Is it possible to copy between AWS accounts using AWS CLI?

后端未结

关注

 4  1423

谎友^ 2020-12-30 06:28

Is it possible using AWS CLI to copy the contents of S3 buckets between AWS accounts? I know it\'s possible to copy/sync between buckets in the same account, but I need to g

4条回答

无人及你 (楼主)

2020-12-30 07:07

Ok, I have this working now! Thanks for your answers. In the end I used a combination between @slayedbylucifer and @Sony Kadavan. What worked for me was a new bucket policy and a new user policy.

I added the following bucket policy (Account A):

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Action": [
                "s3:ListBucket"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::myfoldername",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::111111111111:user/myusername"
                ]
            }
        },
        {
            "Action": [
                "s3:*"
            ],
            "Effect": "Allow",
            "Resource": "arn:aws:s3:::myfoldername",
            "Principal": {
                "AWS": [
                    "arn:aws:iam::111111111111:user/myusername"
                ]
            }
        }
    ]
}

And the following user policy (Account B):

    {
       "Version": "2012-10-17",
       "Statement":{
          "Effect":"Allow",
          "Action":"s3:*",
          "Resource":"arn:aws:s3:::myfoldername/*"
       }

}

And used the following aws cli command (the region option was required because the accounts were in different regions):

aws --region us-east-1 s3 sync s3://myfoldername s3://myfoldername-accountb

0 讨论(0)

查看其它4个回答