Is it possible to copy between AWS accounts using AWS CLI?

Question

Is it possible using AWS CLI to copy the contents of S3 buckets between AWS accounts? I know it\'s possible to copy/sync between buckets in the same account, but I need to g

Answer 1

Very Simple. Let's say:

Old AWS Account = old@aws.com

New AWS Account = new@aws.com

Loginto the AWS console as old@aws.com

Go to the bucket of your choice and apply below bucket policy:

{
  "Statement": [
    {
      "Action": [
        "s3:ListBucket"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::bucket_name",
      "Principal": {
        "AWS": [
          "account-id-of-new@aws.com-account"
        ]
      }
    },
    {
      "Action": [
        "s3:GetObject",
        "s3:PutObject"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::bucket_name/*",
      "Principal": {
        "AWS": [
          "account-id-of-new@aws.com-account"
        ]
      }
    }
  ]
}

I would guess that bucket_name and account-id-of-new@aws.com-account1 is evident to you in above policy

Now, Make sure you are running AWS-CLI with the credentials of new@aws.com

Run below command and the copy will happen like a charm:

aws s3 cp s3://bucket_name/some_folder/some_file.txt  s3://bucket_in_new@aws.com_acount/fromold_account.txt

Ofcourse, do make sure that new@aws.com has write privileges to his own bucket bucket_in_new@aws.com_acount which is used in above command to save the stuff copied from old@aws.com bucket.

Hope this helps.