Allowing unrestricted, public access to cloud services could open an application up to external attack. Disallowing this access is typically considered best practice.
AWS S3 and Glacier vaults can be configured to use IAM policies similar to most other Amazon services. To learn more about how to configure IAM policies to use with S3 Glacier, see the AWS documentation (below).
In Terraform -
References:
https://docs.aws.amazon.com/amazonglacier/latest/dev/access-control-identity-based.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/glacier_vault