AWS SNS/SQS

Detailed documentation on the AWS SNS/SQS pubsub component

This article describes configuring Dapr to use AWS SNS/SQS for pub/sub on local and Kubernetes environments.

Setup SNS/SQS


For local development the localstack project is used to integrate AWS SNS/SQS. Follow the instructions here to install the localstack CLI.

In order to use localstack with your pubsub binding, you need to provide the awsEndpoint configuration in the component metadata. The awsEndpoint is unncessary when running against production AWS.

apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: messagebus
spec:
  type: pubsub.snssqs
  metadata:
    - name: awsEndpoint
      value: http://localhost:4566
    # Use us-east-1 for localstack
    - name: awsRegion
      value: us-east-1

To run localstack on Kubernetes, you can apply the configuration below. Localstack is then reachable at the DNS name http://localstack.default.svc.cluster.local:4566 (assuming this was applied to the default namespace) and this should be used as the awsEndpoint

apiVersion: apps/v1
kind: Deployment
metadata:
  name: localstack
spec:
  # using the selector, we will expose the running deployments
  # this is how Kubernetes knows, that a given service belongs to a deployment
  selector:
    matchLabels:
      app: localstack
  replicas: 1
  template:
    metadata:
      labels:
        app: localstack
    spec:
      containers:
      - name: localstack
        image: localstack/localstack:latest
        ports:
          # Expose the edge endpoint
          - containerPort: 4566
---
kind: Service
apiVersion: v1
metadata:
  name: localstack
  labels:
    app: localstack
spec:
  selector:
    app: localstack
  ports:
  - protocol: TCP
    port: 4566
    targetPort: 4566
  type: LoadBalancer


In order to run in AWS, you should create an IAM user with permissions to the SNS and SQS services. Use the account ID and account secret and plug them into the awsAccountID and awsAccountSecret in the component metadata using kubernetes secrets.

Create a Dapr component

The next step is to create a Dapr component for SNS/SQS.

Create the following YAML file named snssqs.yaml:

apiVersion: dapr.io/v1alpha1
kind: Component
metadata:
  name: <NAME>
  namespace: <NAMESPACE>
spec:
  type: pubsub.snssqs
  metadata:
    # ID of the AWS account with appropriate permissions to SNS and SQS
    - name: awsAccountID
      value: <AWS account ID>
    # Secret for the AWS user
    - name: awsSecret
      value: <AWS secret>
    # The AWS region you want to operate in. 
    # See this page for valid regions: https://docs.aws.amazon.com/AmazonRDS/latest/UserGuide/Concepts.RegionsAndAvailabilityZones.html
    # Make sure that SNS and SQS are available in that region.
    - name: awsRegion
      value: us-east-1

Apply the configuration

Visit this guide for instructions on configuring pub/sub components.