Command
aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then aws s3api put-bucket-acl --acl "private" --bucket {} ; fi'1. List all of the user's buckets, and output the name, as text.
aws s3api list-buckets --query 'Buckets[*].[Name]' --output texthttps://docs.aws.amazon.com/cli/latest/reference/s3api/list-buckets.html
2. Save the output of the previous command, call bash, substitute {} for the bucket name.
xargs -I {} bash -c '..'http://man7.org/linux/man-pages/man1/xargs.1.html
3. Using the bucket name, check the ACL permissions, and see if it's public facing.
if [[ $(aws s3api get-bucket-acl --bucket {} --query '"'"'Grants[?Grantee.URI==`http://acs.amazonaws.com/groups/global/AllUsers` && Permission==`READ`]'"'"' --output text) ]]; then ...https://docs.aws.amazon.com/cli/latest/reference/s3api/get-bucket-acl.html
4. Using the bucket name, lock down the ACL permissions to be private.
aws s3api put-bucket-acl --acl "private" --bucket {}https://docs.aws.amazon.com/cli/latest/reference/s3api/put-bucket-acl.html
S3 bucket tutorial
https://gist.github.com/apolloclark/b3f60c1f68aa972d324b#s3
aws s3api list-buckets --query 'Buckets[*].[Name]' --output text | xargs -I {} bash -c 'aws s3api put-bucket-encryption --bucket {} --server-side-encryption-configuration '{"Rules": [{"ApplyServerSideEncryptionByDefault": {"SSEAlgorithm": "AES256"}}]}''``