Add the policy.json
to the source bucket. Ensure the profile being used has s3:PutObject
, s3:GetObject
and s3:PutObjectAcl
(AWS docs).
Execute:
$ aws s3 sync \
s3://source \
s3://target \
[--acl public-read] \
[--profile name]
{ | |
"Version": "2012-10-17", | |
"Statement": [ | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"AWS": "arn:aws:iam::666:user/dr.evil" | |
}, | |
"Action": [ | |
"s3:GetObject", | |
"s3:PutObject" | |
], | |
"Resource": "arn:aws:s3:::bucket/*" | |
}, | |
{ | |
"Effect": "Allow", | |
"Principal": { | |
"AWS": "arn:aws:iam::666:user/dr.evil" | |
}, | |
"Action": "s3:ListBucket", | |
"Resource": "arn:aws:s3:::bucket" | |
} | |
] | |
} |