S3 buckets should require requests to use Secure Socket Layer

0

Hi How to fix this issue " S3 buckets should require requests to use Secure Socket Layer " , as per aws recommendation need to copy paste the below policy to fix the problem.

Can anyone recommend or advice is this right. "Statement": [ { "Sid": "AllowSSLRequestsOnly", "Action": "s3:", "Effect": "Deny", "Resource": [ "arn:aws:s3:::awsexamplebucket", "arn:aws:s3:::awsexamplebucket/" ], "Condition": { "Bool": { "aws:SecureTransport": "false" } }, "Principal": "*" } ] }

asked 2 years ago3585 views
1 Answer
1

Correct.

You need to add this policy into your S3 bucket policy (https://docs.aws.amazon.com/AmazonS3/latest/userguide/add-bucket-policy.html)

You need to change the Resource part (arn:aws:s3:::awsexamplebucket in your example ) into your bucket's ARN (You can find your bucket's ARN on the console while modifying bucket policy)

This policy will reject any request made on the bucket, which doesn't through HTTPS

Ref: https://aws.amazon.com/premiumsupport/knowledge-center/s3-bucket-policy-for-config-rule/

answered 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions