diff --git a/main.tf b/main.tf
index 2c7c5a19..1775017f 100644
--- a/main.tf
+++ b/main.tf
@@ -7,6 +7,8 @@ locals {
   # Deprecate `replication_rules` in favor of `s3_replication_rules` to keep all the replication related
   # inputs grouped under s3_replica[tion]
   s3_replication_rules = var.replication_rules == null ? var.s3_replication_rules : var.replication_rules
+
+  public_access_block_enabled = var.block_public_acls || var.block_public_policy || var.ignore_public_acls || var.restrict_public_buckets
 }
 
 resource "aws_s3_bucket" "default" {
@@ -374,7 +376,7 @@ resource "aws_s3_bucket_policy" "default" {
 # https://www.terraform.io/docs/providers/aws/r/s3_bucket_public_access_block.html
 # for the nuances of the blocking options
 resource "aws_s3_bucket_public_access_block" "default" {
-  count  = local.enabled ? 1 : 0
+  count  = module.this.enabled && local.public_access_block_enabled ? 1 : 0
   bucket = join("", aws_s3_bucket.default.*.id)
 
   block_public_acls       = var.block_public_acls