AWS CloudFormation stack configured without SNS topic

Description

Enabling event notifications for your AWS CloudFormation stacks can help you to monitor and track changes to your stacks. When event notifications are enabled, CloudFormation will send a message to an Amazon Simple Notification Service (SNS) topic each time a stack event occurs. By doing so, you will improve your visibility and automation processes (if desired).

Code Example

resource "aws_cloudformation_stack" "default" {
    name = "networking-stack"
    ...
 +  notification_arns = ["arn1", "arn2"]
  }

Remediation

Terraform

Resource: aws_cloudformation_stack
Arguments: notification_arns

Rule Details

Field	Value
ID	IAC-0177
Severity	LOW
IaC Type	Terraform
Frameworks	Terraform, TerraformPlan
Checkov ID	CKV_AWS_124

References

Checkov Rule

Overview

SAST (Application Security)

SCA (Dependencies)

Secrets Detection

IaC Security

License Compliance

SAST Rules

IaC Rules

License Rules

Description

Code Example

Remediation

Rule Details

References

SAST Rules

IaC Rules

License Rules

AWS CloudFormation stack configured without SNS topic ​

Description ​

Code Example ​

Remediation ​

Rule Details ​

References ​

AWS CloudFormation stack configured without SNS topic

Description

Code Example

Remediation

Rule Details

References