By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post

We are ALL denied access to EVERYTHING

0

Ugh so instead of saving the new policy I was creating to attach to an EC2 instance to prevent it from being able to access anything except one S3 bucket, AWS saved the DENY policy (here) to an existing S3 policy that is applied to grant access to S3 to ALL the admins, so now NOBODY can access ANYTHING on AWS. I can't even submit a support ticket (that we're paying for). How do we undo this? Thanks!

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
Security, Identity, & ComplianceAWS Identity and Access ManagementAWS Account ManagementAccount Support
Language
English
HooHost
asked a year ago263 views
1 Answer
1
Accepted Answer

You can recover access using the account root user: https://repost.aws/knowledge-center/s3-accidentally-denied-access

You can also use the root user to edit IAM permissions. Incidentally, we strongly recommend that you enable multi-factor authentication for the root user so that this power is not abused.

profile pictureAWS
EXPERT
Brettski-AWS
answered a year ago
profile pictureAWS
EXPERT
Tushar_J
reviewed a year ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions

Relevant content