top of page
< Back

AWS Foundational Security Best Practice

S3.4

S3 buckets should have server-side encryption enabled

Severity

Cloud Platforms

Resources

MEDIUM

AWS

Amazon S3

This AWS control checks that your Amazon S3 bucket either has Amazon S3 default encryption enabled or that the S3 bucket policy explicitly denies put-object requests without server side encryption.

bottom of page