Access Control Lists are used to make entire buckets public.

Access Control Lists (ACLs) are a feature in AWS that provide a way to manage permissions on buckets and objects in Amazon S3, but they do not directly control whether an entire bucket is public. Instead, ACLs allow you to specify permissions at a more granular level for individual objects or buckets by determining who can access them and what actions those users can perform.

To make an entire bucket public, you would need to use bucket policies or other configurations, such as public access settings, rather than relying solely on ACLs. Bucket policies provide a more flexible and powerful mechanism for controlling access at the bucket level, enabling you to define conditions and permissions that apply to all objects within the bucket or to specific objects.

In summary, while ACLs are an important part of access management in S3, they do not inherently grant public access to an entire bucket by themselves, which is why the statement regarding their use for making entire buckets public is false.