Sinks
A sink is the last stage of a pipeline — it takes each processed event and delivers it somewhere. Which sink you pick comes down to where your data needs to land: a terminal, a file, a message broker, a cloud service, or a database. Most sinks json-encode each event and send it on; the exceptions are noted below.
Which sink should I use?
Console — quick, no dependencies.
| Sink | What it does |
|---|---|
| Stdout | writes raw events to standard output, ready to pipe into other tools |
| Terminal | prints a human-readable, colorized feed |
Files
| Sink | What it does |
|---|---|
| File Rotate | appends events to rotating, optionally compressed, files on disk |
Messaging & streaming
| Sink | What it does |
|---|---|
| Kafka | publishes to a Kafka topic (custom build) |
| Redis | appends to a Redis Stream |
| RabbitMQ | publishes to a RabbitMQ exchange |
| ZeroMQ | pushes over a ZeroMQ socket (custom build) |
Cloud
| Sink | What it does |
|---|---|
| AWS SQS | enqueues a message per event (FIFO or Standard) |
| AWS Lambda | invokes a Lambda function per event |
| AWS S3 | stores raw CBOR blocks as S3 objects |
| GCP Pub/Sub | publishes to a Pub/Sub topic |
| GCP Cloud Functions | calls a Cloud Function per event |
Databases & search
| Sink | What it does |
|---|---|
| SQL Database | runs a templated SQL statement per event (SQLite / Postgres / MySQL) |
| Elasticsearch | indexes events into an Elasticsearch index or data stream |
Every sink above ships in the default binary except Kafka and ZeroMQ, which need a custom build.
Cloud credentials
The AWS and GCP sinks don’t take credentials in their config. Instead they rely on the standard credential discovery built into each cloud’s SDK, so the same setup works whether you run Oura on your laptop, in a container, or on a managed instance.
AWS credentials
The AWS sinks (SQS, Lambda, S3) honor the standard AWS SDK provider chain. Oura uses the first source that resolves:
- the
AWS_ACCESS_KEY_IDandAWS_SECRET_ACCESS_KEYenvironment variables - a Web Identity Token from the environment or container (including EKS)
- ECS container credentials (IAM roles for tasks)
- entries in
~/.aws/(the shared credentials file) - the EC2 Instance Metadata Service (IAM roles attached to an instance)
Use whichever fits your deployment. See the AWS credentials documentation for the full details.
Google Cloud credentials
The GCP sinks (Pub/Sub, Cloud Functions) resolve credentials in this order:
- if
GOOGLE_APPLICATION_CREDENTIALSis set, the JSON key file at that path is used - otherwise, when running on GCP, credentials are read from the metadata server