diff --git a/main.tf b/main.tf
index b0aa5fb..7ed8c87 100644
--- a/main.tf
+++ b/main.tf
@@ -97,6 +97,18 @@ data "aws_iam_policy_document" "this" {
       values   = ["true"]
     }
   }
+  statement  { 
+    sid         = "enforceSSL"
+    effe        = "Deny"
+    principals  =  "*",
+    actions     = "s3:*",
+    resources   = [aws_s3_bucket.this.arn, "${aws_s3_bucket.this.arn}/*"]
+    condition {
+         test     = "Bool"
+         variable = "aws:SecureTransport"
+         values   = ["false"]
+    }
+  }
 }
 
 #---