This is an AWS lambda function written in Go, that takes S3 object creation events and sends a templated email using AWS SES to a specified recepient. The email includes a presigned link to the object in S3.
The aws-serverless directory includes a template and config to deploy this app using the AWS Serverless Application Model.
You'll need:
goinstalled- AWS SAM CLI installed
- AWS CLI credentials set-up
- Execute
./aws-serverless/deploy.sh -g - Enter parameter values when prompted:
SesSendingIdentityArnThe ARN of the SES domain identity that corresponds to theMailFromaddress you want to use (performing the SES domain / from address validation is outside the scope of this project)MailFromThe email address to send email fromMailToThe email address of the notification recepient (Must be 'verified' in SES if you are in the AWS Sandbox)SesDestinationIdentityArnThe ARN of the SES domain identity that corresponds to theMailToaddress. Only required if you are in the SES Sandbox andMailTois not covered bySesSendingIdentityArn.S3BucketThe name of the S3 bucket that will invoke this lambda function
- When the stack has finished deploying, it will show the
LambdaARNin the outputs. Please set the S3 bucket to sends3:ObjectCreated:Putevents to this Lambda ARN.
- Please consider carefully how much email could be generated if you bulk create files in S3. Use prefix and suffix filters when you configure S3 events triggering this function. Be aware that although SES has limits in-place to help ensure the sending reputation of both your domains and SES itself, you should avoid generating an unnecessary large volume of mail.
- The deployment template creates a new IAM user to use for pre-signing S3 URLs. This is necesary to ensure pre-signed URLs are valid for the required duration (it's possible to pre-sign with the lambda function's temporary session credentials, however this would cause pre-signed URLs to expire as soon as the session credentials expire)