baronS February 2016

How do I access S3 buckets from my EC2 instance?

I'm new to AWS and was looking for a bucket policy to enable my ec2 servers access to the S3 buckets on the same account. I tried using this policy which enables the account:

{
  "Sid": "AddCannedAcl",
  "Effect": "Allow",
  "Principal": {
    "AWS": "arn:aws:iam::account-number:root"
  },
  "Action": "s3:",
  "Resource": "arn:aws:s3:::my-bucket/"
} ] }

But I got access denied on the ec2. I've found this: http://docs.aws.amazon.com/IAM/latest/UserGuide/reference_policies_elements.html

#Principal 
   "Principal": { "Service": [ "ec2.amazonaws.com", "datapipeline.amazonaws.com"       ] } 

Which supposed to enable specifically the ec2. But when editing the policy I get "We encountered an internal error. Please try again." Any help is appreciated.

Answers


Charlie Hileman February 2016

First thing to note is that a Linux user (e.g. root above) is not an IAM/AWS user. An IAM user can be created and authenticated through an ID and private key. (And I assume you'll want to avoid using your root account for any such purposes)

When you go to the S3 manager, you should be able to click on the bucket and then edit the permissions. From there, you should be able to use the AWS policy generator. There are numerous sample policies online as well.

Best practice is to add permissions to a group of users, not just one user. At first, you may find that you are not providing overall permissions that are required, so it is coming back with an error.

You can follow the directions here:

https://docs.aws.amazon.com/AmazonS3/latest/dev/example-bucket-policies.html

Post Status

Asked in February 2016
Viewed 1,799 times
Voted 14
Answered 1 times

Search




Leave an answer