Using CDK, SNS topic Policy Statement, use actions: ["sns:*"], Cloudformation results in "Policy statement action out of service scope!"

Question

Unable to refer to all SNS actions with the * in CDK.

 const MyTopicPolicy = new sns.TopicPolicy(this, 'MyTopicSNSPolicy', {
        topics: [MyTopic],
            }); 
            
            MyTopicPolicy.document.addStatements(new iam.PolicyStatement({
              sid: "0",
              actions: ["sns:*"],
              principals: [new iam.AnyPrincipal()]
              resources: [MyTopic.topicArn],
              conditions: {"StringEquals": {"AWS:SourceOwner":"1212121212"}},
            }));

When I do the cdk synth, I get the following snippet in my template:

 "MyTopicSNSPolicyE244CE5D": {
   "Type": "AWS::SNS::TopicPolicy",
   "Properties": {
    "PolicyDocument": {
     "Statement": [
      {
       "Action": "SNS:*",
       "Condition": {
        "StringEquals": {
         "AWS:SourceOwner": "1212121212"
        }
       },
       "Effect": "Allow",
       "Principal": {
        "AWS": "*"
       },
       "Resource": {
        "Ref": "MyTopic62D646CB"
       },
       "Sid": "0"
      }
     ],

....which looks good. But then when I build in cloudformation, I get the following error in the Events:

Invalid parameter: Policy statement action out of service scope! (Service: AmazonSNS; Status Code: 400; Error Code: InvalidParameter

Answer 1

The policy statement may only include supported SNS policy actions :

actions: ['sns:Publish', 'sns:Subscribe'], // etc.