Transfer contents between S3 buckets from 1 AWS account to another.

If you have 2 AWS accounts and you want to copy the content from a S3 bucket from account A to account B, rather than downloading contents from 1 bucket A and uploading them to another bucket B, AWS CLI can help you with the task. Here are the steps you can do.

  1. Open the Bucket Policy in account A add the following policy
    {
    “Version”: “2012-10-17”,
    “Statement”: [
    {
    “Sid”: “DelegateS3Access”,
    “Effect”: “Allow”,
    “Principal”: {“AWS”: “222222222222”}, //new account id
    “Action”: [“s3:ListBucket”,”s3:GetObject”], //this is the minimun privilege
    “Resource”: [
    “arn:aws:s3:::sourcebucket/*”,  // the source Bucket arn
    “arn:aws:s3:::sourcebucket”
    ]
    }
    ]
    }

2. Login to the account B with user key and run the following command

aws s3 sync s3://fromBucket/fromFolder s3://toBucket/toFolder

3. If you need a batch job to sync the content, then you can create a lambda and triggered by cloudwatch event to execute the cli command.

 

Happy days!

VPC – AWS – Study notes

VPC

VPC is virtual private cloud

VPC is a logical private data center

VPC needs Internet Gateway(IGW), Route tables, Network ACLs, Subnets, Security Groups

1 subnet = 1 Availability zone  (AZ)

You can peer VPC to another VPC, even within different AWS accouts.

VPC A is peered to VPC B, VPC A is peered to VPC C, BUT VPC B is NOT PEERED to VPC C