Posted On: Sep 25, 2023
Amazon Simple Notification Service (Amazon SNS) message data protection is a set of capabilities that leverage pattern matching, machine learning models, and content policies to help security and engineering teams facilitate real-time data protection in their applications that use Amazon SNS to exchange high volumes of data. Now, you can de-identify outbound message data within a payload in real-time via data redaction, or masking. Thus, each endpoint subscribed to your Amazon SNS topic may receive a different payload from the topic, with different sensitive data de-identified, according to their data access permissions.
With message data protection for Amazon SNS, you can discover and protect certain types of personal information that is in motion between your applications. Message data protection enables topic owners to define and apply data protection policies that scan messages in real-time for sensitive data to provide detailed audit reports of findings, block message delivery, and de-identify data within inbound or outbound message payloads via redaction or masking.
De-identification for outbound messages is available in the Amazon Web Services China (Ningxia) Region, operated by NWCD, and the Amazon Web Services China (Beijing) Region, operated by Sinnet.
Start discovering and protecting sensitive data in real-time using the Amazon Developer Tools (SDK), Amazon SNS Command Line Interface (CLI), Amazon CloudFormation, or Amazon Web Services Management Console.
To learn more about Amazon SNS message data protection, see the following:
- Message data protection in the Amazon SNS Developer Guide
- Introducing message data protection for Amazon SNS blog post