Thursday, February 29, 2024
HomeSoftware EngineeringThe way to copy S3 objects between AWS accounts

The way to copy S3 objects between AWS accounts


In your supply account create a customer-managed coverage:

{
    "Model": "2012-10-17",
    "Assertion": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetObject"
            ],
            "Useful resource": [
                "arn:aws:s3:::source-EXAMPLE-BUCKET",
                "arn:aws:s3:::source-EXAMPLE-BUCKET/*"
            ]
        },
        {
            "Impact": "Enable",
            "Motion": [
                "s3:ListBucket",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Useful resource": [
                "arn:aws:s3:::destination-EXAMPLE-BUCKET",
                "arn:aws:s3:::destination-EXAMPLE-BUCKET/*"
            ]
        }
    ]
}

In your vacation spot bucket, replace the bucket coverage:

{
    "Model": "2012-10-17",
    "Assertion": [
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::1234567890:user/Andrew"
            },
            "Action": "s3:PutObject",
            "Resource": "arn:aws:s3:::destination-EXAMPLE-BUCKET/*",
            "Condition": {
                "StringEquals": {
                    "s3:x-amz-acl": "bucket-owner-full-control"
                }
            }
        },
        {
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::1234567890:user/Andrew"
            },
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::destination-EXAMPLE-BUCKET"
        }
    ]
}

Testing the S3 copy between accounts:

aws s3 cp s3://source-EXAMPLE-BUCKET/object.txt s3://destination-EXAMPLE-BUCKET/object.txt --acl bucket-owner-full-control
RELATED ARTICLES

LEAVE A REPLY

Please enter your comment!
Please enter your name here

Most Popular

Recent Comments