S3 buckets should have 'Block Public Access' enabled
このページは日本語には対応しておりません。随時翻訳に取り組んでいます。
翻訳に関してご質問やご意見ございましたら、
お気軽にご連絡ください。
Description
Amazon S3 provides the Block public access bucket setting and the Block public access account setting to help restrict unintended public access to resources. By default, S3 buckets and objects are created without public access, but someone with sufficient permissions can enable public access at the bucket or object level, often unexpectedly. When you enable these settings, they prevent buckets, objects, or entire accounts from becoming publicly accessible, reducing the risk of accidental or malicious data exposure. Blocking public access should be an organizational decision based on data sensitivity, least privilege, and use case. Note that if a bucket is configured to host a static website, the Block public access setting must be disabled to serve the site.
For instructions on configuring Block Public Access settings, refer to Blocking Public Access to S3 Resources.
