-------------------------------------------------------------------------------

The AWS CDK includes the following third-party software/licensing:

** case - https://www.npmjs.com/package/case

Copyright (c) 2013 Nathan Bubna

Permission is hereby granted, free of charge, to any person

obtaining a copy of this software and associated documentation

files (the "Software"), to deal in the Software without

restriction, including without limitation the rights to use,

copy, modify, merge, publish, distribute, sublicense, and/or sell

copies of the Software, and to permit persons to whom the

Software is furnished to do so, subject to the following

conditions:

The above copyright notice and this permission notice shall be

included in all copies or substantial portions of the Software.

THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND,

EXPRESS OR IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES

OF MERCHANTABILITY, FITNESS FOR A PARTICULAR PURPOSE AND

NONINFRINGEMENT. IN NO EVENT SHALL THE AUTHORS OR COPYRIGHT

HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER LIABILITY,

WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING

FROM, OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR

OTHER DEALINGS IN THE SOFTWARE.

----------------

- Put objects to a S3 bucket

- Put logs to CloudWatch Logs

The code snippet below creates an AWS IoT Rule that put objects to a S3 bucket

when it is triggered.

import * as iot from '@aws-cdk/aws-iot';

import * as actions from '@aws-cdk/aws-iot-actions';

import * as s3 from '@aws-cdk/aws-s3';

const bucket = new s3.Bucket(this, 'MyBucket');

new iot.TopicRule(this, 'TopicRule', {

sql: iot.IotSql.fromStringAsVer20160323("SELECT topic(2) as device_id FROM 'device/+/data'"),

actions: [new actions.S3PutObjectAction(bucket)],

});

The property `key` of `S3PutObjectAction` is given the value `${topic()}/${timestamp()}` by default. This `${topic()}`

and `${timestamp()}` is called Substitution templates. For more information see

[this documentation](https://docs.aws.amazon.com/iot/latest/developerguide/iot-substitution-templates.html).

In above sample, `${topic()}` is replaced by a given MQTT topic as `device/001/data`. And `${timestamp()}` is replaced

by the number of the current timestamp in milliseconds as `1636289461203`. So if the MQTT broker receives an MQTT topic

`device/001/data` on `2021-11-07T00:00:00.000Z`, the S3 bucket object will be put to `device/001/data/1636243200000`.

You can also set specific `key` as following:

new iot.TopicRule(this, 'TopicRule', {

sql: iot.IotSql.fromStringAsVer20160323(

"SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'",

),

actions: [

new actions.S3PutObjectAction(bucket, {

key: '${year}/${month}/${day}/${topic(2)}',

}),

],

});

If you wanna set access control to the S3 bucket object, you can specify `accessControl` as following:

new iot.TopicRule(this, 'TopicRule', {

sql: iot.IotSql.fromStringAsVer20160323("SELECT * FROM 'device/+/data'"),

actions: [

new actions.S3PutObjectAction(bucket, {

accessControl: s3.BucketAccessControl.PUBLIC_READ,

}),

],

});

import { CommonActionProps } from './common-action-props';

export interface CloudWatchLogsActionProps extends CommonActionProps {

import * as iam from '@aws-cdk/aws-iam';

export interface CommonActionProps {

/**

readonly role?: iam.IRole;

export * from './common-action-props';

export * from './s3-put-object-action';

import * as iam from '@aws-cdk/aws-iam';

import * as iot from '@aws-cdk/aws-iot';

import * as s3 from '@aws-cdk/aws-s3';

import { kebab as toKebabCase } from 'case';

import { CommonActionProps } from './common-action-props';

import { singletonActionRole } from './private/role';

export interface S3PutObjectActionProps extends CommonActionProps {

/**

readonly accessControl?: s3.BucketAccessControl;

/**

readonly key?: string;

export class S3PutObjectAction implements iot.IAction {

private readonly accessControl?: string;

private readonly key?: string;

private readonly role?: iam.IRole;

/**

constructor(private readonly bucket: s3.IBucket, props: S3PutObjectActionProps = {}) {

this.accessControl = props.accessControl;

this.key = props.key;

this.role = props.role;

}

bind(rule: iot.ITopicRule): iot.ActionConfig {

const role = this.role ?? singletonActionRole(rule);

role.addToPrincipalPolicy(new iam.PolicyStatement({

actions: ['s3:PutObject'],

resources: [this.bucket.arnForObjects('*')],

}));

return {

configuration: {

s3: {

bucketName: this.bucket.bucketName,

cannedAcl: this.accessControl && toKebabCase(this.accessControl.toString()),

key: this.key ?? '${topic()}/${timestamp()}',

roleArn: role.roleArn,

},

},

};

}

"@aws-cdk/aws-s3": "0.0.0",

"case": "1.6.3",

"@aws-cdk/aws-s3": "0.0.0",

"bundledDependencies": [

"case"

],

{

"Resources": {

"TopicRule40A4EA44": {

"Type": "AWS::IoT::TopicRule",

"Properties": {

"TopicRulePayload": {

"Actions": [

{

"S3": {

"BucketName": {

"Ref": "MyBucketF68F3FF0"

},

"CannedAcl": "bucket-owner-full-control",

"Key": "${year}/${month}/${day}/${topic(2)}",

"RoleArn": {

"Fn::GetAtt": [

"TopicRuleTopicRuleActionRole246C4F77",

"Arn"

]

}

}

}

],

"AwsIotSqlVersion": "2016-03-23",

"Sql": "SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'"

}

}

},

"TopicRuleTopicRuleActionRole246C4F77": {

"Type": "AWS::IAM::Role",

"Properties": {

"AssumeRolePolicyDocument": {

"Statement": [

{

"Action": "sts:AssumeRole",

"Effect": "Allow",

"Principal": {

"Service": "iot.amazonaws.com"

}

}

],

"Version": "2012-10-17"

}

}

},

"TopicRuleTopicRuleActionRoleDefaultPolicy99ADD687": {

"Type": "AWS::IAM::Policy",

"Properties": {

"PolicyDocument": {

"Statement": [

{

"Action": "s3:PutObject",

"Effect": "Allow",

"Resource": {

"Fn::Join": [

"",

[

{

"Fn::GetAtt": [

"MyBucketF68F3FF0",

"Arn"

]

},

"/*"

]

]

}

}

],

"Version": "2012-10-17"

},

"PolicyName": "TopicRuleTopicRuleActionRoleDefaultPolicy99ADD687",

"Roles": [

{

"Ref": "TopicRuleTopicRuleActionRole246C4F77"

}

]

}

},

"MyBucketF68F3FF0": {

"Type": "AWS::S3::Bucket",

"UpdateReplacePolicy": "Delete",

"DeletionPolicy": "Delete"

}

}

}

import * as iot from '@aws-cdk/aws-iot';

import * as s3 from '@aws-cdk/aws-s3';

import * as cdk from '@aws-cdk/core';

import * as actions from '../../lib';

const app = new cdk.App();

class TestStack extends cdk.Stack {

constructor(scope: cdk.App, id: string, props?: cdk.StackProps) {

super(scope, id, props);

const topicRule = new iot.TopicRule(this, 'TopicRule', {

sql: iot.IotSql.fromStringAsVer20160323(

"SELECT topic(2) as device_id, year, month, day FROM 'device/+/data'",

),

});

const bucket = new s3.Bucket(this, 'MyBucket', {

removalPolicy: cdk.RemovalPolicy.DESTROY,

});

topicRule.addAction(

new actions.S3PutObjectAction(bucket, {

key: '${year}/${month}/${day}/${topic(2)}',

accessControl: s3.BucketAccessControl.BUCKET_OWNER_FULL_CONTROL,

}),

);

}

new TestStack(app, 'test-stack');