Budget with SNS Integration

# Create SNS topic for budget alerts
resource "aws_sns_topic" "budget_alerts" {
  name = "budget-alerts"
}

# Allow AWS Budgets to publish to the topic
resource "aws_sns_topic_policy" "budget_alerts" {
  arn = aws_sns_topic.budget_alerts.arn

  policy = jsonencode({
    Version = "2012-10-17"
    Statement = [{
      Sid       = "AllowBudgetsPublish"
      Effect    = "Allow"
      Principal = { Service = "budgets.amazonaws.com" }
      Action    = "SNS:Publish"
      Resource  = aws_sns_topic.budget_alerts.arn
    }]
  })
}

# Create budget with SNS integration
module "budget" {
  source  = "registry.patterneddesigns.ca/governance/cost-controls/aws"
  version = "1.2.0"

  budget_name  = "production-budget"
  budget_limit = 15000

  alert_thresholds = [50, 75, 90, 100, 110]

  notification_emails = ["finance@example.com"]
  sns_topic_arn       = aws_sns_topic.budget_alerts.arn
}

# Subscribe Lambda function for automated actions
resource "aws_sns_topic_subscription" "lambda" {
  topic_arn = aws_sns_topic.budget_alerts.arn
  protocol  = "lambda"
  endpoint  = aws_lambda_function.cost_handler.arn
}

# Subscribe Slack webhook
resource "aws_sns_topic_subscription" "slack" {
  topic_arn = aws_sns_topic.budget_alerts.arn
  protocol  = "https"
  endpoint  = var.slack_webhook_url
}