top of page
< Back

AWS Foundational Security Best Practice

CloudFront.3

CloudFront distributions should require encryption in transit

Severity

Cloud Platforms

Resources

MEDIUM

AWS

Amazon CloudFront

This control checks whether an Amazon CloudFront distribution requires viewers to use HTTPS directly; or whether it uses redirection. The control fails if ViewerProtocolPolicy is set to allow-all for defaultCacheBehavior or for cacheBehaviors.

bottom of page