AlienVault® USM Anywhere™

Setting Up an SNS Topic and a Lambda Function

When using Amazon Simple Notification Service (SNS), you create a topic and control access to it by defining policies that determine which publishers and subscribers can communicate with the topic. As a publisher, USM Anywhere can then send messages (notifications) to topics for which it has the needed credentials (access key).

When an SNS topic has an Amazon Web Services (AWS) Lambda function subscribed to it, it invokes the Lambda function with the payload of a published message. The Lambda function receives the message as an input parameter and can manipulate the information in the message, publish the message to other SNS topics, and send the message to other AWS services or endpoints.

To set up an SNS topic and a Lambda function for USM Anywhere notifications

  1. Log in to your AWS account and go to the Amazon SNS console.
  2. Create a new SNS topic in the AWS SNS dashboard page.

    • Click Topics.
    • Click Create topic.
    • Enter a topic name and a display name.
    • Click Create topic.

    Text messages can be sent from Topics. See AWS Documentation for further details.

  3. Open the AWS Lambda page and click Create a function.
  4. Click Author from scratch.
  5. Create a hello world Lambda function:

    • Enter a name.
    • In the Runtime menu, select the current version of Python.
    • In the Execution Role section, create a new role with basic Lambda permissions, use an existing role, or create a new role from AWS policy templates.

    • Click Create Function.

  6. Click Add Trigger.
    • Select SNS from the list.
    • Enter the Amazon Resource Name (ARN) for the SNS topic your created.
    • Select Enable Trigger.
    • Click Add.
  7. Select the Lambda function:

    • Enter code, for example:

      import jsondef lambda_handler(event, context): message = json.loads(event['Records'][0]['Sns']['Message']) print("JSON: " + json.dumps(message)) return message
    • Under Basic settings, set Timeout to 10 seconds
    • Click Save.