Ensuring that CloudFront distributions enforce HTTPS protocol for data in-transit means that all communication between end-users and the CloudFront distribution will be encrypted with SSL/TLS encryption. This helps to protect against eavesdropping, tampering, and other types of attacks that can compromise the security and privacy of user data.


To ensure that CloudFront distribution enforces HTTPS protocol for data in-transit, you can follow these remediation steps:

  1. Open the CloudFront console.
  2. Select the distribution for which you want to enforce HTTPS.
  3. Click on the "Behaviors" tab.
  4. Select the behavior for which you want to enforce HTTPS.
  5. Click on the "Edit" button for the selected behavior.
  6. Scroll down to the "Viewer Protocol Policy" setting.
  7. Select the "Redirect HTTP to HTTPS" option.
  8. Save the changes.

By performing these steps, CloudFront distribution will enforce HTTPS protocol for data in-transit. This ensures that all traffic between the end user and the CloudFront distribution is encrypted and secure.

Enforced Resources
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.