Amazon Simple Storage Service
Console User Guide

How Do I Block Public Access to S3 Buckets?

Amazon S3 block public access prevents the application of any settings that allow public access to data within S3 buckets. You can configure block public access settings for an individual S3 bucket or for all the buckets in your account. For information about blocking public access using the AWS CLI, AWS SDKs, and the Amazon S3 REST APIs, see Using Amazon S3 Block Public Access in the Amazon Simple Storage Service Developer Guide.

The following topics explain how to use the Amazon S3 console to configure block public access settings:

The following sections explain viewing bucket access status and searching by access types.

Viewing Access Status

The list buckets view shows whether your bucket is publicly accessible. Amazon S3 labels the permissions for a bucket as follows:

  • Public – Everyone has access to one or more of the following: List objects, Write objects, Read and write permissions.

  • Objects can be public – The bucket is not public, but anyone with the appropriate permissions can grant public access to objects.

  • Buckets and objects not public – The bucket and objects do not have any public access.

  • Only authorized users of this account – Access is isolated to IAM users and roles in this account and AWS service principals because there is a policy that grants public access.

The access column shows the access status of the listed buckets.

        Console screenshot of list buckets view showing access status.

You can also filter bucket searches by access type. Choose an access type from the drop-down list that is next to the Search for buckets bar.

        Console screenshot showing how to search for S3 buckets by access type.

More Info

On this page: