020-secure-defaults: allow for accounts with public s3 buckets

[OlafConijn]

Would be good to not set the Community::S3::PublicAccessBlock for some accounts.
Maybe implement this by adding a allow-public-buckets tag on the account resources?
this to avoid a surprise by which open s3 buckets are blocked

[eduardomourar]

This makes sense to me.