binaryalert icon indicating copy to clipboard operation
binaryalert copied to clipboard
verified publisher icon airbnb

Created S3 buckets should block public access

Open jdheyburn opened this issue 5 years ago • 0 comments

Background

It is a best practice to block public access to S3 buckets. The module currently creates a number of S3 buckets publicly.

Desired Change

Something akin to the below. Perhaps it should be enabled by default, where a variable is provided to disable it if need be.

resource "aws_s3_bucket_public_access_block" "block_binaryalert_bucket" {
  bucket                  = BUCKET_IDs
  restrict_public_buckets = true
  block_public_acls       = true
  block_public_policy     = true
  ignore_public_acls      = true
}

jdheyburn avatar Sep 03 '20 11:09 jdheyburn