resource "aws_iot_topic_rule" "rule" { name = "MyRule" description = "Example rule" enabled = true sql = "SELECT * FROM 'topic/test'" sql_version = "2015-10-08" sns { message_format = "RAW" role_arn = "${aws_iam_role.role.arn}" target_arn = "${aws_sns_topic.mytopic.arn}" } } resource "aws_sns_topic" "mytopic" { name = "mytopic" } resource "aws_iam_role" "role" { name = "myrole" assume_role_policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": "iot.amazonaws.com" }, "Action": "sts:AssumeRole" } ] } EOF } resource "aws_iam_role_policy" "iam_policy_for_lambda" { name = "mypolicy" role = "${aws_iam_role.role.id}" policy = <<EOF { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Action": [ "sns:Publish" ], "Resource": "${aws_sns_topic.mytopic.arn}" } ] } EOF }
name
- (Required) The name of the rule. description
- (Optional) The description of the rule. enabled
- (Required) Specifies whether the rule is enabled. sql
- (Required) The SQL statement used to query the topic. For more information, see AWS IoT SQL Reference (http://docs.aws.amazon.com/iot/latest/developerguide/iot-rules.html#aws-iot-sql-reference) in the AWS IoT Developer Guide. sql_version
- (Required) The version of the SQL rules engine to use when evaluating the rule. The cloudwatch_alarm
object takes the following arguments:
alarm_name
- (Required) The CloudWatch alarm name. role_arn
- (Required) The IAM role ARN that allows access to the CloudWatch alarm. state_reason
- (Required) The reason for the alarm change. state_value
- (Required) The value of the alarm state. Acceptable values are: OK, ALARM, INSUFFICIENT_DATA. The cloudwatch_metric
object takes the following arguments:
metric_name
- (Required) The CloudWatch metric name. metric_namespace
- (Required) The CloudWatch metric namespace name. metric_timestamp
- (Optional) An optional Unix timestamp (http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#about_timestamp). metric_unit
- (Required) The metric unit (supported units can be found here: http://docs.aws.amazon.com/AmazonCloudWatch/latest/DeveloperGuide/cloudwatch_concepts.html#Unit) metric_value
- (Required) The CloudWatch metric value. role_arn
- (Required) The IAM role ARN that allows access to the CloudWatch metric. The dynamodb
object takes the following arguments:
hash_key_field
- (Required) The hash key name. hash_key_type
- (Optional) The hash key type. Valid values are "STRING" or "NUMBER". hash_key_value
- (Required) The hash key value. payload_field
- (Optional) The action payload. range_key_field
- (Optional) The range key name. range_key_type
- (Optional) The range key type. Valid values are "STRING" or "NUMBER". range_key_value
- (Optional) The range key value. role_arn
- (Required) The ARN of the IAM role that grants access to the DynamoDB table. table_name
- (Required) The name of the DynamoDB table. The elasticsearch
object takes the following arguments:
endpoint
- (Required) The endpoint of your Elasticsearch domain. id
- (Required) The unique identifier for the document you are storing. index
- (Required) The Elasticsearch index where you want to store your data. role_arn
- (Required) The IAM role ARN that has access to Elasticsearch. type
- (Required) The type of document you are storing. The firehose
object takes the following arguments:
delivery_stream_name
- (Required) The delivery stream name. role_arn
- (Required) The IAM role ARN that grants access to the Amazon Kinesis Firehose stream. The kinesis
object takes the following arguments:
partition_key
- (Optional) The partition key. role_arn
- (Required) The ARN of the IAM role that grants access to the Amazon Kinesis stream. stream_name
- (Required) The name of the Amazon Kinesis stream. The lambda
object takes the following arguments:
function_arn
- (Required) The ARN of the Lambda function. The republish
object takes the following arguments:
role_arn
- (Required) The ARN of the IAM role that grants access. topic
- (Required) The name of the MQTT topic the message should be republished to. The s3
object takes the following arguments:
bucket_name
- (Required) The Amazon S3 bucket name. key
- (Required) The object key. role_arn
- (Required) The ARN of the IAM role that grants access. The sns
object takes the following arguments:
message_format
- (Required) The message format of the message to publish. Accepted values are "JSON" and "RAW". role_arn
- (Required) The ARN of the IAM role that grants access. target_arn
- (Required) The ARN of the SNS topic. The sqs
object takes the following arguments:
queue_url
- (Required) The URL of the Amazon SQS queue. role_arn
- (Required) The ARN of the IAM role that grants access. use_base64
- (Required) Specifies whether to use Base64 encoding. In addition to all arguments above, the following attributes are exported:
IoT Topic Rules can be imported using the name
, e.g.
$ terraform import aws_iot_topic_rule.rule <name>
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/aws/r/iot_topic_rule.html