SNS: Enforce SSL with Prop

[jlosito]

Describe the feature

I'd like the ability to enforce SSL on an SNS topic in a similar fashion as the Bucket construct. The Bucket construct has a property, enforceSSL, that will automatically update the bucket policy and enforce SSL. I'd like something similar that will automatically update the topic policy.

https://docs.aws.amazon.com/cdk/api/v2/docs/aws-cdk-lib.aws_s3.Bucket.html#enforcessl

Use Case

In the AwsSolutionsChecks within cdk-nag, there is a rule that requires SSL on SNS Topics, AwsSolutions-SNS3. Given that is a recommended practice, I believe setting an SNS Topic's policy so that it requires SSL would be a typical scenario. Since it's a typical scenario, I'd like a property to do it for me rather than having to write up a TopicPolicy every time.

https://github.com/cdklabs/cdk-nag/blob/main/RULES.md

Proposed Solution

new Topic(this, 'MyTopic', {
    enforceSSL: true,
});

Other Information

No response

Acknowledgements

• I may be able to implement this feature request
• This feature might incur a breaking change

CDK version used

2.126.0

Environment details (OS name and version, etc.)

macOS 14.3

[pahud]

I am not sure if we should expose that to the L2 props but feel free to submit a PR to move this forward. Thank you!

[jlosito]

@pahud there already seems to be a PR open for this.
#29144

[github-actions]

⚠️COMMENT VISIBILITY WARNING⚠️

Comments on closed issues are hard for our team to see.
If you need more assistance, please either tag a team member or open a new issue that references this one.
If you wish to keep having a conversation with other community members under this issue feel free to do so.