Home Explore Help
Register Sign In
AFS
/
xdr-terraform-modules
2
0
Fork 0
Files Issues 0 Pull Requests 0 Wiki
Tree: d9f9290417
Branches Tags
xdr-terraform-m...
/
base
/
account_standards_c2
/
account_alerts.tf

account_alerts.tf 758 B
History Raw

12345678910111213141516171819202122232425 
  1. # An SNS queue for email alerts
    2. 

  2. resource "aws_sns_topic" "account-alerts" {
    3. 

  3.   name              = "account-alerts"
    4. 

  4.   tags = merge(var.standard_tags, var.tags)
    5. 

  5. }
    6. 

  6. 

  7. resource "aws_sns_topic_policy" "account-alerts" {
    8. 

  8.   arn    = aws_sns_topic.account-alerts.arn
    9. 

  9.   policy = data.aws_iam_policy_document.account-alerts.json
    10. 

  10. }
    11. 

  11. 

  12. data "aws_iam_policy_document" "account-alerts" {
    13. 

  13.   statement {
    14. 

  14.     sid = "AllowAllAccountsToPublish"
    15. 

  15.     actions = [ "SNS:Publish" ]
    16. 

  16.     effect = "Allow"
    17. 

  17.     resources = [ aws_sns_topic.account-alerts.arn ]
    18. 

  18.     principals {
    19. 

  19.       type = "AWS"
    20. 

  20.       identifiers = [ for a in var.responsible_accounts[var.environment]: "arn:${var.aws_partition}:iam::${a}:root" ]
    21. 

  21.     }
    22. 

  22.   }
    23. 

  23. }
    24. 

  24. 

  25. # Unfortunately, terraform does not support email destinations
    26.