Tsmith74
Does the aws:SecureTransport flag only apply to public objects?
I am assuming there is no need to use aws:SecureTransport if you don’t have any public objects or buckets. The bucket is even made public when Ryan adds the policy. Is there any other use case for aws:SecureTransport?
1 Answers
Steve M
@Tsmith74 In a regulated environment (e.g. PCI DSS) there can be a requirement for encryption of data in transit. AFAIK access to private buckets & objects can be restricted to HTTPS only by explicitly denying access if aws:SecureTransport = false to demonstrate compliance.
Hi Tsmith. So since its a bucket policy, it would apply to anything in the bucket. Having said that users would not be able to access anything that is private so it is really for the public objects. Its simply to ensure that access to the bucket is happening with https which should be the norm now but is not always enforced.