beta
Home
What's New
FAQ
No Items in Stack
Browse
beta
Home
No Items in Stack
Browse

Security Control

Config Rules
CloudWatch Alarms & Rules
Service Control Policies
Security Groups & NACLs
IAM Policies
S3 Bucket Policies

Domain

VPC Security
S3 Security
EC2 Security
IAM Security
DynamoDB
RDS Security
Logging & Monitoring
Amazon GuardDuty
Amazon Inspector
AWS Systems Manager
KMS
Billing and Cost

Configuration Packages

CIS AWS Benchmark
Enable Logging Services
Deploy Amazon VPC
Monitoring & Compliance
Common SCPs Package
Automatic Remediation

Solutions, Guides & Tools

Security Solutions
Security Tools
Close
S3 Bucket Policies

Require TLS to access the S3 Bucket.



OverviewConfigure & DeploySources & DocumentationRelated Items

Overview

An S3 Bucket policy that denies any access to the S3 bucket that is not encrypted in-transit (uses HTTP instead of HTTPS) .

Configuration Templates

Missing Parameters
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Principal": {
                "AWS": "*"
            },
            "Action": [
                "s3:*"
            ],
            "Resource": [
                "arn:aws:s3:::/*",
                "arn:aws:s3:::"
            ],
            "Effect": "Deny",
            "Condition": {
                "Bool": {
                    "aws:SecureTransport": "false"
                }
            }
        }
    ]
}

Actions



Customize Policy
* Required field

Sources and Documentation

Configuration Source: AWS Blog

Additional Documentation:

 

Amazon S3 Bucket
Configuration to create an S3 bucket with security configuration options including s3 block public access configuration, encryption, logging, and versioning
Configuration Item