Ensure SNS Cross Account Access is not enabled


Using overly permissive policies that allow unknown cross-account access to your SNS topics can produce to unauthorized actions such as intercepting and publishing messages or subscribing to the exposed topics. To prevent data leaks and unexpected charges on your AWS bill you need to grant access only to the trusted accounts by implementing the right SNS policies.


Perform the following steps to disable cross-account access:

  1. Sign in to the AWS Management Console.
  2. Navigate to SNS dashboard at
  3. In the left navigation panel, under the SNS Dashboard, select Topics.
  4. Select the SNS topic that you want to examine.
  5. Inside the Edit topic policy dialog box, select Advanced view tab and replace the existing (untrusted) AWS identifier(s) defined as the Principal element value(s) with the trusted one(s).
  6. Click Update policy to apply for the new permissions. The AWS SNS dashboard should display now the “Successfully edited topic policy.” confirmation message.
  7. Change the AWS region from the navigation bar and repeat the process for other regions.







We are now live on AWS Marketplace.
The integrated view of your cloud infrastructure is now easier than ever!