Aqua CSPM

S3 Bucket Encryption Enforcement

Quick Info

Plugin TitleS3 Bucket Encryption Enforcement
CloudAWS
CategoryS3
DescriptionAll statements in all S3 bucket policies must have a condition that requires encryption at a certain level
More InfoS3 buckets support numerous types of encryption, including AES-256, KMS using a default key, KMS with a CMK, or via HSM-based key.
AWS Linkhttps://aws.amazon.com/blogs/security/how-to-prevent-uploads-of-unencrypted-objects-to-amazon-s3/
Recommended ActionConfigure a bucket policy to enforce encryption.

Detailed Remediation Steps