Automation basics
Understand the general concepts and best practices of automation in Atlassian cloud products.
Sending a message to an SNS topic is the simplest way to integrate your automation rule with AWS.
To do this you will need to:
Create a new SNS topic, if you don’t have one already.
Grant the Atlassian Automation AWS account access to the SNS topic
Connect to the SNS topic using the topic ARN
The instructions here are for configuration via the AWS console, but the details are similar if you manage your AWS resources using CloudFormation or the AWS SDK.
This access will allow the Atlassian Automation AWS account to send messages to this topic. We recommend you treat this as an untrusted source and take steps to validate the messages you receive before acting on them.
If you don’t have an existing SNS topic to use you will need to create one.
The simplest way is via AWS console.
Sign into AWS console
Ensure you are in the correct AWS region before creating your topic.
Choose Topics from the navigation menu.
Choose Create topic and enter the required details
Choose a Standard topic type (you can actually use either, but “standard” will give the most flexibility - see the AWS documentation for full details on the difference between a “standard” and “fifo” topic).
Pick a Name that will be meaningful and reflect the purpose of the topic.
Make sure Encryption is not enabled.
Click Create topic
This will give you a topic that you can connect to from your automation rule.
See AWS SNS best practices for more information on other recommended configuration settings for SNS topics.
If you have an existing topic (or have created one using the steps above) you will need to allow the Atlassian Automation AWS account to access it by setting up an appropriate Access policy.
The Atlassian Automation AWS account ID you will need to use is 815843069303. It will only need to be granted the sns:Publish action.
The policy document you will need will look something like:
1
2
3
4
5
6
7
8
9
10
11
12
13
{
"Version": "2008-10-17",
"Id": "__default_policy_ID",
"Statement": [{
"Sid": "grant-atlassian-automation-publish",
"Effect": "Allow",
"Principal": {
"AWS": "815843069303"
},
"Action": ["sns:Publish"],
"Resource": <<sns_topic_arn>>
}]
}
This policy can be read as “Allow the AWS account with ID 815843069303 to Publish to the SNS topic with the AWS Resource Name (ARN) <<sns_topic_arn>>".
The most important parts of the policy are:
The Effect is Allow
The Principal is the Atlassian Automation AWS account ID 815843069303
The Action is sns:Publish; and
The Resource is the ARN of your SNS topic
Once you have set up an SNS topic and granted the appropriate permissions, the final step is to use that topic in a Connection.
To setup the Connection:
Navigate to Automation and select Create rule.
Select a trigger for your rule.
Select an AWS SNS action.
Click Connect.
When prompted, enter the ARN of the topic you wish to use.
The easiest place to find this is in the AWS console
Click Save.
Was this helpful?