SNS Topic Not Encrypted

  • Query id: 28545147-2fc6-42d5-a1f9-cf226658e591
  • Query name: SNS Topic Not Encrypted
  • Platform: Terraform
  • Severity: Medium
  • Category: Encryption
  • URL: Github

Description

SNS (Simple Notification Service) Topic should be encrypted
Documentation

Code samples

Code samples with security vulnerabilities

Positive test num. 1 - tf file
resource "aws_sns_topic" "user_updates" {
  name              = "user-updates-topic"
  kms_master_key_id = ""
}
Positive test num. 2 - tf file
provider "aws" {
  region = "us-east-1"
}

resource "aws_sns_topic" "test" {
  name = "sns_not_ecnrypted"
}

Code samples without security vulnerabilities

Negative test num. 1 - tf file
provider "aws2" {
  region = "us-east-1"
}

resource "aws_sns_topic" "test2" {
  name              = "sns_ecnrypted"
  kms_master_key_id = "alias/MyAlias"
}