s3 public bucket creation should be "block new public access acls"

[karthikeayan]

When creating S3 buckets via terraform, terraform-compliance should be able to identify if the bucket have policy enabled to "Block new public ACLs and uploading public objects"

new step needed for s3

[eerkunt]

Since the bucket policy is mostly defined as plain text, I think the tool requires a parser for IAM policy definition.

That is going to be slightly bigger than Security Group enhancement.

[eerkunt]

The scenario can be handled by a test similar as shown below ;

  Scenario Outline: AWS Credentials should not be hardcoded
    Given I have aws_s3_bucket_public_access_block resource configured
    Then it must contain <key>
    And its value must not match the "true" regex

    Examples:
    | key                      |
    | block_public_acls        |
    | block_public_policy      |
    | ignore_public_acls       |
    | restrict_public_buckets  |

I will also add this to examples on next release.