Cross region access btw EC2 and S3

Here we are creating a role in source account which have access of destination account s3
bucket.After that We attaching the role to ec2 to get cross region access.

Step 1:-

Go to destination account -->IAM role --> Create role --> choose AWS Account --> enter
source account id -->grant s3 permission.

After creating role check the trust relationship tab in the role.
Step 2:-

Go to source account --> Create role --> create inline policy --> Enter the json script for
assumerole.check the resource arn it should match with destination account IAM role arn.

Note :- Here I use s3 full access permission with inline policy.so my ec2 have access of both
source and destination account s3 buckets.
Step 3:-

---> Attach the role to ec2 instance

--> ssh into ec2 instance
--> check .aws directory in /home/ec2-user .if not create .aws directory

--> create config file and create a profile.Note profile name should be the name of role we
attached to ec2 instance and role_arn should be arn of the destination account role we
created.
Step 4:-

--> check s3 access by using

--> aws s3 ls ( show the buckets of source account)

--> aws s3 ls --profile <profile name > ( shows the buckets of dest account)