Added SNS Topic Subscription access publicly Template

sns-topic-subscribe-public-accessible.yaml

@@ -0,0 +1,68 @@
+id: sns-topic-subscribe-public-access
+
+info:
+  name: Public Subscription Access of SNS Topics via Policy
+  author: Ritesh_Gohil(#L4stPL4Y3R)
+  severity: High
+  description: |
+    This template checks if Amazon SNS topics are configured to allow public subscription access via topic policies.
+  reference:
+    - https://docs.aws.amazon.com/sns/latest/api/API_GetTopicAttributes.html
+  tags: cloud, devops, aws, amazon, sns, aws-cloud-config
+
+flow: |
+  code(1)
+  for (let topicArn of iterate(template.topics)) {
+    set("topicArn", topicArn)
+    code(2)
+  }
+
+self-contained: true
+code:
+  - engine:
+      - sh
+      - bash
+    source: |
+      aws sns list-topics --query 'Topics[*].TopicArn'
+
+    extractors:
+      - type: json
+        internal: true
+        name: topics
+        json:
+          - '.[]'
+
+  - engine:
+      - sh
+      - bash
+    source: |
+      aws sns get-topic-attributes --topic-arn $topicArn --query Attributes.Policy --output text
+
+    matchers-condition: and
+    matchers:
+      - type: word
+        part: body
+        words:
+          - '"Effect":"Allow"'
+
+      - type: word
+        part: body
+        words:
+          - '"Principal":{"AWS":"*"}'
+
+      - type: word
+        part: body
+        words:
+          - '"Action":"SNS:Subscribe"'
+
+      - type: regex
+        part: body
+        negative: true
+        regex:
+          - '"Condition"'
+
+    extractors:
+      - type: dsl
+        dsl:
+          - '"The SNS topic " + topicArn + " allows public subscription via Policy"'
+# digest: 4a0a0047304502205fb7f0c9b0626cc145370d50015cadeeda16e73469baaab959fc8c76c120a57b02210096912a33733194302dcee8747a398dd06c425ceac11d7348bd8c08ca4b0184de:f37bf26b30a8e29c9db6a85589544950