Skip to content

Commit bdbd31a

Browse files
committed
fix(iac): align ses sns policy for event destination
1 parent 8dd0cb4 commit bdbd31a

File tree

1 file changed

+1
-16
lines changed

1 file changed

+1
-16
lines changed

iac/main.tf

Lines changed: 1 addition & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -268,25 +268,10 @@ data "aws_iam_policy_document" "ses_events" {
268268
variable = "AWS:SourceAccount"
269269
values = [data.aws_caller_identity.current.account_id]
270270
}
271-
}
272-
273-
statement {
274-
sid = "AllowSesPublishFromSourceArn"
275-
effect = "Allow"
276-
277-
principals {
278-
type = "Service"
279-
identifiers = ["ses.amazonaws.com"]
280-
}
281-
282-
actions = ["sns:Publish"]
283-
resources = [aws_sns_topic.ses_events[0].arn]
284-
285271
condition {
286-
test = "ArnLike"
272+
test = "StringEquals"
287273
variable = "AWS:SourceArn"
288274
values = [
289-
aws_ses_domain_identity.app[0].arn,
290275
"arn:aws:ses:${local.ses_region}:${data.aws_caller_identity.current.account_id}:configuration-set/${local.ses_configuration_set_name}",
291276
]
292277
}

0 commit comments

Comments
 (0)