AWS Root User Permission Denied on S3 Bucket policy

Question

I created a new bucket on AWS S3 from the web wizard. I was logged in as root user

I am attempting to add a Bucket policy as follows

{
    "Version": "2012-10-17",
    "Statement": [{
        "Sid": "AddPerm",
        "Effect": "Allow",
        "Principal": "*",
        "Action": [
            "s3:GetObject"
        ],
        "Resource": [
            "arn:aws:s3:::<my-bucket-name-is-here>/*"
        ]
    }]
}

I get permission denied in both the web editor and the CLI

Web tool

CLI An error occurred (AccessDenied) when calling the PutBucketPolicy operation: Access Denied

In the IAM settings, the root user has full access

    "Statement": [
        {
            "Effect": "Allow",
            "Action": "*",
            "Resource": "*"
        }
    ]

I added

        {
            "Effect": "Allow",
            "Action": "s3:*",
            "Resource": "*"
        }

I also tried adding

        {
            "Sid": "ModifyBucketPolicy",
            "Action": [
                "s3:GetBucketPolicy",
                "s3:PutBucketPolicy"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::<MY-BUCKET-NAME>*"
        },

I still don't have permissions

Answer 1

Thanks to @JohnRotenstein I see that because I accepted the default "Block All Public Access" from AWS I was unable to edit the bucket policy. This makes sense, since the bucket policy can also control access and could thus conflict.

However, the error message is confusing since it makes no mention of the fact that it is the Block public access (bucket settings) that prevented updating. The error message stating access denied / you don't have permissions made me think it was the IAM settings on my user that were preventing me from modifying the resource.