AWS S3 cross account access with Lambda and sts AssumeRole | Fine grained control with Bucket Policy

Рет қаралды 2,606

Күн бұрын

Пікірлер: 18

@beyondthecloud Жыл бұрын

Please provide your valuable feedback in the comment section. Please like share and subscribe for more upcoming content.

@EdwardSileo Жыл бұрын

So, I think, I have looked at EVERY youtube video on cross account access, and this is the one that actually works. I finally understand it too: The lambda role has to have assume role of the other account role, and the other account role has to have a trust relationship with the lambda role. That was the secret sauce / Rosetta Stone for me . Thank you, thank you, thank you.

@beyondthecloud Жыл бұрын

Thanks lot for your comment. Really glad you liked the content and it was helpful.

@pupun813 Жыл бұрын

Very nice. Yes Lambda access is very useful in multiple use cases

@beyondthecloud Жыл бұрын

Yes, true

@bepositive6525 Жыл бұрын

👍🏻

@yogibisai647 Жыл бұрын

Very useful

@beyondthecloud Жыл бұрын

Glad you think so!

@vaibhavjain1in 4 ай бұрын

Hey bro, I need some help with AWS. Would you please help me with a small project?

@ammarkhalid2872 3 ай бұрын

what to do if we are using ec2 instead of lambda ??

@beyondthecloud 3 ай бұрын

for your use case please find the below link. Same use case I have explained. kzbin.info/www/bejne/qZzYpaGqdrd0nNk

@shovan3112 11 ай бұрын

Can you please help me with a few lines on code the same lambda fuction - how to copy files as well (cross account). Bucket name and path (sub-folders) for source and target can come from variables. You've already given FullS3Access policy so shouldn't be a problem it should work. Please share the code for this.

@beyondthecloud 9 ай бұрын

To copy the contents of one S3 bucket to another using AWS Lambda in Python, you can use the boto3 library, which is the official AWS SDK for Python. Make sure you have the boto3 library included in your Lambda deployment package. Here's a simple example Lambda function that copies the contents of one S3 bucket to another: import boto3 def lambda_handler(event, context): source_bucket = 'your-source-bucket' destination_bucket = 'your-destination-bucket' # Create an S3 client s3 = boto3.client('s3') # List all objects in the source bucket objects = s3.list_objects(Bucket=source_bucket)['Contents'] # Copy each object to the destination bucket for obj in objects: key = obj['Key'] copy_source = {'Bucket': source_bucket, 'Key': key} destination_key = key # You can modify this if you want to change the key in the destination bucket s3.copy_object(CopySource=copy_source, Bucket=destination_bucket, Key=destination_key) return { 'statusCode': 200, 'body': 'S3 content copied successfully!' } Remember to replace 'your-source-bucket' and 'your-destination-bucket' with your actual source and destination bucket names. Note: Ensure that the Lambda execution role has the necessary permissions to read from the source S3 bucket and write to the destination S3 bucket. The role should at least have the AmazonS3ReadOnlyAccess and AmazonS3FullAccess policies attached.