💼 [SQS.3] SQS queue access policies should not allow public access

ID: /frameworks/aws-fsbp-v1.0.0/sqs/03

Description

An Amazon SQS access policy can allow public access to an SQS queue, which might allow an anonymous user or any authenticated AWS IAM identity to access the queue. SQS access policies typically provide this access by specifying the wildcard character (*) in the Principal element of the policy, not using proper conditions to restrict access to the queue, or both. If an SQS access policy allows public access, third parties might be able to perform tasks such as receive messages from the queue, send messages to the queue, or modify the access policy for the queue. This could result in events such as data exfiltration, a denial of service, or injection of messages into the queue by a threat actor.

Similar

AWS Security Hub
- https://docs.aws.amazon.com/securityhub/latest/userguide/sqs-controls.html#sqs-3

Sub Sections

Section	Sub Sections	Internal Rules	Policies	Flags	Compliance

Policies (1)

Policy	Logic Count	Flags	Compliance
🛡️ AWS SQS Queue policy allows public access🟢	1	🟢 x6	no data

Description​

Similar​

Sub Sections​

Policies (1)​

Description

Similar

Sub Sections

Policies (1)