diff --git a/internal/pkg/template/templates/app/cf.yml b/internal/pkg/template/templates/app/cf.yml
index 449b012ac9d..6190ea2d78b 100644
--- a/internal/pkg/template/templates/app/cf.yml
+++ b/internal/pkg/template/templates/app/cf.yml
@@ -91,6 +91,16 @@ Resources:
                 s3:x-amz-server-side-encryption: 'aws:kms'
               'Null':
                 s3:x-amz-server-side-encryption: false
+          - Sid: ForceHTTPS
+            Effect: Deny
+            Principal: "*"
+            Action: s3:*
+            Resource:
+              - !Sub ${PipelineBuiltArtifactBucket.Arn}
+              - !Sub ${PipelineBuiltArtifactBucket.Arn}/*
+            Condition:
+              Bool:
+                aws:SecureTransport: false
 
   PipelineBuiltArtifactBucket:
     Type: AWS::S3::Bucket