Ensure AWS CloudFormation stacks are sending event notifications to an SNS topic

Error: AWS CloudFormation stack configured without SNS topic

Bridgecrew Policy ID: BC_AWS_LOGGING_25
Checkov Check ID: CKV_AWS_124
Severity: LOW

AWS CloudFormation stack configured without SNS topic

Description

Enabling event notifications for your AWS CloudFormation stacks can help you to monitor and track changes to your stacks. When event notifications are enabled, CloudFormation will send a message to an Amazon Simple Notification Service (SNS) topic each time a stack event occurs. By doing so, you will improve your visibility and automation processes (if desired).

Fix - Buildtime

Terraform

Resource: aws_cloudformation_stack
Argument: notification_arns

resource "aws_cloudformation_stack" "default" {
    name = "networking-stack"
    ...
 +  notification_arns = ["arn1", "arn2"]
  }

Updated 5 months ago