Not able to destroy S3 bucket resource, policy check failing

S3 bucket needs to be empty before you can delete it. If it's a small bucket, you can simply click empty bucket to delete all files. If it has lot of files, I usually, create a lifecycle rule to delete all current and previous versions of the files and then delete the bucket. In case, you have object locking enabled, you probably cannot delete the files.

The issue you're experiencing is related to a policy check that's preventing the destruction of an S3 bucket. This is likely a safeguard put in place to prevent accidental deletion of important data. To resolve this, you need to follow these steps:

1. Understand the policy: The policy "aws-s3-non-empty-bucket-destroy" is preventing the deletion of the bucket. This is a safety measure to ensure that non-empty buckets are not accidentally deleted.

2. Check the DELETE_BUCKET_DATA tag: The error message indicates that the DELETE_BUCKET_DATA tag is set to false. This tag is used to control whether the bucket and its contents can be deleted.

3. Toggle the DELETE_BUCKET_DATA tag: To proceed with destroying the bucket, you need to change the DELETE_BUCKET_DATA tag to true. This will signal that you intentionally want to delete the bucket and its contents.

To modify the tag, you can use PutBucketTagging API as given here : https://docs.aws.amazon.com/AmazonS3/latest/API/API_PutBucketTagging.html

4. Follow internal procedures: The error message refers to "go/s3destroy" for more information. This is likely an internal resource within your organization that provides specific guidelines on how to properly toggle the tag and proceed with bucket deletion.

5. Ensure the bucket is empty: Even after toggling the tag, make sure the bucket is empty before attempting to delete it. S3 buckets can only be deleted when they contain no objects.

6. Verify permissions: Ensure you have the necessary permissions to delete the bucket. This typically includes the s3:DeleteBucket permission.

7. Retry the deletion: After following these steps, attempt to destroy the S3 bucket resource again.

Remember, deleting an S3 bucket is a permanent action. Always double-check that you're deleting the correct bucket and that you've backed up any necessary data before proceeding.
Sources
Issue deleting S3 Bucket via CloudFormation | AWS re:Post
Deleting a general purpose bucket - Amazon Simple Storage Service

Any time data is deleted, extreme care should be taken. Previous comments provide good information on those checks. After those checks, if you are looking for emptying bucket, you can use any of the method (Console, CLI, SDK or Lifecycle policy configuration) as outlined below. The methods are helpful if you have large number of objects especially using lifecycle.

https://docs.aws.amazon.com/AmazonS3/latest/userguide/empty-bucket.html