lacework-global-125
CloudFront Origin Protocol Policy should use https-only
Description
It is recommended to configure your AWS CloudFront content delivery network (CDN) distributions to use HTTPS for encrypting data while in transit between your origin server and CloudFront. When CloudFront CDN distributions are found that are not configured to encrypt data using HTTPS are found, violations are reported.
Remediation
Set the Distribution Origin Protocol Policy to HTTPS Only.
Log in to the AWS Management Console.
Select Services.
Select CloudFront.
Select the Distribution to edit.
Select the Origins tab.
Select the Origin to edit and select Edit.
Under Protocol, select HTTPS Only.
Select Save changes.