2025 11 26

AWS – Amazon S3 Block Public Access now supports organization-level enforcement

Amazon S3 Block Public Access (BPA) now allows organization-level control through AWS Organizations, allowing you to standardize and enforce S3 public access settings across all accounts in your AWS organization through a single policy configuration.

S3 Block Public Access at the organization level uses a single configuration that controls all public access settings across accounts within your organization. When you attach the policy at the root or Organizational Unit (OU)-level of your organization, it propagates to all sub-accounts within that scope, and new member accounts automatically inherit the policy. Alternatively, you can choose to apply the policy to specific accounts for more granular control. To get started, navigate to the AWS Organizations console and use the “Block all public access” checkbox or JSON editor. Additionally, you can use AWS CloudTrail to audit or keep track of policy attachment as well as enforcement for member accounts.

This feature is available in the AWS Organizations console as well as AWS CLI/SDK, in all AWS Regions where AWS Organizations and Amazon S3 are supported, with no additional charges. For more information, visit the AWS Organizations User Guide and Amazon S3 Block Public Access documentation.

AWS – Amazon S3 Block Public Access now supports organization-level enforcement

Related Posts

AWS – Amazon Route 53 announces accelerated recovery for managing public DNS records

AWS – Amazon Quick Research now includes trusted third-party industry intelligence

AWS – Manage Amazon SageMaker HyperPod clusters with the new Amazon SageMaker AI MCP Server