winglang
diff --git a/‎libs/wingsdk/src/target-tf-aws/bucket.ts
Lines changed: 0 additions & 8 deletions b/‎libs/wingsdk/src/target-tf-aws/bucket.ts
Lines changed: 0 additions & 8 deletions
diff --git a/‎libs/wingsdk/test/target-tf-aws/__snapshots__/bucket.test.ts.snap
Lines changed: 0 additions & 51 deletions b/‎libs/wingsdk/test/target-tf-aws/__snapshots__/bucket.test.ts.snap
Lines changed: 0 additions & 51 deletions
diff --git a/‎libs/wingsdk/test/target-tf-aws/__snapshots__/captures.test.ts.snap
Lines changed: 0 additions & 9 deletions b/‎libs/wingsdk/test/target-tf-aws/__snapshots__/captures.test.ts.snap
Lines changed: 0 additions & 9 deletions
diff --git a/‎libs/wingsdk/test/target-tf-aws/__snapshots__/on-deploy.test.ts.snap
Lines changed: 0 additions & 38 deletions b/‎libs/wingsdk/test/target-tf-aws/__snapshots__/on-deploy.test.ts.snap
Lines changed: 0 additions & 38 deletions
diff --git a/‎libs/wingsdk/test/target-tf-aws/__snapshots__/website.test.ts.snap
Lines changed: 0 additions & 34 deletions b/‎libs/wingsdk/test/target-tf-aws/__snapshots__/website.test.ts.snap
Lines changed: 0 additions & 34 deletions
diff --git a/‎libs/wingsdk/test/target-tf-aws/bucket.test.ts
Lines changed: 0 additions & 1 deletion b/‎libs/wingsdk/test/target-tf-aws/bucket.test.ts
Lines changed: 0 additions & 1 deletion
diff --git a/‎libs/wingsdk/test/target-tf-aws/captures.test.ts
Lines changed: 0 additions & 1 deletion b/‎libs/wingsdk/test/target-tf-aws/captures.test.ts
Lines changed: 0 additions & 1 deletion
diff --git a/‎libs/wingsdk/test/target-tf-aws/website.test.ts
Lines changed: 0 additions & 2 deletions b/‎libs/wingsdk/test/target-tf-aws/website.test.ts
Lines changed: 0 additions & 2 deletions
@@ -206,14 +206,6 @@ export function createEncryptedBucket(
       policy: JSON.stringify(policy),
       dependsOn: [publicAccessBlock],
     });
-  } else {
-    new S3BucketPublicAccessBlock(scope, "PublicAccessBlock", {
-      bucket: bucket.bucket,
-      blockPublicAcls: true,
-      blockPublicPolicy: true,
-      ignorePublicAcls: true,
-      restrictPublicBuckets: true,
-    });
   }
 
   return bucket;
 
@@ -183,15 +183,6 @@ exports[`bucket prefix must be lowercase 1`] = `
         "force_destroy": false,
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "The-UncannyBucket_PublicAccessBlock_88AA9BF7": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.The-UncannyBucket.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "The-UncannyBucket_Encryption_4CFC1E98": {
         "bucket": "\${aws_s3_bucket.The-UncannyBucket.bucket}",
@@ -234,14 +225,6 @@ exports[`bucket prefix must be lowercase 2`] = `
                     "id": "Encryption",
                     "path": "root/Default/The-Uncanny.Bucket/Encryption",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/The-Uncanny.Bucket/PublicAccessBlock",
-                  },
                 },
                 "constructInfo": {
                   "fqn": "constructs.Construct",
@@ -335,15 +318,6 @@ exports[`bucket prefix valid 1`] = `
         "force_destroy": false,
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "the-uncannybucket_PublicAccessBlock_AC5BC68C": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.the-uncannybucket.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "the-uncannybucket_Encryption_78D02B71": {
         "bucket": "\${aws_s3_bucket.the-uncannybucket.bucket}",
@@ -417,14 +391,6 @@ exports[`bucket prefix valid 2`] = `
                     "id": "Encryption",
                     "path": "root/Default/the-uncanny.bucket/Encryption",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/the-uncanny.bucket/PublicAccessBlock",
-                  },
                 },
                 "constructInfo": {
                   "fqn": "constructs.Construct",
@@ -2939,15 +2905,6 @@ exports[`create a bucket 1`] = `
         "force_destroy": false,
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "my_bucket_PublicAccessBlock_538547C0": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.my_bucket.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "my_bucket_Encryption_3B1569A4": {
         "bucket": "\${aws_s3_bucket.my_bucket.bucket}",
@@ -3021,14 +2978,6 @@ exports[`create a bucket 2`] = `
                     "id": "Encryption",
                     "path": "root/Default/my_bucket/Encryption",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/my_bucket/PublicAccessBlock",
-                  },
                 },
                 "constructInfo": {
                   "fqn": "constructs.Construct",
 
@@ -342,15 +342,6 @@ exports[`function with bucket binding > put operation 2`] = `
         "bucket_prefix": "code-c84a50b1-",
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "Bucket_PublicAccessBlock_A34F3B5C": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.Bucket.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "Bucket_Encryption_016FDA0C": {
         "bucket": "\${aws_s3_bucket.Bucket.bucket}",
 
@@ -259,7 +259,6 @@ exports[`execute OnDeploy after other resources 1`] = `
         "depends_on": [
           "aws_s3_bucket.my_bucket",
           "aws_s3_bucket_server_side_encryption_configuration.my_bucket_Encryption_3B1569A4",
-          "aws_s3_bucket_public_access_block.my_bucket_PublicAccessBlock_538547C0",
         ],
         "function_name": "\${aws_lambda_function.my_on_deploy_Function_59669FC0.function_name}",
         "input": "{}",
@@ -319,15 +318,6 @@ exports[`execute OnDeploy after other resources 1`] = `
         "force_destroy": false,
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "my_bucket_PublicAccessBlock_538547C0": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.my_bucket.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "my_bucket_Encryption_3B1569A4": {
         "bucket": "\${aws_s3_bucket.my_bucket.bucket}",
@@ -429,14 +419,6 @@ exports[`execute OnDeploy after other resources 2`] = `
                     "id": "Encryption",
                     "path": "root/Default/my_bucket/Encryption",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/my_bucket/PublicAccessBlock",
-                  },
                 },
                 "constructInfo": {
                   "fqn": "constructs.Construct",
@@ -636,18 +618,6 @@ exports[`execute OnDeploy before other resources 1`] = `
         "force_destroy": false,
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "my_bucket_PublicAccessBlock_538547C0": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.my_bucket.bucket}",
-        "depends_on": [
-          "\${data.aws_lambda_invocation.my_on_deploy_Invocation_1A26E3B9}",
-        ],
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "my_bucket_Encryption_3B1569A4": {
         "bucket": "\${aws_s3_bucket.my_bucket.bucket}",
@@ -752,14 +722,6 @@ exports[`execute OnDeploy before other resources 2`] = `
                     "id": "Encryption",
                     "path": "root/Default/my_bucket/Encryption",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/my_bucket/PublicAccessBlock",
-                  },
                 },
                 "constructInfo": {
                   "fqn": "constructs.Construct",
 
@@ -106,15 +106,6 @@ exports[`default website behavior 1`] = `
         "policy": "\${data.aws_iam_policy_document.Website_AllowDistributionReadOnly_24CFF6C0.json}",
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "Website_PublicAccessBlock_C196C11D": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.Website_WebsiteBucket_3C0321F0.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "Website_Encryption_5BBFE612": {
         "bucket": "\${aws_s3_bucket.Website_WebsiteBucket_3C0321F0.bucket}",
@@ -235,14 +226,6 @@ exports[`default website behavior 2`] = `
                     "id": "File--inner-folder--a.html",
                     "path": "root/Default/Website/File--inner-folder--a.html",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/Website/PublicAccessBlock",
-                  },
                   "WebsiteBucket": {
                     "constructInfo": {
                       "fqn": "cdktf.TerraformResource",
@@ -436,15 +419,6 @@ exports[`website with add_json 1`] = `
         "policy": "\${data.aws_iam_policy_document.Website_AllowDistributionReadOnly_24CFF6C0.json}",
       },
     },
-    "aws_s3_bucket_public_access_block": {
-      "Website_PublicAccessBlock_C196C11D": {
-        "block_public_acls": true,
-        "block_public_policy": true,
-        "bucket": "\${aws_s3_bucket.Website_WebsiteBucket_3C0321F0.bucket}",
-        "ignore_public_acls": true,
-        "restrict_public_buckets": true,
-      },
-    },
     "aws_s3_bucket_server_side_encryption_configuration": {
       "Website_Encryption_5BBFE612": {
         "bucket": "\${aws_s3_bucket.Website_WebsiteBucket_3C0321F0.bucket}",
@@ -582,14 +556,6 @@ exports[`website with add_json 2`] = `
                     "id": "File-config.json",
                     "path": "root/Default/Website/File-config.json",
                   },
-                  "PublicAccessBlock": {
-                    "constructInfo": {
-                      "fqn": "cdktf.TerraformResource",
-                      "version": "0.17.0",
-                    },
-                    "id": "PublicAccessBlock",
-                    "path": "root/Default/Website/PublicAccessBlock",
-                  },
                   "WebsiteBucket": {
                     "constructInfo": {
                       "fqn": "cdktf.TerraformResource",
 
@@ -21,7 +21,6 @@ test("create a bucket", () => {
   // THEN
   expect(tfResourcesOf(output)).toEqual([
     "aws_s3_bucket", // main bucket
-    "aws_s3_bucket_public_access_block", // ensure bucket is private
     "aws_s3_bucket_server_side_encryption_configuration", // server side encryption
   ]);
   expect(tfSanitize(output)).toMatchSnapshot();
 
@@ -55,7 +55,6 @@ describe("function with bucket binding", () => {
       "aws_iam_role_policy_attachment",
       "aws_lambda_function",
       "aws_s3_bucket",
-      "aws_s3_bucket_public_access_block",
       "aws_s3_bucket_server_side_encryption_configuration",
       "aws_s3_object",
     ]);
 
@@ -25,7 +25,6 @@ test("default website behavior", () => {
     "aws_cloudfront_origin_access_control",
     "aws_s3_bucket",
     "aws_s3_bucket_policy",
-    "aws_s3_bucket_public_access_block", // allow public access to an s3 bucket
     "aws_s3_bucket_server_side_encryption_configuration",
     "aws_s3_bucket_website_configuration",
     "aws_s3_object",
@@ -73,7 +72,6 @@ test("website with add_json", () => {
     "aws_cloudfront_origin_access_control",
     "aws_s3_bucket",
     "aws_s3_bucket_policy",
-    "aws_s3_bucket_public_access_block", // allow public access to an s3 bucket
     "aws_s3_bucket_server_side_encryption_configuration",
     "aws_s3_bucket_website_configuration",
     "aws_s3_object",