Update s3.tf

Snyk security fixes

Author: AlexanderWiechert

s3.tf

@@ -1,10 +1,6 @@
 resource "aws_s3_bucket" "this" {
   bucket = "${var.project_name}-${var.aws_account_id}"
-  
-  block_public_acls = true
-  aws_s3_bucket_public_access_block = true
-
-  website {
+   website {
     redirect_all_requests_to = "https://${var.target_domain}"
   }
 
@@ -16,6 +12,15 @@ resource "aws_s3_bucket" "this" {
   )
 }
 
+resource "aws_s3_bucket_public_access_block" "this" {
+  bucket = aws_s3_bucket.this.id
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
+}
+
 resource "aws_kms_key" "this" {
   deletion_window_in_days = 10
   enable_key_rotation = true
@@ -56,6 +61,15 @@ resource "aws_s3_bucket" "log_bucket" {
 
 }
 
+resource "aws_s3_bucket_public_access_block" "log" {
+  bucket = aws_s3_bucket.log_bucket.id
+
+  block_public_acls       = true
+  block_public_policy     = true
+  ignore_public_acls      = true
+  restrict_public_buckets = true
+}
+
 resource "aws_s3_bucket_acl" "log_bucket_acl" {
   bucket = aws_s3_bucket.log_bucket.id
   acl    = "log-delivery-write"