Description:
Simple Queue Service - SQS is a fully managed message queuing service that makes it easy to decouple and scale microservices, distributed systems, and serverless applications.
Rationale:
It is recommended that Redshift Cluster should not be publicly accessible to other services and resources in AWS. Public Redshift Cluster means that unauthorized actors could access your data which can lead to misuse of the data.
Remediation:
Grant cross-account permissions to a role and a user name
The following example policy grants role1 and username1 under AWS account number 111122223333 cross-account permission to use all actions to which Amazon SQS allows shared access for the queue named 123456789012/queue1 in the US East (Ohio) region.
Cross-account permissions don't apply to the following actions:
- AddPermission
- CreateQueue
- DeleteQueue
- ListQueues
- ListQueueTags
- RemovePermission
- SetQueueAttributes
- TagQueue
- UntagQueue
Reference: