현상
S3 버킷을 All Deny로 생성하여 액세스 및 삭제 불가
해결방법
'All Deny'가 적용된 S3 버킷을 삭제하기 위해서는 이 버킷에 연결된 S3 버킷 정책을 삭제해야 S3 버킷을 삭제할 수 있습니다.
실수로 모든 사용자의 Amazon S3 버킷 액세스를 거부했습니다. 액세스 권한을 다시 부여하려면 어떻게 해야 합니까?
https://aws.amazon.com/ko/premiumsupport/knowledge-center/s3-accidentally-denied-access/CLI를 이용한 해결방법
1. If you already do not have the AWS CLI installed, please follow this document[1].
2. Now you have to Configure the AWS CLI[2].
Use the "aws configure" command is the fastest way to set up your AWS CLI installation. When you enter this command, the AWS CLI prompts you for four pieces of information:
• Access key ID
• Secret access key
• AWS Region
• Output formatIf you do not have Access key created for Root user, I request you to first create the Access key, please follow this document[3]. Enter the AWS region where the S3 bucket ingest-skcc-raw-dev-datalake is located in, which is ap-northeast-2. Default Output format is json. In case you want more insight on these parameters refer document[2].
3. Now you can use the delete-bucket-policy[4] CLI command to delete the bucket policy attached.
Example command: aws s3api delete-bucket-policy --bucket BUCKET_NAME
4. Now that the bucket policy has been successfully removed, you can delete the S3 bucket using rb command[5],
Example command: aws s3 rb s3://bucket-name
By default, the bucket must be empty for the operation to succeed. To remove a bucket that's not empty, you need to include the --force option. If you're using a versioned bucket that contains previously deleted—but retained—objects, this command does not allow you to remove the bucket. You must first remove all of the content. The following example deletes all objects and prefixes in the bucket, and then deletes the bucket.
Example command: aws s3 rb s3://bucket-name –force
Or
You can also use the delete-bucket command[6] as well,
Example command: aws s3api delete-bucket --bucket BUCKET_NAME
By following the above steps, you should be able to successfully delete the S3 bucket. However, please make sure you are using ROOT User[7] only. Further, in case you get any error please share the same with me, also with above commands you can use –-debug option and share the output with me as this provides the debug logs and I can further assist you in troubleshooting and deleting the S3 bucket.
Example command: aws s3api delete-bucket --bucket BUCKET_NAME –debug
References:
[1] Installing, updating, and uninstalling the AWS CLI
https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-install.html[2] Configuring the AWS CLI
https://docs.aws.amazon.com/cli/latest/userguide/cli-chap-configure.html[3] Creating access keys for the root user
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html#id_root-user_manage_add-key[4] S3 delete-bucket-policy
https://docs.aws.amazon.com/cli/latest/reference/s3api/delete-bucket-policy.html[5] Delete buckets S3
https://docs.amazonaws.cn/en_us/cli/latest/userguide/cli-services-s3-commands.html#using-s3-commands-delete-buckets[6] delete-bucket
https://awscli.amazonaws.com/v2/documentation/api/latest/reference/s3api/delete-bucket.html[7] AWS account root user
https://docs.aws.amazon.com/IAM/latest/UserGuide/id_root-user.html[8] Deleting a bucket
https://docs.aws.amazon.com/AmazonS3/latest/userguide/delete-bucket.html
참고
AWS Premium Support에는 고객 리소스를 삭제할 권한이 없음