Description

Serverless Application Repository allows to find, deploy, and publish serverless applications in the AWS Cloud. It was detected that the serverless application {AwsServerlessApplicationRepositoryApplication}'s policy allows public access. Public access to an application may expose information that you don't want to be stored or made public. Therefore, use the serverless application's policy in order to restrict who can access that application.

• 

  Recommended Mitigation

  It is recommended to set the application's policy to provide access to known parties only. For more information: https://docs.aws.amazon.com/serverlessrepo/latest/devguide/security_iam_resource-based-policy-examples.html