Welcome to the new Amazon S3 User Guide! The Amazon S3 Block Public Access feature provides settings for access points, buckets, and accounts to help you manage public access to Amazon S3 resources. By default, new buckets, access points, and objects don't allow public access. However, users can modify bucket policies, access point policies, or object permissions to allow public access. S3 Block Public Access settings override these policies and permissions so that you can limit public access to these resources.
Setting permissions for website access - Amazon Simple Storage Service
Welcome to the new Amazon S3 User Guide! In Amazon S3, buckets and objects are the primary resources, and objects are stored in buckets. Amazon S3 has a flat structure instead of a hierarchy like you would see in a file system. However, for the sake of organizational simplicity, the Amazon S3 console supports the folder concept as a means of grouping objects. It does this by using a shared name prefix for objects that is, objects have names that begin with a common string. Object names are also referred to as key names. For example, you can create a folder on the console named photos and store an object named myphoto.
In What Security Managers Need to Know About Amazon S3 Exposures we mentioned that one of the reasons finding your public S3 buckets is so darn difficult is because there are multiple, overlapping mechanisms in place that determine the ultimate amount of S3 access. S3 is one of the oldest services in AWS. AWS actually has a wide range of use cases it needs to support, which is why we have all these mechanisms. Sharing publicly, within an account, between accounts, hosting websites, and so on all create complexity.
Welcome to the new Amazon S3 User Guide! Amazon S3 Block Public Access provides settings for access points, buckets, and accounts to help you manage public access to Amazon S3 resources. By default, new buckets, access points, and objects do not allow public access.