Locked myself out of S3 bucket through incorrect bucket policy
Question
I try to apply policy to deny access when non secure transport
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "denyInsecureTransport",
"Effect": "Deny",
"Principal": "*",
"Action": "s3:*",
"Resource": [
"arn:aws:s3:::my-bucket/*",
"arn:aws:s3:::my-bucket"
],
"Condition": {
"Bool": {
"aws:SecureTransport": "true"
}
}
}
}
But the problem is I set the wrong condition, it must be false instead of true . Now I can't control this bucker (can't edit the policy, delete bucket..). I am having Administrator access.
How can I fix that? Thank
1 answers
solution1
0 2021-12-17 13:00:32
You've effectively denied all IAM-entities access to the bucket unless they use insecure transport (HTTP).
You can perform the API calls to fix this over HTTP (not a good strategy) or Log in with your root account user and change the policy as the Root Account User is not affected by IAM policies.
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.