AWS Security ChangesHomeSearch

AWS AmazonS3 documentation change

Service: AmazonS3 · 2025-09-28 · Documentation low

File: AmazonS3/latest/userguide/access-control-block-public-access.md

Summary

Updated recommendation to enable all block public access settings to comply with AWS Security Hub Foundational Security Best Practices

Security assessment

Enhances security documentation by referencing compliance with AWS Security Hub best practices but does not address a specific security vulnerability.

Diff

diff --git a/AmazonS3/latest/userguide/access-control-block-public-access.md b/AmazonS3/latest/userguide/access-control-block-public-access.md
index b73aca335..13beffd6d 100644
--- a//AmazonS3/latest/userguide/access-control-block-public-access.md
+++ b//AmazonS3/latest/userguide/access-control-block-public-access.md
@@ -23 +23 @@ When Amazon S3 evaluates whether an operation is prohibited by a block public ac
-Public access is granted to buckets and objects through access control lists (ACLs), access point policies, bucket policies, or all. To help ensure that all of your Amazon S3 access points, buckets, and objects have their public access blocked, we recommend that you turn on all four settings for block public access for your account. These settings block public access for all current and future buckets and access points. 
+Public access is granted to buckets and objects through access control lists (ACLs), access point policies, bucket policies, or all. To help ensure that all of your Amazon S3 access points, buckets, and objects have their public access blocked, we recommend that you turn on all four settings for block public access for your account. Additionally, we recommend that you also turn on all four settings for each bucket to comply with AWS Security Hub Foundational Security Best Practices control S3.8. These settings block public access for all current and future buckets and access points.