aws_sns_topic_policy
Provides an SNS topic policy resource
NOTE: If a Principal is specified as just an AWS account ID rather than an ARN, AWS silently converts it to the ARN for the root user, causing future terraform plans to differ. To avoid this problem, just specify the full ARN, e.g.
arn:aws:iam::123456789012:root
Example Usage
resource "aws_sns_topic" "test" {
name = "my-topic-with-policy"
}
resource "aws_sns_topic_policy" "default" {
arn = "${aws_sns_topic.test.arn}"
policy = "${data.aws_iam_policy_document.sns-topic-policy.json}"
}
data "aws_iam_policy_document" "sns-topic-policy" {
policy_id = "__default_policy_ID"
statement {
actions = [
"SNS:Subscribe",
"SNS:SetTopicAttributes",
"SNS:RemovePermission",
"SNS:Receive",
"SNS:Publish",
"SNS:ListSubscriptionsByTopic",
"SNS:GetTopicAttributes",
"SNS:DeleteTopic",
"SNS:AddPermission",
]
condition {
test = "StringEquals"
variable = "AWS:SourceOwner"
values = [
"${var.account-id}",
]
}
effect = "Allow"
principals {
type = "AWS"
identifiers = ["*"]
}
resources = [
"${aws_sns_topic.test.arn}",
]
sid = "__default_statement_ID"
}
Argument Reference
The following arguments are supported:
© 2018 HashiCorpLicensed under the MPL 2.0 License.
https://www.terraform.io/docs/providers/aws/r/sns_topic_policy.html