Skip to contentSkip to navigationSkip to topbar

A Script to Create a Kinesis Stream


You can use the following Bash script to automate the creation of a Kinesis Stream. Copy the code and save it to your computer, for example as create_kinesis_stream.sh.

Run chmod +x create_kinesis_stream.sh to make it executable.

You will also need to install jq, a command line JSON processor on which the script depends. For installation instructions for your OS, please see the jq download page.(link takes you to an external page)

The script also depends upon the AWS CLI, which you will need to install and configure(link takes you to an external page) before executing the script.

The script takes two arguments: your chosen AWS Kinesis Stream name and a shard count.

1
#!/bin/bash
2
3
JQ_CHECK=$(which jq)
4
if [ -z "$JQ_CHECK" ]; then
5
echo
6
echo "This script requires the jq JSON processor. Please install for your OS from https://stedolan.github.io/jq/download/"
7
echo
8
exit 1
9
fi
10
11
if [ $# -ne 2 ]; then
12
echo
13
echo "usage: $0 <stream_name> <shard_count>"
14
echo
15
exit 1
16
fi
17
18
# Set the stream name
19
STREAM_NAME=${1:-twilio-events}
20
SHARD_COUNT=${2:-1}
21
22
# Create the initial stream
23
aws kinesis create-stream --stream-name $STREAM_NAME --shard-count $SHARD_COUNT
24
if [ $? -ne 0 ]; then
25
echo "Kinesis create failed"
26
exit 1
27
fi
28
29
# Get the ARN for the Kinesis Stream
30
KINESIS_ARN=$(aws kinesis describe-stream --stream-name $STREAM_NAME | jq -r .StreamDescription.StreamARN)
31
32
# Create the policy for the Kinesis Stream
33
POLICY_ARN=$(aws iam create-policy --policy-name twilio-events-kinesis-write --policy-document '{
34
"Version": "2012-10-17",
35
"Statement": [
36
{
37
"Sid": "Quickstart0",
38
"Effect": "Allow",
39
"Action": [
40
"kinesis:PutRecord",
41
"kinesis:PutRecords"
42
],
43
"Resource": "'$KINESIS_ARN'"
44
},
45
{
46
"Sid": "Quickstart1",
47
"Effect": "Allow",
48
"Action": [
49
"kinesis:ListShards",
50
"kinesis:DescribeLimits"
51
],
52
"Resource": "*"
53
}
54
]
55
}' | jq -r .Policy.Arn)
56
57
if [ -z "$POLICY_ARN" ]; then
58
echo "Failed to create IAM policy"
59
exit 1
60
fi
61
62
# Generate a random external ID
63
EXTERNAL_ID=$(openssl rand -hex 40)
64
if [ -z "$EXTERNAL_ID" ]; then
65
echo "Failed to generate external ID"
66
exit 1
67
fi
68
69
# This is the Twilio account that needs permissions to be able to assume the role
70
TWILIO_ASSUME_ROLE_ACCOUNT=${TWILIO_ASSUME_ROLE_ACCOUNT:-arn:aws:iam::177261743968:root}
71
72
# Add the random external ID to the the role ARN
73
# More information can be found here: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.html
74
ROLE_ARN=$(aws iam create-role --role-name twilio-events-kinesis-write --assume-role-policy-document '{
75
"Version": "2012-10-17",
76
"Statement": [
77
{
78
"Effect": "Allow",
79
"Principal": {
80
"AWS": "'$TWILIO_ASSUME_ROLE_ACCOUNT'"
81
},
82
"Action": "sts:AssumeRole",
83
"Condition": {
84
"StringEquals": {
85
"sts:ExternalId": "'$EXTERNAL_ID'"
86
}
87
}
88
}
89
]
90
}' | jq -r .Role.Arn)
91
92
if [ -z "$ROLE_ARN" ]; then
93
echo "Failed to create IAM role"
94
exit 1
95
fi
96
97
# Finally attach the policy and the role
98
aws iam attach-role-policy --role-name twilio-events-kinesis-write --policy-arn $POLICY_ARN
99
100
if [ $? -ne 0 ]; then
101
echo "Attaching policy to role failed"
102
exit 1
103
fi
104
105
# Print out the values needed for creating the sink in nice JSON
106
echo "{"
107
echo '"arn":"'$KINESIS_ARN'",'
108
echo '"role_arn":"'$ROLE_ARN'",'
109
echo '"external_id":"'$EXTERNAL_ID'"'
110
echo "}"