Skip to content

Event Source for Amazon Kinesis

This event source acts as a consumer of an Amazon Kinesis Data Stream and forwards all messages it reads after wrapping them in a CloudEvent envelope.

Prerequisite(s)

  • Kinesis Data Stream
  • Amazon Resource Name (ARN)
  • API Credentials

Kinesis Data Stream

If you don't already have an Amazon Kinesis Data Stream, create one by following the instructions at Creating and Updating Data Streams.

Amazon Resource Name (ARN)

A fully qualified ARN is required to uniquely identify the Amazon Kinesis Stream.

This ARN can be obtained directly from the overview page of the Kinesis Stream. It typically has the following format:

arn:aws:kinesis:{awsRegion}:{awsAccountId}:stream/{steamName}

Kinesis Data Stream

Alternatively, one can obtain the ARN of a Kinesis Stream by using the AWS CLI. The following command retrieves the information of a stream called triggermeshtest in the us-west-2 region:

$ aws kinesis describe-stream --stream-name triggermeshtest --region us-west-2
{
    "StreamDescription": {
        "StreamARN": "arn:aws:kinesis:us-west-2:123456789012:stream/triggermeshtest",
        "StreamName": "triggermeshtest",
        "StreamStatus": "ACTIVE",
        (...)
    }
}

API Credentials

The TriggerMesh event source for Amazon Kinesis authenticates calls to the AWS API using AWS Access Keys. The page Understanding and getting your AWS credentials contains instructions to create access keys when signed-in either as the root user or as an IAM user. Take note of the Access Key ID and Secret Access Key, they will be used to create an instance of the event source.

It is considered a good practice to create dedicated users with restricted privileges in order to programmatically access AWS services. Permissions can be added or revoked granularly for a given IAM user by attaching IAM Policies to it.

As an example, the following policy contains only the permissions required by the TriggerMesh Amazon Kinesis event source to operate:

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "kinesis:DescribeStream",
                "kinesis:GetShardIterator",
                "kinesis:GetRecords"
            ],
            "Resource": "arn:aws:kinesis:*:*:*"
        }
    ]
}

Creating an IAM user

Deploying an Instance of the Source

Open the Bridge creation screen and add a source of type Amazon Kinesis.

Adding an Amazon Kinesis source

In the Source creation form, give a name to the event source and add the following information:

  • AWS ARN: ARN of the Kinesis Data Stream, as described in the previous sections.
  • AWS Secret: Reference to a TriggerMesh secret containing an Access Key ID and a Secret Access Key to communicate with the Amazon Kinesis API, as described in the previous sections.

Amazon Kinesis source form

After clicking the Save button, you will be taken back to the Bridge editor. Proceed to adding the remaining components to the Bridge, then submit it.

Bridge overview

A ready status on the main Bridges page indicates that the event source is ready to forward messages from the Amazon Kinesis Data Stream.

Bridge status

Event Types

The Amazon Kinesis event source emits events of the following types:

  • com.amazon.kinesis.stream_record