
createCloudWatchAlarms? | boolean |
Optional whether to create recommended CloudWatch alarms. |
existingBucketObj? | s3.IBucket |
Optional existing instance of S3 Bucket object. If this is provided, then also providing bucketProps is an error. |
existingLoggingBucketObj? | s3.IBucket |
Optional existing instance of logging S3 Bucket object for the S3 Bucket created by the pattern. |
existingStreamObj? | kinesis.Stream |
Optional existing instance of Kinesis Stream, providing both this and kinesisStreamProps will cause an error. |
kinesisFirehoseProps? | kinesisfirehose.CfnDeliveryStreamProps |
any |
kinesisStreamProps? | kinesis.StreamProps |
Optional user-provided props to override the default props for the Kinesis stream. |
logGroupProps? | logs.LogGroupProps |
Optional user provided props to override the default props for for the CloudWatchLogs LogGroup. |
loggingBucketProps? | s3.BucketProps |
Optional user provided props to override the default props for the S3 Logging Bucket. |
logS3AccessLogs? | boolean | Whether to turn on Access Logging for the S3 bucket. Creates an S3 bucket with associated storage costs for the logs. Enabling Access Logging is a best practice. default - true |
Pattern Properties
Name | Type | Description |
---|---|---|
cloudwatchAlarms? | cloudwatch.Alarm[] |
Returns a list of cloudwatch.Alarm created by the construct |
kinesisFirehose | kinesisfirehose.CfnDeliveryStream |
Returns an instance of kinesisfirehose.CfnDeliveryStream created by the construct |
kinesisFirehoseLogGroup | logs.LogGroup |
Returns an instance of the logs.LogGroup created by the construct for Kinesis Data Firehose delivery stream |
kinesisFirehoseRole | iam.Role |
Returns an instance of the iam.Role created by the construct for Kinesis Data Firehose delivery stream |
kinesisStream | kinesis.Stream |
Returns an instance of the Kinesis stream created by the pattern |
kinesisStreamRole | iam.Role |
Returns an instance of the iam.Role created by the construct for Kinesis stream |
s3Bucket? | s3.Bucket |
Returns an instance of s3.Bucket created by the construct |
s3LoggingBucket? | s3.Bucket |
Returns an instance of s3.Bucket created by the construct as the logging bucket for the primary bucket |
s3BucketInterface | s3.IBucket |
Returns an instance of s3.IBucket created by the construct |
Default settings
Out of the box implementation of the Construct without any override will set the following defaults:
Amazon Kinesis Stream
- Configure least privilege access IAM role for Kinesis Stream
- Enable server-side encryption for Kinesis Stream using AWS Managed KMS Key
- Deploy best practices CloudWatch Alarms for the Kinesis Stream
Amazon Kinesis Firehose
- Enable CloudWatch logging for Kinesis Firehose
- Configure least privilege access IAM role for Amazon Kinesis Firehose
Amazon S3 Bucket
- Configure Access logging for S3 Bucket
- Enable server-side encryption for S3 Bucket using AWS managed KMS Key
- Enforce encryption of data in transit
- Turn on the versioning for S3 Bucket
- Don't allow public access for S3 Bucket
- Retain the S3 Bucket when deleting the CloudFormation stack
- Applies Lifecycle rule to move noncurrent object versions to Glacier storage after 90 days
Architecture
© Copyright 2021 Amazon.com, Inc. or its affiliates. All Rights Reserved.
Project details
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Close
Hashes for aws-solutions-constructs.aws-kinesis-streams-kinesis-firehose-s3-2.2.0.tar.gz
Algorithm | Hash digest | |
---|---|---|
SHA256 | c979510c590f77779c4a9b3ba57a65304c2331f926d33a6f1df3fea19353e093 |
|
MD5 | f382e5149c5569dde716fb1a3f27bbc5 |
|
BLAKE2b-256 | 20d40f3da6c3cfcfc5684ee2d39f060dbea8e1a51754149f123f5a7b1245b1c9 |
Close
Hashes for aws_solutions_constructs.aws_kinesis_streams_kinesis_firehose_s3-2.2.0-py3-none-any.whl
Algorithm | Hash digest | |
---|---|---|
SHA256 | c81a1f50f1c8992ab96d6855a1dbf72e80385bb95f70635b040be893c7c91287 |
|
MD5 | d81dac8940aa93b2ef35667b397cb8ea |
|
BLAKE2b-256 | cc293545937feaf3ccd0372fcab999a8b2b4a142814160b7ad8a8124277d0465 |