Cloudflare currently connects to S3 using http instead of https.
Options for correcting this include:
Switching to CloudFront, or
Connecting to a router within the VPC using https, and using a special VPC connection to S3.
Original Note from
For old ecommerce, we currently ensure integrity by using AMIs which proved AWS guarantee of integrity once the artifact is built.
I don't know how we do that for MFEs to make sure that no one has tampered with the files but we might be able to rely on S3's internal integrity checks once we've uploaded the file.
Aside: Adding audit logging to the bucket could be a useful enhancement, but doesn’t resolve this requirement if it is.