Deleting S3 objects with arbitrary tag-value

Question

I naively tagged S3 objects with a common key, but arbitrary values (a UUID per batch), believing it would be "easy enough" to go back and delete every object with the specified tag.

So far, my testing suggests that if I specify a lifecycle rule which filters based on key-only (no value), then it matches only objects which also have the key and no value, rather than matching all objects with that key regardless of value.

I'm currently waiting for midnight UTC just to make sure that the issue isn't between Terraform and Amazon S3. But if there's a known way to specify apply rule to all objects with tag-key K, that would be super helpful; the documentation I've found to date isn't quite that clear.

Bit of terraform for completeness:

resource "aws_s3_bucket" "my_s3_bucket" {
  ...
  lifecycle_rule {
    id = "Tagged current version expiration"
    prefix = "my_prefix/"

    tags = {
      recyclable = ""
    }

    enabled = var.tagged_current_version_expiration_enabled

    noncurrent_version_expiration {
      days = var.tagged_noncurrent_version_expiration_days
    }
    
    expiration {
      days = var.tagged_current_version_expiration_days
    }
  }
  ...
}

Answer 1

I'm afraid the lifecycle rules documentation is pretty clear on this point, and you'll have to write a rule for every UUID you created.

The Lifecycle rule applies to objects that have both of the tags specified. Amazon S3 performs a logical AND. Note the following:

Each tag must match both key and value exactly.

The rule applies to a subset of objects that has all the tags specified in the rule. If an object has additional tags specified, the rule will still apply.

must match both key and value exactly seem to indicate that you can't use no wildcard here.