---
title: >-
  CloudFront distributions that utilize HTTP POST Methods should have
  field-level encryption enabled
description: Datadog, the leading service for cloud-scale monitoring.
breadcrumbs: >-
  Docs > Datadog Security > OOTB Rules > CloudFront distributions that utilize
  HTTP POST Methods should have field-level encryption enabled
---

# CloudFront distributions that utilize HTTP POST Methods should have field-level encryption enabled
 
## Description{% #description %}

This check verifies that AWS CloudFront field-level encryption is enabled when using the POST method in the CloudFront Distrubution. If the distribution does not employ HTTP POST Methods, this rule will be skipped for the associated CloudFront Distribution. Failure will occur if the distribution is utilizing POST within the default cache behavior or cache behavior without enabling the associated field-level encryption.

Field-level encryption ensures sensitive data contained within fields, such as identification and credit card numbers, is protected across your services and applications.

## Remediation{% #remediation %}

For instructions on how to update or enable field-level encryption, please consult the [Using field-level encryption to help protect sensitive data](https://docs.aws.amazon.com/AmazonCloudFront/latest/DeveloperGuide/field-level-encryption.html) in the AWS CloudFront developers guide.