diff --git a/infrastructure/applications/cluster/iam.tf b/infrastructure/applications/cluster/iam.tf
index 32856683cd..a6f2ec01fe 100644
--- a/infrastructure/applications/cluster/iam.tf
+++ b/infrastructure/applications/cluster/iam.tf
@@ -15,6 +15,7 @@ resource "aws_iam_role_policy" "server" {
 }
 
 data "aws_iam_policy_document" "server_assume_role" {
+  # allow ecs
   statement {
     effect = "Allow"
 
@@ -25,6 +26,16 @@ data "aws_iam_policy_document" "server_assume_role" {
 
     actions = ["sts:AssumeRole"]
   }
+
+  # allow lambda
+  statement {
+    effect = "Allow"
+    principals {
+      type = "Service"
+      identifiers = ["lambda.amazonaws.com"]
+    }
+    actions = ["sts:AssumeRole"]
+  }
 }
 
 data "aws_iam_policy_document" "server_role_policy" {
diff --git a/infrastructure/applications/pycon_backend/media_lambda.tf b/infrastructure/applications/pycon_backend/media_lambda.tf
new file mode 100644
index 0000000000..8902c7c779
--- /dev/null
+++ b/infrastructure/applications/pycon_backend/media_lambda.tf
@@ -0,0 +1,23 @@
+resource "aws_lambda_function" "new_file_uploaded" {
+  function_name = "pythonit-${terraform.workspace}-new-file-uploaded"
+  package_type = "Image"
+  image_uri = "${data.aws_ecr_repository.be_repo.repository_url}@${data.aws_ecr_image.be_arm_image.image_digest}"
+  architectures = ["arm64"]
+  memory_size = 2048
+  timeout = 300
+  role = var.iam_role_arn
+
+  environment {
+    variables = {
+      for variable in local.env_vars:
+        variable.name => variable.value
+        if variable.name != "AWS_DEFAULT_REGION"
+    }
+  }
+}
+
+resource "aws_lambda_event_source_mapping" "new_file_uploaded" {
+  event_source_arn = aws_sqs_queue.new_file_uploaded.arn
+  function_name = aws_lambda_function.new_file_uploaded.function_name
+  enabled = true
+}
diff --git a/infrastructure/applications/pycon_backend/media_queue.tf b/infrastructure/applications/pycon_backend/media_queue.tf
new file mode 100644
index 0000000000..db9114a52c
--- /dev/null
+++ b/infrastructure/applications/pycon_backend/media_queue.tf
@@ -0,0 +1,26 @@
+resource "aws_sqs_queue" "new_file_uploaded" {
+  name = "pythonit-${terraform.workspace}-new-file-uploaded"
+  visibility_timeout_seconds = 300
+}
+
+resource "aws_sqs_queue_policy" "new_file_uploaded" {
+  queue_url = aws_sqs_queue.new_file_uploaded.id
+  policy = jsonencode({
+    Version = "2012-10-17"
+    Statement = [
+      {
+        Effect = "Allow"
+        Principal = {
+          Service = "s3.amazonaws.com"
+        }
+        Action = "sqs:SendMessage"
+        Resource = aws_sqs_queue.new_file_uploaded.arn
+        Condition = {
+          ArnEquals = {
+            "aws:SourceArn" = aws_s3_bucket.backend_media.arn
+          }
+        }
+      }
+    ]
+  })
+}
diff --git a/infrastructure/applications/pycon_backend/s3.tf b/infrastructure/applications/pycon_backend/media_s3.tf
similarity index 62%
rename from infrastructure/applications/pycon_backend/s3.tf
rename to infrastructure/applications/pycon_backend/media_s3.tf
index be3ee13ee6..c4ca00f6f2 100644
--- a/infrastructure/applications/pycon_backend/s3.tf
+++ b/infrastructure/applications/pycon_backend/media_s3.tf
@@ -13,3 +13,13 @@ resource "aws_s3_bucket_server_side_encryption_configuration" "backend_media" {
     }
   }
 }
+
+resource "aws_s3_bucket_notification" "new_file_uploaded" {
+  bucket = aws_s3_bucket.backend_media.id
+
+  queue {
+    queue_arn = aws_sqs_queue.new_file_uploaded.arn
+    events = ["s3:ObjectCreated:*"]
+    filter_prefix = "files/"
+  }
+}