+(91) 90806 31297

Blog

  • Home
  • AWS
  • S3
  • How do I allow my Amazon EC2 instance access to an Amazon S3 bucket in another AWS account?

How do I allow my Amazon EC2 instance access to an Amazon S3 bucket in another AWS account?

AWS / S3 / Uncategorized

How do I allow my Amazon EC2 instance access to an Amazon S3 bucket in another AWS account?

Thamaraiselvi
January 19, 2024
16 views
0 comments

To grant an Amazon EC2 instance access to an Amazon S3 bucket in another AWS account, you generally use AWS Identity and Access Management (IAM) roles and cross-account access. The general steps involve creating an IAM role in the account that owns the S3 bucket, setting up a trust relationship between the accounts, and attaching the role to the EC2 instance.

Lets see how to grant EC2 instance access with step-by-step:

Step 1: Create an IAM Role in the Account with the S3 Bucket

  1. Sign in to the AWS Management Console using the account that owns the S3 bucket.
  2. Go to the IAM dashboard.
  3. In the left navigation pane, choose “Roles,” and then click “Create role.”
  4. Choose “Another AWS account” as the type of trusted entity.
  5. Enter the Account ID of the AWS account that owns the EC2 instance.
  6. Attach the managed policy “AmazonS3ReadOnlyAccess” to the role (or create a custom policy with the necessary S3 permissions).
  7. Complete the role creation process, providing a meaningful name and description.

Step 2: Update Trust Relationship for the Created Role
After creating the role, update its trust relationship to allow the EC2 instance’s account to assume the role.

  1. In the IAM Roles section, select the role you just created.
  2. Go to the “Trust relationships” tab and click “Edit trust relationship.”
  3. Update the trust relationship policy document with the following, replacing with the AWS account ID of the EC2 instance’s account:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "<EC2_ACCOUNT_ID>"
      },
      "Action": "sts:AssumeRole"
    }
  ]
}

4. Save the changes.

Step 3: Attach the IAM Role to the EC2 Instance

  1. In the AWS Management Console, go to the EC2 dashboard.
  2. Select your EC2 instance.
  3. In the Description tab, find the IAM role section and choose “Attach IAM role.”
  4. Select the IAM role you created earlier.

Step 4: Verify Access

SSH into your EC2 instance and test access to the S3 bucket using the AWS Command Line Interface (CLI) or any SDK that supports AWS.
For example:

aws s3 ls s3://your-bucket-name

Ensure that the IAM role has the necessary permissions for the S3 actions you want to perform.

Spread the love
, ,

Related Posts

Difference between Amazon CloudFront and Amazon S3

June 11, 2024
19 views

How to secure SSH Private Keys using AWS secrets manager?

May 1, 2024
140 views

How the bucket owner granting cross account permission to objects it does not own?

April 25, 2024
9 views

How to resolve error: Access Denied for ListObjectsV2 operations for S3 Bucket?

April 17, 2024
74 views

How to determine how many objects I’ve stored in an S3 bucket?

April 11, 2024
23 views

Leave your thought here

Your email address will not be published. Required fields are marked *

Address

375/136, Kannimar Nagar,
Sathy Road, Ganapahty, Coimbatore - 641006
support@cloudishsoft.com
connect@cloudishsoft.com

Services

Our Services
Technologies
DevOps Consulting
AWS Cloud Management

Quick Links

Contact Us
About Us
Our Blogs
Privacy policy
Terms of services
Newsletter Subscribe Form
Please enable JavaScript in your browser to complete this form.

© 2023 Cloudishsoft. All Rights Reserved