DevOps Engineer's Blog

Day 5: Accessing AWS S3 Bucket via AWS CLI as an IAM User

This blog demonstrates how an IAM user can securely access and manage an AWS S3 bucket using the AWS CLI.

Neha Bhardwaj's photo
Neha Bhardwaj
·

3 min read

Day 5: Accessing AWS S3 Bucket via AWS CLI as an IAM User

Table of contents

Accessing S3 Bucket Objects through AWS CLI

Creating IAM User

Create a IAM user who does not have access to AWS Console as shown below.

Attach Policies to the User

Now attach Policies to give some specific permissions to this user. You can add this user in a group and give permission to the group itself. But here, we will attach Policies directly to the user. The Policies attach will have Full Access to EC2 and S3.

Now the user Navi has two Policies attached: EC2FullAccess and S3FullAccess. Click on Create user.

Install and Run AWS CLI

To access S3 Objects through AWS CLI, You must download AWS CLI on your EC2 instance as shown below.

To install the AWS CLI, run the following commands.

$ curl "https://awscli.amazonaws.com/awscli-exe-linux-x86_64.zip" -o "awscliv2.zip"
sudo apt install unzip
unzip awscliv2.zip
sudo ./aws/install

To update your current installation of the AWS CLI

sudo ./aws/install --bin-dir /usr/local/bin --install-dir /usr/local/aws-cli --update

Now, AWS CLI is installed, Check its version.

Accessing S3 through AWS CLI

Try to access AWS S3 Bucket from AWS CLI, You will find an error will occur. This is because it failed to configure credentials for which user it should run as shown below.

Create User Credentials in IAM

To Configure AWS, You need to provide Credentials of the user who is accessing it. For credentials, create Access Key associated to the user you created first as shown below.

Configure AWS

You can Download these access keys for future use. Now Go to AWS CLI and Configure the user by copying access key and secret access keys as below.

Now you can access S3 bucket and download objects to your local. To download a particular file/obkect, you need to copy its actual path as shown below.

Accessing S3 objects

Download and modify index.html file of static website to local

Go to AWS CLI and copy the index.html file from bucket static-demo-b to your local as shown below.

You can now see that file in your local. Moreover, you can modify this file and upload the same to s3 bucket. It will override the pre-existing file and hence the output of your static website will be updated respectively. Here, I have edited index.html file and updated the title and the Main Heading of the web page as shown below.

Upload the file from local to S3 and modify the Webpage

Now upload the new file from local to S3 bucket and you can see the webpage will be updated according to the modifications done.

As shown above, the new index.html file is updated in S3 bucket. Below is the output before updating s3 bucket.

Here is the updated webpage.

Both Title and Heading are updated. Hence, you can see through this blog, how powerful is IAM to enhance security by allowing few permissions through assigning policies to the user.

This blog demonstrates the power of IAM with respect to AWS CLI. I hope you find it helpful! Stay tuned for more insights on AWS services. Don’t forget to follow for more useful blogs. – Neha Bhardwaj

AWSAWS s3aws s3 for beginnersaws cliawscliAWS CLI SetupAWS CLI, IAM Programmatic Access, AWS Access Key, AWS Secret Access Key, Automating AWS, AWS tutorial, AWS CLI installation.AWS IAMIAMIAM,MFA,Access key ID,Secret access keyiam role in aws#IAM #GoogleCloud #CloudSecurity #IdentityAccessManagement #IAMBestPractices #GoogleCloudPlatform #CloudInfrastructure #CloudManagement #CloudComputing #IAMRoles #IAMPermissions #IAMPolicy #IAMCustomRoles #IAMRecommendations #IAMConditions #IAMResourceHierarchy #IAMBestPractices #CloudIdentity #CloudAccessControl #CloudAuthorization #MLH #Hashnode #WemakeDevs#IAMPolicy