Critical-risk tools in Awslabs Amazon Sns Sqs
62 of the 805 tools in Awslabs Amazon Sns Sqs are classified as critical risk. This page profiles those tools specifically, with recommended policy actions and the attack patterns that target them.
Every operation listed below is an action PolicyLayer recommends controlling at the transport layer. Open any tool to see the full profile, risk score, and YAML policy snippet.
Tools at critical risk
-
bulk_delete_by_criteriaDestructivebulk_delete_by_criteria
-
cache_deleteDestructiveDelete a value from the cache.
-
cache_delete_manyDestructiveDelete multiple values from the cache.
-
cache_delete_multiDestructiveDelete multiple values from the cache (alias for delete_many).
-
deleteDestructivedelete
-
delete_access_keyDestructivedelete_access_key
-
delete_agent_runtimeDestructivedelete_agent_runtime
-
delete_agent_runtime_endpointDestructivedelete_agent_runtime_endpoint
-
delete_appDestructivedelete_app
-
delete_datastoreDestructiveDelete a data store from AWS HealthImaging.
-
delete_ecs_infrastructureDestructivedelete_ecs_infrastructure
-
delete_fhir_resourceDestructiveDelete a FHIR resource from HealthLake
-
delete_groupDestructivedelete_group
-
delete_image_setDestructivedelete_image_set
-
delete_instance_in_seriesDestructivedelete_instance_in_series
-
delete_instance_in_studyDestructivedelete_instance_in_study
-
delete_patient_studiesDestructivedelete_patient_studies
-
delete_resourceDestructivedelete_resource
-
delete_role_policyDestructivedelete_role_policy
-
delete_scheduleDestructivedelete_schedule
-
delete_series_by_uidDestructivedelete_series_by_uid
-
delete_studyDestructivedelete_study
-
delete_userDestructivedelete_user
-
delete_user_policyDestructivedelete_user_policy
-
delete-cache-clusterDestructivedelete-cache-cluster
-
delete-replication-groupDestructivedelete-replication-group
-
delete-serverless-cacheDestructivedelete-serverless-cache
-
DeleteAHOBatchDestructiveDeleteAHOBatch
-
DeleteAHOConfigurationDestructiveDeleteAHOConfiguration
-
DeleteAHORunBatchDestructiveDeleteAHORunBatch
-
DeleteDbClusterDestructiveDeletes a Timestream for InfluxDB cluster by the db_cluster_id
-
DeleteDbInstanceDestructiveDeletes a Timestream for InfluxDB DB instance by the instance-identifier
-
dropCollectionDestructivedropCollection
-
gateway_deleteDestructivegateway_delete
-
gateway_resource_policy_deleteDestructivegateway_resource_policy_delete
-
gateway_target_deleteDestructivegateway_target_delete
-
identity_delete_api_key_providerDestructiveidentity_delete_api_key_provider
-
identity_delete_oauth2_providerDestructiveidentity_delete_oauth2_provider
-
identity_delete_resource_policyDestructiveidentity_delete_resource_policy
-
identity_delete_workload_identityDestructiveidentity_delete_workload_identity
-
json_clearDestructiveClear container at path (array or object).
-
json_delDestructiveDelete value at path.
-
memory_batch_delete_recordsDestructivememory_batch_delete_records
-
memory_deleteDestructivememory_delete
-
memory_delete_eventDestructivememory_delete_event
-
memory_delete_recordDestructivememory_delete_record
-
policy_deleteDestructivepolicy_delete
-
policy_engine_deleteDestructivepolicy_engine_delete
-
remove_instance_from_image_setDestructiveremove_instance_from_image_set
-
remove_series_from_image_setDestructiveremove_series_from_image_set
-
remove_user_from_groupDestructiveremove_user_from_group
-
stream_deleteDestructiveDelete entries from stream.
-
stream_group_delete_consumerDestructiveDelete consumer from group.
-
stream_group_destroyDestructiveDestroy consumer group.
-
cache_flush_allDestructiveFlush all cache entries.
-
detach_user_policyDestructivedetach_user_policy
-
list_pop_leftDestructivePop value(s) from left of list.
-
list_pop_rightDestructivePop value(s) from right of list.
-
stream_trimDestructiveTrim stream to specified length.
-
set_popDestructiveRemove and return random member(s) from set.
-
sorted_set_popmaxDestructiveRemove and return members with highest scores.
-
sorted_set_remove_by_scoreDestructiveRemove members by score range.
Attacks that target this class
Critical-risk tools in any server share these documented attack patterns. Each links to the full case and the defensive policy.