top of page

S3.4

S3 buckets should have server-side encryption enabled

Severity

Cloud Platforms

Resources

Related Standards

Automated

MEDIUM

AWS

Amazon S3

AWS CIS Foundations v1.4, AWS Foundational Best Practice, AWS Well-Architected, AWS Foundational Technical Review, CIS v8, PCI DSS v3.2.1, CDR, ISO27001, SOC2, NIST CSF, NIST.800-53.r5,

YES

This AWS control checks that your Amazon S3 bucket either has Amazon S3 default encryption enabled or that the S3 bucket policy explicitly denies put-object requests without server side encryption.

bottom of page