I have few files in an ec2 machine of Account A. I would like to copy these files to a s3 bucket in Account B with User A. Could you please guide me with the necessary IAM policy or the…
I'm currently trying to figure something out. I have 2 AWS Accounts. Account A has a bucket called my_awesome_files. Account B has users, that would like to be able to see those documents in my_awesome_files. I have the following policies…
I'm having trouble getting the IAM role setup to work for a Redshift scheduled query. I created a role redshift-scheduled-query that looks like: { "Version": "2012-10-17", "Statement": [ { "Effect": "Allow", "Principal": { "Service": [ "events.amazonaws.com", "redshift.amazonaws.com" ] }, "Action":…
I have permission set created in AWS, and I am creating an INLINE policy where I want to give access to a specific bucket . when I am trying below it works fine which is something I don't want, however…
I have an S3 bucket named my.example.com, and within it I have the folder Folder1. I'm confused about why the following policy doesn't let me download files from Folder1. { "Version": "2012-10-17", "Statement": [ { "Sid": "MyPolicy", "Effect": "Allow", "Action":…
I have the following policy, however using these policy users can still create resrouces with this tag, however they just will have all access denied to the resource with this policy. Is there a way to deny EC2 creation based…
What is the relationship between the role my principal is using and the RBAC in k8s? Specifically, when I do kubectl describe -n kube-system configmap/aws-auth I see this role: myAmazonEKSNodeRole as described here. But when I look in the role…
I am trying to run the following code snipet (based on this code here): import boto3, os from dotenv import load_dotenv load_dotenv() AWS_ACCESS_KEY=os.getenv('AWS_ACCESS_KEY') AWS_SECRET_KEY=os.getenv('AWS_SECRET_KEY') translate = boto3.client( service_name='translate', region_name='us-east-1', aws_access_key_id=AWS_ACCESS_KEY, aws_secret_access_key=AWS_SECRET_KEY, ) result = translate.translate_text(Text="Hello, World", SourceLanguageCode="en", TargetLanguageCode="de") print('TranslatedText: '…
I am trying to create an IAM role with tag by Ansible using the following task. - hosts: localhost gather_facts: no vars_files: - variables.yml tasks: - name: Create IAM role for EKS cluster community.aws.iam_role: name: eks-role state: present tags: "{{…
I have created a function to get a link to download an object in S3. def get_presigned_url(s3_bucket, s3_object_key, expiration_seconds): url = boto3.client('s3', config=Config(signature_version='s3v4'), aws_access_key_id='access_key_id', aws_secret_access_key='secret_access_key').generate_presigned_url( ClientMethod='get_object', Params={'Bucket': s3_bucket, 'Key': s3_object_key}, ExpiresIn=expiration_seconds) return url It creates the link with the correct…