是否可以使用AWS CLI在AWS账户之间进行复制? [英] Is it possible to copy between AWS accounts using AWS CLI?
问题描述
是否可以使用AWS CLI在AWS账户之间复制S3存储桶的内容?我知道可以在同一账户的存储桶之间复制/同步,但是我需要将旧的AWS账户的内容转换为新的账户.我已经为AWS CLI配置了两个配置文件,但是我看不到如何在单个copy/sync命令中同时使用两个配置文件.
Is it possible using AWS CLI to copy the contents of S3 buckets between AWS accounts? I know it's possible to copy/sync between buckets in the same account, but I need to get the contents of an old AWS account into a new one. I have AWS CLI configured with two profiles, but I don't see how I can use both profiles in a single copy/sync command.
推荐答案
非常简单.假设:
旧AWS帐户= old@aws.com
新AWS帐户= new@aws.com
以old@aws.com
转到您选择的存储桶,并在存储桶政策下方应用以下操作:
Go to the bucket of your choice and apply below bucket policy:
{
"Statement": [
{
"Action": [
"s3:ListBucket"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucket_name",
"Principal": {
"AWS": [
"account-id-of-new@aws.com-account"
]
}
},
{
"Action": [
"s3:GetObject",
"s3:PutObject"
],
"Effect": "Allow",
"Resource": "arn:aws:s3:::bucket_name/*",
"Principal": {
"AWS": [
"account-id-of-new@aws.com-account"
]
}
}
]
}
我想在上述政策中bucket_name和account-id-of-new@aws.com-account1对您来说很明显
I would guess that bucket_name and account-id-of-new@aws.com-account1 is evident to you in above policy
现在,请确保您正在使用new@aws.com
Now, Make sure you are running AWS-CLI with the credentials of new@aws.com
运行以下命令,副本将像超级按钮一样发生:
Run below command and the copy will happen like a charm:
aws s3 cp s3://bucket_name/some_folder/some_file.txt s3://bucket_in_new@aws.com_acount/fromold_account.txt
当然,请确保new@aws.com对自己的存储区bucket_in_new@aws.com_acount具有写特权,该存储区在上述命令中用于保存从old@aws.com存储区复制的内容.
Ofcourse, do make sure that new@aws.com has write privileges to his own bucket bucket_in_new@aws.com_acount which is used in above command to save the stuff copied from old@aws.com bucket.
希望这会有所帮助.
这篇关于是否可以使用AWS CLI在AWS账户之间进行复制?的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!
