Ugh so instead of saving the new policy I was creating to attach to an EC2 instance to prevent it from being able to access anything except one S3 bucket, AWS saved the DENY policy ([here](https://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_examples_s3_deny-except-bucket.html)) to an existing S3 policy that is applied to grant access to S3 to ALL the admins, so now NOBODY can access ANYTHING on AWS. I can't even submit a support ticket (that we're paying for). How do we undo this? Thanks!

We are ALL denied access to EVERYTHING

Ugh so instead of saving the new policy I was creating to attach to an EC2 instance to prevent it from being able to access anything except one S3 bucket, AWS saved the DENY policy (here) to an existing S3 policy that is applied to grant access to S3 to ALL the admins, so now NOBODY can access ANYTHING on AWS. I can't even submit a support ticket (that we're paying for). How do we undo this? Thanks!

주제

보안, 신원 및 규정 준수 관리 및 거버넌스

태그

보안, 신원 및 규정 준수 AWS 자격 증명 및 액세스 관리 AWS 계정 관리 계정 지원

언어

English

HooHost

질문됨 일 년 전268회 조회

1개 답변

최신
최다 투표
가장 많은 댓글

수락된 답변

You can recover access using the account root user: https://repost.aws/knowledge-center/s3-accidentally-denied-access

You can also use the root user to edit IAM permissions. Incidentally, we strongly recommend that you enable multi-factor authentication for the root user so that this power is not abused.

전문가

Brettski-AWS

답변함 일 년 전

전문가

Tushar_J

검토됨 일 년 전

We are ALL denied access to EVERYTHING

관련 콘텐츠