Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

feat(sns): enforce ssl with topic policy #29144

Merged
merged 15 commits into from
Feb 20, 2024
Merged

feat(sns): enforce ssl with topic policy #29144

merged 15 commits into from
Feb 20, 2024

Conversation

msambol
Copy link
Contributor

@msambol msambol commented Feb 17, 2024
edited
Loading

Adds a statement to match the document in the docs:

{
  "Id": "ExamplePolicy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowPublishThroughSSLOnly",
      "Action": "SNS:Publish",
      "Effect": "Deny",
      "Resource": [
        "arn:aws:sns:us-east-1:1234567890:test-topic"
      ],
      "Condition": {
        "Bool": {
          "aws:SecureTransport": "false"
        }
      },
      "Principal": "*"
    }
  ]
}

Closes #29142.

By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license

@aws-cdk-automation aws-cdk-automation requested a review from a team February 17, 2024 00:59
@github-actions github-actions bot added feature-request A feature should be added or improved. p2 star-contributor [Pilot] contributed between 25-49 PRs to the CDK labels Feb 17, 2024
@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Feb 17, 2024
@jlosito jlosito mentioned this pull request Feb 19, 2024
Closed
2 tasks
colifran
colifran previously requested changes Feb 19, 2024
View reviewed changes
Copy link
Contributor

@colifran colifran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

I like where this is going! I left a comment about what I think might be a cleaner solution.

@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Feb 19, 2024
@mergify mergify bot dismissed colifran’s stale review February 20, 2024 00:17

Pull request has been modified.

@aws-cdk-automation
Copy link
Collaborator

AWS CodeBuild CI Report

  • CodeBuild project: AutoBuildv2Project1C6BFA3F-wQm2hXv2jqQv
  • Commit ID: 127fc3b
  • Result: SUCCEEDED
  • Build Logs (available for 30 days)

Powered by github-codebuild-logs, available on the AWS Serverless Application Repository

@aws-cdk-automation aws-cdk-automation added the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Feb 20, 2024
@msambol
Copy link
Contributor Author

msambol commented Feb 20, 2024

@colifran updated. Much cleaner

colifran
colifran approved these changes Feb 20, 2024
View reviewed changes
Copy link
Contributor

@colifran colifran left a comment

Choose a reason for hiding this comment

The reason will be displayed to describe this comment to others. Learn more.

Great job!

@mergify Mergify
Copy link
Contributor

mergify bot commented Feb 20, 2024

Thank you for contributing! Your pull request will be updated from main and then merged automatically (do not update manually, and be sure to allow changes to be pushed to your fork).

@mergify mergify bot merged commit a75f447 into aws:main Feb 20, 2024
13 checks passed
@aws-cdk-automation aws-cdk-automation removed the pr/needs-community-review This PR needs a review from a Trusted Community Member or Core Team Member. label Feb 20, 2024
GavinZZ pushed a commit that referenced this pull request Feb 22, 2024
@msambol @GavinZZ
feat(sns): enforce ssl with topic policy (#29144)
1a92663 
Adds a statement to match the document in the [docs](https://docs.aws.amazon.com/sns/latest/dg/sns-security-best-practices.html#enforce-encryption-data-in-transit):

```
{
  "Id": "ExamplePolicy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowPublishThroughSSLOnly",
      "Action": "SNS:Publish",
      "Effect": "Deny",
      "Resource": [
        "arn:aws:sns:us-east-1:1234567890:test-topic"
      ],
      "Condition": {
        "Bool": {
          "aws:SecureTransport": "false"
        }
      },
      "Principal": "*"
    }
  ]
}
```

Closes #29142.

----

*By submitting this pull request, I confirm that my contribution is made under the terms of the Apache-2.0 license*
@github-actions github-actions bot mentioned this pull request Mar 1, 2024
Closed
@msambol msambol deleted the 29142 branch March 8, 2024 21:47
@EYssel EYssel mentioned this pull request Mar 25, 2024
Closed
@mrgum mrgum mentioned this pull request Jun 5, 2024
Closed
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment
Reviewers

@colifran colifran colifran approved these changes

Assignees
No one assigned
Labels
feature-request A feature should be added or improved. p2 star-contributor [Pilot] contributed between 25-49 PRs to the CDK
Projects
None yet
Milestone
No milestone
Development

Successfully merging this pull request may close these issues.

SNS: Enforce SSL with Prop
3 participants
@msambol @aws-cdk-automation @colifran