When data is transmitted from a CloudFront distribution to its origin server, it is important to ensure that the communication is secure and encrypted. To achieve this, HTTPS protocol should be enforced between the CloudFront distribution and its origin. HTTPS encrypts the data in transit and helps to prevent unauthorized access, data tampering, and eavesdropping during transmission.
To ensure communication between CloudFront distributions and their origins is encrypted using HTTPS, follow the below steps:
- Configure your origin server to support HTTPS communication.
- Create an SSL/TLS certificate for the origin server, if you don't already have one. You can use a public certificate or a self-signed certificate.
- Update your CloudFront distribution to use HTTPS to communicate with the origin server by adding an HTTPS origin protocol policy.
- Specify the SSL/TLS certificate you created for the origin server as the viewer certificate on the CloudFront distribution.
- Set the "MinimumProtocolVersion" property to "TLSv1.2_2018" or later to ensure that CloudFront uses a secure protocol version for HTTPS communication.
- Validate that the CloudFront distribution is working as expected by testing HTTPS communication between the CloudFront distribution and the origin server.
By following the above steps, you can ensure that communication between CloudFront distributions and their origins is encrypted using HTTPS.
Note: Remediation steps provided by Lightlytics are meant to be suggestions and guidelines only. It is crucial to thoroughly verify and test any remediation steps before applying them to production environments. Each organization's infrastructure and security needs may differ, and blindly applying suggested remediation steps without proper testing could potentially cause unforeseen issues or vulnerabilities. Therefore, it is strongly recommended that you validate and customize any remediation steps to meet your organization's specific requirements and ensure that they align with your security policies and best practices.
