HTTPS Should Be Enabled on CloudFront Distributions
More Info:
CloudFront distributions should be enabled with HTTPSRisk Level
MediumAddress
SecurityCompliance Standards
HITRUST, SOC2, NISTCSF, PCIDSSTriage and Remediation
Remediation
Using Console
Using Console
Sure, I can help you with that. Here are the steps to remediate the HTTPS misconfiguration on CloudFront Distributions in AWS using the AWS console:
- Log in to the AWS Management Console.
- Navigate to the CloudFront service.
- Click on the ID of the distribution you want to remediate.
- Click on the “Behaviors” tab.
- Select the behavior that requires HTTPS.
- Click on the “Edit” button.
- In the “Viewer Protocol Policy” section, select “Redirect HTTP to HTTPS”.
- Click on the “Yes, Edit” button to save the changes.
Using CLI
Using CLI
To remediate this misconfiguration for AWS using AWS CLI, you can follow the below steps:Note: Replace Note: This command should return “true” to indicate that HTTPS is enabled.
- Open the AWS CLI on your local machine or on an EC2 instance.
- Run the following command to enable HTTPS on your CloudFront distributions:
<distribution-id> with the ID of your CloudFront distribution.- Wait for the distribution to update. This might take a few minutes.
- Run the following command to verify that HTTPS is enabled:
- Repeat the above steps for all of your CloudFront distributions.
Using Python
Using Python
To remediate the HTTPS should be enabled on CloudFront Distributions misconfiguration in AWS using Python, follow these steps:This will enable HTTPS on the CloudFront distribution.
- Import the required modules:
- Create a boto3 client for CloudFront:
- Get a list of all CloudFront distributions:
- Loop through the distributions and check if HTTPS is enabled:
- If HTTPS is not enabled, update the distribution to enable HTTPS: