Following the steps below, you will be able to onboard into Panther data that are sent to your SNS topics. You will be able to configure your SNS topics to send data to an SQS queue managed for you by Panther.
Follow the guide on setting up an SQS source. Make sure to add to the list of
Allowed Source ARNs the ARN of your SNS topic.
Keep a note of the SQS Queue URL that Panther created for you!
In this step, you will configure your SNS topic to forward messages to the SQS queue. To do that: 1. Log in to the AWS account that contains your SNS topic 1. Go to SNS service 1. Select your SNS topic. Click on Create Subscription 1. Leave the Topic ARN field as is. 1. In the next screen, set Protocol to Amazon SQS 1. In Endpoint add the ARN of the SQS queue that Panther created for you in Step 1. You can infer the SQS queue ARN by the URL knowing the following:
An SQS queue ARN is in the format
arn:aws:sqs:<region>:<account id>:<queue name>
An SQS queue URL is in the format
https://sqs.<region>.amazonaws.com/<account id>/<queue name>
So for example a queue with URL
https://sqs.eu-central-1.amazonaws.com/123456789012/panther-source-test has ARN
Select Enable raw message delivery
Click on Enable subscription
You are done! Panther will start processing any message sent to the SNS topic