Closed gurreriamzn closed 2 years ago
This is quite strange, the Config bucket has the https policy set as you can see here: https://github.com/awslabs/aws-perspective/blob/f1142a61c77ba4040a8a010407a84210b9116506/source/cfn/templates/zoom-import-and-aggregator.yaml#L109
Afaik, all buckets have this parameter set, e.g.,
https://github.com/awslabs/aws-perspective/blob/f1142a61c77ba4040a8a010407a84210b9116506/deployment/perspective-setup.yaml#L1169 https://github.com/awslabs/aws-perspective/blob/f1142a61c77ba4040a8a010407a84210b9116506/deployment/perspective-setup.yaml#L1214 https://github.com/awslabs/aws-perspective/blob/f1142a61c77ba4040a8a010407a84210b9116506/deployment/perspective-setup.yaml#L1257 https://github.com/awslabs/aws-perspective/blob/f1142a61c77ba4040a8a010407a84210b9116506/deployment/perspective-setup.yaml#L1294
etc
Apologies, you are correct. I checked every bucket and the policy statement is indeed there. I've cut a ticket to the campaign team alerting them this as a false positive.
No worries, better to be safe than sorry!
If your issue relates to the Discovery Process, please first follow the steps described in the implementation guide Debugging the Discovery Component
Describe the bug Deployment of resources that are not secured
To Reproduce Successfully deploy AWS Perspective
Expected behavior Include policy to enforce SSL
Browser (please complete the following information): irrelevant
Additional context Add any other context about the problem here.