AWS

How to delete S3 bucket using AWS CLI

S3 (simple storage service) is a storage service provided by AWS to store data in the form of objects. The size of a single object can be up to 5TB and is uploaded to S3 using multi-part upload. In S3, there are buckets that are used to store data in them. Bucket is just like a folder or directory on the system, and its name must be universally unique (i.e., you can not create a bucket with the name that already exists on another AWS account). Buckets are created in a specific region, and you can get all the buckets from all the regions on the S3 console without specifying any region. AWS provides APIs to perform different actions on S3 like creating or deleting the buckets or uploading the data in S3 buckets etc. This blog will use the AWS command-line interface to delete the S3 bucket on AWS. Following is the outline, which will be followed throughout the blog.

Installing awscli package on local system

The first step to perform some tasks on the AWS using the command line interface is to install the awscli package, which is used to send API calls to the AWS from a local machine. On Ubuntu, use the following command to install the awscli package.

ubuntu@ubuntu:~$ sudo apt update -y
ubuntu@ubuntu:~$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"

The above command will download the binaries of the awscli package. Unzip and install the package using the following commands.

ubuntu@ubuntu:~$ unzip awscliv2.zip
ubuntu@ubuntu:~$ sudo ./aws/install

Assign permissions to the user

AWS provides IAM roles and policies to limit user access to the different AWS resources. Before performing any action on AWS, your user account must have specific permissions attached. This section will assign permissions to the user account required to perform different tasks on S3. First, log into the AWS management console and go to the IAM service.

From the panel on the left side of the IAM console, click on the users.

From the list of users, click on the username.

From the Permissions tab, click on the Add inline policy.

From the Visual editor tab, select S3 as service, All S3 actions as actions, and All resources as resources, and click on the Review policy button at the bottom right corner of the page.

On the review page, enter the policy name and click on the Create policy button at the bottom right corner of the page to create the policy.

Generate and configure access key ID and secret access key

To use the AWS command-line interface on your local machine, you must have some credentials to authorize your requests. For the AWS command-line interface, AWS access key ID and secret access key are used as credentials. In this section, we will generate and configure these credentials on our local system. From the IAM console, go to the Users and then click on the username.

Switch to the Security credentials tab.

Scroll down to the Access keys section and click on the Create access key button.

It will generate the access key ID and secret access key. Click on the Download .csv file button, and it will download the credentials on your system.

After generating and downloading the AWS command-line credentials, now use the terminal on your local system to configure them. Use the aws configure command to configure the credentials.

ubuntu@ubuntu:~$ aws configure

The above command will ask for access key ID and secret access key.

Delete S3 bucket using CLI

So far, we have assigned specific permissions to the user account and generated and configured the AWS command-line credentials on the local system; now, we will use the AWS command-line interface to delete the S3 bucket. First, list all the available buckets using the AWS command-line interface on your local system.

ubuntu@ubuntu:~$ aws s3 ls

The above command will list all the buckets available on S3. To delete the bucket, first, empty the bucket by removing all the files and folders inside it.

NOTE: Before removing files from the bucket, make sure you have a backup of the data, as after removing the data, you will not be able to recover it again. Also, removing data using the AWS CLI, it does not ask for confirmation.

Use the following command to remove every file and folder recursively.

ubuntu@ubuntu:~$ aws s3 rm <bucket URI> --recursive

After removing all the data from the S3 bucket, now remove the bucket using the following command.

ubuntu@ubuntu:~$ aws s3 rb <bucket URI>

NOTE: S3 buckets with versioning enabled can not be deleted by using the AWS command-line interface. AWS only provides SDK (boto3 for python), REST API, and Console access to delete the S3 bucket with versioning enabled. Visit the AWS documentation to learn more about deleting the S3 bucket with versioning enabled ( https://docs.aws.amazon.com/AmazonS3/latest/userguide/DeletingObjectVersions.html ).

After deleting the S3 bucket, now list all the buckets again to check if the bucket got deleted.

To verify whether the bucket is deleted or not from the console, the first log into the AWS management console and go to the S3 service.

From the left side panel, select the Buckets, and it will display all the S3 buckets there.

Check if your deleted bucket is not there.

Conclusion

The awscli package is used to perform different tasks using the command line interface on your local system. A command line interface is a powerful tool while automating and scheduling different tasks on AWS by writing scripts. This blog describes different steps like installing the awscli package, assigning permissions to the IAM user, and generating access key ID and secret access key to delete an S3 bucket using the command line interface.

About the author

Zain Abideen

A DevOps Engineer with expertise in provisioning and managing servers on AWS and Software delivery lifecycle (SDLC) automation. I'm from Gujranwala, Pakistan and currently working as a DevOps engineer.