Terraform

Terraform

Made by DeepSource

All issues

Anti-pattern

Bug risk

Coverage

Documentation

Performance

Secrets

Security

Style

Type check

S3 Access block should block public ACL TF-AWS074

Security

Major

S3 buckets should block public ACLs on buckets and any objects they contain.

By blocking, PUTs with fail if the object has any public ACL.

Examples

Bad practice

resource "aws_s3_bucket_public_access_block" "bad_example" {
    bucket = aws_s3_bucket.example.id
}

resource "aws_s3_bucket_public_access_block" "bad_example" {
    bucket = aws_s3_bucket.example.id

    block_public_acls = false
}

Recommended

resource "aws_s3_bucket_public_access_block" "good_example" {
    bucket = aws_s3_bucket.example.id

    block_public_acls = true
}

References