๐ผ [SQS.3] SQS queue access policies should not allow public access
-
Contextual name: ๐ผ [SQS.3] SQS queue access policies should not allow public access
-
ID:
/frameworks/aws-fsbp-v1.0.0/sqs/03 -
Located in: ๐ผ Simple Queue Service (SQS)
Descriptionโ
An Amazon SQS access policy can allow public access to an SQS queue, which
might allow an anonymous user or any authenticated AWS IAM identity to access
the queue. SQS access policies typically provide this access by specifying
the wildcard character (*) in the Principal element of the policy, not using
proper conditions to restrict access to the queue, or both. If an SQS access
policy allows public access, third parties might be able to perform tasks
such as receive messages from the queue, send messages to the queue, or modify
the access policy for the queue. This could result in events such as data
exfiltration, a denial of service, or injection of messages into the queue
by a threat actor.
Similarโ
Sub Sectionsโ
| Section | Sub Sections | Internal Rules | Policies | Flags |
|---|