Severity : Critical
Description : SNS policies should not be configured to allow any AWS user to subscribe or send messages. This could result in data leakage or financial DDoS.
Remediation Steps : Adjust the topic policy to only allow authorized AWS users in known accounts to subscribe.