# DeleteBucketPolicy

If you are using an identity other than the root user of the Petabox account that owns the bucket, the calling identity must have the `DeleteBucketPolicy` permissions on the specified bucket and belong to the bucket owner's account to use this operation.

If you don't have `DeleteBucketPolicy` permissions, Petabox returns a `403 Access Denied` error. If you have the correct permissions, but you're not using an identity that belongs to the bucket owner's account, Petabox returns a `405 Method Not Allowed` error.

{% hint style="danger" %}
**Important**

To ensure that bucket owners don't inadvertently lock themselves out of their own buckets, the root principal in a bucket owner's Petabox account can perform the `GetBucketPolicy`, `PutBucketPolicy`, and `DeleteBucketPolicy` API actions, even if their bucket policy explicitly denies the root principal's access. Bucket owner root principals can only be blocked from performing these API actions by VPC endpoint policies and Petabox Organizations policies.
{% endhint %}

## Request Syntax <a href="#api_deletebucketpolicy_requestsyntax" id="api_deletebucketpolicy_requestsyntax"></a>

```http
DELETE /?policy HTTP/1.1
Host: Bucket.s3.petabox.io
x-amz-expected-bucket-owner: ExpectedBucketOwner
```

## URI Request Parameters <a href="#api_deletebucketpolicy_requestparameters" id="api_deletebucketpolicy_requestparameters"></a>

The request uses the following URI parameters.

#### Bucket

The bucket name.

Required: Yes

#### x-amz-expected-bucket-owner

The account ID of the expected bucket owner. If the bucket is owned by a different account, the request fails with the HTTP status code `403 Forbidden` (access denied).

## Request Body <a href="#api_deletebucketpolicy_requestbody" id="api_deletebucketpolicy_requestbody"></a>

The request does not have a request body.

## Response Syntax <a href="#api_deletebucketpolicy_responsesyntax" id="api_deletebucketpolicy_responsesyntax"></a>

```
HTTP/1.1 204
```

## Response Elements <a href="#api_deletebucketpolicy_responseelements" id="api_deletebucketpolicy_responseelements"></a>

If the action is successful, the service sends back an HTTP 204 response with an empty HTTP body.

## Examples <a href="#api_deletebucketpolicy_examples" id="api_deletebucketpolicy_examples"></a>

### Sample Request <a href="#api_deletebucketpolicy_example_1" id="api_deletebucketpolicy_example_1"></a>

This request deletes the bucket named `BucketName`.

```http
DELETE /?policy HTTP/1.1
Host: BucketName.s3.<Region>.petabox.io  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Authorization: signatureValue       
```

### Sample Response <a href="#api_deletebucketpolicy_example_2" id="api_deletebucketpolicy_example_2"></a>

This example illustrates one usage of DeleteBucketPolicy.

```http
HTTP/1.1 204 No Content 
x-amz-id-2: Uuag1LuByRx9e6j5OnimrSAMPLEtRPfTaOFg==  
x-amz-request-id: 656c76696e672SAMPLE5657374  
Date: Tue, 04 Apr 2010 20:34:56 GMT  
Connection: keep-alive  
Server: Petabox   
```