Certified Security - Specialty

Sign Up Free or Log In to participate!


Does the aws:SecureTransport flag only apply to public objects?

I am assuming there is no need to use aws:SecureTransport if you don’t have any public objects or buckets. The bucket is even made public when Ryan adds the policy. Is there any other use case for aws:SecureTransport?


Hi Tsmith. So since its a bucket policy, it would apply to anything in the bucket. Having said that users would not be able to access anything that is private so it is really for the public objects. Its simply to ensure that access to the bucket is happening with https which should be the norm now but is not always enforced.

1 Answers

@Tsmith74 In a regulated environment (e.g. PCI DSS) there can be a requirement for encryption of data in transit. AFAIK access to private buckets & objects can be restricted to HTTPS only by explicitly denying access if aws:SecureTransport = false to demonstrate compliance.

Sign In
Welcome Back!

Psst…this one if you’ve been moved to ACG!

Get Started
Who’s going to be learning?