I'm trying to copy S3 bucket objects from one AWS to another AWS account. I have followed this link here it works with one account A but gives Access Denied error when i used it with another account B. What could be the possible reason for that? Is it related to some firewalls or security issues, even the source account B bucket has been made public. This is the policy applied to source bucket B
{
"Version": "2012-10-17",
"Statement": [
{
"Sid": "DelegateS3Access",
"Effect": "Allow",
"Principal": {
"AWS": "arn:aws:iam::12345678910:user/abc"
},
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::sourceBucketB/*",
"arn:aws:s3:::sourceBucketB"
]
}
]
}
This is policy applied to destination account
{
"Version": "2012-10-17",
"Statement": [
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:GetObject"
],
"Resource": [
"arn:aws:s3:::sourcebucket",
"arn:aws:s3:::sourcebucket/*"
]
},
{
"Effect": "Allow",
"Action": [
"s3:ListBucket",
"s3:PutObject",
"s3:PutObjectAcl"
],
"Resource": [
"arn:aws:s3:::destinationbucket",
"arn:aws:s3:::destinationbucket/*"
]
}
] }
[here are the configurations of bucket from account B][1\
I'm using the following command to copy from bucket B to destination account (using destination account profile)
aws s3 sync s3://sourceBucket s3://destinationBucket
Here is the error
fatal error: An error occurred (AccessDenied) when calling the ListObjectsV2 operation: Access Denied