Is it possible to create an S3 bucket policy that allows read-only access from my EC2 instances? I tried a bunch of things, but I can't figure out what to use for the principal.
The principal will be the role.
ie: arn:aws:iam::accountnumber:role/rolename
This post describes how to do it:
http://www.tothenew.com/blog/role-based-s3-access-from-a-specific-ec2-instance/
just ignore the part about the IP address since you won't need it.
您应该为实例分配一个角色,该角色允许访问S3存储桶。
The issue is that:
This explains how to use userid instead:
The technical post webpages of this site follow the CC BY-SA 4.0 protocol. If you need to reprint, please indicate the site URL or the original address.Any question please contact:yoyou2525@163.com.