Secure CloudFront Origin

Detects the use of secure web origins with secure protocols for CloudFront.

Traffic passed between the CloudFront edge nodes and the backend resource should be sent over HTTPS with modern protocols for all web-based origins.

Follow the appropriate remediation steps below to resolve the issue.

  1. Log into the AWS Management Console.

  2. Select the “Services” option and search for CloudFront. Step

  3. Select the “CloudFront Distribution” that needs to be verified.Step

  4. Click the “Distribution Settings” button from menu to get into the “CloudFront Distribution” configuration page. Step

  5. Select the Origins tab and choose the distribution origin that needs to be verified.Step

  6. On the Origin Settings page, ensure TLSv1.1 or higher protocol is enabled.Step

  7. On the Origin Settings page, verify the “Origin Protocol Policy” is set to “HTTPS Only”.

  8. Scroll down and click on “Yes,Edit” and save the changes.Step

  9. Repeat steps number 5, 6 and 7 to verify another CloudFront Distribution.