Download private S3 files using IAM role

From open-voip.org

Jump to: navigation, search
  • create a iam role
 from console -> IAM -> Roles -> Create a new Role -> Name -> Amazon Ec2 -> AWS Storage Gateway Read Only Access -> Next -> create
  • Create an instance with that IAM role:
in step 3 choose the IAM role 
  • ssh to the new instance
  • install the aws cli
curl "https://s3.amazonaws.com/aws-cli/awscli-bundle.zip" -o "awscli-bundle.zip"
unzip awscli-bundle.zip
sudo ./awscli-bundle/install -i /usr/local/aws -b /usr/local/bin/aws
  • copy the file from s3!
aws s3 cp s3://deltathree-chef/knife.rb .
aws s3 cp s3://deltathree-chef/sportzone-validator.pem .

  • script to cleanup the node from chef-server when terminating the instance
aws s3 cp s3://deltathree-chef/chef_cleanup.conf .
aws s3 cp s3://deltathree-chef/chef_cleanup.sh .
  • run chef-client
sudo chef-client -K /etc/chef/sportzone-validator.pem -c /etc/chef/knife.rb -o 'role[webserver]'

Download the s3 private files without IAM role

  • display your credentials:
curl http://169.254.169.254/latest/meta-data/iam/security-credentials/ChefInstance
  • run the aws configure
aws configure
copy paste the relevant info from the command above
Personal tools