Gagan Sidhu
Reputation: 52
Access cross account data uploaded by other user on S3
Suppose, I have 3 AWS Accounts :
Account A having User A
Account B having User B
Account C having User C and Bucket: MyBucket
User A and User B uploads data to MyBucket in Account C Both users have permissions to read/write data in the bucket.
But they cannot view the content of files uploaded by other account means User A cannot view the content of the file uploaded by User B
Is there any way to let my both users see the content of each other?
Upvotes: 0
Views: 39
Answers (1)
ttulka
Reputation: 10892
Maybe a bucket policy is missing there:
MyBucketPolicy:
Type: AWS::S3::BucketPolicy
Properties:
Bucket: !Ref MyBucket
PolicyDocument:
Statement:
- Action: ["s3:*"]
Effect: Allow
Resource:
- !Sub "arn:aws:s3:::${MyBucket}"
- !Sub "arn:aws:s3:::${MyBucket}/*"
Principal:
AWS:
- !Sub "arn:aws:iam::${AccountA}:role/cross-account-role"
- !Sub "arn:aws:iam::${AccountB}:role/cross-account-role"
Upvotes: 2
Related Questions
- S3 cross account permission (view via AWS UI and copy bucket content)
- S3 cross account file transfer, file not accessible
- Cross account S3 access from the same AWS role
- S3 Cross account Access | Accessing Buckets via console of another Account
- Cross Account S3 Access for a public buket
- Accessing S3 Inventory from another AWS account
- Cross account file access in AWS S3
- Access s3 bucket from different aws account
- S3 cross account access involving 3 accounts
- S3 cross account access: Reading an object in own bucket, written by another account