top of page
S3.4
S3 buckets should have server-side encryption enabled
Severity
Cloud Platforms
Resources
Related Standards
Automated
MEDIUM
AWS
Amazon S3
AWS CIS Foundations v1.4, AWS Foundational Best Practice, AWS Well-Architected, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,
YES
This AWS control checks that your Amazon S3 bucket either has Amazon S3 default encryption enabled or that the S3 bucket policy explicitly denies put-object requests without server side encryption.
bottom of page