---
names:
  full: "AWS S3 Multi-Region Access Point is not configured to block public access"
  contextual: "Multi-Region Access Point is not configured to block public access"
description: >
  S3 Multi-Region Access Points provide a global endpoint for routing requests to 
  S3 buckets and include Block Public Access settings to manage public access. 
  It is recommended to keep these settings enabled to prevent data from being exposed 
  publicly through the global endpoint, regardless of the underlying bucket policies.
type: "COMPLIANCE_POLICY"
categories:
  - "SECURITY"
frameworkMappings:
  - "/frameworks/cloudaware/resource-security/public-data-access"
  - "/frameworks/aws-fsbp-v1.0.0/s3/24"
  - "/frameworks/aws-well-architected/sec/08/04"
similarPolicies:
  awsSecurityHub:
    - name: "[S3.24] S3 Multi-Region Access Points should have block public access settings enabled"
      url: "https://docs.aws.amazon.com/securityhub/latest/userguide/s3-controls.html#s3-24"