April 2023 Amazon S3 will change the default security configuration

I got this email from aws

We are reaching out to inform you that starting in April 2023 Amazon S3 will change the default security configuration for all new S3 buckets. For new buckets created after this date, S3 Block Public Access will be enabled, and S3 access control lists (ACLs) will be disabled.

The majority of S3 use cases do not need public access or ACLs. For most customers, no action is required. If you have use cases for public bucket access or the use of ACLs, you can disable Block Public Access or enable ACLs after you create an S3 bucket. In these cases, you may need to update automation scripts, CloudFormation templates, or other infrastructure configuration tools to configure these settings. To learn more, read the AWS News blog [1] and What's New announcement [2] on this change or visit our user guide for S3 Block Public Access [3] and S3 Object Ownership to disable ACLs [4]. Also, see our user guide for AWS CloudFormation on these settings [5][6].

[1] Heads-Up: Amazon S3 Security Changes Are Coming in April of 2023 | AWS News Blog
[2] Advanced Notice: Amazon S3 will automatically enable S3 Block Public Access and disable access control lists for all new buckets starting in April 2023
[3] Blocking public access to your Amazon S3 storage - Amazon Simple Storage Service
[4] Controlling ownership of objects and disabling ACLs for your bucket - Amazon Simple Storage Service
[5] AWS::S3::Bucket PublicAccessBlockConfiguration - AWS CloudFormation
[6] AWS::S3::Bucket OwnershipControls - AWS CloudFormation

Do you think we need to do anything to rclone about this?

This topic was automatically closed 60 days after the last reply. New replies are no longer allowed.