Synchronizace S3 bucketu mezi dvema ucty
Vychazi z clanku
Obcas chceme prenaset data mezi uzty at uz z duvodu bezpecnosti, nebo uklidu a ruseni starych uctu.
Nejlepsim zpusobem je provadet synchronizaci samotnou instanci, ktera se nachazi primo v AWS.
Zdrojovy bucket
Pridej policy k bucketu z ktereho kopirujeme data
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DelegateS3Access",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::DESTINATION_BUCKET_ACCOUNT_NUMBER:root"
},
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::SOURCE_BUCKET_NAME/*",
"arn:aws:s3:::SOURCE_BUCKET_NAME"
]
}
]
}
Cilovy bucket
Tato prava se nastavuji k IAM uzivateli, ktery bude kopirovani provadet
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::SOURCE_BUCKET_NAME",
"arn:aws:s3:::SOURCE_BUCKET_NAME/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::DESTINATION_BUCKET_NAME",
"arn:aws:s3:::DESTINATION_BUCKET_NAME/*"
]
}
]
}
Synchronizace
Kopirujeme data z instance, ktera je v cilovem AWS uctu
aws s3 sync s3://SOURCE-BUCKET-NAME s3://DESTINATION-BUCKET-NAME --source-region SOURCE-REGION-NAME --region DESTINATION-REGION-NAME
Pripadne lze cee kopirovani zrychlit pomoci teto konfigurace
aws configure set default.s3.max_concurrent_requests 200