digitalspeed logo

How to enable AWS EC2 access to your S3 bucket 

ec2 access or permission to s3

There are different ways you might want EC2 to access the objects of your S3 bucket or the bucket itself. 

In this article we Explain how you can grant EC2 access to your S3 content when it is not publicly accessible to the internet, like copy objects, list buckets, create buckets, upload objects, etc. 

Before we move on, let’s clarify some terms here; 

Amazon EC2 (Elastic Compute Cloud) is a web service that provides resizable computing capacity in the cloud. It allows users to quickly deploy virtual servers to run websites, applications, databases, etc. 

Amazon S3 (Simple Storage Service) is a scalable cloud storage service provided by AWS. Unlike other AWS resources, S3 is not region or VPC restricted, making it accessible across all AWS account regions and VPCs. It offers highly durable and available storage for various types of data at any scale. 

Create EC2 instance 

Here’s a quick run-through, 

  • Login to your EC2 instance page, click Create an instance 
  • Complete the form, select Amazon Linux 2 or any other available server OS 
  • Select a security group (SG) that allows SSH to your instance so you can connect remotely to your instance 
  • Review you selections and click Create Instance 
  • Confirm that your instance has been created and running, you should see the status on the instance details page  

That’s a quick instruction, if you are new to EC2 instance, here is a detailed guide to show you how to create an EC2 instance, https://docs.aws.amazon.com/AWSEC2/latest/UserGuide/EC2_GetStarted.html 

Create a private S3 bucket

Here’s a quick run-through, 

  • Navigate to your S3 page, Click Create a bucket 
  • Give your bucket a name, the name should be
  • Scroll through to make sure the disabled ACL button is marked 
  • Make sure the Disabled public button is marked, this will ensure that your bucket is private. 
  • Click on Create a bucket 
  • Upload a file, image, etc. to your bucket 
  • Open the object URL on a browser to confirm that it is not publicly accessible 

Create a Role for your EC2 instance to access S3

AWS service roles are IAM roles used to grant permissions to AWS services like EC2. When an EC2 instance needs to access S3, it must be assigned an IAM role with the necessary permissions.  

This role defines what actions the EC2 instance can perform on S3 objects. By attaching the appropriate role to the instance, AWS ensures secure and controlled access to S3 resources. 

  • Click on Services at the top left of the page, select IAM, or simply search IAM and select IAM 
  • On the IAM page select Create Role 
  • Select AWS services for trusted entities 
  • Select EC2 instance for the option of Use case, click on next below  
  • From the permissions listed, search for S3 in the search bar and select the permission that shows AmazonS3FullAccess, click next below
  • Review the details of the role and click on Create role 

Connect your role to your AWS EC2 instance 

  • Access your EC2 instance details page, select Actions 
  • Select Security from the options 
  • Select Modify IAM role 
  • Click the box to select the IAM role you just created above

Now your EC2 instance has been granted permission to access AWS S3 service. 

Connect to your EC2 instance remotely using the command below, 

ssh –i ./path/keypair.pem ec2-user@SERVER-IP
  • Replace ./path/keypair.pem with the actual path to your keypair file 
  • Replace SERVER-IP with the public IP address of your instance 

Check out this article to know more about Connecting to EC2 instance from the command line  

If SSH connection was successful, you are now connected to EC2 server 

Run this command  AWS S3 ls

You should see the list of S3 buckets in your account, this means you can connect to S3 from EC2. 

You can download a file from S3 bucket, just copy the S3 URl of the file because it is not accessible from the object public URL

Run the command below to copy the object from S3 bucket to your EC2 instance root directory. 

aws  s3  cp   S3-OBJECT-URL   ./ 

Run ls to confirm the file has been copied to your instance. 

Conclusion 

In conclusion, connecting EC2 to S3 enables seamless data transfer and storage capabilities. This integration empowers users to efficiently manage, store, and retrieve data across AWS services 

Please share your comments, and read more articles below.

Wiley

Wiley

Wiley is a cloud and software engineer, knowledgeable in robotics and electronics engineering and have practical knowledge and experience in software development, cloud solutions architecture, and full stack development. He's also a blogger, writing on various blogs, and his content ranges from technology, science, AI, and gaining financial freedom at various levels.
All Posts

Share this article

Recent Post

Send Us A Message

Post by Same Author

Related Post

Join our newsletter to stay updated

digitalspeed-logo

At DIGITALSPEED, you can get updates, reviews and learn about new digital tools and features on existing tools. check us on social media.

Facebook-f Linkedin Twitter Instagram Pinterest
Quick Links
Get In Touch

Lagos, Nigeria

DIGITALSPEED © All Rights Reserved.

2024

Scroll to Top

Seach for Articles