diff --git a/README.md b/README.md
index 1d191f9..54a5075 100644
--- a/README.md
+++ b/README.md
@@ -47,7 +47,7 @@ for most use cases.
| [email\_addresses](#input\_email\_addresses) | List of email address for this subscription. | `list(string)` | n/a | yes |
| [enable\_sns\_sse\_encryption](#input\_enable\_sns\_sse\_encryption) | Enable Server-Side Encryption of the SNS Topic. | `bool` | `true` | no |
| [name](#input\_name) | The name of the topic. | `string` | n/a | yes |
-| [sns\_kms\_master\_key\_id](#input\_sns\_kms\_master\_key\_id) | KMS Key ID for Server-Side Encryption of the SNS Topic. If no key is provided, a new one will be created. | `string` | `null` | no |
+| [sns\_kms\_master\_key\_id](#input\_sns\_kms\_master\_key\_id) | KMS Key ID for Server-Side Encryption of the SNS Topic. | `string` | `"alias/aws/sns"` | no |
| [tags](#input\_tags) | Tags to add to the AWS Customer Managed Key. | `map(any)` | `{}` | no |
## Outputs
diff --git a/main.tf b/main.tf
index 1349bb3..1abbdea 100644
--- a/main.tf
+++ b/main.tf
@@ -8,7 +8,7 @@
*/
resource "aws_sns_topic" "main" {
name = var.name
- kms_master_key_id = var.enable_sns_sse_encryption ? coalesce(var.sns_kms_master_key_id, module.kms[0].key_id) : null
+ kms_master_key_id = var.enable_sns_sse_encryption ? try(var.sns_kms_master_key_id, module.kms[0].key_id) : null
tags = var.tags
}
diff --git a/variables.tf b/variables.tf
index 3a5e6fd..dd6a36c 100644
--- a/variables.tf
+++ b/variables.tf
@@ -23,7 +23,7 @@ variable "enable_sns_sse_encryption" {
}
variable "sns_kms_master_key_id" {
- default = null
- description = "KMS Key ID for Server-Side Encryption of the SNS Topic. If no key is provided, a new one will be created."
+ default = "alias/aws/sns"
+ description = "KMS Key ID for Server-Side Encryption of the SNS Topic."
type = string
}