We are ALL denied access to EVERYTHING

0

Ugh so instead of saving the new policy I was creating to attach to an EC2 instance to prevent it from being able to access anything except one S3 bucket, AWS saved the DENY policy (here) to an existing S3 policy that is applied to grant access to S3 to ALL the admins, so now NOBODY can access ANYTHING on AWS. I can't even submit a support ticket (that we're paying for). How do we undo this? Thanks!

1 Answer
1
Accepted Answer

You can recover access using the account root user: https://repost.aws/knowledge-center/s3-accidentally-denied-access

You can also use the root user to edit IAM permissions. Incidentally, we strongly recommend that you enable multi-factor authentication for the root user so that this power is not abused.

profile pictureAWS
EXPERT
answered 2 years ago
profile pictureAWS
EXPERT
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Guidelines for Answering Questions