🔥Puzzle: S3 HTTPS Only Via Bucket Policy

Kyler Middleton
1 min readJan 12, 2022

Hey all,

I was charged with thinking up a challenging AWS policy question around S3, and I thought, all the policies around resources are hard, especially S3. I mean, there is a reason unsecured S3 bucket data leaks hit the news like clockwork every month or so — resources policies are HARD.

Does this S3 bucket policy require HTTPS access?

--

--

Kyler Middleton

DevNetSecOps, DevRel, cloud security chick. I will teach you, it’s unavoidable. She/Her 🏳️‍🌈🏳️‍🌈, INFJ-A, support the EFF!