#!/usr/local/bin/bash
# List buckets, then enable block public access on all of them

# The AWS profile you want to run with
PROFILE="default"

# The bucket policy you want. This blocks all kinds of public access.
BPAPOLICY='BlockPublicAcls=true,IgnorePublicAcls=true,BlockPublicPolicy=true,RestrictPublicBuckets=true'

AWS="aws" # for handy debugging, change this to AWS="echo aws"
export AWS_PAGER="" # otherwise it pauses after every command!

# fetch all the buckets
BUCKETLIST=$(aws --profile ${PROFILE} s3api list-buckets --query 'Buckets[].Name' --output text)

for bucketname in ${BUCKETLIST}
do
    echo -n "${bucketname}: "
    ${AWS} --profile ${PROFILE} s3api put-public-access-block \
    --bucket "${bucketname}" \
    --public-access-block-configuration "${BPAPOLICY}"
    echo "done"
done