S3 - Creating a Bucket with publicAccessBlock results in status: This resource already exists but is not managed by ACK

[khalilj]

Describe the bug
I'm trying to create the below bucket:

apiVersion: s3.services.k8s.aws/v1alpha1
kind: Bucket
metadata:
  name: khalil-bucket-policy-test3
spec:
  name: khalil-bucket-policy-test3
  publicAccessBlock: 
    blockPublicACLs: true
    blockPublicPolicy: true
    ignorePublicACLs: true
    restrictPublicBuckets: true

The bucket didn't exists before, ACK resource shows the following status:

  conditions:
  - lastTransitionTime: "2025-11-04T15:57:42Z"
    message: Resource already exists
    reason: This resource already exists but is not managed by ACK. To bring the resource
      under ACK management, you should explicitly adopt the resource by enabling the
      ResourceAdoption feature gate and populating the `services.k8s.aws/adoption-policy`
      and `services.k8s.aws/adoption-fields` annotations.
    status: "True"
    type: ACK.Terminal

Removing the publicAccessBlock configuration and the same bucket is created successfully.

Environment
AWS service targeted: S3
Chart: aws-ack-s3-s3-chart-76d4f89db6-t2hn7
Controller image tag: s3-controller:1.1.1
Kubernetes version: v1.31.13-eks-113cf36
Using EKS: yes

[github-actions]

Hello @khalilj 👋 Thank you for opening an issue in ACK! A maintainer will triage this issue soon.

We encourage community contributions, so if you're interested in tackling this yourself or suggesting a solution, please check out our Contribution and Code of Conduct guidelines.

You can find more information about ACK on our website.

[khalilj]

We have SCP policy defined that also sets the same publicAccessBlock values. Can this be the reason?