1. Answers
  2. Configuring AWS SNS Topic Policy

How do I configure an AWS SNS topic policy?

In this guide, we’ll discuss how to configure an AWS SNS (Simple Notification Service) topic policy to manage access and permissions for your SNS topic. This configuration helps in defining who can publish, subscribe, or perform other actions on your SNS topic.

Below is an example that demonstrates the setup of an SNS topic along with the necessary policy to grant permissions:

import * as pulumi from "@pulumi/pulumi";
import * as aws from "@pulumi/aws";

const example = new aws.sns.Topic("example", {name: "example-topic"});
const examplePolicy = new aws.sns.TopicPolicy("example_policy", {
    arn: example.arn,
    policy: pulumi.interpolate`{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowPublish",
      "Effect": "Allow",
      "Principal": "*",  # Define the entity (user or service) that this statement applies to
      "Action": "sns:Publish",
      "Resource": "${example.arn}"
    },
    {
      "Sid": "AllowSubscribe",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "sns:Subscribe",
      "Resource": "${example.arn}"
    },
    {
      "Sid": "AllowReceive",
      "Effect": "Allow",
      "Principal": "*",
      "Action": "sns:Receive",
      "Resource": "${example.arn}"
    }
  ]
}
`,
});
export const snsTopicArn = example.arn;
export const snsTopicPolicyId = examplePolicy.id;

In this example:

  • We create an SNS topic named “example-topic”.
  • We then define an SNS topic policy attaching it to the SNS topic, specifying permissions for publishing, subscribing, and receiving messages.
  • Finally, the outputs provide the ARN of the SNS topic and the ID of the topic policy.

This configuration allows you to control access to your AWS SNS topic, ensuring that only the designated principals can carry out the defined actions.

Deploy this code

Want to deploy this code? Sign up for a free Pulumi account to deploy in a few clicks.

Sign up

New to Pulumi?

Want to deploy this code? Sign up with Pulumi to deploy in a few clicks.

Sign up