Download private S3 files using IAM role


Jump to: navigation, search
  • create a iam role
 from console -> IAM -> Roles -> Create a new Role -> Name -> Amazon Ec2 -> AWS Storage Gateway Read Only Access -> Next -> create
  • Create an instance with that IAM role:
in step 3 choose the IAM role 
  • ssh to the new instance
  • install the aws cli
curl "" -o ""
sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
  • copy the file from s3!
aws s3 cp s3://deltathree-chef/knife.rb .
aws s3 cp s3://deltathree-chef/sportzone-validator.pem .

  • script to cleanup the node from chef-server when terminating the instance
aws s3 cp s3://deltathree-chef/chef_cleanup.conf .
aws s3 cp s3://deltathree-chef/ .
  • run chef-client
sudo chef-client -K /etc/chef/sportzone-validator.pem -c /etc/chef/knife.rb -o 'role[webserver]'

Download the s3 private files without IAM role

  • display your credentials:
  • run the aws configure
aws configure
copy paste the relevant info from the command above
Personal tools