S3 / Client / delete_bucket_policy
delete_bucket_policy#
- S3.Client.delete_bucket_policy(**kwargs)#
This implementation of the DELETE action uses the policy subresource to delete the policy of a specified bucket. If you are using an identity other than the root user of the Amazon Web Services account that owns the bucket, the calling identity must have the
DeleteBucketPolicypermissions on the specified bucket and belong to the bucket owner’s account to use this operation.If you don’t have
DeleteBucketPolicypermissions, Amazon S3 returns a403 Access Deniederror. If you have the correct permissions, but you’re not using an identity that belongs to the bucket owner’s account, Amazon S3 returns a405 Method Not Allowederror.Warning
To ensure that bucket owners don’t inadvertently lock themselves out of their own buckets, the root principal in a bucket owner’s Amazon Web Services account can perform the
GetBucketPolicy,PutBucketPolicy, andDeleteBucketPolicyAPI actions, even if their bucket policy explicitly denies the root principal’s access. Bucket owner root principals can only be blocked from performing these API actions by VPC endpoint policies and Amazon Web Services Organizations policies.For more information about bucket policies, see Using Bucket Policies and UserPolicies.
The following operations are related to
DeleteBucketPolicySee also: AWS API Documentation
Request Syntax
response = client.delete_bucket_policy( Bucket='string', ExpectedBucketOwner='string' )
- Parameters:
Bucket (string) –
[REQUIRED]
The bucket name.
ExpectedBucketOwner (string) – The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code
403 Forbidden(access denied).
- Returns:
None
Examples
The following example deletes bucket policy on the specified bucket.
response = client.delete_bucket_policy( Bucket='examplebucket', ) print(response)
Expected Output:
{ 'ResponseMetadata': { '...': '...', }, }