Misconfigured S3 buckets can lead to private information becoming available to the entire internet and could also allow for unauthorized tampering. Limiting public access will help protect private data.
References:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/security.html
In AWS Console -
In Terraform -
References:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/access-control-overview.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_policy