diff --git a/lib/aws/bootstrap/helm-loki.j2.tf b/lib/aws/bootstrap/helm-loki.j2.tf
index ad921ea6..bc5b5220 100644
--- a/lib/aws/bootstrap/helm-loki.j2.tf
+++ b/lib/aws/bootstrap/helm-loki.j2.tf
@@ -64,4 +64,11 @@ resource "aws_s3_bucket" "loki_bucket" {
       "Name" = "Applications logs"
     }
   )
+}
+
+resource "aws_s3_bucket_public_access_block" "loki_access" {
+  bucket = aws_s3_bucket.loki_bucket.id
+
+  ignore_public_acls = true
+  restrict_public_buckets  = true
 }
\ No newline at end of file
diff --git a/lib/aws/bootstrap/s3-qovery-buckets.tf b/lib/aws/bootstrap/s3-qovery-buckets.tf
index 0e62c210..2663c10c 100644
--- a/lib/aws/bootstrap/s3-qovery-buckets.tf
+++ b/lib/aws/bootstrap/s3-qovery-buckets.tf
@@ -33,3 +33,10 @@ resource "aws_kms_key" "s3_kubeconfig_kms_encryption" {
     }
   )
 }
+
+resource "aws_s3_bucket_public_access_block" "kubeconfigs_access" {
+  bucket = aws_s3_bucket.kubeconfigs_bucket.id
+
+  ignore_public_acls = true
+  restrict_public_buckets  = true
+}
\ No newline at end of file