All new S3 buckets will have a new default security setup as of April 2023 thanks to Amazon S3. S3 Block Public Access will be enabled and S3 access control lists (ACLs) will be deactivated for new buckets established after this date. All new S3 buckets in all AWS Regions, including the AWS GovCloud and the AWS China Regions, will use these updated default security settings by default.
ACLs or public access are not necessary in the vast majority of S3 use cases. Most clients don’t need to take any action. After creating an S3 bucket, you may turn off Block Public Access or turn on ACLs if you have use cases for public bucket access or the usage of these features.