- 필수 기능
- 시작하기
- Glossary
- 표준 속성
- Guides
- Agent
- 통합
- 개방형텔레메트리
- 개발자
- Administrator's Guide
- API
- Datadog Mobile App
- CoScreen
- Cloudcraft
- 앱 내
- 서비스 관리
- 인프라스트럭처
- 애플리케이션 성능
- APM
- Continuous Profiler
- 스팬 시각화
- 데이터 스트림 모니터링
- 데이터 작업 모니터링
- 디지털 경험
- 소프트웨어 제공
- 보안
- AI Observability
- 로그 관리
- 관리
Amazon S3 provides Block public access (bucket settings)
and Block public access (account settings)
to help you restrict unintended public access to Amazon S3 resources. By default, S3 buckets and objects are created without public access. However, someone with sufficient permissions can enable public access at the bucket or object level, often unexpectedly. While enabled, Block public access (bucket settings)
prevents an individual bucket, and its contained objects, from becoming publicly accessible. Similarly, Block public access (account settings)
prevents all buckets in the account, and contained objects, from becoming publicly accessible.
Amazon S3 Block public access (bucket settings)
prevents the accidental or malicious public exposure of data contained within the respective buckets. Amazon S3 Block public access (account settings)
prevents the accidental or malicious public exposure of data contained within all buckets of the respective AWS account. Blocking public access to all or some buckets is an organizational decision that should be based on data sensitivity, least privilege, and use case.
Note: If the bucket is configured to host a static website, this rule does not trigger because the Block public access setting must be disabled to serve the site (see the AWS documentation).
When you apply Block Public Access
settings to an account, the settings apply to all AWS Regions globally. The settings might not take effect in all Regions immediately or simultaneously, but they eventually propagate to all Regions.
If utilizing Block Public Access (account settings):
confirm
. Then click Confirm to save your changes.If utilizing Block public access (bucket settings):
If utilizing Block Public Access (bucket settings):
aws s3 ls
aws s3api put-public-access-block --bucket <name-of-bucket> --public-access-block-configuration "BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true"
If utilizing Block Public Access (account settings):
To set Public access settings for this account, run the following command: aws s3control put-public-access-block --public-access-block-configuration BlockPublicAcls=true, IgnorePublicAcls=true, BlockPublicPolicy=true, RestrictPublicBuckets=true --account-id <value>'