Mahira Technology Private Limited's Blog

Deploy S3 Block Public Access setting should be enabled using terragrunt code and also with manual step-by-step procedure

Deploy S3 Block Public Access setting should be enabled using terragrunt code and also with manual step-by-step procedure

Mahira Technology Private Limited's photo
Mahira Technology Private Limited
·

2 min read

Introduction:-

S3 Block Public Access is a feature in #Amazon S3 that helps prevent public access to #S3 buckets and objects. Enabling this feature provides an added layer of security to protect your data from accidental or intentional exposure. S3 Block Public Access includes settings for blocking public access at the account or bucket level, and can be configured using the #AWS Management Console, CLI, or #API. By default, S3 Block Public Access is disabled, so it’s important to enable this setting to protect your S3 data.

Pre-Requetisites:-

1.Terragrunt should be Installed

Issues: This AWS control checks whether the following public access block settings are configured from account level:

ignorePublicAcls: True,

blockPublicPolicy: True,

blockPublicAcls: True,

restrictPublicBuckets: True.

General steps to follow: Create one folder with name s3-bucket,using the same folder create one file called terragrunt.hcl and paste the below code into that.

# terragrunt.hcl

terraform {
  source = "terraform-aws-modules/s3-bucket/aws"
}
include {
  path = find_in_parent_folders()
}
inputs = {
  bucket_name = "s3-bucket"
  block_public_acls = true
  block_public_policy = true
  ignore_public_acls = true
  restrict_public_buckets = true
}

After paste this code in the file. Just save and open the terminal and locate to the s3 bucket folder which we have created enter the first command terragrunt init for Initializing and after Initialization, enter the second command terragrunt plan when the plan executed successfully ,enter the third command terragrunt apply after apply configuration would be done in your aws s3 console.

Follow the step to get solve the issue Manually:

To enable Amazon S3 Block Public Access

  1. Open the Amazon S3 console at https://console.aws.amazon.com/s3/.

  2. Choose Block public access (account settings).

  3. Choose Edit.

  4. Select Block all public access.

  5. Choose Save changes.

Conclusion:

Enabling #S3 Block Public Access is a critical step in securing your S3 data. By preventing public access to #S3 buckets and objects, you can reduce the risk of accidental or intentional exposure of sensitive data. S3 Block Public Access includes settings for blocking public access at the account or bucket level, and can be configured using the #AWS Management Console, CLI, or API. Enabling this feature is highly recommended to ensure the security of your S3 data.

terragruntAWSS3Infrastructure as codeCloud ComputingDevopsS3-bucketAccessibilitypublic