in bucket-utils/awsutils.go [154:172]
func BlockBuckets(ctx context.Context, s3Client *s3.Client, bucketsToBlock []string, execute bool) {
if execute {
userConfirmed := common.UserConfirmation()
if userConfirmed {
for _, name := range bucketsToBlock {
_, err := blockPublicAccess(ctx, s3Client, name)
if err != nil {
fmt.Println("Error blocking public access: " + err.Error())
}
}
fmt.Println("Public access blocked for all buckets. Please note it may take 24 hours for SecurityHub to update.")
} else {
fmt.Println("Exiting without blocking public access.")
}
} else {
fmt.Println("\nSkipping execution.")
fmt.Println("Re-run with flag -execute to block access.")
}
}