From 53713b568361b6f3d6dcc2bfa602ee130a8ed771 Mon Sep 17 00:00:00 2001
From: eddalmond1 <102675624+eddalmond1@users.noreply.github.com>
Date: Thu, 7 Aug 2025 11:37:06 +0100
Subject: [PATCH] Revert "eli-386 blocking s3 public access at account level"

---
 infrastructure/stacks/api-layer/s3_buckets.tf             | 5 -----
 .../iams-developer-roles/github_actions_policies.tf       | 8 --------
 2 files changed, 13 deletions(-)

diff --git a/infrastructure/stacks/api-layer/s3_buckets.tf b/infrastructure/stacks/api-layer/s3_buckets.tf
index 1c5ecb801..a1c554575 100644
--- a/infrastructure/stacks/api-layer/s3_buckets.tf
+++ b/infrastructure/stacks/api-layer/s3_buckets.tf
@@ -16,8 +16,3 @@ module "s3_audit_bucket" {
   stack_name             = local.stack_name
   workspace              = terraform.workspace
 }
-
-resource "aws_s3_account_public_access_block" "block_public_access" {
-  block_public_acls   = true
-  block_public_policy = true
-}
diff --git a/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf b/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf
index c349b9989..6b69b5025 100644
--- a/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf
+++ b/infrastructure/stacks/iams-developer-roles/github_actions_policies.tf
@@ -164,14 +164,6 @@ resource "aws_iam_policy" "s3_management" {
           "arn:aws:s3:::*eligibility-signposting-api-${var.environment}-truststore-access-logs",
           "arn:aws:s3:::*eligibility-signposting-api-${var.environment}-truststore-access-logs/*",
         ]
-      },
-      {
-        Effect = "Allow",
-        Action = [
-          "s3:GetAccountPublicAccessBlock",
-          "s3:PutAccountPublicAccessBlock"
-        ],
-        Resource = "*"
       }
     ]
   })