Data protection

SNS topic policy allows everyone to publish

Risk Level

Informational (4)

Platform(s)
Compliance Frameworks

Description

A resource-based policy enables you to specify which AWS account and which AWS users or roles can access your SNS Topic. Allowing everyone to publish messages to SNS topic is a security risk and can lead to DoS attacks. It was detected that the policy of SNS topic {AwsSnsTopic} allows everyone to publish. As a best practice, ensure SNS topics do not allow everyone to publish messages.

  • Recommended Mitigation

    It is recommended to edit the access policy of the SNS topic to allow message publication only to specific users.

Need help?

Get a free Security Risk Assessment. Start today

See Orca in action See Orca in action-> View a 10 minute recorded demo or sign up for a personalized one-on-one walk-through.