I am working on serverless architecture using AWS lambda where multiple modules/lambdas communicate via SNS (simple notification service).
Due to compliance requirement that data in transit should be secure and encrypted, do I need to do that manually or SNS natively supports it?
It is. Your communication to SNS (i.e. the API endpoint) is encrypted using TLS (SSL), and the triggering process (i.e. SNS > Lambda) happens “under the hood” and is presumably encrypted too (ask your friendly AWS SA/TAM for more details).
For an added layer of security you could conceivably encrypt your SNS message payload, but you’d have to do that in your application, as SNS doesn’t have built-in encryption of payloads.
Here’s a similar answer on SO.
Just came to know that we can enable ssl in all SNS requests by setting sslEnabled flag to true (in case of node sdk).
this.sns = new AWS.SNS({ sslEnabled: true });