AWS S3 Bucket created with force delete true fails to delete with Access Denied via terraform

0 votes

I create an s3 bucket via terraform for the purpose of storing VPC Flow Logs:

resource "aws_s3_bucket" "bucket" {
  bucket                      = local.bucket_name
  force_destroy               = true
  tags                        = var.tags
}

After the bucket is created, and flow-log service is created, there are a few entries under "/AWSLogs/..."

after I remove the flow-log service I attempt the terraform destroy, but it fails with the following entry, one for each object:

deleting: S3 object (AWSLogs/.../...98d659c.log.gz) version (null): AccessDenied: Access Denied

there are no policies, because they get deleted first.

ACLs are bucket owner and s3 log delivery group have full access, the rest are turned off. and owner is set to data.aws_canonical_user_id.current.id

Dec 29, 2022 in AWS by Tejashwini
 • 3,820 points
edited 5 days ago 5 views

No answer to this question. Be the first to respond.

Your answer

Your name to display (optional):
Privacy: Your email address will only be used for sending these notifications.
webinar REGISTER FOR FREE WEBINAR X
REGISTER NOW
webinar_success Thank you for registering Join Edureka Meetup community for 100+ Free Webinars each month JOIN MEETUP GROUP
"PMP®","PMI®", "PMI-ACP®" and "PMBOK®" are registered marks of the Project Management Institute, Inc. MongoDB®, Mongo and the leaf logo are the registered trademarks of MongoDB, Inc.