Reputation: 145
AWS: Will block all bucket public access affect the access from other AWS accounts?
I have a bucket that is accessible from some people in my org and has an Access control list configuration to allow access from another AWS account (read and write).
I don't want anyone to be able to put objects with public ACLs. So I read about the "block public access" at the bucket level. You can choose to block only bucket policies or ACLs policies, there are 4 options. I want to block public objects ACL but if I choose this option it will block the access from the external AWS account? I am confused by the concepts of object ACL and bucket ACL.
Upvotes: 2
Views: 674
Answers (2)
Reputation: 269340
If you have users who are accessing the objects via IAM credentials, then the Block Public Access settings will not apply.
Thus, keeping it turned on will prevent them from accidentally making an object public, and they can still keep accessing objects as they do currently, using their AWS credentials.
Upvotes: 3
Reputation: 78653
None of the Block Public Access options will block authenticated access to the S3 bucket. They only impact unauthenticated (public) access.
In your case, I'm assuming that you don't want to allow any public access to the bucket or objects, so enable the top-level checkbox (for all blocking features).
Upvotes: 5
Related Questions
- Amazon S3 Bucket Policy: How to lock down access to only your EC2 Instances
- Turning off public access to AWS S3 bucket
- What combination of Block Public Access settings makes my s3 bucket viewable to everyone?
- S3 Bucket Policy to Allow access to specific users and restrict all
- Does allowing access to a bucket automatically imply access to everything inside?
- AWS S3 : is it risky to set "Block all public access" to off?
- How do I use the aws cli to block public access to all of my buckets?
- Does static hosting make S3 bucket overwrite "Block public access" settings for bucket?
- AWS S3 bucket access control
- AWS Bucket Policy, IS it secure to deny by username?