- Le plus récent
- Le plus de votes
- La plupart des commentaires
Please refer following article.
Here are additional options.
https://www.ais.com/methods-to-transfer-data-between-amazon-aws-s3-buckets/
Hope this helps.
I proposed first option and included encryption keys with the valid policies on Source and Destination buckets and IAM roles tagged to Lambda moving the data cross-accounts. However the security is still a concern as I suggested to use AWS Key Management Service (KMS) to manage the encryption keys.
Not answering the question but a clarification:
VPC peering is not relevant in this situation. S3 doesn't "live" within a VPC so to access S3 buckets in different accounts you don't need to access a VPC in a different account.
If you wish to use S3 in a VPC without an Internet Gateway then you should most likely use a Gateway Endpoint - that endpoint will allow you to access S3 buckets in different accounts in the region where your VPC is. You can restrict access using an endpoint policy.
Contenus pertinents
- demandé il y a un an
- demandé il y a 5 mois
- demandé il y a 5 mois
- AWS OFFICIELA mis à jour il y a 3 ans
- AWS OFFICIELA mis à jour il y a 2 ans
Thanks. I found this one - https://aws.amazon.com/blogs/storage/cross-account-bulk-transfer-of-files-using-amazon-s3-batch-operations/ And to add encrypted objects to this solution, I found another one i.e. https://repost.aws/knowledge-center/cross-account-access-denied-error-s3 Hope I'm running in right direction.