Skip to content
New issue

Have a question about this project? # for a free GitHub account to open an issue and contact its maintainers and the community.

#

By clicking “#”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? # to your account

Jump to bottom

Feature request: bucket policy to deny insecure transport #43

Closed
wrschneider opened this issue Sep 3, 2020 · 2 comments
Closed

Feature request: bucket policy to deny insecure transport #43

wrschneider opened this issue Sep 3, 2020 · 2 comments

Comments

@wrschneider
Copy link

If no bucket policy is specified the default bucket policy should deny non-encrypted transport.

From
https://aws.amazon.com/premiumsupport/knowledge-center/s3-bucket-policy-for-config-rule/

{
  "Id": "ExamplePolicy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowSSLRequestsOnly",
      "Action": "s3:*",
      "Effect": "Deny",
      "Resource": [
        "arn:aws:s3:::awsexamplebucket",
        "arn:aws:s3:::awsexamplebucket/*"
      ],
      "Condition": {
        "Bool": {
          "aws:SecureTransport": "false"
        }
      },
      "Principal": "*"
    }
  ]
}
@kostyaplis kostyaplis mentioned this issue Mar 29, 2021
Merged
@naseemkullah
Copy link

This can be closed @antonbabenko via #77

@github-actions
Copy link

I'm going to lock this issue because it has been closed for 30 days ⏳. This helps our maintainers find and focus on the active issues. If you have found a problem that seems similar to this, please open a new issue and complete the issue template so we can capture all the details necessary to investigate further.

@github-actions github-actions bot locked as resolved and limited conversation to collaborators Oct 29, 2022
# for free to subscribe to this conversation on GitHub. Already have an account? #.
Assignees
No one assigned
Labels
None yet
Projects
None yet
Milestone
No milestone
Development

No branches or pull requests
3 participants
@antonbabenko @wrschneider @naseemkullah