The following procedures guide you through how to sign in to the log archive account as an IAM Identity Center user in the AWSControlTowerExecution group and then delete the Amazon S3 buckets in your log archive account.
To sign in to your log archive account with the right permissions
Open the Organizations console at https://console.aws.amazon.com/organizations/
. -
From the Accounts tab, find the Log archive account.
-
From the right pane that opens, make a record of the log archive account number.
-
From the navigation bar, choose your account name to open your account menu.
-
Choose Switch Role.
-
On the page that opens, provide the account number for the log archive account in Account.
-
For Role, enter AWSControlTowerExecution.
-
The Display Name populates with text.
-
Choose your favorite Color.
-
Choose Switch Role.
To delete Amazon S3 buckets
Open the Amazon S3 console at https://console.aws.amazon.com/s3/
. -
Search for bucket names that contain aws-controltower.
-
For each bucket in the table, do the following:
-
Choose the check box for the bucket in the table.
-
Choose Delete.
-
In the dialog box that opens, review the information to make sure it's accurate, enter the name of the bucket to confirm, and then choose Confirm.
-
