Cannot delete stack key/alias when deleting a stack

Description

Got two errors 'User: arn:aws:sts::325565585839:assumed-role/accounts-AWSIAMAdminRole-9CXWTK6WBTMF/x.schildwachter@sagebase.org is not authorized to perform: kmseleteAlias on resource: arn:aws:kms:us-east-1:325565585839:key/df23b24d-420c-4ccb-b68d-0cae5e5eacfb with an explicit deny' and 'User: arn:aws:sts::325565585839:assumed-role/accounts-AWSIAMAdminRole-9CXWTK6WBTMF/x.schildwachter@sagebase.org is not authorized to perform: kms:ScheduleKeyDeletion on resource: arn:aws:kms:us-east-1:325565585839:key/df23b24d-420c-4ccb-b68d-0cae5e5eacfb with an explicit deny' when deleting the prod-234-shared Cloudformation stack.

I think only the stack builder can do that. One solution could be to do nothing and run an aws CLI command from the build system.

Environment

234.0-x

Assignee

Xavier Schildwachter

Reporter

Xavier Schildwachter

Labels

None

Validator

John Hill

Development Area

None

Release Version History

None

Components

Fix versions

Affects versions

Priority

Major
Configure