AWS Certified SysOps Administrator – Associate (legacy) — Question 879

A SysOps Administrator attempting to delete an Amazon S3 bucket ran the following command: aws s3 rb s3://my bucket
The command failed and bucket still exists. The administrator validated that no files existed in the bucket by running aws s3 1s s3://mybucket and getting an empty response.
Why is the Administrator unable to delete the bucket, and what must be done to accomplish this task?

Answer options

• A. The bucket has MFA Delete enabled, and the Administrator must turn it off.
• B. The bucket has versioning enabled, and the Administrator must permanently delete the objects' delete markers.
• C. The bucket is storing files in Amazon Glacier, and the Administrator must wait 3-5 hours for the files to delete.
• D. The bucket has server-side encryption enabled, and the Administrator must run the aws s3 rb s3://my bucket -- sse command.

Correct answer: D

Explanation

When server-side encryption is enabled on an S3 bucket, standard deletion commands may fail due to specific encryption restrictions. To resolve this, the administrator must explicitly include the encryption parameter by executing the `aws s3 rb s3://my bucket -- sse` command. Other configurations like MFA Delete, Glacier storage, or versioning delete markers are not the cause of this specific failure.