By using AWS re:Post, you agree to the AWS re:Post Terms of Use

How do I edit my Amazon SNS topic's access policy?

2 minute read
0

I want to allow other AWS Identity and Access Management (IAM) entities to access my Amazon Simple Notification Service (Amazon SNS) topic.

Short description

You can edit your Amazon SNS topic's access policy using either the Amazon SNS console or the AWS Command Line Interface (AWS CLI).

Resolution

Use the Amazon SNS console to edit your Amazon SNS topic's access policy

  1. Open the Amazon SNS console.
  2. In the left navigation pane, choose Topics.
  3. Choose your Amazon SNS topic's name.
  4. Choose the Edit button.
  5. Expand the Access policy - optional section.
  6. Edit the access policy to grant the required permissions for your use case.
    Note: For more information on how to write access policies, see Overview of managing access in Amazon SNS.
  7. Choose Save Changes.

Use the AWS CLI to edit your Amazon SNS topic's access policy

Note: If you receive errors when you run AWS CLI commands, then see Troubleshoot AWS CLI errors. Also, make sure that you're using the most recent AWS CLI version.

To modify, add, or remove permissions, run the following SetTopicAttributes command:
Note: Replace <TopicARN> with your topic's Amazon Resource Name (ARN). Replace testpolicy.json with the path to your policy document.

aws sns set-topic-attributes --topic-arn '<TopicARN>' --attribute-name 'Policy' --attribute-value file://testpolicy.json

-or-

To add permissions only, run the following AddPermission command:
Note: Replace <TopicARN> with your topic's ARN. Replace AllowProdAccountsXXX with a unique identifier for the new policy statement. Replace AWS Account ID with the account IDs of the IAM entities that you want to allow access to specific actions. Replace Publish and Subscribe with the list of actions that you want to allow for the specified IAM entities.

sns add-permission  --topic-arn '<TopicARN>' --label 'AllowProdAccountsXXX' --aws-account-id 'AWS Account ID' --action-name 'Publish' 'Subscribe'

Related information

Example cases for Amazon SNS access control

Actions, resources, and condition keys for Amazon SNS

AWS OFFICIAL
AWS OFFICIALUpdated a year ago