I'm trying to subscribe an endpoint to a S3 bucket's events through an SNS topic.
What I achieved to have through the golang sdk:
- Create an SNS topic
- Make the S3 bucket's events publish to the SNS topic
- Subscribe my endpoint the the SNS topic.
At this point, everything is supposed to work, but...the S3 bucket does not have the permission to publish to the SNS topic. The default SNS policy allows only the owner to publish to the topic.
I can fix this manually from the console changing the topic's policy to allow the S3 bucket ARN to publish to the topic (see image below), but the goal is change the policy through the Golang sdk.
Policy in AWS console
As you can notice from the image above, I don't want to grant access to a specific AWS user, but to a specific S3 bucket (through its ARN).
I couldn't find anything in the SNS sdk documentation (AddPermission
only allows to specify AWS account ids).
Any idea?