Tag: aws-python-sdk

Set SNS Return Subscription ARN

To always return the subscription ARN, set the ReturnSubscriptionArn argument to True.

Missing none check on response metadata

Response metadata was not checked to verify that it is not None.

Missing pagination

Missing pagination on a paginated call can lead to inaccurate results.

Incorrect binding of SNS publish operations

Incorrect binding of SNS publish operations with the subscribe or create_topic operations might lead to latency issues.

Client-side KMS reencryption

Client-side decryption followed by reencryption is inefficient and can lead to sensitive data leaks.

Untrusted AMI images

Improper filtering of Amazon Machine Images (AMIs) can result in loading an untrusted image, a potential security vulnerability.

AWS client not reused in a Lambda function

Recreating AWS clients in each Lambda function invocation is expensive.

AWS credentials logged

Logging unencrypted AWS credentials can expose them to an attacker.

Batch request with unchecked failures

Not checking which items have failed can lead to loss of data.

Inefficient polling of AWS resource

Custom polling can be inefficient and prone to error. Consider using AWS waiters instead.

Override of reserved variable names in a Lambda function

Overriding environment variables that are reserved by AWS Lambda might lead to unexpected behavior.

Missing S3 bucket owner condition

Not setting the S3 bucket owner condition might introduce a risk of accidentally using a wrong bucket.

Unauthenticated Amazon SNS unsubscribe requests might succeed

Failing to set the AuthenticateOnUnsubscribe flag to True when confirming an SNS subscription can lead to unauthenticated cancellations.