Create Kinesis action

You must first configure AWS to have an Amazon data stream and an IAM role. If you already did this, go to Admin Portal configuration.

Use Terraform
resource "aws_kinesis_stream" "pubnub_kinesis" {
  name        = "pubnub-example"
  shard_count = 1

  stream_mode_details {
    stream_mode = "PROVISIONED"
  }
}


data "aws_iam_policy_document" "pubnub_kinesis_role" {
  statement {
    actions = ["sts:AssumeRole"]

    principals {
show all 59 lines

Create a data stream

  1. Open Amazon Kinesis and go to Data streams.

  2. Click Create data stream and enter a name.

    Supported service type

    Events & Actions supports the Data Streams service type.

  3. Click Create data stream to save.

  4. Copy the stream ARN for later.

Create an IAM role

Create an IAM role with write permission to Kinesis.

  1. Open AWS Identity and Access Management and go to Roles.

  2. Click Create role and name the role.

  3. Set AWS account as the Trusted entity type.

  4. In An AWS account, select Another AWS account. Enter 535363102202 as the Account ID. This is PubNub’s AWS account ID. This trust lets PubNub assume the role to write to your data stream.

  5. Under Options, select Require external ID.

  6. Paste your app’s subscribe key from the Admin Portal into External ID.

    Optional, recommended by AWS. It sets your subscribe key as the external ID for PubNub calls. Access policy example:

    {
        "Version": "2012-10-17",
        "Statement": [
            {
                "Effect": "Allow",
                "Principal": {
                    "AWS": "arn:aws:iam::535363102202:root"
                },
                "Action": "sts:AssumeRole",
                "Condition": {
                    "StringEquals": {
                        "sts:ExternalId": "<PubNub subscribe key>"
                    }
                }
            }
    show all 17 lines

    Click Next.

  7. Create a permissions policy with kinesis:PutRecord. Click Create policy. Switch to JSON and paste the snippet below. Replace Resource with your stream ARN:

    {
        "Statement": [
            {
                "Action": [
                    "kinesis:PutRecord"
                ],
                "Effect": "Allow",
                "Resource": "<ARN of customer's Kinesis data stream>"
            }
        ],
        "Version": "2012-10-17"
    }

    Complete the policy in the wizard.

  8. Select the policy and click Next.

  9. Name the role and click Create Role.

  10. Copy the role ARN for later.

Configure Admin Portal

  1. In Events & Actions on the Admin Portal, click + Add Action.
  2. Click Amazon Kinesis to select the action type.
  3. Paste the Data Stream ARN and Role ARN values.
  4. (Optional) Enable and configure retries in Kinesis retry.
  5. Pair the action with an event listener in Actions. Click Add event listener and select an existing listener or create one.
  6. Click Save changes.
Last updated on
On this page