Access Control List in S3 buckets can be used to grant or deny permissions to individual AWS accounts or predefined groups for bucket-level operations or specific objects within the bucket. Enabling Authenticated users group access to an S3 bucket means anyone on the internet list and write the contents of the bucket.
References:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/security.html
In AWS Console -
In Terraform -
References:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl