Back to All Checks
Medium S3

S3 general purpose buckets should require requests to use SSL

CISPCI DSSNISTISO 27001HIPAA

Description

Checks if S3 buckets require requests to use SSL.

Remediation

To ensure that S3 buckets require requests to use SSL, follow these steps:

Steps

  1. Sign in to the AWS Management Console and open the Amazon S3 console.
  2. In the Buckets list, choose the name of the bucket you want to modify.
  3. Choose the 'Permissions' tab.
  4. Scroll down to the 'Bucket Policy' section.
  5. Add a bucket policy that denies any requests that do not use SSL. For example, you can use the following policy statement:
  6. {
  7. "Effect": "Deny",
  8. "Principal": "*",
  9. "Action": "s3:*",
  10. "Resource": "arn:aws:s3:::[your-bucket-name]/*",
  11. "Condition": {
  12. "Bool": {
  13. "aws:SecureTransport": "false"
  14. }
  15. }
  16. }
  17. Replace '[your-bucket-name]' with the actual name of your bucket.
  18. Save the changes to the bucket policy.

Compliance

CISPCI DSSNISTISO 27001HIPAA
Start Your Free Security Check