Service Catalog Version 1.3.0Last updated in version 0.148.0

Amazon Simple Notification Service

View Source Release Notes

Overview

This service contains code to create Amazon SNS topics.

SNS architecture

Features

• Creates an SNS topic
• Attaches topic policies allowing publishing, subscribing, or both from given AWS accounts
• Optionally publishes notifications to Slack

Learn

note

This repo is a part of the Gruntwork Service Catalog, a collection of reusable, battle-tested, production ready infrastructure code. If you’ve never used the Service Catalog before, make sure to read How to use the Gruntwork Service Catalog!

• SNS Documentation: Amazon’s docs for SNS that cover core concepts and configuration
• How do SNS topics work?
• How do I get notified when a message is published to an SNS Topic?

Deploy

Non-production deployment (quick start for learning)

If you just want to try this repo out for experimenting and learning, check out the following resources:

• examples/for-learning-and-testing folder: The examples/for-learning-and-testing folder contains standalone sample code optimized for learning, experimenting, and testing (but not direct production usage).

Production deployment

If you want to deploy this repo in production, check out the following resources:

• examples/for-production folder: The examples/for-production folder contains sample code optimized for direct usage in production. This is code from the Gruntwork Reference Architecture, and it shows you how we build an end-to-end, integrated tech stack on top of the Gruntwork Service Catalog.

Sample Usage

Terraform

main.tf

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S SNS-TOPICS MODULE
# ------------------------------------------------------------------------------------------------------

module "sns_topics" {

  source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/sns-topics?ref=v1.3.0"

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # The name of the SNS topic
  name = <string>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # A list of IAM ARNs that will be given the rights to publish to the SNS
  # topic.
  allow_publish_accounts = []

  # A list of AWS services that will be given the rights to publish to the SNS
  # topic.
  allow_publish_services = []

  # A list of IAM ARNs that will be given the rights to subscribe to the SNS
  # topic.
  allow_subscribe_accounts = []

  # A list of protocols that can be used to subscribe to the SNS topic.
  allow_subscribe_protocols = ["http","https","email","email-json","sms","sqs","application","lambda"]

  # **Requires `enable_fifo = true`.** Flag to enable content-based
  # deduplication for the SNS topic. If set to true, messages with identical
  # content will be treated as duplicates and only delivered once. For more see
  # the [Amazon
  # Docs](https://docs.aws.amazon.com/sns/latest/dg/fifo-message-dedup.html)
  content_based_deduplication = null

  # Set to false to have this module create no resources. This weird parameter
  # exists solely because Terraform does not support conditional modules.
  # Therefore, this is a hack to allow you to conditionally decide if the
  # resources should be created or not.
  create_resources = true

  # Delivery policy for sns topic.
  delivery_policy = null

  # The display name of the SNS topic
  display_name = ""

  # Set to true to enable advanced formatting for CloudWatch alarms in Slack.
  # This will use the CloudWatchNotification class for richer messages.
  enable_advanced_formatting = false

  # Flag to indicate if the SNS topic is FIFO. This will append `.fifo` to the
  # name of the topic.
  enable_fifo = false

  # ARN of the http failure feedback role - when using delivery policy for sns
  # topic.
  http_failure_feedback_role_arn = null

  # ARN of the http success feedback role - when using delivery policy for sns
  # topic.
  http_success_feedback_role_arn = null

  # The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a
  # custom CMK
  kms_master_key_id = "alias/aws/sns"

  # **Requires `enable_fifo = true`.** The number of days (up to 365) for Amazon
  # SNS to retain messages. This will be used to create the archive policy for
  # the SNS topic. For more see the [Amazon
  # Docs](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-topic-owner.html)
  message_retention_period = null

  # The ARN of a Secrets Manager entry that contains the Slack Webhook URL
  # (e.g., https://hooks.slack.com/services/FOO/BAR/BAZ) that SNS messages are
  # sent to.
  slack_webhook_url_secrets_manager_arn = null

  # A map of key value pairs to apply as tags to the SNS topic.
  tags = {}

}

Terragrunt

terragrunt.hcl

# ------------------------------------------------------------------------------------------------------
# DEPLOY GRUNTWORK'S SNS-TOPICS MODULE
# ------------------------------------------------------------------------------------------------------

terraform {
  source = "git::git@github.com:gruntwork-io/terraform-aws-service-catalog.git//modules/networking/sns-topics?ref=v1.3.0"
}

inputs = {

  # ----------------------------------------------------------------------------------------------------
  # REQUIRED VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # The name of the SNS topic
  name = <string>

  # ----------------------------------------------------------------------------------------------------
  # OPTIONAL VARIABLES
  # ----------------------------------------------------------------------------------------------------

  # A list of IAM ARNs that will be given the rights to publish to the SNS
  # topic.
  allow_publish_accounts = []

  # A list of AWS services that will be given the rights to publish to the SNS
  # topic.
  allow_publish_services = []

  # A list of IAM ARNs that will be given the rights to subscribe to the SNS
  # topic.
  allow_subscribe_accounts = []

  # A list of protocols that can be used to subscribe to the SNS topic.
  allow_subscribe_protocols = ["http","https","email","email-json","sms","sqs","application","lambda"]

  # **Requires `enable_fifo = true`.** Flag to enable content-based
  # deduplication for the SNS topic. If set to true, messages with identical
  # content will be treated as duplicates and only delivered once. For more see
  # the [Amazon
  # Docs](https://docs.aws.amazon.com/sns/latest/dg/fifo-message-dedup.html)
  content_based_deduplication = null

  # Set to false to have this module create no resources. This weird parameter
  # exists solely because Terraform does not support conditional modules.
  # Therefore, this is a hack to allow you to conditionally decide if the
  # resources should be created or not.
  create_resources = true

  # Delivery policy for sns topic.
  delivery_policy = null

  # The display name of the SNS topic
  display_name = ""

  # Set to true to enable advanced formatting for CloudWatch alarms in Slack.
  # This will use the CloudWatchNotification class for richer messages.
  enable_advanced_formatting = false

  # Flag to indicate if the SNS topic is FIFO. This will append `.fifo` to the
  # name of the topic.
  enable_fifo = false

  # ARN of the http failure feedback role - when using delivery policy for sns
  # topic.
  http_failure_feedback_role_arn = null

  # ARN of the http success feedback role - when using delivery policy for sns
  # topic.
  http_success_feedback_role_arn = null

  # The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a
  # custom CMK
  kms_master_key_id = "alias/aws/sns"

  # **Requires `enable_fifo = true`.** The number of days (up to 365) for Amazon
  # SNS to retain messages. This will be used to create the archive policy for
  # the SNS topic. For more see the [Amazon
  # Docs](https://docs.aws.amazon.com/sns/latest/dg/message-archiving-and-replay-topic-owner.html)
  message_retention_period = null

  # The ARN of a Secrets Manager entry that contains the Slack Webhook URL
  # (e.g., https://hooks.slack.com/services/FOO/BAR/BAZ) that SNS messages are
  # sent to.
  slack_webhook_url_secrets_manager_arn = null

  # A map of key value pairs to apply as tags to the SNS topic.
  tags = {}

}

Reference

Inputs

Required

namestringrequired

The name of the SNS topic

Optional

allow_publish_accountslist(string)optional

A list of IAM ARNs that will be given the rights to publish to the SNS topic.

Default:[]

allow_publish_serviceslist(string)optional

A list of AWS services that will be given the rights to publish to the SNS topic.

Default:[]

allow_subscribe_accountslist(string)optional

A list of IAM ARNs that will be given the rights to subscribe to the SNS topic.

Default:[]

allow_subscribe_protocolslist(string)optional

A list of protocols that can be used to subscribe to the SNS topic.

Default

[
  "http",
  "https",
  "email",
  "email-json",
  "sms",
  "sqs",
  "application",
  "lambda"
]

content_based_deduplicationbooloptional

Requires enable_fifo = true. Flag to enable content-based deduplication for the SNS topic. If set to true, messages with identical content will be treated as duplicates and only delivered once. For more see the Amazon Docs

Default:null

create_resourcesbooloptional

Set to false to have this module create no resources. This weird parameter exists solely because Terraform does not support conditional modules. Therefore, this is a hack to allow you to conditionally decide if the resources should be created or not.

Default:true

delivery_policystringoptional

Delivery policy for sns topic.

Default:null

display_namestringoptional

The display name of the SNS topic

Default:""

enable_advanced_formattingbooloptional

Set to true to enable advanced formatting for CloudWatch alarms in Slack. This will use the CloudWatchNotification class for richer messages.

Default:false

enable_fifobooloptional

Flag to indicate if the SNS topic is FIFO. This will append .fifo to the name of the topic.

Default:false

http_failure_feedback_role_arnstringoptional

ARN of the http failure feedback role - when using delivery policy for sns topic.

Default:null

http_success_feedback_role_arnstringoptional

ARN of the http success feedback role - when using delivery policy for sns topic.

Default:null

kms_master_key_idstringoptional

The ID of an AWS-managed customer master key (CMK) for Amazon SNS or a custom CMK

Default:"alias/aws/sns"

message_retention_periodnumberoptional

Requires enable_fifo = true. The number of days (up to 365) for Amazon SNS to retain messages. This will be used to create the archive policy for the SNS topic. For more see the Amazon Docs

Default:null

slack_webhook_url_secrets_manager_arnstringoptional

The ARN of a Secrets Manager entry that contains the Slack Webhook URL (e.g., https://hooks.slack.com/services/FOO/BAR/BAZ) that SNS messages are sent to.

Default:null

tagsmap(string)optional

A map of key value pairs to apply as tags to the SNS topic.

Default:{}

Outputs

topic_arn

The ARN of the SNS topic.