amazon web services - Error while Copying from S3 to EC2 in different accounts - Stack Overflow

admin管理员组

文章数量:1278985

I am trying to copy some files from S3 in one account to EC2 instance in another account. Bucket and ec2 are in different accounts but same region

I have the appropriate IAM roles attached to the EC2 instance as well as the bucket policy to enable access to objects in bucket

I am able to list the objects but not copy. I have the policies for S3 GetObjects as well. My EC2 instance role has KMS Decrypt policy. The S3 bucket has SSE-S3 encryption.

The error while copying is this "An error occurred (AccessDenied) when calling the GetObject operation: User: arn:aws:sts::1234567889:assumed-role/ec2-role/i-0415fdasr23423fg is not authorized to perform: kms:Decrypt on the resource associated with this ciphertext because the resource does not exist in this Region, no resource-based policies allow access, or a resource-based policy explicitly denies access"

I rechecked all permissions and policies in the S3 bucket policy as well as the EC2 instance IAM role.

本文标签： amazon web servicesError while Copying from S3 to EC2 in different accountsStack Overflow