search

aws-cloudformation / cloudformation-cli

The CloudFormation Provider Development Toolkit allows you to author your own resource providers and modules that can be used by CloudFormation.
Apache License 2.0
318 stars 161 forks source link

Add block public access to Artifact/AccessLogs Buckets created by CloudFormation-CLI #978

Closed moharirn closed 1 year ago

moharirn commented 1 year ago

Issue: CloudFormationManagedUploadInfrastructure Stack creates two Amazon Simple Storage Service (Amazon S3) buckets: ArtifactBucket and AccessLogsBucket. These buckets are not created with block public access permissions.

Workaround:

Solution: Add the PublicAccessBlockConfiguration to the template as below:

      PublicAccessBlockConfiguration: 
        BlockPublicAcls: true
        BlockPublicPolicy: true
        IgnorePublicAcls: true
        RestrictPublicBuckets: true
mmaeng commented 1 year ago

Resolved in #977