Awesome geohacker. Just wanted to point out that SNS topics can be exposed externally. This is how we provide notifications for a number of the datasets on https://aws.amazon.com/earth/ (like Landsat 8, Sentinel-2, etc). Below is a sample topic policy that allows S3 to post an event and anyone to subscribe from SQS and Lambda services. Can be used as a base to open up more access.

{ “Version”: “2008-10-17”, “Id”: “PublicSQSandLambdaSNS”, “Statement”: [ { “Sid”: “AllowLandsatPDSPublication”, “Effect”: “Allow”, “Principal”: { “Service”: “s3.amazonaws.com” }, “Action”: “SNS:Publish”, “Resource”: “arn:aws:sns:us-west-2:xxxx:NewSceneHTML”, “Condition”: { “ArnLike”: { “aws:SourceArn”: “arn:aws:s3:::landsat-pds” } } }, { “Sid”: “allowOnlySQSandLambdaSubscription”, “Effect”: “Allow”, “Principal”: { “AWS”: “*” }, “Action”: [ “SNS:Subscribe”, “SNS:Receive” ], “Resource”: “arn:aws:sns:us-west-2:xxxxxx:NewSceneHTML”, “Condition”: { “StringEquals”: { “SNS:Protocol”: [ “lambda”, “sqs” ] } } } ] }