Posts

Showing posts from June, 2019

How to use AWS Cross Account access for S3 file downloads

Image
At our company, we have many requirements for enabling cross-account access with AWS. This requirement was around for usage of S3 and accessing the data from S3 for our in house Ingestion Service. To give a brief about Ingestion Service, it’s part of our Datamanagement ecosystem which is used to ingest data from different source platforms and dump the data to S3. These different source platform also includes AWS S3. Our existing service on our AWS EC2, when it requires access to S3 files, stored in a different AWS account, we find it difficult to keep updating our access/secret keys. As a couple of companies have a requirement to rotate IAM user credentials over a defined period. We have utilized the cross-account IAM role access strategy, wherein the roles can now assume role via temporary credentials (obtained every time we query). How to set it up? Create Role : Set a role from your current account, which would be shared to the third party clients. Allow that r