S3 buckets should require requests to use Secure Socket Layer
June 12, 2023
·
1 min read
另一個在 AWS Security Hubs 遇到既建意係S3 buckets should require requests to use Secure Socket Layer
主要係要用https 來 access 這個bucket
解決方法
我們只需要去IAM更新可以access 這個 Bucket 既policy
加入以下 condition 便可 "aws:SecureTransport": "true"
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
}
E.g.
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "bucket-access-policy-1",
"Effect": "Allow",
"Action": [
"s3:PutObject",
"s3:GetObject",
"s3:GetObjectAttributes",
"s3:DeleteObject"
],
"Resource": "arn:aws:s3:::[bucket-name]/*",
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
}
}
]
}
Hope you find it useful