Clone SNS Topic

stevebux · stevebux · commit de0cce4cc026 · 2026-01-15T14:57:06.000Z
diff --git a/infrastructure/terraform/components/api/sns_topic_subscription_eventsub_sqs_letter_updates.tf b/infrastructure/terraform/components/api/sns_topic_subscription_eventsub_sqs_letter_updates.tf
@@ -3,3 +3,9 @@ resource "aws_sns_topic_subscription" "eventsub_sqs_letter_updates" {
   protocol  = "sqs"
   endpoint  = module.sqs_letter_updates.sqs_queue_arn
 }
+
+resource "aws_sns_topic_subscription" "eventsub_sqs_letter_updates_clone" {
+  topic_arn = module.eventsub.sns_topic_clone.arn
+  protocol  = "sqs"
+  endpoint  = module.sqs_letter_updates.sqs_queue_arn
+}
diff --git a/infrastructure/terraform/modules/eventsub/README.md b/infrastructure/terraform/modules/eventsub/README.md
@@ -41,6 +41,7 @@
 |------|-------------|
 | <a name="output_s3_bucket_event_cache"></a> [s3\_bucket\_event\_cache](#output\_s3\_bucket\_event\_cache) | S3 Bucket ARN and Name for event cache |
 | <a name="output_sns_topic"></a> [sns\_topic](#output\_sns\_topic) | SNS Topic ARN and Name |
+| <a name="output_sns_topic_clone"></a> [sns\_topic\_clone](#output\_sns\_topic\_clone) | SNS Topic ARN and Name |
 <!-- vale on -->
 <!-- markdownlint-enable -->
 <!-- END_TF_DOCS -->
diff --git a/infrastructure/terraform/modules/eventsub/outputs.tf b/infrastructure/terraform/modules/eventsub/outputs.tf
@@ -6,6 +6,14 @@ output "sns_topic" {
   }
 }
 
+output "sns_topic_clone" {
+  description = "SNS Topic ARN and Name"
+  value = {
+    arn  = aws_sns_topic.main_clone.arn
+    name = aws_sns_topic.main_clone.name
+  }
+}
+
 output "s3_bucket_event_cache" {
   description = "S3 Bucket ARN and Name for event cache"
   value = var.enable_event_cache ? {
diff --git a/infrastructure/terraform/modules/eventsub/sns_topic_clone.tf b/infrastructure/terraform/modules/eventsub/sns_topic_clone.tf
@@ -0,0 +1,24 @@
+resource "aws_sns_topic" "main_clone" {
+  name              = local.csi
+  kms_master_key_id = var.kms_key_arn
+
+  application_failure_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  application_success_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  application_success_feedback_sample_rate = var.enable_sns_delivery_logging == true ? var.sns_success_logging_sample_percent : null
+
+  firehose_failure_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  firehose_success_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  firehose_success_feedback_sample_rate = var.enable_sns_delivery_logging == true ? var.sns_success_logging_sample_percent : null
+
+  http_failure_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  http_success_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  http_success_feedback_sample_rate = var.enable_sns_delivery_logging == true ? var.sns_success_logging_sample_percent : null
+
+  lambda_failure_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  lambda_success_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  lambda_success_feedback_sample_rate = var.enable_sns_delivery_logging == true ? var.sns_success_logging_sample_percent : null
+
+  sqs_failure_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  sqs_success_feedback_role_arn    = var.enable_sns_delivery_logging == true ? aws_iam_role.sns_delivery_logging_role[0].arn : null
+  sqs_success_feedback_sample_rate = var.enable_sns_delivery_logging == true ? var.sns_success_logging_sample_percent : null
+}
diff --git a/infrastructure/terraform/modules/eventsub/sns_topic_policy.tf b/infrastructure/terraform/modules/eventsub/sns_topic_policy.tf
@@ -4,6 +4,12 @@ resource "aws_sns_topic_policy" "main" {
   policy = data.aws_iam_policy_document.sns_topic_policy.json
 }
 
+resource "aws_sns_topic_policy" "main_clone" {
+  arn = aws_sns_topic.main_clone.arn
+
+  policy = data.aws_iam_policy_document.sns_topic_policy.json
+}
+
 data "aws_iam_policy_document" "sns_topic_policy" {
   policy_id = "__default_policy_ID"
 
diff --git a/infrastructure/terraform/modules/eventsub/sns_topic_subscription_firehose.tf b/infrastructure/terraform/modules/eventsub/sns_topic_subscription_firehose.tf
@@ -7,3 +7,13 @@ resource "aws_sns_topic_subscription" "firehose" {
   endpoint              = aws_kinesis_firehose_delivery_stream.main[0].arn
   raw_message_delivery  = var.enable_firehose_raw_message_delivery
 }
+
+resource "aws_sns_topic_subscription" "firehose_clone" {
+  count = var.enable_event_cache ? 1 : 0
+
+  topic_arn             = aws_sns_topic.main_clone.arn
+  protocol              = "firehose"
+  subscription_role_arn = aws_iam_role.sns_role.arn
+  endpoint              = aws_kinesis_firehose_delivery_stream.main[0].arn
+  raw_message_delivery  = var.enable_firehose_raw_message_delivery
+}

Original file line number	Diff line number	Diff line change
`@@ -6,6 +6,14 @@ output "sns_topic" {`
`6`	`6`	`}`
`7`	`7`	`}`
`8`	`8`
	`9`	`+output "sns_topic_clone" {`
	`10`	`+ description = "SNS Topic ARN and Name"`
	`11`	`+ value = {`
	`12`	`+ arn = aws_sns_topic.main_clone.arn`
	`13`	`+ name = aws_sns_topic.main_clone.name`
	`14`	`+ }`
	`15`	`+}`
	`16`	`+`
`9`	`17`	`output "s3_bucket_event_cache" {`
`10`	`18`	`description = "S3 Bucket ARN and Name for event cache"`
`11`	`19`	`value = var.enable_event_cache ? {`