1 Answers
@Tsmith74 In a regulated environment (e.g. PCI DSS) there can be a requirement for encryption of data in transit. AFAIK access to private buckets & objects can be restricted to HTTPS only by explicitly denying access if aws:SecureTransport = false to demonstrate compliance.
Hi Tsmith. So since its a bucket policy, it would apply to anything in the bucket. Having said that users would not be able to access anything that is private so it is really for the public objects. Its simply to ensure that access to the bucket is happening with https which should be the norm now but is not always enforced.