/aws-sns-subscription-cleaner

Detects and removes orphaned SNS subscriptions that belong to non-existent topics.

Primary LanguageJavaApache License 2.0Apache-2.0

Build Coverage CVE Check

AWS SNS Subscription Cleaner

Detects and removes orphaned SNS subscriptions that belong to non-existent topics.

Runs in dry run mode to log orphaned subscriptions only or in production mode to perform cleanup operations.

Architecture

components

Prerequisites

  • Java >= 8
  • Maven >= 3.6.x
  • AWS SAM CLI
  • Docker >=17.x (optional - for local Lambda setup)

Config

Parameter Type Default Description
DRY_RUN Environment variable true Disables dry run mode to perform cleanup steps. Otherwise abandoned subscriptions are logged only.
Schedule CloudWatch event config cron(0 0 * * ? *) Defines how often the cleanup function will run. Defaults to every 24 hours at midnight.
Policies Lambda function policies AmazonSNSReadOnlyAccess To perform cleanup, write access to SNS is required.

See template.yml for further details.

Build

sam build

Test

mvn test

Deploy

sam deploy --guided

Logs

sam logs -n SnsAbandonedSubscriptionCleaner --stack-name sns-abandoned-subscription-cleaner --tail
...
<timestamp> Checking topic arn:aws:sns:us-west-2:foo:bar.
<timestamp> Checking topic arn:aws:sns:us-west-2:foz:baz.
<timestamp> No abandoned subscriptions found.
<timestamp> Dry run mode. Skipping subscription cleanup.

CI/CD

See .github/workflows.

Security

See CONTRIBUTING for more information.

License

This project is licensed under the Apache-2.0 License.