Skip to content
By using AWS re:Post, you agree to the AWS re:Post Terms of Use
AWS re:Postre:Post
About re:Post

We are ALL denied access to EVERYTHING

0

Ugh so instead of saving the new policy I was creating to attach to an EC2 instance to prevent it from being able to access anything except one S3 bucket, AWS saved the DENY policy (here) to an existing S3 policy that is applied to grant access to S3 to ALL the admins, so now NOBODY can access ANYTHING on AWS. I can't even submit a support ticket (that we're paying for). How do we undo this? Thanks!

Topics
Security, Identity, & ComplianceManagement & Governance
Tags
Security, Identity, & ComplianceAWS Identity and Access ManagementAWS Account ManagementAccount Support
Language
English
asked 2 years ago408 views
1 Answer
1
Accepted Answer

You can recover access using the account root user: https://repost.aws/knowledge-center/s3-accidentally-denied-access

You can also use the root user to edit IAM permissions. Incidentally, we strongly recommend that you enable multi-factor authentication for the root user so that this power is not abused.

AWS
EXPERT
answered 2 years ago
AWS
EXPERT
reviewed 2 years ago

You are not logged in. Log in to post an answer.

A good answer clearly answers the question and provides constructive feedback and encourages professional growth in the question asker.

Relevant content