Block public access config should honor provider/deploymentBucket/blockPublicAccess or custom/deploymentBucket/blockPublicAccess #83
Description
serverless-deployment-bucket currently only honors the setting for Block Public Access configured by custom/deploymentBucket/blockPublicAccess, and ignore the same value used by the core serverless config at provider/deploymentBucket/blockPublicAccess.
The underlying issue here is that serverless-deployment-bucket requires a confusing configuration with respect to recent versions of serverless. I have not verified this theory by looking at the changelogs for serverless and serverless-deployment-bucket, but I believe that the blockPublicAccess configuration option was added to serverless-deployment-bucket prior to it being added to serverless, and each requires it to be in a different place in the configuration.
Without the plugin, serverless allows the configuration of the name of a pre-existing bucket or other parameters like Block Public Access to be set.
Use this pre-created bucket and do not alter it (e.g., if blockPublicAccess were set, it would be ignored)
provider:
deploymentBucket:
name: some-bucket
or, auto-create the bucket and set Block Public Access:
provider:
deploymentBucket:
blockPublicAccess: true
Confusingly, when using the serverless-deployment-bucket plugin, the provider/deploymentBucket/name field is used for the bucket name (creating it if it doesn't exist), but the provider/deploymentBucket/blockPublicAccess configuration is ignored and only the custom/deploymentBucket/blockPublicAccess is honored.
A correct configuration for using serverless-deployment-bucket will look like this:
plugins:
- serverless-deployment-bucket
...
provider:
deploymentBucket:
name: slsdeploy-example-app-todos-dev
...
custom:
deploymentBucket: # used by serverless-deployment-bucket
blockPublicAccess: true