Ensure OSS Buckets Secure Transport Enabled

OSS Buckets should have secure transport enabled. This topic uses an example policy to demonstrate how to authorize a RAM user to access Alibaba Cloud by using a specified method.

Suggest Edits

Risk Level: high
Platform: Alicloud
Spectral Rule ID: TFALCLD054

REMEDIATION

set policy to secure transport enabled

- "Effect": "Allow",
+ "Effect": "Deny",
"Condition": {
  "Bool": {
    acs:SecureTransport": [ "false" ]
  }
}

https://registry.terraform.io/providers/aliyun/alicloud/latest/docs/resources/oss_bucket#policy
https://www.alibabacloud.com/help/en/resource-access-management/latest/access-alibaba-cloud-by-using-a-specified-method

Updated about 1 year ago

REMEDIATION

Read more: