Professional Documents
Culture Documents
Here we are creating a role in source account which have access of destination account s3
bucket.After that We attaching the role to ec2 to get cross region access.
Step 1:-
Go to destination account -->IAM role --> Create role --> choose AWS Account --> enter
source account id -->grant s3 permission.
After creating role check the trust relationship tab in the role.
Step 2:-
Go to source account --> Create role --> create inline policy --> Enter the json script for
assumerole.check the resource arn it should match with destination account IAM role arn.
Note :- Here I use s3 full access permission with inline policy.so my ec2 have access of both
source and destination account s3 buckets.
Step 3:-
--> create config file and create a profile.Note profile name should be the name of role we
attached to ec2 instance and role_arn should be arn of the destination account role we
created.
Step 4:-
--> aws s3 ls --profile <profile name > ( shows the buckets of dest account)