Posted On: Mar 21, 2024
Amazon Kinesis Data Streams now supports resource-based policies in the AWS GovCloud (US) regions, so you can process data ingested into a stream in one account with an AWS Lambda function in another account. Amazon Kinesis Data Streams is a serverless real-time data streaming service that can continuously capture gigabytes of data per second from hundreds of thousands of sources. AWS Lambda is a serverless compute service that lets you run code without provisioning or managing servers. Together with Kinesis Data Streams and Lambda, you can build a completely serverless data streaming pipeline.
With a resource policy, you can specify the accounts, users, or roles defined in your AWS Identity and Access Management and the exact Kinesis Data Streams actions for which you want to grant access. Once you grant access, you can configure a Lambda function in another account to start processing the data stream belonging to your account. This reduces your cost and simplifies the data processing pipeline as you don’t have to duplicate streaming data across accounts for more teams to benefit from real-time data. Sharing access to your data streams or registered consumers does not incur an additional charge to your account. Cross-account usage of Kinesis Data Streams resources will continue to be billed to resource owners.
To get started, go to the AWS GovCloud (US) console or use the new API PutResourcePolicy to attach a resource policy to your data stream or consumer. Attaching a resource-based policy is supported in all regions. Learn more by reading the Amazon Kinesis Data Streams Developer Guide.