diff --git a/infrastructure/cloudtrail_bucket_policy.tpl b/infrastructure/cloudtrail_bucket_policy.tpl
index 15dbc0da6..5067a5c4a 100644
--- a/infrastructure/cloudtrail_bucket_policy.tpl
+++ b/infrastructure/cloudtrail_bucket_policy.tpl
@@ -29,6 +29,7 @@
     },
     {
       "Sid": "RequireSSLRequests",
+      "Action": "s3:*",
       "Effect": "Deny",
       "Principal": "*",
       "Resource": [
diff --git a/infrastructure/cloudwatch.tf b/infrastructure/cloudwatch.tf
index 667236bbe..5aad349fa 100644
--- a/infrastructure/cloudwatch.tf
+++ b/infrastructure/cloudwatch.tf
@@ -50,6 +50,7 @@ resource "aws_s3_bucket_policy" "cloudwatch_bucket" {
       },
       {
         "Sid" : "RequireSSLRequests",
+        "Action": "s3:*",
         "Effect" : "Deny",
         "Principal" : "*",
         "Resource" : [
diff --git a/infrastructure/database.tf b/infrastructure/database.tf
index e21640eec..0ad139ffc 100644
--- a/infrastructure/database.tf
+++ b/infrastructure/database.tf
@@ -269,6 +269,7 @@ resource "aws_s3_bucket_policy" "reports_bucket" {
     "Statement" : [
       {
         "Sid" : "RequireSSLRequests",
+        "Action": "s3:*",
         "Effect" : "Deny",
         "Principal" : "*",
         "Resource" : [
@@ -328,6 +329,7 @@ resource "aws_s3_bucket_policy" "pe_db_backups_bucket" {
     "Statement" : [
       {
         "Sid" : "RequireSSLRequests",
+        "Action": "s3:*",
         "Effect" : "Deny",
         "Principal" : "*",
         "Resource" : [
diff --git a/infrastructure/frontend_bucket_policy.tpl b/infrastructure/frontend_bucket_policy.tpl
index 416f198ec..8beacee63 100644
--- a/infrastructure/frontend_bucket_policy.tpl
+++ b/infrastructure/frontend_bucket_policy.tpl
@@ -13,6 +13,7 @@
     },
     {
       "Sid": "RequireSSLRequests",
+      "Action": "s3:*",
       "Effect": "Deny",
       "Principal": "*",
       "Resource": [
diff --git a/infrastructure/main.tf b/infrastructure/main.tf
index bfccb4fcb..c82f79fde 100644
--- a/infrastructure/main.tf
+++ b/infrastructure/main.tf
@@ -38,6 +38,7 @@ resource "aws_s3_bucket_policy" "logging_bucket" {
     "Version" : "2012-10-17",
     "Statement" : [{
       "Sid" : "RequireSSLRequests",
+      "Action": "s3:*",
       "Effect" : "Deny",
       "Principal" : "*",
       "Resource" : [
diff --git a/infrastructure/worker.tf b/infrastructure/worker.tf
index 7ed0d77e8..28dbace90 100644
--- a/infrastructure/worker.tf
+++ b/infrastructure/worker.tf
@@ -357,16 +357,17 @@ resource "aws_s3_bucket_policy" "export_bucket" {
     "Version" : "2012-10-17"
     "Statement" : [
       {
-        Sid : "RequireSSLRequests"
-        Effect : "Deny"
-        Principal : "*"
-        Action : "s3:*"
-        Resource : [
+        "Sid" : "RequireSSLRequests"
+        "Action": "s3:*",
+        "Effect" : "Deny"
+        "Principal" : "*"
+        "Action" : "s3:*"
+        "Resource" : [
           aws_s3_bucket.export_bucket.arn,
           "${aws_s3_bucket.export_bucket.arn}/*"
         ]
-        Condition : {
-          Bool : {
+        "Condition" : {
+          "Bool" : {
             "aws:SecureTransport" : false
           }
         }