Ensure AWS S3 Buckets are not listable for Authenticated users group

Access Control List in S3 buckets can be used to grant or deny permissions to individual AWS accounts or predefined groups for bucket-level operations or specific objects within the bucket. Enabling Authenticated users group access to an S3 bucket means anyone on the internet with a AWS account can access and list the contents of the bucket.
References:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/security.html

In AWS Console -

1. Sign in to the AWS console and go to the S3 console.
2. Choose the bucket you wish to edit.
3. Select the Permissions tab.
4. Confirm your public access and policy settings.
5. Under Access control list (ACL), select Edit and edit the acl accordingly.
6. Select Save changes.

In Terraform -

1. For each aws_s3_bucket resource, add an aws_s3_bucket_acl resource.
2. Create either an acl field or access_control_policy block; the policy should be configured with least privilege in mind.

References:
https://docs.aws.amazon.com/AmazonS3/latest/userguide/s3-access-control.html
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket
https://registry.terraform.io/providers/hashicorp/aws/latest/docs/resources/s3_bucket_acl