You can use the following Bash script to automate the creation of a Kinesis Stream. Copy the code and save it to your computer, for example as create_kinesis_stream.sh.
Run chmod +x create_kinesis_stream.sh to make it executable.
You will also need to install jq, a command line JSON processor on which the script depends. For installation instructions for your OS, please see the jq download page.
The script also depends upon the AWS CLI, which you will need to install and configure before executing the script.
The script takes two arguments: your chosen AWS Kinesis Stream name and a shard count.
#!/bin/bashJQ_CHECK=$(whichjq)if [ -z"$JQ_CHECK" ]; thenechoecho"This script requires the jq JSON processor. Please install for your OS from https://stedolan.github.io/jq/download/"echoexit1fiif [ $# -ne2 ]; thenechoecho"usage: $0 <stream_name> <shard_count>"echoexit1fi# Set the stream nameSTREAM_NAME=${1:-kore-events}SHARD_COUNT=${2:-1}# Create the initial streamawskinesiscreate-stream--stream-name $STREAM_NAME --shard-count $SHARD_COUNTif [ $? -ne0 ]; thenecho"Kinesis create failed"exit1fi# Get the ARN for the Kinesis StreamKINESIS_ARN=$(awskinesisdescribe-stream--stream-name $STREAM_NAME |jq-r.StreamDescription.StreamARN)# Create the policy for the Kinesis StreamPOLICY_ARN=$(awsiamcreate-policy--policy-namekore-events-kinesis-write--policy-document'{ "Version": "2012-10-17", "Statement": [ { "Sid": "Quickstart0", "Effect": "Allow", "Action": [ "kinesis:PutRecord", "kinesis:PutRecords" ], "Resource": "'$KINESIS_ARN'" }, { "Sid": "Quickstart1", "Effect": "Allow", "Action": [ "kinesis:ListShards", "kinesis:DescribeLimits" ], "Resource": "*" } ]}'|jq-r.Policy.Arn)if [ -z"$POLICY_ARN" ]; thenecho"Failed to create IAM policy"exit1fi# Generate a random external IDEXTERNAL_ID=$(opensslrand-hex40)if [ -z"$EXTERNAL_ID" ]; thenecho"Failed to generate external ID"exit1fi# This is the KORE account that needs permissions to be able to assume the roleKORE_ASSUME_ROLE_ACCOUNT=${KORE_ASSUME_ROLE_ACCOUNT:-arn:aws:iam::750607079480:root}# Add the random external ID to the the role ARN# More information can be found here: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_create_for-user_externalid.htmlROLE_ARN=$(awsiamcreate-role--role-namekore-events-kinesis-write--assume-role-policy-document'{ "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "AWS": "'$KORE_ASSUME_ROLE_ACCOUNT'" }, "Action": "sts:AssumeRole", "Condition": { "StringEquals": { "sts:ExternalId": "'$EXTERNAL_ID'" } } } ]}'|jq-r.Role.Arn)if [ -z"$ROLE_ARN" ]; thenecho"Failed to create IAM role"exit1fi# Finally attach the policy and the roleawsiamattach-role-policy--role-namekore-events-kinesis-write--policy-arn $POLICY_ARNif [ $? -ne0 ]; thenecho"Attaching policy to role failed"exit1fi# Print out the values needed for creating the sink in nice JSONecho"{"echo'"arn":"'$KINESIS_ARN'",'echo'"role_arn":"'$ROLE_ARN'",'echo'"external_id":"'$EXTERNAL_ID'"'echo"}"