I found myself in the position in the title of this post. To skip to the root cause, I had configured a VPC endpoint and configured the bucket policy to allow access from only the associated VPC. That makes sense. What I thought was odd was that I could navigate through the console and not see anything, but ultimately change the policy to allow access. Odd…
Overview…
…and the permissions…
…after which I can simply click on the Bucket Policy link and change it to whatever is needed…
