I accidentally denied everyone access to my Amazon S3 bucket. How do I regain access?
Last updated: 2020-08-06
I incorrectly configured my bucket policy to deny all users access to my Amazon Simple Storage Service (Amazon S3) bucket. How can I get access to my bucket again?
To get access to your bucket again, sign in to the Amazon S3 console as the AWS account root user, and then delete the bucket policy. Follow these steps:
- Sign in to the AWS Management Console as the account root user.
- Open the Amazon S3 console.
- Navigate to the bucket that all users are locked out of.
- Choose the Permissions tab.
- Choose Bucket Policy.
- Choose Delete.
- Sign out of the AWS Management Console.
- As a best practice, the account administrator can rotate the root user password.
Warning: Do not use the root user for everyday tasks. Limit the use of these credentials to only the tasks that require you to sign in as the root user.
After the account root user deletes the bucket policy, an AWS Identity and Access Management (IAM) user or role with access to the bucket can apply a new bucket policy with the correct permissions. For more information, see Bucket policy examples and How do I add an S3 bucket policy?