I am currently logged in as the root user. I am trying to delete the following EFS backup vault:
aws/efs/automatic-backup-vault
When I do I receive the following error:
Insufficient privileges to perform this action. Please consult with the account administrator for necessary permissions.
When I try and go to the policies to give myself the ability to do this, enter the following policy:
{
"Version": "2012-10-17",
"Statement": [{
"Effect": "Allow",
"Principal": "*",
"Action": "*",
"Resource": "*"
}]
}
The json enter shares the following error:
This policy JSON contains 3 errors that require attention starting on line 7 See the individual validation errors in the JSON editor for more information.
Additionally, I used AWS-Nuke to try and clear everything out, and this little bit of configuration remained. Previously I was getting:
The specified policy cannot be added to the vault due to cross-account sharing restrictions. Amend the policy or the vault's settings, then retry request.
I am unsure of what to do next or if the second error is still relevant here as the JSON is being denied. I also was having an error around Thanks!
You need to Fix the Policy in Backup Vault in two steps. 1 - Change the AWS Principal: "*" to "arn:aws:iam::[AWSAccountID]:root" 2 - After that, you can change the policy: Deny to Allow.
Is this a necessary because you can't change the effect with single account actions with a principal "*".