Enable Access Logs for Classic Load Balancer: Bucket does not appear in console

0
votes

I set up an S3 bucket following Enable Access Logs for Your Classic Load Balancer but I accidentally used the ap-southeast-2 account ID rather than the us-east-1 account ID in the bucket policy.

As a result the bucket does not show up in the AWS console or in the CLI and any attempt to do CLI operations on it return an AccessDenied error.

How can I delete this bucket so I can recreate it with the correct account ID in the bucket policy? It's my AWS account so permissions shouldn't be a problem in theory.

https://aws.amazon.com/premiumsupport/knowledge-center/s3-accidentally-denied-access/ (generate a root user access key under My Security Credentials -> Access keys then use it to run delete-bucket-policy using aws-cli) should be the solution but I still get an AccessDenied error.

1
amazon-web-servicesamazon-s3

1 Answers

0
votes

You can edit the Bucket Policy.

That documentation page takes you through the following steps:

  1. Create an Amazon S3 Bucket: This is created in your own account and should appear immediately in the management console.
  2. Attach a Policy to Your S3 Bucket: This grants permission for the Access Logs service to write to your bucket.
  3. Enable Access Logs

If you made a mistake in the Bucket Policy, you can select the bucket in the Amazon S3 management console and edit the Bucket Policy.

The bucket policy merely grants access to another account. It will not prevent you from being able to access/edit your bucket.