repos
/
notes
mirror of https://github.com/RealOrangeOne/notes.git
1
Fork 0
Code
notes/notes/aws/cross-account-transfer.md

708 B
Raw Blame History

title tags link emoji
Cross-account data transfer
AWS
https://aws.amazon.com/premiumsupport/knowledge-center/cross-account-access-s3/ 🪣
  1. Create S3 bucket in account A
  2. Create IAM role / user in account B
  3. Add IAM inline policy to user:
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Action": "*",
      "Resource": "arn:aws:s3:::<bucket>/*"
    }
  ]
}
  1. Add policy to bucket
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::<account_id>:user/<user>"
      },
      "Action": "*",
      "Resource": ["arn:aws:s3:::<bucket>/*"]
    }
  ]
}