Documentation
Integrations / Connection guides / AWS Kinesis
AWS Kinesis
Amazon Kinesis is a fully managed platform for streaming data on Amazon Web Services. We can easily setup integrations to let your data (such as measurements) flow in and out of Kinesis.
Goal
The goal is to set up an integration between a Amazon Kinesis and Blockbax.
Prerequisites
- Blockbax project
- Blockbax AWS account ID (provided on request)
- Amazon Kinesis Data Stream
- Access via the AWS Management Console
Steps to set up AWS policies and roles
Depending on whether you want to stream data from Amazon Kinesis to Blockbax or vice versa you need to set up the appropriate policies and role.
Amazon Kinesis to Blockbax policy
To allow Blockbax to read data from your Amazon Kinesis stream create the following AWS IAM policy called Blockbax-Read-Stream-Policy
. Replace arn:aws:kinesis:eu-west-1:123456789012:stream/ExampleStream with the correct ARN (including the ID of your AWS account).
{ "Version": "2012-10-17", "Statement": [ { "Sid": "ReadStream", "Effect": "Allow", "Action": [ "kinesis:DescribeStream", "kinesis:GetRecords", "kinesis:GetShardIterator", "kinesis:ListShards" ], "Resource": "arn:aws:kinesis:eu-west-1:123456789012:stream/ExampleStream" } ] }
Blockbax to Amazon Kinesis policy
To allow Blockbax to write data to your Amazon Kinesis stream create the following AWS IAM policy called Blockbax-Write-Stream-Policy
. Replace arn:aws:kinesis:eu-west-1:123456789012:stream/ExampleStream with the correct ARN (including the ID of your AWS account).
{ "Version": "2012-10-17", "Statement": [ { "Sid": "WriteStream", "Effect": "Allow", "Action": [ "kinesis:ListShards", "kinesis:DescribeStream", "kinesis:DescribeStreamSummary", "kinesis:ListTagsForStream", "kinesis:PutRecord", "kinesis:PutRecords" ], "Resource": "arn:aws:kinesis:eu-west-1:123456789012:stream/ExampleStream" } ] }
Blockbax role
- In the IAM Management Console, choose Create Role.
- Choose Another AWS account as type of trusted entity.
- As Account ID fill in the ID provided by us.
- Make sure to Require external ID and enter your Blockbax project ID as external ID.
- Choose Next: Permissions.
- Add the
Blockbax-Read-Stream-Policy
and/orBlockbax-Write-Stream-Policy
permissions policy you created in the previous step. Choose Next:Tags. - Choose Next: Review.
- Name the role
Blockbax-Role
.
Once the role is in place please share the role’s ARN with our support and we can set up the inbound / outbound streaming connectors for you. Just contact us.