BOM - AWS SNS
- Query id: 42e7dca3-8cce-4325-8df0-108888259136
- Query name: BOM - AWS SNS
- Platform: CloudFormation
- Severity: Trace
- Category: Bill Of Materials
- CWE: 532
- URL: Github
Description¶
A list of SNS resources specified. Amazon Simple Notification Service (Amazon SNS) is a fully managed messaging service for both application-to-application (A2A) and application-to-person (A2P) communication.
Documentation
Code samples¶
Code samples with security vulnerabilities¶
Positive test num. 1 - yaml file
AWSTemplateFormatVersion: '2010-09-09'
Description: ''
Resources:
SnsTopic:
Type: 'AWS::SNS::Topic'
Properties:
Subscription:
- Endpoint: email@example.com
Protocol: email
TopicName: alarm-action
KmsMasterKeyId: ididididid
StartedTopicPolicy:
Type: AWS::SNS::TopicPolicy
Properties:
Topics:
- !Ref SnsTopic
PolicyDocument:
Statement:
- Effect: Allow
Principal:
Service: events.amazonaws.com
Action:
- sns:Publish
Resource: "*"
Positive test num. 2 - json file
{
"AWSTemplateFormatVersion": "2010-09-09",
"Description": "",
"Resources": {
"SnsTopic": {
"Type": "AWS::SNS::Topic",
"Properties": {
"Subscription": [
{
"Endpoint": "email@example.com",
"Protocol": "email"
}
],
"TopicName": "alarm-action",
"KmsMasterKeyId": "ididididid"
}
}
}
}