By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

Any way to access locked-out vault?

0

I was tightening my Glacier vault permissions policy and somehow ended up being unable to view or change it. No user can now view, save or delete the vault permissions (only one vault has this problem) - neither the root after logging into console nor a user with "AllowAll" IAM permissions granted for all vaults. The vault itself is now inaccessible - no uploads can be made.

I only see "You do not have permission to view the vault access policy." after selecting Permissions tab of the vault. Needless to say that attempts to edit and change permissions fail with "Access denied" error.

Tried lots of different avenues (via console and command line with various users) for several hours but nothing works to bypass the lock-out.

Any help to reset permissions or, at least, to access the vault will be greatly appreciated!

Edited by: IgorM on Feb 8, 2019 3:28 AM

Edited by: IgorM on Feb 8, 2019 3:33 AM

Topics
Security, Identity, & Compliance
Tags
AWS Identity and Access Management
Language
English
IgorM
asked 5 years ago247 views
1 Answer
0

The vault policy was invalid which prevented all access to the vault. I was contacted by AWS engineers who (1) fixed the policy and (2) will introduce a filter to block such invalid policies from being saved.

This resolved my problem.

IgorM
answered 5 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content