Accessing S3 with AWS IAM Roles

IAM Role

1. An IAM role is an AWS IAM identity (that we can create in our AWS account) that has specific permissions.
2. It is similar to an IAM user, which determines what the identity can and cannot do in AWS.
3. Instead of attaching a role to a particular user or group, it can be attached to anyone who needs it.

Simple storage service(S3)

1. Amazon S3 is a simple storage service that we can use to store and retrieve any amount of data, at any time, from anywhere on the web.
2. It gives developers and users access to highly scalable, reliable, fast, inexpensive data storage infrastructure.
3. S3 guarantees 99.9% availability at any point in time.
4. S3 has been designed to store up to 5 TB of data.

Task Details

1. Sign in to AWS Management Console
2. Create an IAM Role and policy for EC2 Instance
3. Create S3 Bucket
4. Launch an EC2 instance
5. Access the S3 bucket via EC2 instance.

Task 1: Create an IAM Role and attach policy to it for EC2 Instance

Task 2: Creating an S3 Bucket

1. Under Services, navigate to the S3 console.
2. Choose Create bucket and give the bucket a unique name that does not contain uppercase letters or underscores., mine is clouddevsecops-s3
3. Verify that the region matches your product region.
4. Deselect Enabled for Block all Public Access (not a good practice but for this project we will do that.

5. Select Create Bucket

Bucket is created

Task 4: Accessing the S3 bucket via EC2 Instance

In this task, we are going to access the S3 bucket via the EC2 instance and will upload the files to S3 via EC2 shell.

1. Connect your EC2 Instance

2. Run the below command to find your S3 bucket via CLI.

aws s3 ls

You will see output similar to the image below, which shows that we are able to access the S3 bucket with the help of role attached to the EC2 instance

3. Now let’s create a new text file and upload it to the bucket via AWS CLI (using the following set of commands):

touch demo.txt smile.txt

aws s3 mv test.txt s3://<your_bucket_name>

· Note : You need to enter your bucket name.

Congratulations, you have been able to through the steps to create an AWS S3 bucket and demonstrates how to access the bucket using AWS CLI commands from EC2 instance and IAM roles.

Hope it helps..!

Thank you for reading so far! Before you go:

• 👏 Clap for the story if it helped :)
• 📰 View more content from me https://medium.com/@clouddevsecops