SNS topic should not be accessible over the public internet

sns
이 페이지는 아직 한국어로 제공되지 않으며 번역 작업 중입니다. 번역에 관한 질문이나 의견이 있으시면 언제든지 저희에게 연락해 주십시오.

Description

Update your Amazon Simple Notification Service (SNS) topic permissions.

Rationale

Publicly-accessible topics allow unauthorized users access to receive and publish messages and subscribe to exposed topics.

Remediation

From the console

Follow the Using identity-based policies with Amazon SNS docs to learn how to create or add to a policy in the AWS Console.

From the command line

If you do not have an access control policy, create one.

  1. Select SNS Topic Policy as the type of policy.

  2. Add a statement to allow only specific IAM users and roles to have access to the topic. For example:

        Effect: `Allow`
    Principal: `arn:aws:iam::123456789012:root`
    Action: `Add permission`
    Amazon Resource Name: `arn:aws:iam::123456789012:root`

If you do have an access control policy, follow the add-permissions docs to add a permission to your existing policy.