SNS topic should not be accessible over the public internet

sns
이 페이지는 아직 영어로 제공되지 않습니다. 번역 작업 중입니다.
현재 번역 프로젝트에 대한 질문이나 피드백이 있으신 경우 언제든지 연락주시기 바랍니다.

Description

Update your Amazon Simple Notification Service (SNS) topic permissions.

Rationale

Publicly-accessible topics allow unauthorized users access to receive and publish messages and subscribe to exposed topics.

Remediation

From the console

Follow the Using identity-based policies with Amazon SNS docs to learn how to create or add to a policy in the AWS Console.

From the command line

If you do not have an access control policy, create one.

  1. Select SNS Topic Policy as the type of policy.

  2. Add a statement to allow only specific IAM users and roles to have access to the topic. For example:

        Effect: `Allow`
    Principal: `arn:aws:iam::123456789012:root`
    Action: `Add permission`
    Amazon Resource Name: `arn:aws:iam::123456789012:root`

If you do have an access control policy, follow the add-permissions docs to add a permission to your existing policy.