Reputation: 632
Retrieve file from S3 with curl from EC2 using IAM role
I created an IAM role and assigned it to my EC2 instance. I created an IAM role policy and linked it to my S3 bucket. I can now list the files on my S3 bucket using the aws-cli on my EC2 instance.
[[email protected] ~]# aws --region eu-west-1 s3 ls s3://s3-bucket-name
2017-05-02 02:37:39 137 index.html
Now if I try to curl that file I get an access denied error:
[[email protected] ~]# curl https://s3-eu-west-1.amazonaws.com/s3-bucket-name/index.html
<?xml version="1.0" encoding="UTF-8"?>
<Error><Code>AccessDenied</Code><Message>Access Denied</Message><RequestId>782176F442A4995A</RequestId><HostId>qZWZTXZdlgtD4BiVYfp5+Mj/gU3UXRiYQmsSyaAhwED1JtzUWs9QKE99RmsQ6w0uDB
Is there a way I could make this curl request work without relaxing the permissions on the S3 bucket? Something like authentication, headers etc etc.
Upvotes: 5
Views: 9751
Answers (1)
Reputation: 269340
GET requests to Amazon S3 require an authorization string that uses AWS Signature v4.
See: GET Object
Alternatively, you could create a Pre-Signed URL which has extra parameters and grants time-limited access to an Amazon S3 object. You can generate a Pre-Signed URL with a couple of lines of code and then provide it to users (or use it in an HTML page) to grant temporary access to private objects stored in Amazon S3.
Of course, the easiest way to retrieve data from Amazon S3 is by using API calls or the AWS Command-Line Interface (CLI).
Upvotes: 7
Related Questions
- Unable to fetch file from Amazon S3 with an API
- Amazon S3 file download through curl by using IAM user credentials
- Can't access S3 bucket using IAM Role from an EC2 instance
- Download AWS S3 file from EC2 instance
- download file from S3 using AWS CLI
- AWS EC2 access to S3 with IAM role
- Unable to access S3 file with IAM role from EC2
- Using curl to download a private file from S3 bucket using IAM role
- How to download a file from s3 using an EC2 instance?
- Grant IAM User Permissions to AWS S3 File Through AWS PHP SDK