Ask HN: AWS account suspended, able to access via keys with no console signin

[arthurcolle]

I have my entire life backed up in AWS, but apparently my account has been suspended for 3 months? Not sure how this is possible, but when I tried to contact support, I am told I must access support after signing in.

There must be some way to get my account reinstated. I have buckets that I've had backed up for literally a decade and losing this would be unbelievable.

I am trying to backup what I can but was wondering if anyone knows someone that can look into this at AWS? I tried contacting support but was greeted with this message:

"Hello there,

Greetings from AWS!

AWS account security policies don't permit us to discuss account-specific information unless you're signed into the account you're asking about.

For your sign-in credentials, use the email address that's associated with the AWS account that you'd like to discuss. Then contact us from the Support Center through the following link. Even if your account is suspended or has been closed for 90 days or less, you can still open a case.

https://support.console.aws.amazon.com/support/

If your sign-in information no longer exists, then your account was permanently closed after being suspended or closed for more than 90 days. You can create a new AWS account:

https://aws.amazon.com/premiumsupport/knowledge-center/create-and-activate-aws-account/

Note that if your account was closed or terminated, you can't use the same email address to create a new AWS account."

I am pretty sure I've been paying AWS regularly (around $120 a month for the last year or so) so I can't imagine ever receiving any suspension emails.

When I tried loggin in yesterday, the captchas seemed insane and I was completely unable to login.

I really need help resolving this or I'm going to be in a really bad spot.

Any help appreciated.

[rickoooooo]

If you have working access keys, you can generate a console URL that has the same permission as your keys. Check out the python script here: https://docs.aws.amazon.com/IAM/latest/UserGuide/id_roles_pr...

It will spit out a URL you can use to sign into the console using the keys instead of a user account. Maybe this will help you in the meantime while you are trying to fix the root problem. Good luck!

[rickoooooo]

One other thought is to try using rclone to copy all of your data to local storage or to another provider while you still have access using keys.

https://rclone.org/

[arthurcolle]

Yeah I'm basically running aws s3 sync on the two most important buckets first (like 0.5T) and then trying to figure out how to deal with support. It is so anxiety-inducing to not know when this access might just get lost so I'm frantically backing up this now at 25th hour. about to get an 8tb hard drive to just have something to persist this in this fog of war

[anaganisk]

I suspect your keys got leaked or something? I remember reading a similar experience think. But at least I could suggest one thing which I did a while ago, I emailed from my aws registered email CCing Jeff when he was still the boss. I didn't have business support or anything, but the issue was handled like I was the most important customer of AWS.

Another thing I would suggest is never trust any cloud to be your only source of backups. Always have your own copy, I have an unraid setup(it's cheap too to build), with an 8tb capacity that regularly backs up to Hetzner storage box. That redundancy is enough for me. If one goes, the other stays.

For anyone else reading this, this has become so common that people using any cloud service should be aware at this point atleast users of HN to have redundancy measures for anything important. You may not win the HN front page lottery all the time.

[shaicoleman]

* You can try to contact AWS Support on Reddit [1]

* If you're on the business plan (unlikely), you can open a case via the API/CLI [2]

1. https://www.reddit.com/r/aws/comments/10zj55b/comment/j83jrg...

2. https://docs.aws.amazon.com/cli/latest/reference/support/cre...

[bostonsre]

If you can access with keys, then dump your data from s3 with a cli tool then move it somewhere else while you still can.

[lapink]

I spent a long time getting charged for buckets on an account I had lost all access. It was years ago and I had let it keep on for too long, big mistake.

First priority is getting your data out to a safe storage. Then delete as much as you can while you have your access.

I eventually did a charge back to make the charges stop. I had started the account while in the US but had definitely left 6 years ago, and really wanted to close my account there. You cannot close an account with a recurring charge in the US. Funny country, as a French it felt terrifying like being trapped in some weird American administrative maze where I would get billed 1 dollar per month until my death (plus bank fees).

[chaps]

Similar happened to me. Account kept getting charged while my account was suspended because I couldn't pay the first bill. The only way to unsuspend it was to pay the full amount, including when all of the hosts were inaccessible. When I complained, they told me that I should have read the ToS to know that I'd still be charged for the inaccessible hosts. They waived one month, but had to pay the rest. All of my support was done over chat, but it took a while and I had to talk to a few different reps. Good luck.

[MarxistaLS]

AWS is so expensive in so many ways, I'd never use it if I was paying.

[jchallis]

By any chance is your root email address similar to the one you use for your regular Amazon life (kindle / shopping / prime) etc? You should be able to log in using that root account using your usual Amazon email and then proceed to reach out to support.

As root you could also assign the IAM roles to individual users for specific buckets.

[chrisgoman]

This is most likely what is happening is the shopping website and AWS are now trying to make you create at least 2 accounts and the captchas will start showing after that

[iLoveOncall]

Since you have your keys working, you may be able to open a support case using the support API: https://docs.aws.amazon.com/awssupport/latest/user/about-sup... :)

[arthurcolle]

This would be useful to resolve the root issue but unfortunate I am not sure/think I do not have a Business tier account. I will try to check this though.

[gdelfino01]

Nothing like having your data in your own NAS. I love my Synology.

[iLoveOncall]

The odds of your hardware failing are much higher than the odds of having a problem leading to data loss with AWS.

[ncallaway]

Mmm, but the 5 9s of reliability probably don’t take into account their odds of terminating your account abruptly.

Maybe they should. Every account they unilaterally shutdown without access to data should just count against their reliability metrics as if it were an indefinite outage.

[arthurcolle]

Definitely agree with this completely. If you can't pay for egress then that is effectively just losing data. I get the business argument, but cutting me off from easily speaking to support is absolute fucking garbage. Shameful process.

[iLoveOncall]

> cutting me off from easily speaking to support is absolute fucking garbage

It's not. It's for obvious safety reasons. How can you prove that you are the rightful account owner otherwise?

[arthurcolle]

I have access to my email address which is the original email address that I set up the AWS account for. I also have my phone number which is linked to the account.

[ncallaway]

But if they suspend your account access, you can’t login to talk to support. So it sounds like they’ve left no possible avenue to talk to support.

How can you prove that you are the rightful account owner at all under those circumstances?

[yumswiss]

Sounds like someone could have changed the root account email.

If you can access via keys then just backup your stuff.

[KomoD]

> I have buckets that I've had backed up for literally a decade and losing this would be unbelievable.

Why would you store everything only at AWS...?

[Someone1234]

How is this constructive to what OP asked?

I don't think OP should answer you, because if they do instead of people addressing their actual issue, it will become an irrelevant rabbit-hole discussing backup best practices or the cost-effectiveness of AWS's various data storage solutions.

Personally I've seen AWS's S3 Glacier commonly recommended including in Ask HN or Reddit's data hoarder sub. Therefore, that is a good answer: It is a popular data storage solution. Now back to OP's actual issue...

[KomoD]

> Personally I've seen AWS's S3 Glacier commonly recommended including in Ask HN or Reddit's data hoarder sub. Therefore, that is a good answer: It is a popular data storage solution. Now back to OP's actual issue...

Yes, but that does not mean you should only store there.

[rsstack]

3-2-1 rule for backups: 3 copies, 2 different physical mediums on the same site (if you're on AWS, they handle that for you), 1 off-site (NOT AWS). This is the minimum for a data backup to count as "backup", not the maximum.

Backup your AWS data, backup your Google data (Gmail, Drive, and GCP), backup your on-prem data (to the cloud, or a different building), etc.

[xeromal]

OP already learned this lesson. No need to pile on.