lacework-global-96

Ensure all data is transported from the S3 bucket securely

Description

Policies that require requests to use Secure Socket Layer (SSL) helps to secure data. It is good practice to enable secure transport.

Remediation

To enable secure transport on an S3 bucket:

1. Sign in to the AWS Management Console

2. Select Services

3. Select S3

4. Select an S3 bucket

5. Select Permissions

6. Click Edit on Bucket Policy

7. Ensure the following statement is present in the policy

     {
   
     "Sid": "DenyUnSecureCommunications",
   
     "Effect": "Deny",
   
     "Principal": "*",
   
     "Action": "s3:*",
   
     "Resource": "arn:aws:s3:::BUCKET-NAME",
   
       "Condition": {
   
         "Bool": {
   
           "aws:SecureTransport": "false"
   
         }
   
       }
   
     }

8. Click Save changes

9. Repeat steps 4-9 for each bucket requiring secure transport