From 487b1ee6a80f4ae96ee741ab3eeda6a182c52f8a Mon Sep 17 00:00:00 2001
From: Tipu Qureshi <tqquresh@amazon.com>
Date: Thu, 12 Jan 2023 17:15:07 +0000
Subject: [PATCH] adding SNS topic SSE

---
 .../stepbystep/step_3_stepfunctions_reinvent_workshop.yml      | 3 ++-
 .../cloudformation/risk_credentials_exposed.serverless.yaml    | 3 ++-
 dx-maintenance-notifier/DX_Notifier.json                       | 1 +
 3 files changed, 5 insertions(+), 2 deletions(-)

diff --git a/automated-actions/AWS_EBS_VOLUME_LOST/stepbystep/step_3_stepfunctions_reinvent_workshop.yml b/automated-actions/AWS_EBS_VOLUME_LOST/stepbystep/step_3_stepfunctions_reinvent_workshop.yml
index 05a3bed..6f21735 100644
--- a/automated-actions/AWS_EBS_VOLUME_LOST/stepbystep/step_3_stepfunctions_reinvent_workshop.yml
+++ b/automated-actions/AWS_EBS_VOLUME_LOST/stepbystep/step_3_stepfunctions_reinvent_workshop.yml
@@ -19,6 +19,7 @@ Resources:
   MySNSTopic:
     Type: AWS::SNS::Topic
     Properties:
+      KmsMasterKeyId: "alias/aws/sns"
       TopicName: !Ref SNSTopicName
       DisplayName: !Ref SNSTopicName
       Subscription:
@@ -558,4 +559,4 @@ Outputs:
     Description: StepFunctions ARN
     Value: !Ref StepFunctionVolumeLost
     Export:
-      Name: !Sub "${AWS::StackName}-StepFunctionARN"
\ No newline at end of file
+      Name: !Sub "${AWS::StackName}-StepFunctionARN"
diff --git a/automated-actions/AWS_RISK_CREDENTIALS_EXPOSED/cloudformation/risk_credentials_exposed.serverless.yaml b/automated-actions/AWS_RISK_CREDENTIALS_EXPOSED/cloudformation/risk_credentials_exposed.serverless.yaml
index 1b59caf..821e841 100644
--- a/automated-actions/AWS_RISK_CREDENTIALS_EXPOSED/cloudformation/risk_credentials_exposed.serverless.yaml
+++ b/automated-actions/AWS_RISK_CREDENTIALS_EXPOSED/cloudformation/risk_credentials_exposed.serverless.yaml
@@ -255,5 +255,6 @@ Resources:
 
   NotificationTopic:
     Type: "AWS::SNS::Topic"
-    Properties: 
+    Properties:
+      KmsMasterKeyId: "alias/aws/sns" 
       TopicName: "SecurityNotificationTopic"
diff --git a/dx-maintenance-notifier/DX_Notifier.json b/dx-maintenance-notifier/DX_Notifier.json
index af3b604..0c95161 100644
--- a/dx-maintenance-notifier/DX_Notifier.json
+++ b/dx-maintenance-notifier/DX_Notifier.json
@@ -34,6 +34,7 @@
 	"SnsTopic": {
 	  "Type": "AWS::SNS::Topic",
 	  "Properties": {
+		  "KmsMasterKeyId": "alias/aws/sns",
 		  "DisplayName": "DXMaintNotify",
 		  "TopicName" : "DXMaintNotify",
 		  "Subscription" : [