Learning AWS and mucking about with buckets. I tried to configure a logging bucket for a project, with the following logging.json used for the put-bucket-logging command in the cli:
{
"LoggingEnabled": {
"TargetBucket": "logs.bucketname.com",
"TargetPrefix": "bucketLogs/",
"TargetGrants": [
{
"Grantee": {
"Type": "AmazonCustomerByEmail",
"EmailAddress": "username@email.com"
},
"Permission": "FULL_CONTROL"
},
{
"Grantee": {
"Type": "Group",
"URI": "http://acs.amazonaws.com/groups/global/AllUsers"
},
"Permission": "READ"
}
]
}
}
And after receiving a message in the buckets overview tab in the S3 management console stating "Error: Access Denied", I've been trying to set up a policy that will give me access back so I can just delete the bucket and start over. The policy now looks like this:
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Principal": {
"AWS": "*"
},
"Action": [
"s3:GetObject",
"s3:DeleteObject",
"s3:PutObject"
],
"Resource": "arn:aws:s3:::logs.bucketname.com/*"
}
]
}
I'm not sure how any of this has caused the root user to be unable to access or delete the bucket in the console. Please advise.
