BOM - AWS SQS

  • Query id: 59a849c2-1127-4023-85a5-ef906dcd458c
  • Query name: BOM - AWS SQS
  • Platform: CloudFormation
  • Severity: Trace
  • Category: Bill Of Materials
  • URL: Github

Description

A list of SQS resources specified. Amazon Simple Queue Service (SQS) is a fully managed message queuing service that enables you to decouple and scale microservices, distributed systems, and serverless applications.
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - yaml file
Resources:
  MyQueue:
    Type: AWS::SQS::Queue
    Properties:
      QueueName: "SampleQueue"
      KmsMasterKeyId: wewewewewewe
  SampleSQSPolicy: 
    Type: AWS::SQS::QueuePolicy
    Properties: 
      Queues: 
        - !Ref MyQueue
      PolicyDocument: 
        Statement: 
          - 
            Action: 
              - "SQS:SendMessage" 
              - "SQS:ReceiveMessage"
            Effect: "Allow"
            Resource: "arn:aws:sqs:us-east-2:444455556666:queue2"
            Principal:  
              AWS: 
                - "111122223333"
Positive test num. 2 - json file
{
  "Resources": {
    "MyQueue": {
      "Type": "AWS::SQS::Queue",
      "Properties": {
        "QueueName": "SampleQueue"
      }
    }
  }
}

Code samples without security vulnerabilities

Negative test num. 1 - yaml file
AWSTemplateFormatVersion: '2010-09-09'
Resources:
  myDistribution:
    Type: AWS::CloudFront::Distribution
    Properties:
      DistributionConfig:
        Enabled: true
Negative test num. 2 - json file
{
  "AWSTemplateFormatVersion": "2010-09-09",
  "Resources": {
    "myDistribution": {
      "Type": "AWS::CloudFront::Distribution",
      "Properties": {
        "DistributionConfig": {
          "Enabled": "true"
        }
      }
    }
  }
}