Encryption
- In-transit encryption via HTTPS API.
- At-rest encryption using AWS KMS-managed keys.
- Client-side encryption supported for custom encryption/decryption before sending messages.
Access Control
- Use IAM policies to manage permissions for the SNS API.
- Apply SNS access policies (similar to S3 bucket policies) to:
- Enable cross-account access to SNS topics.
- Allow other AWS services (e.g., S3, CloudWatch) to publish directly to a topic.