S3 Bucket without ACL - No permission

1
votes

I found an issue with a S3 bucket.

The bucket don't have any ACL associated, and the user that create the bucket was deleted.

How it's possible add some ACL in the bucket to get the control back?

For any command using AWS CLI, the result are the same always: An error occurred (AccessDenied) when calling the operation: Access Denied

Also in AWS console the access is denied.

2
amazon-web-servicesamazon-s3acl
You don't need ACLs. Do you have an IAM user with permissions for this S3 bucket? If not, add a new IAM user with appropriate permissions or add those S3 permissions to an existing IAM user.jarmod
Hi @jarmod, the users with admin role can't perform any action with this bucket. Also some policies are create and don't help to control the bucket again.Lucas Pepino

2 Answers

0
votes

First things first , AccessDenied error in AWS indicates that your AWS user does not have access to S3 service , Get S3 permission to your IAM user account , if in case you had access to AWS S3 service.

The thing is since you are using cli make sure AWS client KEY and secret are still correctly in local.

Now the interesting use case :

You have access to S3 service but cannot access the bucket since the bucket had some policies set

In this case if user who set the policies left and no user was able to access this bucket, the best way is to ask AWS root account holder to change the bucket permissions

0
votes

An IAM user with the managed policy named AdministratorAccess should be able to access all S3 buckets within the same AWS account. Unless you have applied some unusual S3 bucket policy or ACL, in which case you might need to log in as the account's root user and modify that bucket policy or ACL.

See Why am I getting an "Access Denied" error from the S3 when I try to modify a bucket policy?