Code Review

source/patterns/@aws-solutions-constructs/aws-events-rule-sns/README.md

@@ -26,16 +26,19 @@ This AWS Solutions Construct implements an AWS Events rule and an AWS SNS Topic.
 
 Here is a minimal deployable pattern definition:
 
-``` javascript
-const { EventsRuleToSNSTopicProps, EventsRuleToSNSTopic } = require('@aws-solutions-constructs/aws-events-rule-sns');
+``` typescript
+import { EventsRuleToSNSTopicProps, EventsRuleToSNSTopic } from "@aws-solutions-constructs/aws-events-rule-sns";
 
 const props: EventsRuleToSNSTopicProps = {
     eventRuleProps: {
-      schedule: events.Schedule.rate(Duration.minutes(5))
+      schedule: events.Schedule.rate(Duration.minutes(5)),
+    },
+    topicsProps: {
+      displayName: 'event-rule-sns'
     }
 };
 
-new EventsRuleToSNSTopic(stack, 'test-events-rule-sns', props);
+new EventsRuleToSNSTopic(this, 'test-events-rule-sns', props);
 ```
 
 ## Initializer
@@ -54,8 +57,10 @@ _Parameters_
 
 | **Name**     | **Type**        | **Description** |
 |:-------------|:----------------|-----------------|
-|snsTopicProps?|[`sns.TopicProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-sns.TopicProps.html)|User provided props to override the default props for the SNS Topic. |
 |eventRuleProps|[`events.RuleProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-events.RuleProps.html)|User provided eventRuleProps to override the defaults. |
+|existingTopicObj?|[`sns.Topic`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-lambda.Function.html)|Existing instance of SNS Topic object, if this is set then the topicProps is ignored.|
+|topicProps?|[`sns.TopicProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-sns.TopicProps.html)|User provided props to override the default props for the SNS Topic. |
+
 
 ## Pattern Properties
 
@@ -71,6 +76,11 @@ Out of the box implementation of the Construct without any override will set the
 ### Amazon CloudWatch Events Rule
 * Grant least privilege permissions to CloudWatch Events to publish to the SNS Topic
 
+### Amazon SNS Topic
+* Configure least privilege access permissions for SNS Topic
+* Enable server-side encryption forSNS Topic using AWS managed KMS Key
+* Enforce encryption of data in transit
+
 ## Architecture
 ![Architecture Diagram](architecture.png)
 

source/patterns/@aws-solutions-constructs/aws-events-rule-sns/lib/index.ts

@@ -24,7 +24,7 @@ export interface EventsRuleToSNSTopicProps {
      *
      * @default - Default props are used
      */
-    readonly snsTopicProps?: sns.TopicProps
+    readonly topicsProps?: sns.TopicProps
     /**
      * User provided eventRuleProps to override the defaults
      *
@@ -58,7 +58,7 @@ export class EventsRuleToSNSTopic extends Construct {
         //Setup the sns topic.
         [this.snsTopic] = defaults.buildTopic(this, {
             existingTopicObj: props.existingTopicObj,
-            topicProps: props.snsTopicProps
+            topicProps: props.topicsProps
         });
 
         //Setup the event rule target as sns topic.

source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/README.md

@@ -26,13 +26,19 @@ This AWS Solutions Construct implements an AWS Events rule and an AWS SQS Queue.
 
 Here is a minimal deployable pattern definition:
 
-``` javascript
-const { EventsRuleToSQSQueueProps, EventsRuleToSQSQueue } = require('@aws-solutions-constructs/aws-events-rule-sqs');
+``` typescript
+import { EventsRuleToSQSQueueProps, EventsRuleToSQSQueue } from ('@aws-solutions-constructs/aws-events-rule-sqs');
 
 const props: EventsRuleToSQSQueueProps = {
     eventRuleProps: {
       schedule: events.Schedule.rate(Duration.minutes(5))
-    }
+    },
+    queueProps: {
+      queueName: 'event-rule-sqs',
+      fifo: true
+    },
+    enableQueuePurging: false,
+    deployDeadLetterQueue: false
 };
 
 new EventsRuleToSQSQueue(stack, 'test-events-rule-sqs', props);
@@ -54,8 +60,13 @@ _Parameters_
 
 | **Name**     | **Type**        | **Description** |
 |:-------------|:----------------|-----------------|
-|sqsQueueProps?|[`sqs.QueueProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-sqs.QueueProps.html)|User provided props to override the default props for the SQS Queue. |
 |eventRuleProps|[`events.RuleProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-events.RuleProps.html)|User provided eventRuleProps to override the defaults. |
+|existingQueueObj?|[`sqs.Queue`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-sqs.Queue.html)|An optional, existing SQS queue to be used instead of the default queue. If an existing queue is provided, the `queueProps` property will be ignored.|
+|queueProps?|[`sqs.QueueProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-sqs.QueueProps.html)|User provided props to override the default props for the SQS Queue. |
+|enableQueuePurging?|`boolean`|Whether to grant additional permissions to the Lambda function enabling it to purge the SQS queue. Defaults to `false`.|
+|deployDeadLetterQueue?|`boolean`|Whether to create a secondary queue to be used as a dead letter queue. Defaults to `true`.|
+|deadLetterQueueProps?|[`sqs.QueueProps`](https://docs.aws.amazon.com/cdk/api/latest/docs/@aws-cdk_aws-sqs.QueueProps.html)|Optional user-provided props to override the default props for the dead letter queue. Only used if the `deployDeadLetterQueue` property is set to true.|
+|maxReceiveCount?|`number`|The number of times a message can be unsuccessfully dequeued before being moved to the dead letter queue. Defaults to `15`.|
 
 ## Pattern Properties
 
@@ -71,6 +82,11 @@ Out of the box implementation of the Construct without any override will set the
 ### Amazon CloudWatch Events Rule
 * Grant least privilege permissions to CloudWatch Events to publish to the SQS Queue
 
+### Amazon SQS Queue
+* Deploy SQS dead-letter queue for the source SQS Queue.
+* Enable server-side encryption for source SQS Queue using AWS Managed KMS Key.
+* Enforce encryption of data in transit
+
 ## Architecture
 ![Architecture Diagram](architecture.png)
 

source/patterns/@aws-solutions-constructs/aws-events-rule-sqs/lib/index.ts

@@ -22,6 +22,12 @@ import { overrideProps } from '@aws-solutions-constructs/core';
  * @summary The properties for the EventsRuleToSQS Construct
  */
 export interface EventsRuleToSQSProps {
+  /**
+   * User provided eventRuleProps to override the defaults
+   *
+   * @default - None
+   */
+  readonly eventRuleProps: events.RuleProps
   /**
    * Existing instance of SQS queue object, if this is set then the queueProps is ignored.
    *
@@ -34,6 +40,12 @@ export interface EventsRuleToSQSProps {
    * @default - Default props are used
    */
   readonly queueProps?: sqs.QueueProps,
+  /**
+   * Whether to grant additional permissions to the Lambda function enabling it to purge the SQS queue.
+   *
+   * @default - "false", disabled by default.
+   */
+  readonly enableQueuePurging?: boolean,
   /**
    * Optional user provided properties for the dead letter queue
    *
@@ -52,12 +64,6 @@ export interface EventsRuleToSQSProps {
    * @default - required field if deployDeadLetterQueue=true.
    */
   readonly maxReceiveCount?: number
-  /**
-   * User provided eventRuleProps to override the defaults
-   *
-   * @default - None
-   */
-  readonly eventRuleProps: events.RuleProps
 }
 
 export class EventsRuleToSQS extends Construct {
@@ -106,6 +112,11 @@ export class EventsRuleToSQS extends Construct {
 
     this.eventsRule = new events.Rule(this, 'EventsRule', eventsRuleProps);
 
+    // Enable queue purging permissions for the event rule, if enabled
+    if (props.enableQueuePurging) {
+      this.sqsQueue.grantPurge(new ArnPrincipal(this.eventsRule.ruleArn));
+    }
+
     //Policy for event to be able to send messages to the queue
     this.sqsQueue.grantSendMessages(new ArnPrincipal(this.eventsRule.ruleArn))
   }