terraform.aws-baseline-infra/modules/ManagementGovernance/SnsTopicEmailSubscription/main.tf

data "aws_caller_identity" "this" {}
data "aws_region" "this" {}

resource "aws_sns_topic" "this" {
  name              = var.sns-topic-name
  display_name      = var.sns-topic-description
  kms_master_key_id = var.kms-key-id
  policy = jsonencode(
    {
      "Version" : "2008-10-17",
      "Id" : "SnsTopicPolicy",
      "Statement" : [
        {
          "Sid" : "SnsTopicAdmin",
          "Effect" : "Allow",
          "Principal" : {
            "AWS" : data.aws_caller_identity.this.account_id
          },
          "Action" : [
            "SNS:GetTopicAttributes",
            "SNS:SetTopicAttributes",
            "SNS:AddPermission",
            "SNS:RemovePermission",
            "SNS:DeleteTopic",
            "SNS:Subscribe",
            "SNS:ListSubscriptionsByTopic",
            "SNS:Publish",
            "SNS:Receive"
          ],
          "Resource" : "arn:aws:sns:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:${var.sns-topic-name}",
          "Condition" : {
            "StringEquals" : {
              "AWS:SourceOwner" : data.aws_caller_identity.this.account_id
            }
          }
        },
        {
          "Sid" : "AllowPublishing",
          "Effect" : "Allow",
          "Principal" : {
            "${var.sender-type}" : var.sender
          },
          "Action" : "sns:Publish",
          "Resource" : "arn:aws:sns:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:${var.sns-topic-name}"
        },
        {
          "Sid" : "AllowPublishThroughSSLOnly",
          "Action" : "SNS:Publish",
          "Effect" : "Deny",
          "Resource" : "arn:aws:sns:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:${var.sns-topic-name}",
          "Condition" : {
            "Bool" : {
              "aws:SecureTransport" : "false"
            }
          },
          "Principal" : "*"
        }
      ]
    }
  )
}

resource "aws_sns_topic_subscription" "this" {
  for_each  = var.email-addresses
  topic_arn = aws_sns_topic.this.arn
  protocol  = "email"
  endpoint  = each.value
}
NEW: SnsTopicEmailSubscription module 2024-02-28 22:43:11 +08:00			`data "aws_caller_identity" "this" {}`
			`data "aws_region" "this" {}`

			`resource "aws_sns_topic" "this" {`
			`name = var.sns-topic-name`
			`display_name = var.sns-topic-description`
			`kms_master_key_id = var.kms-key-id`
			`policy = jsonencode(`
			`{`
			`"Version" : "2008-10-17",`
			`"Id" : "SnsTopicPolicy",`
			`"Statement" : [`
			`{`
			`"Sid" : "SnsTopicAdmin",`
			`"Effect" : "Allow",`
			`"Principal" : {`
			`"AWS" : data.aws_caller_identity.this.account_id`
			`},`
			`"Action" : [`
			`"SNS:GetTopicAttributes",`
			`"SNS:SetTopicAttributes",`
			`"SNS:AddPermission",`
			`"SNS:RemovePermission",`
			`"SNS:DeleteTopic",`
			`"SNS:Subscribe",`
			`"SNS:ListSubscriptionsByTopic",`
			`"SNS:Publish",`
			`"SNS:Receive"`
			`],`
			`"Resource" : "arn:aws:sns:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:${var.sns-topic-name}",`
			`"Condition" : {`
			`"StringEquals" : {`
			`"AWS:SourceOwner" : data.aws_caller_identity.this.account_id`
			`}`
			`}`
			`},`
			`{`
			`"Sid" : "AllowPublishing",`
			`"Effect" : "Allow",`
			`"Principal" : {`
			`"${var.sender-type}" : var.sender`
			`},`
			`"Action" : "sns:Publish",`
			`"Resource" : "arn:aws:sns:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:${var.sns-topic-name}"`
			`},`
			`{`
			`"Sid" : "AllowPublishThroughSSLOnly",`
			`"Action" : "SNS:Publish",`
			`"Effect" : "Deny",`
			`"Resource" : "arn:aws:sns:${data.aws_region.this.name}:${data.aws_caller_identity.this.account_id}:${var.sns-topic-name}",`
			`"Condition" : {`
			`"Bool" : {`
			`"aws:SecureTransport" : "false"`
			`}`
			`},`
			`"Principal" : "*"`
			`}`
			`]`
			`}`
			`)`
			`}`

			`resource "aws_sns_topic_subscription" "this" {`
			`for_each = var.email-addresses`
			`topic_arn = aws_sns_topic.this.arn`
			`protocol = "email"`
			`endpoint = each.value`
			`}`