Open vinnymachacek opened 7 months ago
storage, hosting
S3
https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html
S3 Buckets allow http traffic by default. Per the above link, we should disable http access.
This causes downstream compliance alerts in Security Hub and is needed for customers who have compliance needs.
Add
"Condition": { "Bool": { "aws:SecureTransport": "false" }
to the bucket policy of the deployment bucket (https://github.com/aws-amplify/amplify-cli/blob/dev/packages/amplify-provider-awscloudformation/resources/rootStackTemplate.json)
External Automation to achieve this
No response
Hey, thank you for filing this. Marking this as feature request.
Is this feature request related to a new or existing Amplify category?
storage, hosting
Is this related to another service?
S3
Describe the feature you'd like to request
https://docs.aws.amazon.com/AmazonS3/latest/userguide/security-best-practices.html
S3 Buckets allow http traffic by default. Per the above link, we should disable http access.
This causes downstream compliance alerts in Security Hub and is needed for customers who have compliance needs.
Describe the solution you'd like
Add
to the bucket policy of the deployment bucket (https://github.com/aws-amplify/amplify-cli/blob/dev/packages/amplify-provider-awscloudformation/resources/rootStackTemplate.json)
Describe alternatives you've considered
External Automation to achieve this
Additional context
No response
Is this something that you'd be interested in working on?
Would this feature include a breaking change?