Getting Access denied error while using aws cli for enabling MFA delete on S3 bucket

Question

• Created user and that user having administrator permission and as well S3 bucket full access.
• Created S3 bucket with default setting.
• Trying to enable MFA delete via AWS CLI:

aws s3api put-bucket-versioning --bucket testing-mfa-delete --versioning-configuration Status=Enabled,MFADelete=Enabled --mfa "arn:aws:iam::123456789012:mfa/Admin_App" --profile deletemfa

but getting access denied error:

An error occurred (AccessDenied) when calling the PutBucketVersioning operation: Access Denied

Tried but getting error analyzed and found root account had must had right to do. Even though I am also administrator for that tenant but unable to do it.

Answer 1

Log into the root user. Generate access key, secret key for that user. Try the below command, it will work.

aws s3api put-bucket-versioning --bucket elbs --versioning-configuration Status=Enabled,MFADelete=Enabled --mfa "arn:aws:iam::user 348987"