CloudFront Distribution Does Not Have Geo-Restrictions Enabled

Overview

Verify whether Geo restrictions are enabled in CloudFront distributions. These restrictions are essential to comply with legal or regulatory requirements that mandate service access limitations in specific countries. Enabling Geo restrictions can also help mitigate potential security risks by reducing the attack surface. If Geo restrictions are not already in place, define and implement them to ensure compliance and bolster the security posture of the service.

Vendor

AWS

Cloud Service

CloudFront

References

https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DistributionConfig.html

Severity

Item Types

AWS::CloudFront::Distribution

Overview​

Vendor​

Cloud Service​

References​

Severity​

Item Types​