Skip to main content

How can I copy S3 objects from another AWS account?

Step 1: Get the 12 digit number of the Destination AWS Account

  • Sign in to the AWS Management Console for the destination AWS account.
  • In the navigation bar, click Support, and then click Support Center. The account number (for example, 222222222222) is displayed in the upper-right corner of the Support Center.

Step 2: Attach the policy to Source S3 Bucket

The Bucket policy set up in the source AWS account. Do NOT forget to change the account number and bucket name in the below policy, otherwise, it will not work
For help on setting the ACL check here
{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Sid": "DelegateS3Access",
            "Effect": "Allow",
            "Principal": {"AWS": "057682336657"},
            "Action": ["s3:ListBucket","s3:GetObject"],
            "Resource": [
                "arn:aws:s3:::cdn.example.in/*",
                "arn:aws:s3:::cdn.example.in"
            ]
        }
    ]
}









Step 3: Attach a policy to a IAM User in the destination AWS account





Setup an IAM User in the destination account and attach this user policy to to delegate access to the bucket in the source AWS account.



In simple words. We have to paste this policy by replacing the source bucket name and destination bucket name to IAM - > Policies (from Left Side) then click on Create Policy then choose "JSON" formate and past this policy.



Now go to Users and create a user and attach this policy to this user by search from policies. Once we attach then download the creditionals. Now login to your desitnation account and setup aws configure setting as follow





[ec2-user@ip-172-31-33-118 ~]$ aws s3 ls s3://cdn.example.in



Unable to locate credentials. You can configure credentials by running "aws configure".



[ec2-user@ip-172-31-33-118 ~]$ aws configure 



AWS Access Key ID [None]: AKIAQ23RKWSDFHQ5FR73V72



AWS Secret Access Key [None]: zQ3YThtA9TYo32vVSDFEBfTsCCevydScUbfQQUN



Default region name [None]: 



Default output format [None]: 



[ec2-user@ip-172-31-33-118 ~]$ aws s3 ls s3://cdn.example.in
















[ec2-user@ip-172-31-33-118 ~]$ aws s3 sync s3://cdn.example.in s3://cdn.example2.in






{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:GetObject"
            ],
            "Resource": [
                "arn:aws:s3:::YOUR-SOURCE-BUCKET-NAME-HERE",
                "arn:aws:s3:::YOUR-SOURCE-BUCKET-NAME-HERE/*"
            ]
        },
        {
            "Effect": "Allow",
            "Action": [
                "s3:ListBucket",
                "s3:PutObject",
                "s3:PutObjectAcl"
            ],
            "Resource": [
                "arn:aws:s3:::YOUR-DESTINATION-BUCKET-NAME-HERE",
                "arn:aws:s3:::YOUR-DESTINATION-BUCKET-NAME-HERE/*"
            ]
        }
    ]
}























Step 4: Sync S3 Objects To Destination





When the abovee steps are completed, the "destination" account can copy objects by using the AWS Command Line Interface (CLI) commands cp or syncNote: Successful execution of the following command assumes that the AWS CLI has been correctly configured for the IAM user(in step 3) in the destination AWS account.






aws s3 sync s3://YOUR-SOURCE-BUCKET-NAME-HERE s3://YOUR-DESTINATION-BUCKET-NAME-HERE --source-region SOURCE-REGION-NAME --region DESTINATION-REGION-NAME

# For Example,
aws s3 sync s3://my-us-west-2-bucket s3://my-us-east-1-bucket --source-region us-west-2 --region us-east-1







Reference Sites :

https://aws.amazon.com/premiumsupport/knowledge-center/account-transfer-s3/



Video Reference - https://www.youtube.com/watch?v=YOhFXGfqiUw#action=share



















































































































Comments









  1. browse recommended websites here6 February 2020 at 15:50
    I have read this post for about three times and I still can not understand the actions in the fourth step. Can anybody, who knows, explain me?
    ReplyDelete











Post a Comment



















Popular posts from this blog





















How do I change the time zone of my Amazon RDS database instance?




























 As we know bydefault time in the format of UTC in mysql.We can set local time zone to our AWS RDS Instance for our application. or any other time zone prefared   Cloud Based Website Hosting Service Provider    Steps 1: Go to Services and Select RDS       Now to change time zone we have to change "Parameter Group" in left side that is associated with DB instance      first we can check default Parameter Group for our instance is  Parameter group      default.mysql5.7  ( in-sync )     like this. So we have to change the time zone in this Parameter Group.    now open that parameter group (default.mysql5.7)          and click on edit parameter.       then search for time_zone (because we want to change it.) then we have to change time_zone only by default it is engine-default (that is utc)  we have to select Asia/Calcutta.              More information we can ref.      https://aws.amazon.com/premiumsupport/knowledge-center/rds-change-time-zone/      




















Post a Comment









Read more




























Changing the Time Zone on Amazon Linux Ec2 Instance




























  Amazon Linux instances are set to the UTC (Coordinated Universal Time) time zone by default, but you may wish to change the time on an instance to the local time or to another time zone in your network.    Important    These procedures are intended for use with Amazon Linux. For more information about other distributions, see their specific documentation.      To change the time zone on an instance    Identify the time zone to use on the instance. The  /usr/share/zoneinfo  directory contains a hierarchy of time zone data files. Browse the directory structure at that location to find a file for your time zone.      [ec2-user ~]$ ls /usr/share/zoneinfo  Africa      Chile    GB         Indian       Mideast   posixrules  US America     CST6CDT  GB-Eire    Iran         MST       PRC         UTC Antarctica  Cuba     GMT        iso3166.tab  MST7MDT   PST8PDT     WET Arctic      EET      GMT0       Israel       Navajo    right       W-SU ...   Some of the entries at this location are directo




















1 comment









Read more






























Digital Marketing




























  What actually is Digital Marketing?         This post will help you understand the insights of Digital Marketing   What is Digital Marketing?   Digital Marketing is an integral part of the overall marketing strategies of any business. It basically covers the advertisement of products/services/business/brand via digital channels. The digital channels could be of any type like websites, search engines, social media, emails, SMS, and MMS. In case if you're using all these digital channels for the marketing, make sure to have all the statistics & workflow of your campaigns via marketing automation.   What are the types of digital marketing?   Well, there are 6 core digital marketing types:    Search Engine Optimization (SEO) : Search Engine Optimization is nothing but a long-term process of improving your website rankings on search engine results pages (SERPs), which in turn has a wide range of tactics & strategies to implement. Although there is no specific method or a  spec




















47 comments









Read more