CloudFront Distribution Does Not Have HTTPS Enabled

Overview

Ensure that CloudFront distributions are configured to use HTTPS. Failure to enable HTTPS can lead to the exposure of sensitive information during transit, posing risks such as surveillance and other security threats. By using HTTPS everywhere possible, you enforce privacy and safeguard against potential account hijacking and various other security vulnerabilities. Implementing HTTPS is a best practice that ensures data integrity and confidentiality, enhancing the overall security of your application or website.

Vendor

AWS

Cloud Service

CloudFront

CloudFront.8

References

https://docs.aws.amazon.com/cloudfront/latest/APIReference/API_DistributionConfig.html, https://docs.aws.amazon.com/IAM/latest/UserGuide/what-is-access-analyzer.html

Severity

Item Types

AWS::CloudFront::Distribution

Overview​

Vendor​

Cloud Service​

Related Controls​

References​

Severity​

Item Types​