SNS topic with public access

Data protection

SNS topic with public access

Risk Level

Hazardous (3)

Platform(s)

Compliance Frameworks

Brazilian General Data Protection (LGPD)
CCPA
CPRA
GDPR
HITRUST
ISO 27701
ISO/IEC 27001
NIST 800-171
NIST 800-53
Orca Best Practices
PDPA
UK Cyber Essentials

Description

Simple Notification Service (SNS) is a managed service that provides message delivery from publishers to subscribers (also known as producers and consumers). Publishers communicate asynchronously with subscribers by sending messages to a topic, which is a logical access point and communication channel. Clients can subscribe to the SNS topic and receive published messages using a supported endpoint type, such as Amazon Kinesis Data Firehose, Amazon SQS, AWS Lambda, HTTP, email, mobile push notifications, and sms. Orca has detected that the SNS topic {AwsSnsTopic}'s policy allows for public access. Public access to a topic can lead to abuse of the SNS service by a malicious party, by sending an excessive amount of notifications and causing additional billing. Use the SNS topic's policy in order to restrict who can access that topic.

Recommended Mitigation

It is recommended to set the SNS topic's policy to provide access to known parties only. For more information: <a href="https://docs.aws.amazon.com/IAM/latest/UserGuide/access_controlling.html" target="_blank" rel="noopener noreferrer">https://docs.aws.amazon.com/IAM/latest/UserGuide/access_controlling.html</a>

SNS topic with public access

Description

Need help?

CLOUD SECURITY PLATFORM

TECHNOLOGY ECOSYSTEM

By Solution

By Industry

COMPARISONS