Howto specify 'Raw Message Delivery' for an SNS subscription using AWS CloudFormation?

Question

I've got an AWS CloudFormation template that creates an SNS topic and a subscription:

"AcceptedTopic":{
            "Type": "AWS::SNS::Topic",
            "Properties": {
                "DisplayName": {"Fn::Join": ["", ["Accepted-", {"Ref": "Env"}]]},
                "TopicName": {"Fn::Join": ["", ["Accepted-", {"Ref": "Env"}]]},
                "Subscription": [{
                    "Endpoint": {"Fn::GetAtt" : [ "SomeQueue" , "Arn" ]},
                    "Protocol": "sqs"
                }]
            }
        }

I need to specify the 'Raw Message Delivery' subscription attribute. How can I do that in AWS CloudFormation?

Answer 1

As of this writing, AWS CloudFormation doesn't support that natively. As an alternate, you can create a Lambda-backed custom resource to get around this limitation and set that attribute using set-subscription-attributes instead. Here are some helpful resources to help accomplish that:

• Lambda-backed custom resources
• SNS' set-subscription-attributes API

Answer 2

Now AWS CloudFormation supports it with AWS::SNS::Subscription. So instead of adding the subscription as a property of the topic, add an Subscription resource linked above.

A caveat though, is that if you already created a topic with that subscription and are now trying to add the attribute, it'd fail miserably with Invalid Parameter error. The cause is it's considering the standalone Subscription added in the template as a new resource and trying to create it. I haven't found a good way around this other than deleting that subscription manually, which is not good practice in production environment.

My solution around this is separating it into 2 steps. First, remove the property subscription from the topic and add a Subscription resource. Then, add new attributes to the subscription resource.

First:

{
    "AcceptedTopic": {
        "Type": "AWS::SNS::Topic",
        "Properties": {
            "DisplayName": {
                "Fn::Join": ["", ["Accepted-", {"Ref": "Env"}]]
            },
            "TopicName": {
                "Fn::Join": ["", ["Accepted-", {"Ref": "Env"}]]
            }
        }
    }
    "AcceptedTopicSubscription": {
        "TopicArn": { "Ref": "AcceptedTopic" },
        "Endpoint": {
            "Fn::GetAtt": ["SomeQueue", "Arn"]
        },
        "Protocol": "Sqs"
    }
}

Then:

{
    ...
    "AcceptedTopicSubscription": {
        "TopicArn": { "Ref": "AcceptedTopic" },
        "Endpoint": {
            "Fn::GetAtt": ["SomeQueue", "Arn"]
        },
        "Protocol": "Sqs",
        "RawMessageDelivery": "true"
    }
}