sumologic-aws-lambda icon indicating copy to clipboard operation
sumologic-aws-lambda copied to clipboard

Published 20 hours ago verified publisher icon SumoLogic

Potential SAR Vulnerability

Open johspaeth opened this issue 3 years ago • 0 comments

Hi @SumoSourabh

The Readme.md for the CloudWatchEvents deployments needs an update, as it contains an AWS SAR security vulnerability that has been recently discovered. We wrote a detailed explanation on the vulnerability.

It is important to add a link to the source account that deploys to the bucket by adding an additional condition.

            Condition:
              StringEquals:
                "aws:SourceAccount":  <AWS::AccountId>

@SumoSourabh I am tagging you as I have seen that you recently modified the file.

johspaeth avatar Sep 27 '21 13:09 johspaeth