fix(iac): align ses sns policy for event destination

kennethaasan · kennethaasan · commit bdbd31aa8a42 · 2025-12-26T22:17:46.000+01:00
diff --git a/iac/main.tf b/iac/main.tf
@@ -268,25 +268,10 @@ data "aws_iam_policy_document" "ses_events" {
       variable = "AWS:SourceAccount"
       values   = [data.aws_caller_identity.current.account_id]
     }
-  }
-
-  statement {
-    sid    = "AllowSesPublishFromSourceArn"
-    effect = "Allow"
-
-    principals {
-      type        = "Service"
-      identifiers = ["ses.amazonaws.com"]
-    }
-
-    actions   = ["sns:Publish"]
-    resources = [aws_sns_topic.ses_events[0].arn]
-
     condition {
-      test     = "ArnLike"
+      test     = "StringEquals"
       variable = "AWS:SourceArn"
       values = [
-        aws_ses_domain_identity.app[0].arn,
         "arn:aws:ses:${local.ses_region}:${data.aws_caller_identity.current.account_id}:configuration-set/${local.ses_configuration_set_name}",
       ]
     }
