From 2bcd58d93093f00694e12c5a2625d46df5b582a5 Mon Sep 17 00:00:00 2001
From: Aiden Page <aiden.page@digital.homeoffice.gov.uk>
Date: Tue, 23 Jul 2024 11:55:37 +0100
Subject: [PATCH]  restrict public access

---
 modules/products/static-site/storage.tf | 7 ++++---
 1 file changed, 4 insertions(+), 3 deletions(-)

diff --git a/modules/products/static-site/storage.tf b/modules/products/static-site/storage.tf
index fa5cc54..a90b3ca 100644
--- a/modules/products/static-site/storage.tf
+++ b/modules/products/static-site/storage.tf
@@ -19,9 +19,10 @@ resource "aws_s3_bucket_website_configuration" "static_site_config" {
 resource "aws_s3_bucket_public_access_block" "static_site_acl" {
   bucket = aws_s3_bucket.static_site.id
 
-  block_public_acls       = false
-  block_public_policy     = false
-  restrict_public_buckets = false
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_versioning" "static_site_versioning" {