With the introduction of Amazon S3 Block Public Access, securing your S3 data has never been easier. With a few clicks in the S3 management console, you can apply S3 Block Public Access to every bucket in your account – both existing and any new buckets created in the future – and make sure that there is no public access to any object. By default, new S3 bucket settings do not allow public access, but customers can modify these settings to grant public access using policies or object-level permissions. The Amazon S3 Block Public Access settings override S3 permissions that allow public access, making it easy for the account administrator to set up a centralized control to prevent variation in security configuration regardless of how an object is added or a bucket is created. These settings are auditable, providing a further layer of control, using AWS Trusted Advisor bucket permission checks, AWS CloudTrail logs, Amazon Macie and Amazon CloudWatch.