1. Assessment Phase – Input Collection & Permission Check

  • List Existing S3 Buckets and Confirm SSL Enforcement

2. Summary Phase – Confirm Configuration

  • Confirm Configuration

3. Configuration Phase – Apply SSL-Only Bucket Policy

  • Apply SSL Policy

4. Validation Phase – Validate SSL Enforcement

  • Verify Bucket Policy
1 Credits

Enforce SSL-Only Access on AWS S3 Buckets

Overview

Enforce SSL-only access for your Amazon S3 buckets to enhance security and prevent insecure (HTTP) connections. This plan helps you assess, configure, apply, and validate SSL enforcement by applying a bucket policy that denies non-SSL requests. It guides you through selecting an AWS region, choosing the target S3 bucket, confirming your setup, applying the policy, and verifying enforcement.

Execution Details

1. Assessment Phase – Region and Bucket Selection

  • Select AWS Region: Prompt the user to choose the desired AWS region for the operation.
  • List S3 Buckets: Retrieve and display existing S3 buckets. Allow the user to select the bucket on which to enforce SSL-only access.

2. Summary Phase – Confirm Setup

  • Review & Confirm S3 Configuration: Present the selected AWS region, S3 bucket name, and SSL enforcement choice. Confirm all selections before proceeding.

3. Configuration Phase – Apply SSL Enforcement Policy

  • Create SSL-Only Bucket Policy: Generate a policy that denies all non-SSL requests using the aws:SecureTransport condition.
  • Apply Policy to S3 Bucket: Use the AWS CLI to apply the policy to the selected S3 bucket.

4. Validation Phase – Confirm SSL Enforcement

  • Verify Bucket Policy: Retrieve the bucket policy and validate that it includes the correct condition to enforce SSL-only access.

Each phase ensures your S3 bucket is securely configured to allow only encrypted (HTTPS) access, protecting your data and preventing insecure communication.