From dae6ec6b97545c35330a0d246a2325e6bb13861e Mon Sep 17 00:00:00 2001
From: martin-nhs <martin.taylor22@nhs.net>
Date: Thu, 15 Feb 2024 12:21:56 +0000
Subject: [PATCH] [PRMT-4477] Fixed access block.

---
 terraform/s3.tf | 12 ++++++++----
 1 file changed, 8 insertions(+), 4 deletions(-)

diff --git a/terraform/s3.tf b/terraform/s3.tf
index 1ea0d4a3..81c09b1e 100644
--- a/terraform/s3.tf
+++ b/terraform/s3.tf
@@ -52,8 +52,10 @@ resource "aws_s3_bucket_versioning" "ehr_repo_bucket" {
 resource "aws_s3_bucket_public_access_block" "ehr_repo_access_block" {
   bucket = aws_s3_bucket.ehr-repo-bucket.bucket
 
-  block_public_acls   = true
-  block_public_policy = true
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_policy" "ehr-repo-bucket_policy" {
@@ -116,8 +118,10 @@ resource "aws_s3_bucket_versioning" "ehr_repo_access_logs" {
 resource "aws_s3_bucket_public_access_block" "ehr_repo_access_logs_access_block" {
   bucket = aws_s3_bucket.ehr_repo_access_logs.bucket
 
-  block_public_acls   = true
-  block_public_policy = true
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
 }
 
 resource "aws_s3_bucket_policy" "ehr_repo_permit_developer_to_see_access_logs_policy" {