0

I've been provided a role by a customer that allows me access to a specific bucket (note: this is not a bucket policy). If I specify this role using the --profile option in the AWS CLI, I can access the customer bucket but I can't access my own. If I use my default profile, I can access my buckets but I can't access the customer bucket. The CLI doesn't allow you to specify multiple profiles either.

I cannot copy this data to a disk first, there's too much. I need to execute something similar to the following:

aws s3 cp --recursive s3://source-bucket-in-my-account/folder/ s3://destination-bucket-in-different-account/folder

How can I achieve this?

Sean Lindo
  • 25
  • 4
  • 1
    Add a Bucket Policy to the destination bucket (in your own account) that permits access by the IAM Role (from the other account) that you have been given. You are, effectively, allowing the other account to access your bucket (but just the other account's IAM Role that you specify). You'd need to grant at least `PutObject` access, possibly others (`PutObjectAcl`, ...?). – John Rotenstein Jun 08 '21 at 22:15
  • You can take refernece from here - https://aws.amazon.com/premiumsupport/knowledge-center/copy-s3-objects-account/ – Kavish Baghel Jun 11 '21 at 20:27

0 Answers0