When you suffer from the “API: s3:PutBucketPolicy Access Denied” error while creating a new S3 bucket, how can we resolve it?

The user encountered an error when trying to create a new Amazon S3 bucket for hosting a website. The error message indicated an “Access Denied” issue with the `s3:PutBucketPolicy` API. To resolve this, the user needs to add the `blockPublicAccess` attribute with the value `BlockPublicAccess.BLOCK_ACLS` to the CDK project configuration. By doing so, the default configuration of Amazon S3 will be updated correctly. The user provided additional links as references for more information on this topic.

Due to changing the default configuration of Amazon S3, we need to add the blockPublicAccess attribute to the CDK project.

What error did I see?

When I tried to create a new Amazon S3 bucket for hosting a new website:

    const websiteBucket = new Bucket(this, 'SonikStaticAssets', {
      websiteIndexDocument: 'index.html',
      publicReadAccess: true,
    });

I met the following CloudFormation error.

CdkSonikAppStack: deploying... [1/1]
CdkSonikAppStack: creating CloudFormation changeset...
10:08:29 PM | CREATE_FAILED        | AWS::S3::BucketPolicy       | SonikStaticAssetsPolicy8AA45F84
API: s3:PutBucketPolicy Access Denied


 ❌  CdkSonikAppStack failed: Error: The stack named CdkSonikAppStack failed to deploy: UPDATE_ROLLBACK_COMPLETE: API: s3:PutBucketPolicy Access Denied

Add the `blockPublicAccess` attributes to resolve this issue.

To avoid this error, we need to add the blockPublicAccess: BlockPublicAccess.BLOCK_ACLS attributes.

    const websiteBucket = new Bucket(this, 'SonikStaticAssets', {
      websiteIndexDocument: 'index.html',
      publicReadAccess: true,
      blockPublicAccess: BlockPublicAccess.BLOCK_ACLS,
    });