www.aws-senior.com
www.aws-senior.com
- amazon web services job interview questions
- aws certifications
- aws cloudtrail cli
- aws cloudwatch pricing
- amazon job search
- aws change log
- aws consultant job description
- aws iam events
www.aws-senior.com
www.aws-senior.com
[121]Amazon EventBridge is a serverless event bus that makes it easy to connect applications together. It can use data from AWS services, your own applications, and [122]integrations with Software-as-a-Service (SaaS) partners. Last year at re:Invent, we [123]introduced in preview EventBridge schema registry and discovery, a way to store the structure of the events (the schema) in a central location, and simplify using events in your code by generating the code to process them for Java, Python, and Typescript.
Today, I am happy to announce that the EventBridge schema registry is generally available, and that we added support for resource policies. Resource policies allow to share a schema repository across different AWS accounts and [124]organizations. In this way, developers on different teams can search for and use any schema that another team has added to the shared registry.
Using EventBridge Schema Registry Resource Policies Itâs common for companies to have different development teams working on different services. To make a more concrete example, letâs take two teams working on services that have to communicate with each other: p
* The CreateAccount development team, working on a frontend API that receives requests from a web/mobile client to create a new customer account for the company.
* the FraudCheck development team, working on a backend service checking the data for newly created accounts to estimate the risk that those are fake.
Each team is using their own AWS account to develop their application. Using EventBridge, we can implement the following architecture:
* The frontend CreateAccount applications is using the [125]Amazon API Gateway to process the request using a [126]AWS Lambda function written in Python. When a new account is created, the Lambda function publishes the ACCOUNT_CREATED event on a [127]custom event bus.
* The backend FraudCheck Lambda function is built in Java, and is expecting to receive the ACCOUNT_CREATED event to call [128]Amazon Fraud Detector (a fully managed service we [129]introduced in preview at re:Invent) to estimate the risk of that being a fake account. If the risk is above a certain threshold, the Lambda function takes preemptive actions. For example, it can flag the account as fake on a database, or post a FAKE_ACCOUNT event on the event bus.
How can the two teams coordinate their work so that they both know the syntax of the events, and use EventBridge to generate the code to process those events?
First, a custom event bus is created with permissions to access within the company organization.
Then, the CreateAccount team uses EventBridge schema discovery to automatically populate the schema for the ACCOUNT_CREATED event that their service is publishing. This event contains all the information of the account that has just been created.
In an event-driven architecture, services can subscribe to specific types of events that theyâre interested in. To receive ACCOUNT_CREATED events, a rule is created on the event bus to send those events to the FraudCheck function.
Using resource policies, the CreateAccount team gives read-only access to the FraudCheck team AWS account to the discovered schemas. The Principal in this policy is the AWS account getting the permissions. The Resource is the schema registry that is being shared.
Now, the FraudCheck team can search the content of the discovered schema for the ACCOUNT_CREATED event. Resource policies allow you to make a registry available across accounts and organizations, but they will not automatically show up in the console. To access the shared registry, the FraudCheck team needs to use the [130]AWS Command Line Interface (CLI) and specify the full [131]ARN of the registry:
aws schemas search-schemas \ --registry-name arn:aws:schemas:us-east-1:432143214321:registry/discovered-s chemas \ --keywords ACCOUNT_CREATED
Often customers have a specific team, with a different AWS account, managing the event bus. For the sake of simplicity, in this post I assumed that the CreateAccount team was the one configuring the EventBridge event bus. With more accounts, you can simplify permissions [135]using IAM to share resources with groups of AWS accounts in AWS Organizations.
Available Now The EventBridge Schema Registry is available now in all commercial regions except Bahrain, Cape Town, Milan, Osaka, Beijing, and Ningxia. For more information on how to use resource policies for schema registries, [136]please see the documentation.
Using Schema Registry resource policies, it is much easier to coordinate the work of different teams sharing information in an event-driven architecture.
Danilo works with startups and companies of any size to support their innovation. In his role as Chief Evangelist (EMEA) at Amazon Web Services, he leverages his experience to help people bring their ideas to life, focusing on serverless architectures and event-driven programming, and on the technical and business impact of machine
www.aws-senior.com
www.aws-senior.com
https://aws-config-tutorial.blogspot.com
https://my-oracle-support.blogspot.com
https://debtadviceservice.blogspot.com
https://encysc0.blogspot.com
http://watch-live2018.blogspot.com
https://watchworldcup-2018.blogspot.com
https://high-oracle.blogspot.com
https://workdcup-2018.blogspot.com
https://oracle-support-2018.blogspot.com
https://dreambox4you.blogspot.com
https://updatefun.blogspot.com
https://payoneer-tips.blogspot.com
https://soft-pedia2010.blogspot.com
http://world-cup-2018-fifa.blogspot.com
www.aws-senior.com
www.aws-senior.com
Very nice blog!
ReplyDelete