- Creates an SNS topic (standard or FIFO)
- Enables optional message deduplication and raw delivery
- KMS encryption via provided key ID
- Supports:
- Single subscription (e.g., Lambda or SQS)
- List of subscriptions via
topic_endpoint_list
- Configurable delivery policy
- Optional SQS feedback role mapping
module "sns_topic" {
source = "./modules/sns"
# Required: Name of the topic to create
topic_name = "alerts-topic"
# Required: Protocol to use for the subscription
topic_protocol = "sqs"
# Required: ARN of the KMS key for encryption
sns_encryption_key_id = "arn:aws:kms:eu-west-2:123456789012:key/abc123"
# Required: JSON-encoded delivery policy
delivery_policy = jsonencode({
healthyRetryPolicy = {
minDelayTarget = 20,
maxDelayTarget = 20,
numRetries = 3,
numMaxDelayRetries = 0
}
})
# Optional: Enable FIFO topic and deduplication
enable_fifo = false
enable_deduplication = false
# Optional: Enable raw message delivery
raw_message_delivery = true
# Optional: Use a single endpoint
topic_endpoint = "arn:aws:sqs:eu-west-2:123456789012:target-queue"
# Optional: Provide a list of endpoints instead
topic_endpoint_list = [
"arn:aws:sqs:eu-west-2:123456789012:queue-1",
"arn:aws:sqs:eu-west-2:123456789012:queue-2"
]
# Optional: Flag to use endpoint list rather than single value
is_topic_endpoint_list = true
# Optional: SQS feedback sample rates and IAM roles
sqs_feedback = {
"arn:aws:iam::123456789012:role/success" = "100"
"arn:aws:iam::123456789012:role/failure" = "100"
}
}
| Name | Version |
|---|---|
| aws | ~> 6.0 |
| Name | Type |
|---|---|
| aws_sns_topic.sns_topic | resource |
| aws_sns_topic_policy.this | resource |
| aws_sns_topic_subscription.sns_subscription_list | resource |
| aws_sns_topic_subscription.sns_subscription_single | resource |
| aws_caller_identity.current | data source |
| Name | Description | Type | Default | Required |
|---|---|---|---|---|
| delivery_policy | Attach delivery or IAM policy. (Legacy name; used as topic policy JSON in this module.) | string |
n/a | yes |
| enable_deduplication | Prevent content based duplication in notification queue. | bool |
false |
no |
| enable_fifo | Attach first in first out policy to notification queue. | bool |
false |
no |
| enable_ses_publish | If true, module appends a statement allowing ses.amazonaws.com to SNS:Publish to this topic. | bool |
false |
no |
| is_topic_endpoint_list | Whether to use the topic_endpoint_list instead of a single topic_endpoint. | bool |
false |
no |
| raw_message_delivery | Whether to enable raw message delivery for the SNS subscription. | bool |
false |
no |
| sns_encryption_key_id | The ARN (or ID) of the KMS key used for encrypting the SNS topic. | string |
n/a | yes |
| sqs_feedback | Map of IAM role ARNs and sample rate for success and failure feedback. | map(string) |
{} |
no |
| topic_endpoint | A single endpoint (e.g., SQS queue or Lambda function ARN) to subscribe to the topic. | any |
null |
no |
| topic_endpoint_list | A list of endpoints (e.g., SQS ARNs) to subscribe to the topic. | any |
[] |
no |
| topic_name | Name of the SNS topic. | string |
n/a | yes |
| topic_policy_json | Optional SNS topic access policy JSON. If set, it overrides delivery_policy. | string |
null |
no |
| topic_protocol | The protocol to use for the subscription (e.g., 'sqs', 'lambda'). | string |
n/a | yes |
| Name | Description |
|---|---|
| arn | n/a |