AWS SNS topic should be encrypted
Severity | Exploitability | Providers | Categories |
---|---|---|---|
HIGH | HIGH | AWS | DATA, PERMISSION |
Description
Amazon Simple Notification Service (Amazon SNS) is a managed service that provides message delivery from publishers to subscribers. An Amazon SNS topic is a logical access point that acts as a communication channel.
The message body in Amazon SNS topics should always be encrypted to protect the data if accesses are compromised.
Impact
Potential data exposure | Visible in logs | User interaction required | Privileges required |
---|---|---|---|
True | False | False | True |
Not encrypting data could lead to data leak in case of an attack.
Remediation guidelines
Enable encryption at rest for the SNS topic. Note that all requests to topics with encryption enabled must use HTTPS and Signature Version 4.