People who say this should have been done earlier, what is the use case where you considered this a problem? This was already the console UI default for manually created new buckets. Was it a problem with using CloudFormation or APIs to create buckets?
Perhaps you're familiar with the saying: "Make something idiot-proof and someone will make a better idiot."<p>Don't get me wrong; these are good settings and I applaud AWS for making them. They certainly will reduce the chances of people accidentally making a bucket public. I'm just sad because I know there are those intentionally making a bucket public when they shouldn't.<p>Sometimes it's just easier to chmod 777 and watch all your access problems disappear.
We wrote a post on this and some of the nuances/discrepancies for these S3 settings: <a href="https://www.cloudquery.io/blog/finding-enabled-s3-acls-and-disabled-s3-block-public-access" rel="nofollow">https://www.cloudquery.io/blog/finding-enabled-s3-acls-and-d...</a>