Query on upload to s3 bucket NodeJS - Amazon web services

GundeepSingh
September 6, 2022
283 views
0 votes
2 Answers

I have one doubt about the s3 bucket; while uploading data to the s3 bucket using the upload function from aws-sdk in NodeJS, is data uploaded securely using TLS?

Answers

- Pexers
- September 6, 2022 at 2:10 pm
- 0 votes
0
Node.js 12 and later use a minimum version of OpenSSL 1.1.1b, which supports TLS 1.3. The AWS SDK for JavaScript v3 defaults to use TLS 1.3 when available, but defaults to a lower version if required.

To get the current version of TLS used by Node.js on your machine, start the Node shell and run the following script:
```
const tls = require("tls")
tlsSocket = new tls.TLSSocket()
protocol = tlsSocket.getProtocol()
console.log(protocol)
```
References:
- Verify the version of OpenSSL and TLS
Login or Signup to reply.

You can enforce your bucket to accept only TLS connections by adding the following bucket policy,

{
  "Id": "ExamplePolicy",
  "Version": "2012-10-17",
  "Statement": [
    {
      "Sid": "AllowSSLRequestsOnly",
      "Action": "s3:*",
      "Effect": "Deny",
      "Resource": [
        "arn:aws:s3:::YOUR-BUCKET",
        "arn:aws:s3:::YOUR-BUCKET/*"
      ],
      "Condition": {
        "Bool": {
          "aws:SecureTransport": "false"
        }
      },
      "Principal": "*"
    }
  ]
}

Please signup or login to give your own answer.

Click here to cancel reply.

Query on upload to s3 bucket NodeJS – Amazon web services

Answers

References: