Ensure that none of the Amazon SNS subscriptions created within your AWS account are using HTTP instead of HTTPS as delivery protocol in order to enforce SSL encryption for all subscription requests.
When an AWS SNS subscription is configured to utilize the HTTP protocol instead of HTTPS, the communication between Amazon and the subscription endpoint is vulnerable to malicious activity such as eavesdropping and network sniffing. Cloud Conformity strongly recommends using only HTTPS-based subscriptions by implementing secure SNS topic policies and favor HTTPS over HTTP during the subscription creation process.
To determine if your AWS SNS subscriptions are using HTTP instead of HTTPS as delivery protocol, perform the following actions:
To implement the HTTPS protocol within your existing Amazon SNS subscriptions configuration you need to re-create and confirm these subscriptions by performing the following actions: