Vulnerabilities
Misconfiguration
Runtime Security
Compliance
AWS > Sns > Enable Topic Encryption
HIGH
Source
Trivy/CSPM
CSPM ID
sns-topic-encrypted
ID
AVD-AWS-0095
cloudformation terraform

Unencrypted SNS topic.

Topics should be encrypted to protect their contents.

Impact

The SNS topic messages could be read if compromised

Follow the appropriate remediation steps below to resolve the issue.

Turn on SNS Topic encryption

 1
 2
 3
 4
 5
 6
 7
 8
 9
10
11

---
AWSTemplateFormatVersion: "2010-09-09"
Description: A sample template
AWSTemplateFormatVersion: 2010-09-09
Description: Good example of topic
Resources:
  Queue:
    Type: AWS::SQS::Topic
    Properties:
      TopicName: blah
      KmsMasterKeyId: some-key

Turn on SNS Topic encryption

1
2
3

resource "aws_sns_topic" "good_example" {
  kms_master_key_id = "/blah"
}
Aqua SaaS Plans
The fastest track to get started with Aqua
Start Now
Aqua Security is the largest pure-play cloud native security company, providing customers the freedom to innovate and run their businesses with minimal friction. The Aqua Cloud Native Security Platform provides prevention, detection, and response automation across the entire application lifecycle to secure the build, secure cloud infrastructure and secure running workloads wherever they are deployed.
Copyright © 2022 Aqua Security Software Ltd.   Privacy Policy | Terms of Use