This is a similar question to this: Is it possible to copy between AWS accounts using AWS CLI? The difference is, I want to do this in python code, and I can't change the s3 bucket policies in the source bucket (it's owned by a 3rd party). I do have the credentials to both buckets.
How do I run a sync command between these two buckets in python code?
To directly copy (eg with CopyObject) objects between Amazon S3 buckets in different accounts, you will need to use a single set of credentials that have:
These credentials can come from either account. However, since you cannot change the Bucket policy on the source bucket to reference credentials from your account, you will need to use the credentials that they have provided to you.
Let's say the scenario is:
Bucket-A in Account-ABucket-B in Account-BAccount-A — let's call it User-AUser-A has permission to read from Bucket-AYou will need to :
Bucket-B that permits User-A to write to the bucket (PutObject)"ACL": "bucket-owner-full-control", which will make the objects owned by the destination account. Without this, the objects will continue to be 'owned' by the Account-A even though it is in a bucket owned by Account-BFinally, please note that boto3 does not natively provide a sync command. You will be responsible for all the sync logic, copying one object at a time.
Do it in Python, like this to call the AWS CLI
import subprocess
cmd='aws s3 sync s3://mybucket s3://mybucket2'
push=subprocess.Popen(cmd, shell=True, stdout = subprocess.PIPE)
print push.returncode
Or there abouts. :-) Wherever you run this from, say an EC2 instance, make sure it has the user or role that has valid permissions to access both buckets.
