AWS Amazon SNS Topic Policy

This page shows how to write Terraform and CloudFormation for Amazon SNS Topic Policy and write them securely.

aws_sns_topic_policy (Terraform)

The Topic Policy in Amazon SNS can be configured in Terraform with the resource name aws_sns_topic_policy. The following sections describe 4 examples of how to use the resource and its parameters.

Example Usage from GitHub

sns_restricted_principal.tf#L16
resource "aws_sns_topic_policy" "invalid_policy_a" {
 arn = aws_sns_topic.test_a.arn

policy = <<EOF
{
  "Version": "2012-10-17",
sns_topic_policy_wildcard_principal.tf#L9
resource "aws_sns_topic_policy" "sns_policy_allow_no_wildcard" {
  arn    = "arn:aws:sns:us-east-1:123456789012:test-topic"
  policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [
policy_statement_principal_wildcard-copy.tf#L6
resource "aws_sns_topic_policy" "policy_statement_allow_principal_without_wildcard" {
  arn = aws_sns_topic.test_topic.arn

  policy = <<EOF
{
  "Version": "2012-10-17",
sns_topic_policy_wildcard_principal.tf#L9
resource "aws_sns_topic_policy" "sns_policy_allow_no_wildcard" {
  arn    = "arn:aws:sns:us-east-1:123456789012:test-topic"
  policy = <<EOF
{
    "Version": "2012-10-17",
    "Statement": [

Review your Terraform file for AWS best practices

Shisho Cloud, our free checker to make sure your Terraform configuration follows best practices, is available (beta).

Parameters

  • arn required - string
  • id optional computed - string
  • policy required - string

Explanation in Terraform Registry

Provides an SNS topic policy resource

NOTE: If a Principal is specified as just an AWS account ID rather than an ARN, AWS silently converts it to the ARN for the root user, causing future terraform plans to differ. To avoid this problem, just specify the full ARN, e.g., arn:aws:iam::123456789012:root

AWS::SNS::TopicPolicy (CloudFormation)

The TopicPolicy in SNS can be configured in CloudFormation with the resource name AWS::SNS::TopicPolicy. The following sections describe 10 examples of how to use the resource and its parameters.

Example Usage from GitHub

serverless.yml#L57
      Type: AWS::SNS::TopicPolicy
      Properties:
        PolicyDocument:
          Version: '2012-10-17'
          Statement:
            - Sid: AllowAllToRequestEnrichment
security-topic.yml#L46
    Type: AWS::SNS::TopicPolicy
    Properties:
      Topics:
        - !Ref SNSAllConfigurationTopic
      PolicyDocument:
        Statement:
serverless.yml#L162
      Type: AWS::SNS::TopicPolicy
      Properties:
        PolicyDocument:
          Version: "2012-10-17"
          Statement:
            - Sid: UploadTopicPolicy
serverless.yml#L151
      Type: AWS::SNS::TopicPolicy
      Properties:
        PolicyDocument:
          Id: CaptureTopicPolicy
          Version: '2012-10-17'
          Statement:
sns.yml#L15
    Type: AWS::SNS::TopicPolicy
    Properties:
      Topics:
        - !Ref SNSRestorePost
      PolicyDocument:
        Id: SNSTopicPolicy
sns_topic_with_wildcard_principal.json#L9
      "Type": "AWS::SNS::TopicPolicy",
      "Properties": {
        "PolicyDocument": {
          "Id": "MyTopicPolicy",
          "Version": "2012-10-17",
          "Statement": [
sns_topic_with_wildcard_principal.json#L11
      "Type" : "AWS::SNS::TopicPolicy",
      "Properties" : {
        "PolicyDocument" :  {
          "Id" : "MyTopicPolicy",
          "Version" : "2012-10-17",
          "Statement" : [ {
sns_topic_with_wildcard_principal.json#L10
      "Type" : "AWS::SNS::TopicPolicy",
      "Properties" : {
        "PolicyDocument" :  {
          "Id" : "MyTopicPolicy",
          "Version" : "2012-10-17",
          "Statement" : [ {
sns_topic_with_wildcard_principal.json#L10
      "Type" : "AWS::SNS::TopicPolicy",
      "Properties" : {
        "PolicyDocument" :  {
          "Id" : "MyTopicPolicy",
          "Version" : "2012-10-17",
          "Statement" : [ {
sns_topic_with_wildcard_principal.json#L10
      "Type" : "AWS::SNS::TopicPolicy",
      "Properties" : {
        "PolicyDocument" :  {
          "Id" : "MyTopicPolicy",
          "Version" : "2012-10-17",
          "Statement" : [ {

Parameters

Explanation in CloudFormation Registry

The AWS::SNS::TopicPolicy resource associates Amazon SNS topics with a policy. For an example snippet, see Declaring an Amazon SNS policy in the AWS CloudFormation User Guide.

Frequently asked questions

What is AWS Amazon SNS Topic Policy?

AWS Amazon SNS Topic Policy is a resource for Amazon SNS of Amazon Web Service. Settings can be wrote in Terraform and CloudFormation.

Where can I find the example code for the AWS Amazon SNS Topic Policy?

For Terraform, the Cigna/confectionery, stelligent/config-lint and stelligent/config-lint source code examples are useful. See the Terraform Example section for further details.

For CloudFormation, the ec-europa/eubfr-data-lake, matsuura0831/aws and kevinbmccall14/affidavit_generator_serverless source code examples are useful. See the CloudFormation Example section for further details.