- 필수 기능
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- 디지털 경험
- 소프트웨어 제공
- 보안
- 로그 관리
- 관리
- 인프라스트럭처
- ci
- containers
- csm
- ndm
- otel_guides
- overview
- slos
- synthetics
- tests
- 워크플로
Update your Amazon Simple Notification Service (SNS) topic publishing permissions.
A resource-based policy attached to an SNS topic with a Principal of *
and an Action of sns:Publish
allows anyone to publish to a topic. Unauthenticated users can publish arbitrary messages, potentially leading to an impact for downstream applications.
Follow the Preventative best practices docs to learn how to implement least-privilege access or use IAM roles for your applications and AWS services.
Principal
ARN. Save the file as policy.json
.{
...
"Statement": [
...
{
"Sid": "console_pub",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::123456789012:root"
},
"Action": [
"SNS:Publish"
],
...
}
]
}
set-topic-attributes
with the ARN of the SNS topic.aws sns set-topic-attributes
--topic-arn arn:aws:sns:region:123456789012:YourTopic
--attribute-name Policy
--attribute-value file://policy.json