parent
c7c2d2d6a7
commit
b28888f1ae
1 changed files with 25 additions and 0 deletions
@ -0,0 +1,25 @@ |
||||
#!/usr/local/bin/bash |
||||
# List buckets, then enable block public access on all of them |
||||
|
||||
# The AWS profile you want to run with |
||||
PROFILE="default" |
||||
|
||||
# The bucket policy you want. This blocks all kinds of public access. |
||||
BPAPOLICY='BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true' |
||||
|
||||
AWS="aws" # for handy debugging, change this to AWS="echo aws" |
||||
export AWS_PAGER="" # otherwise it pauses after every command! |
||||
|
||||
# fetch all the buckets |
||||
BUCKETLIST=$(aws --profile ${PROFILE} s3api list-buckets --query 'Buckets[].Name' --output text) |
||||
|
||||
for bucketname in ${BUCKETLIST} |
||||
do |
||||
echo -n "${bucketname}: " |
||||
${AWS} --profile ${PROFILE} s3api put-public-access-block \ |
||||
--bucket "${bucketname}" \ |
||||
--public-access-block-configuration "${BPAPOLICY}" |
||||
echo "done" |
||||
done |
||||
|
||||
|
||||
Loading…
Reference in new issue