Identify any publicly accessible SNS topics and implement the necessary permissions in order to protect them against attackers or unauthorized personnel.
Setting accidentally (or intentionally) overly permissive policies for your SNS topics can allow unauthorized users to receive/publish messages and subscribe to the exposed topics. One common scenario is when a root user grants permissions for an SNS topic to the "Everyone" grantee while testing the notification system and forgets about the insecure set of permissions applied during the testing stage.
To determine if there are any exposed SNS topics within your AWS account, perform the following:
To update the policies and implement the required permissions to secure any exposed SNS topics, perform the following: