Starting in April 2023, Amazon S3 will implement two key security changes for all new buckets: enabling S3 Block Public Access and disabling access control lists (ACLs) by default. These settings, already standard for buckets created via the S3 console, will now apply to buckets created through APIs, CLI, SDKs, and CloudFormation. This aligns with AWS best practices for bucket security, enhancing protection against unintended public access. The changes only affect newly created buckets, with no impact on existing ones. Users can still modify these settings if public access is required. This update streamlines S3 bucket security, making it easier for customers to maintain secure configurations by default.