From 6bb42912111f1de90a3cff760a7e62d5f1c42a9a Mon Sep 17 00:00:00 2001
From: Kevin Moore <kevinemoore@gmail.com>
Date: Thu, 12 Dec 2024 11:15:54 -0800
Subject: [PATCH] Update CrossAccount.md (#3752)

Co-authored-by: Kevin Moore <kevin@quiltdata.io>
Co-authored-by: Aneesh Karve <akarve@users.noreply.github.com>
Co-authored-by: Sergey Fedoseev <fedoseev.sergey@quiltdata.io>
---
 docs/CrossAccount.md | 25 +++++++++++++++++++++++++
 1 file changed, 25 insertions(+)

diff --git a/docs/CrossAccount.md b/docs/CrossAccount.md
index 7539bd58efe..a811718d83b 100644
--- a/docs/CrossAccount.md
+++ b/docs/CrossAccount.md
@@ -58,6 +58,31 @@ following to buckets in your *DataAccount*.
 }
 ```
 
+## Notifications
+
+In order for *ControlAccount* to use an existing and
+[correctly configured SNS topic](EventBridge.md#the-workarounds)
+for a single bucket in *DataAccount*, add a statement similar to the following
+to the topic resource policy:
+
+```json
+{
+      "Sid": "AWSConfigSNSPolicy",
+      "Effect": "Allow",
+      "Principal": {
+        "AWS": "arn:aws:iam::CONTROL-ACCOUNT:root"
+      },
+      "Action": [
+        "sns:GetTopicAttributes",
+        "sns:Subscribe"
+      ],
+      "Resource": "SNS_TOPIC_ARN"
+}
+```
+
+You can now set the SNS topic in the [Catalog Admin Panel](catalog/Admin.md) in bucket
+properties under "Indexing and notifications".
+
 ## CloudTrail
 
 For security, auditing, and user-facing analytics, it is recommended that all