Is subscription secure only remediation

Using Console

Using CLI

Using Python

Sure, here are the step-by-step instructions to remediate the AWS SNS Subscription that uses HTTP as the delivery protocol using Python:

First, you need to import the necessary libraries:

import boto3

Next, create a new boto3 client for SNS:

sns_client = boto3.client('sns')

Then, you need to get a list of all the subscriptions for your SNS topic:

response = sns_client.list_subscriptions_by_topic(TopicArn='your_topic_arn')

Loop through the response and check if any of the subscriptions are using HTTP as the delivery protocol:

for subscription in response['Subscriptions']:
    if subscription['Protocol'] == 'http':
        subscription_arn = subscription['SubscriptionArn']

If you find a subscription using HTTP, you need to update it to use HTTPS instead. To do this, you can use the set_subscription_attributes method:

sns_client.set_subscription_attributes(
    SubscriptionArn=subscription_arn,
    AttributeName='DeliveryPolicy',
    AttributeValue='{"http": {"defaultHealthyRetryPolicy": {"numRetries": 3,"numNoDelayRetries": 0,"minDelayTarget": 20,"maxDelayTarget": 20,"numMinDelayRetries": 0,"numMaxDelayRetries": 0,"backoffFunction": "linear"},"disableSubscriptionOverrides": false,"defaultThrottlePolicy": {"numRetries": 0,"numNoDelayRetries": 0,"minDelayTarget": 0,"maxDelayTarget": 0,"numMinDelayRetries": 0,"numMaxDelayRetries": 0,"backoffFunction": "linear"}},"https": {"defaultHealthyRetryPolicy": {"numRetries": 3,"numNoDelayRetries": 0,"minDelayTarget": 20,"maxDelayTarget": 20,"numMinDelayRetries": 0,"numMaxDelayRetries": 0,"backoffFunction": "linear"},"disableSubscriptionOverrides": false,"defaultThrottlePolicy": {"numRetries": 0,"numNoDelayRetries": 0,"minDelayTarget": 0,"maxDelayTarget": 0,"numMinDelayRetries": 0,"numMaxDelayRetries": 0,"backoffFunction": "linear"}}}'
)

This will update the subscription to use HTTPS as the delivery protocol.That’s it! You have successfully remediated the AWS SNS Subscription that uses HTTP as the delivery protocol using Python.

AWS Introduction

AWS Pricing

AWS Threats

AWS Misconfigurations

Is subscription secure only remediation

Triage and Remediation

Remediation