SES Identity with public access policy

Data protection

SES Identity with public access policy

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
cis_8
ISO 27701
ISO/IEC 27001
Mitre ATT&CK v12
New Zealand Information Security Manual
NIST 800-171
NIST 800-53
Orca Best Practices

Description

Amazon Simple Email Service (SES) is an email service that enables developers to send mail from within any application. It was detected that the identity {AwsSesIdentity} has access policy which grants public access to all AWS accounts and users. Therefore, unauthorized AWS accounts and users can take every action from policy actions.

Recommended Mitigation

It is recommended to configure the identity's access policy with permissions to known parties only, in order to restrict who can take actions. For more information: https://docs.aws.amazon.com/ses/latest/dg/sending-authorization-identity-owner-tasks-management.html

SES Identity with public access policy

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS