Data protection

SQS queue with public access

Risk Level

Hazardous (3)

Platform(s)
Compliance Frameworks

Description

Amazon Simple Queue Service (Amazon SQS) offers a secure, durable, and available hosted queue that lets you integrate and decouple distributed software systems and components. Amazon SQS offers common constructs such as dead-letter queues and cost-allocation tags. It provides a generic web services API that you can access using any programming language that the AWS SDK supports. It was found that {AwsSqsQueue}'s queue policy allows public access to the queue, which can lead to abuse of the queue by a malicious party. Use the SQS queue's policy in order to restrict who can access that queue.