We use the excellent secure uploads feature for our discourse instance, it’s working fine but it would be great if there was support for blocking all public access to the bucket.
Recently I’ve been trying to resolve all ‘AWS Foundational Security Best Practices’ issues raised by AWS Security Hub. One of these is that ‘S3 general purpose buckets should block public access’
I imagine quite a few companies are going through the same process of trying to apply the ‘AWS Foundational Security Best Practices’ and running into this issue.
Not expecting this to be prioritised any time soon but I found this thread and thought I’d add a +1 to it.
Here’s the AWS FSBP recommendation: Security Hub controls for Amazon S3 - AWS Security Hub