serverless-architectures-aws icon indicating copy to clipboard operation
serverless-architectures-aws copied to clipboard

Published 20 hours ago verified publisher icon sbarski

Vulnerability in chapter-3/Listing 3.5 - SNS Condition.txt

Open brandonslee opened this issue 2 years ago • 0 comments

Hi,

to avoid world accessible vulnerability of the SNS, it needs to be added "aws:SourceAccount" in Condition like below.

"Condition": { "StringEquals": { "aws:SourceAccount": "111122223333" }, "ArnLike": { "aws:SourceArn": "arn:aws:s3:::serverless-video-transcoded" } }

brandonslee avatar Mar 28 '22 14:03 brandonslee