lacework-global-96
Ensure all data is transported from the S3 bucket securely
Description
Policies that require requests to use Secure Socket Layer (SSL) helps to secure data. It is good practice to enable secure transport.
Remediation
To enable secure transport on an S3 bucket:
Sign in to the AWS Management Console
Select Services
Select S3
Select an S3 bucket
Select Permissions
Click Edit on Bucket Policy
Ensure the following statement is present in the policy
{
"Sid": "DenyUnSecureCommunications",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": "arn:aws:s3:::BUCKET-NAME",
"Condition": {
"Bool": {
"aws:SecureTransport": "false"
}
}
}Click Save changes
Repeat steps 4-9 for each bucket requiring secure transport