NOTE: This repo contains only the documentation for the private BoltsOps Pro repo code. Original file: The docs are publish so they are available for interested customers. For access to the source code, you must be a paying BoltOps Pro subscriber. If are interested, you can contact us at [email protected] or
This blueprint provisions an SNS topic.
- All AWS::SNS::Topic properties are configurable with Parameters. Additionally, properties that require further customization are configurable with Variables.
- You can add subscriptions with the
- Add blueprint to Gemfile
- Configure: configs/sns values
- Deploy
Add the blueprint to your lono project's Gemfile
gem "sns", git: "[email protected]:boltopspro/sns.git"
First you want to configure the configs files. Use lono seed to configure starter values quickly.
LONO_ENV=development lono seed sns
To deploy to additional environments:
LONO_ENV=production lono seed sns
The generated files in config/sns
folder look something like this:
├── params
│ ├── development.txt
│ └── production.txt
└── variables
├── development.rb
└── production.rb
Here's an example of the params config:
# Parameter Group: AWS::SNS::Topic
# DisplayName= # my display name
# KmsMasterKeyId= # 1234abcd-12ab-34cd-56ef-1234567890ab # also arn:aws:kms:us-east-2:111122223333:key/1234abcd-12ab-34cd-56ef-1234567890ab
# TopicName= # my-topic-name
Use the lono cfn deploy command to deploy. Example:
LONO_ENV=development lono cfn deploy sns --blueprint sns --sure
LONO_ENV=production lono cfn deploy sns --blueprint sns --sure
If you are using One AWS Account, use these commands instead: One Account.
You can use the @subscription
variable to create subscribers. Example:
@subscription = [{
Endpoint: "[email protected]", # String. Examples: http | https | email | email | sms | sqs | application | lambda
Protocol: "email", # String
Refer to the SNS Subscribe API docs for more subscription types.
You can also adjust the AWS::SNS::TopicPolicy IAM Document with the @policy_document
variable. Example:
@policy_document =<<~JSON
"Version": "2008-10-17",
"Id": "example-ID",
"Statement": [
"Sid": "example-statement-ID",
"Effect": "Allow",
"Principal": {
"Service": ""
"Action": [
"Resource": "${SnsTopic}",
"Condition": {
"ArnLike": {
"aws:SourceArn": "arn:aws:s3:*:*:my-test-bucket"
In this example, it allows s3 to publish to the SNS topic. Make sure to replace the my-test-bucket
in the example.
By leveraging the lono Stack Name and CLI conventions, we can organize the configs files in a way that matches the stack name. Example:
lono cfn deploy news --blueprint sns
lono cfn deploy alerts --blueprint sns
Will use the corresponding config files:
The IAM permissions required for this stack are described below.
Service | Description |
cloudformation | To launch the CloudFormation stack. |
sns | sns instance and security group. |
s3 | Lono managed s3 bucket |