Data protection

SES Identity with public access policy

Risk Level

Hazardous (3)

Platform(s)

Description

Amazon Simple Email Service (SES) is an email service that enables developers to send mail from within any application. It was detected that the identity {AwsSesIdentity} has access policy which grants public access to all AWS accounts and users. Therefore, unauthorized AWS accounts and users can take every action from policy actions.