I cannot delete the bucket from an IAM user account which uses a virtual MFA device profile
I have generated session toekns and added it to the profile section of ~/.aws/credentials file. and the profile config is added to the ~/.aws/config file
❯ cat config
[default]
output = json
region = us-east-1
[mfa]
output = json
region = us-east-1
and
[default]
aws_access_key_id = XXXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXXX
[mfa]
aws_access_key_id = XXXXXXXXXXXXXXXXXXXXX
aws_secret_access_key = XXXXXXXXXXXXXXXXXXXXX
aws_session_token = XXXXXXXXXXXXXXXXXXXXX
When I run the command to delete this bucket (it is empty)
❯ aws s3 rm s3://iac-bucket --recursive --region us-east-1 --endpoint-url https://s3.us-east-1.amazonaws.com --profile mfa
fatal error: An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied
Also, the bucket does not show up in Management Console nor on ls command
❯ aws s3 mb s3://iac-bucket --profile mfa
gives no output, and
❯ aws s3 ls s3://iac-bucket --profile mfa --region us-east-1 --endpoint-url https://s3.us-east-1.amazonaws.com
An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied
I have the following policies attached to this user via a group
How do I delete this bucket? Why doesn't it show up at all? I know it exists because
❯ aws s3 mb s3://iac-bucket --profile mfa --region us-east-1 --endpoint-url https://s3.us-east-1.amazonaws.com
make_bucket failed: s3://iac-bucket An error occurred (BucketAlreadyExists) when calling the CreateBucket operation: The requested bucket name is not available. The bucket namespace is shared by all users of the system. Please select a different name and try again.
From the Rules for bucket naming. Most likely a bucket with that name was created by a different account not under your control. That is why it doesn't show up. AFAIK there is no other way to resolve that than choosing a different name for your bucket.