For those who are doing AWS work among the different projects, you will most likely do some storage on S3 (Simple Storage Service) for templates and logs. Each AWS service has the ability to write its configuration and logs to S3 and is usually a part of the setup wizard.
Sometimes the permissions set by the AWS wizard may leave you with some challenges. A common and simple example is when using AWS Elastic Beanstalk. When you clear out an Elastic Beanstalk configuration, the S3 bucket is left behind because it is not deleted as part of the removal process.
Normally, we just select the bucket and then you can empty it and delete it. This is what happens instead. First, select your bucket:
Once selected, we then choose the Delete Bucket option from the Actions button:
Then we are disappointed by seeing this error message:
Access Denied?! That shouldn’t be the case. I’m using an account that does have enhances privileges, and have even attempted it using the root level account for my entire AWS environment. NOTE: It’s not recommended to use the root account, but I did try it to prove the point.
Fixing the S3 Bucket Access Denied Issue
The issue is a simple one as it turns out. Open up the properties for the bucket and click the Edit bucket policy button:
When the bucket is created by the system, it is created with a specific bucket policy that has been set to deny the s3:DeleteBucket action:
That’s a safety measure so that we don’t accidentally remove the contents which could be driving an active Elastic Beanstalk configuration. Change the Deny effect to Allow in the JSON editor and save the policy:
Once you’ve saved the policy, go ahead with the Delete bucket process under the Actions menu again, and you will see a much more appropriate response. This time you will see a Done result in the results window.
This is one of those oddities around saving ourselves from ourselves by making sure we don’t accidentally delete things. Sometimes we really do want to delete stuff 🙂
Thanks. Perfect solution.
Very helpful. Thanks.
finally my bucket is gone – u da man
Thank you – finally got this to work!! Did what I thought was the same thing so many times …. then on the last time, it worked! Lots to learn about AWS!
Lynette P
The same thing happened to me. I thought that I had changed the setting a couple of times and it didn’t work. After reading this article, I tried again and it worked!! Must be some magic going on.
Thank you. S3 just kicked the bucket 🙂
Thanks a lot…
it works perfect.
Thank you so much
Perfect, saved me a lot of time
Thanks mate. Was wondering why I couldn’t delete the bucket (even though I tried as root as the last resort). Saved me a lot of trouble and time.