35 lines
899 B
Text
35 lines
899 B
Text
|
{
|
||
|
"Version": "2008-10-17",
|
||
|
"Id": "AnsibleSNSTesting",
|
||
|
"Statement": [
|
||
|
{
|
||
|
"Sid": "CloudTrailSNSPolicy",
|
||
|
"Effect": "Allow",
|
||
|
"Principal": {
|
||
|
"Service": "cloudtrail.amazonaws.com"
|
||
|
},
|
||
|
"Action": "sns:Publish",
|
||
|
"Resource": "arn:aws:sns:{{ aws_region }}:{{ aws_caller_info.account }}:{{ sns_topic_name }}"
|
||
|
},
|
||
|
{
|
||
|
"Sid": "AnsibleTestManage",
|
||
|
"Effect": "Allow",
|
||
|
"Principal": {
|
||
|
"AWS": "{{ aws_caller_info.arn }}"
|
||
|
},
|
||
|
"Action": [
|
||
|
"sns:Subscribe",
|
||
|
"sns:ListSubscriptionsByTopic",
|
||
|
"sns:DeleteTopic",
|
||
|
"sns:GetTopicAttributes",
|
||
|
"sns:Publish",
|
||
|
"sns:RemovePermission",
|
||
|
"sns:AddPermission",
|
||
|
"sns:Receive",
|
||
|
"sns:SetTopicAttributes"
|
||
|
],
|
||
|
"Resource": "arn:aws:sns:{{ aws_region }}:{{ aws_caller_info.account }}:{{ sns_topic_name }}"
|
||
|
}
|
||
|
]
|
||
|
}
|