S3 Bucket Policy not enforcing encryption in transit by only allowing actions over SSL/TLS

Tenacity Id

Risk Level

Categories

s3-033

Last Updated:

April 21, 2022

As all data in cloud environments must be encrypted-in-transit, S3 buckets must have SSL/TLS enabled for all actions.