DEV Community

ChungWei Wei
ChungWei Wei

Posted on • Originally published at kmp.tw on

1

[AWS] How To Transfer S3 To Another Account S3 Bucket

#aws #s3 #transfer #datasync

Situation

Need Transfer S3 Object To Another Account's S3 Bucket

How To

Part Account A (Source Account) Step 1

In IAM Service Create New Role For DataSync




After Created Role, Add Custom Policy, Change "arn:aws:s3:::<destination-bucket-name> & "arn:aws:s3:::<destination-bucket-name>/*" 

{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Action": [
        "s3:GetBucketLocation",
        "s3:ListBucket",
        "s3:ListBucketMultipartUploads"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<destination-bucket-name>"
    },
    {
      "Action": [
        "s3:AbortMultipartUpload",
        "s3:DeleteObject",
        "s3:GetObject",
        "s3:ListMultipartUploadParts",
        "s3:PutObject",
        "s3:GetObjectTagging",
        "s3:PutObjectTagging"
      ],
      "Effect": "Allow",
      "Resource": "arn:aws:s3:::<destination-bucket-name>/*"
    }
  ]
}
Enter fullscreen mode Exit fullscreen mode

Part Of Account B (Destination Account) Step 2

Create S3 Bucket For Destination, And Add Bucket Policy Source Account Role Name

Bucket Policy 

{
    "Version": "2008-10-17",
    "Statement": [
        {
            "Sid": "DataSyncCreateS3LocationAndTaskAccess",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::120340392319:role/gw-demo-datasync"
            },
            "Action": [
                "s3:GetBucketLocation",
                "s3:ListBucket",
                "s3:ListBucketMultipartUploads",
                "s3:AbortMultipartUpload",
                "s3:DeleteObject",
                "s3:GetObject",
                "s3:ListMultipartUploadParts",
                "s3:PutObject",
                "s3:GetObjectTagging",
                "s3:PutObjectTagging"
            ],
            "Resource": [
                "arn:aws:s3:::gw-demo-des-bucket",
                "arn:aws:s3:::gw-demo-des-bucket/*"
            ]
        },
        {
            "Sid": "DataSyncCreateS3Location",
            "Effect": "Allow",
            "Principal": {
                "AWS": "arn:aws:iam::<account_id>:role/role-name"
            },
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::gw-demo-des-bucket"
        }
    ]
}
Enter fullscreen mode Exit fullscreen mode

Part Account A (Source Account) Step 3

Change Custom Policy And Create DataSync Location

Source Account Location

Create Destination Location 

aws datasync create-location-s3 \
  --s3-bucket-arn arn:aws:s3:::<destination-bucket> \
  --region <destination-bucket-region> \
  --s3-config '{
    "BucketAccessRoleArn":"arn:aws:iam::<source-account-id>:role/<source-datasync-role>"
  }'
Enter fullscreen mode Exit fullscreen mode

After Create, You Can See Location Have Two Hosts

Part Account A (Source Account) Step 4

Then Create Tasks, Run That






Part Of Account B (Destination Account) Step 5

Verify Sync After Finished

Ref Doc URL

profile
Redis
 Promoted

Redis image

Short-term memory for faster
AI agents 🤖💨

AI agents struggle with latency and context switching. Redis fixes it with a fast, in-memory layer for short-term context—plus native support for vectors and semi-structured data to keep real-time workflows on track.

Start building

Top comments (0)

profile
TigerData (Creators of TimescaleDB)
 Promoted

Tiger Data image

🐯 🚀 Timescale is now TigerData: Building the Modern PostgreSQL for the Analytical and Agentic Era

We’ve quietly evolved from a time-series database into the modern PostgreSQL for today’s and tomorrow’s computing, built for performance, scale, and the agentic future.

So we’re changing our name: from Timescale to TigerData. Not to change who we are, but to reflect who we’ve become. TigerData is bold, fast, and built to power the next era of software.

Read more

👋 Kindness is contagious

Explore this insightful write-up embraced by the inclusive DEV Community. Tech enthusiasts of all skill levels can contribute insights and expand our shared knowledge.

Spreading a simple "thank you" uplifts creators—let them know your thoughts in the discussion below!

At DEV, collaborative learning fuels growth and forges stronger connections. If this piece resonated with you, a brief note of thanks goes a long way.

Okay