Data protection

SNS topic policy allows everyone to publish

Risk Level

Informational (4)



A resource-based policy enables you to specify which AWS account and which AWS users or roles can access your SNS Topic. Allowing everyone to publish messages to SNS topic is a security risk and can lead to DoS attacks. It was detected that the policy of SNS topic {AwsSnsTopic} allows everyone to publish. As a best practice, ensure SNS topics do not allow everyone to publish messages.
  • Recommended Mitigation

    It is recommended to edit the access policy of the SNS topic to allow message publication only to specific users.