Alchemy

Appearance

TopicPolicy ​

The TopicPolicy resource allows you to manage access policies for Amazon Simple Notification Service (SNS) topics. This resource is essential for controlling permissions and ensuring secure access to your SNS topics. For more information, refer to the AWS SNS TopicPolicys documentation.

Minimal Example ​

Create a basic SNS TopicPolicy that allows publishing from a specific AWS service.

ts
import AWS from "alchemy/aws/control";

const snsTopicPolicy = await AWS.SNS.TopicPolicy("myTopicPolicy", {
  Topics: ["arn:aws:sns:us-east-1:123456789012:myTopic"],
  PolicyDocument: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: {
          Service: "lambda.amazonaws.com"
        },
        Action: "SNS:Publish",
        Resource: "arn:aws:sns:us-east-1:123456789012:myTopic"
      }
    ]
  },
  adopt: false // Default is false; adopt existing resource if true
});

Advanced Configuration ​

Configure a TopicPolicy with an additional statement for allowing a specific IAM role to publish to the SNS topic.

ts
const advancedSnsTopicPolicy = await AWS.SNS.TopicPolicy("advancedTopicPolicy", {
  Topics: ["arn:aws:sns:us-east-1:123456789012:myAdvancedTopic"],
  PolicyDocument: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: {
          Service: "lambda.amazonaws.com"
        },
        Action: "SNS:Publish",
        Resource: "arn:aws:sns:us-east-1:123456789012:myAdvancedTopic"
      },
      {
        Effect: "Allow",
        Principal: {
          AWS: "arn:aws:iam::123456789012:role/MyPublishRole"
        },
        Action: "SNS:Publish",
        Resource: "arn:aws:sns:us-east-1:123456789012:myAdvancedTopic"
      }
    ]
  }
});

Example with Multiple Topics ​

Manage policies for multiple SNS topics using a single TopicPolicy resource.

ts
const multiTopicPolicy = await AWS.SNS.TopicPolicy("multiTopicPolicy", {
  Topics: [
    "arn:aws:sns:us-east-1:123456789012:myFirstTopic",
    "arn:aws:sns:us-east-1:123456789012:mySecondTopic"
  ],
  PolicyDocument: {
    Version: "2012-10-17",
    Statement: [
      {
        Effect: "Allow",
        Principal: {
          Service: "s3.amazonaws.com"
        },
        Action: "SNS:Publish",
        Resource: [
          "arn:aws:sns:us-east-1:123456789012:myFirstTopic",
          "arn:aws:sns:us-east-1:123456789012:mySecondTopic"
        ]
      }
    ]
  }
});