NRL-1188 Public access block added

jackleary · jackleary · commit 3e92fbc97f69 · 2024-12-11T08:53:08.000Z
diff --git a/terraform/account-wide-infrastructure/modules/athena/s3.tf b/terraform/account-wide-infrastructure/modules/athena/s3.tf
@@ -2,6 +2,15 @@ resource "aws_s3_bucket" "athena" {
   bucket = "athena"
 }
 
+resource "aws_s3_bucket_public_access_block" "athena-public-access-block" {
+  bucket = aws_s3_bucket.athena.id
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
+}
+
 
 resource "aws_s3_bucket_server_side_encryption_configuration" "athena" {
   bucket = aws_s3_bucket.athena.bucket
