Permission denied while elastic beanstalk is retrieving S3 file

Question

I have files stored on S3 and wrote .ebextensions config to automatically copy the them to new instances. I\'m receiving this error in the Elastic Beanstalk con

Answer 1

Similar to chaseadamsio's answer, you can configure the role given to the EC2 instance with a policy to access S3 resources, then use the pre-installed AWS CLI utilities to move files around.

The way I approached this is to create a role dedicated to the given EB application, then attach a policy similar to:

"Statement": [
    {
        "Sid": "",
        "Effect": "Allow",
        "Action": [
            "s3:GetObject"
        ],
        "Resource": [
            "arn:aws:s3:::/*"
        ]
    }
]

This gives your instance access, then to get the files, add a 'commands' block to your config such as:

commands: 
  01-get-file:
    command: aws s3 cp s3:///your-file.txt /home/ec2-user
  02-execute-actions: 
    [unpack, run scripts, etc..]

Obviously you can use other AWS CLI utlities as needed. I found this solved a lot of problems I was having with S3 access and makes deployment a lot easier.