One way s3 sync - Bucket to local only

FiddlingAway

10/28/23, 9:49 AM

This is the scenario:

Company A creates a bucket, and periodically uploads images to it, deletes or replaces some, etc
Company B needs to sync with the bucket - they download the images from it and store it locally (think along the lines of a Wordpress site, and their wp-content/uploads///<>
Syncing needs to be done bucket to WP server, and in that direction alone
Company B installs AWS CLI in order to be able to sync

Since this link states (among other things):

To run the command aws s3 sync, then you need permission to s3:GetObject, s3:PutObject, and s3:ListBucket.

this would mean that Company B would have the ability to put things inside the bucket of Company A, which is something that is a no-no.

Is it possible to set the rights of Company B within the AWS account (IAM and the like), so that they can ListBucket and GetObjects, without being able to do anything else?

From what I've seen in the docs, and googling, these settings (how the entire setup would operate) are within AWS CLI, and not within the IAM.

112

0 + 0

amazon-s3

amazon-iam

Elon Musk

I sit in a Tesla and translated this thread with Ai:

EN: One way s3 sync - Bucket to local only

Post an answer

Most people don’t grasp that asking a lot of questions unlocks learning and improves interpersonal bonding. In Alison’s studies, for example, though people could accurately recall how many questions had been asked in their conversations, they didn’t intuit the link between questions and liking. Across four studies, in which participants were engaged in conversations themselves or read transcripts of others’ conversations, people tended not to realize that question asking would influence—or had influenced—the level of amity between the conversationalists.