Help Remediating: S3 Buckets should enforce encryption of data transfers using Secure Sockets Layer (SSL) #5546
Unanswered
createchange
asked this question in
Q&A
Replies: 2 comments 1 reply
-
For the condition syntax try this example:
Notice the single quotes are on the key, not the value. More examples are available on the query's tests |
Beta Was this translation helpful? Give feedback.
0 replies
-
I appreciate you reaching back @kaplanlior. Unfortunately, that did not resolve the issue. ...
BucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref Bucket
PolicyDocument:
Version: '2012-10-17'
Statement:
- Sid: Allow access only via HTTPS
Action:
- "s3:*"
Effect: "Deny"
Principal: "*"
Resource:
- arn:aws:s3:::<bucket>/*
- arn:aws:s3:::<bucket>
Condition:
Bool:
'aws:SecureTransport': false
... Is there anything else that you might be able to suggest? Thanks! |
Beta Was this translation helpful? Give feedback.
1 reply
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
-
I am using KICS via Gitlab, and it is spawning a vulnerability finding for a bucket that does not have SSL transport configured.
I have added a statement to the policy, which adds the required rules to enforces SSL, however the finding is not remediated.
Help with adding the appropriate CloudFormation configuration is appreciated.
Beta Was this translation helpful? Give feedback.
All reactions