Skip to content

[sns] add sns service trust to key when subscribing to an encrypted queue #2504

New issue
New issue
Closed
#14960
Closed
[sns] add sns service trust to key when subscribing to an encrypted queue#2504
#14960
Labels
@aws-cdk/aws-snsRelated to Amazon Simple Notification Serviceeffort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.p1
@skinny85

Description

@skinny85
skinny85
opened on May 8, 2019

When using Bucket Notifications with SQS (so, something like bucket.onObjectCreated(queue)), in the case the Queue is encrypted with a KMS Key, we correctly trust the S3 Service Principal in the Key's Resource Policy.

We need to do something similar in the case of an SNS subscription to an encrypted SQS Queue (so, topic.subscribeQueue(queue)) - the Key should trust the SNS Service Principal in that case.

Metadata

Metadata

Assignees

No one assigned

    Labels

    @aws-cdk/aws-snsRelated to Amazon Simple Notification Serviceeffort/smallSmall work item – less than a day of effortfeature-requestA feature should be added or improved.p1

    Type

    No type

    Projects

    No projects

    Milestone

    No milestone

    Relationships

    None yet

    Development

    No branches or pull requests

    Issue actions