Ensure S3 general purpose buckets require requests to use SSL #222

GodwinShen · 2024-10-22T22:06:29Z

The S3 general purpose buckets should require requests to use SSL control is defined as follows:
[S3.5] This control checks whether an Amazon S3 general purpose bucket has a policy that requires requests to use SSL. The control fails if the bucket policy doesn't require requests to use SSL. Remediation instructions
S3 buckets should have policies that require all requests (Action: S3:*) to only accept transmission of data over HTTPS in the S3 resource policy, indicated by the condition key aws:SecureTransport.

Several resources were identify as non-compliant, see the list in: https://jaas.gsfc.nasa.gov/servicedesk/customer/portal/2/GSD-4081

galenatjpl · 2024-11-06T19:36:33Z

This is fixed for the U-CS MC bucket

GodwinShen assigned galenatjpl, LucaCinquini, mcduffie and ngachung Oct 22, 2024

GodwinShen added this to Unity Project Board Oct 22, 2024

GodwinShen added the Feature Feature label used in Unity Project label Oct 22, 2024

GodwinShen moved this to Todo in Unity Project Board Oct 22, 2024

mcduffie added the U-ADS label Oct 22, 2024

This was referenced Oct 30, 2024

Update marketplace bucket policy to require requests to use SSL unity-sds/unity-data-services#454

Open

fix: updated marketplace bucket policy to require SSL unity-sds/unity-data-services#455

Merged

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Ensure S3 general purpose buckets require requests to use SSL #222

Ensure S3 general purpose buckets require requests to use SSL #222

GodwinShen commented Oct 22, 2024

galenatjpl commented Nov 6, 2024 •

edited

Loading

Ensure S3 general purpose buckets require requests to use SSL #222

Ensure S3 general purpose buckets require requests to use SSL #222

Comments

GodwinShen commented Oct 22, 2024

galenatjpl commented Nov 6, 2024 • edited Loading

galenatjpl commented Nov 6, 2024 •

edited

Loading