Skip to content

multi-account-multi-region-s3-access

Directory actions

More options

Directory actions

More options

Latest commit

 

History

History

multi-account-multi-region-s3-access

Folders and files

NameName
Last commit message
Last commit date

parent directory

..
bucket
bucket
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 
run.sh
run.sh
 
 
source_bucket_policy.json
source_bucket_policy.json
 
 

README.md

Multi-Account Multi-Region S3 Access

Key Value
Services S3, IAM
Integrations AWS CLI
Categories Security; Multi-Account

Introduction

A demo application illustrating how to access S3 resources across different AWS accounts using bucket policies and IAM users with LocalStack. The script uses the following AWS profiles to simulate a cross-account scenario:

  • Admin user of account A with account ID 000000000001
  • Admin user of account B with account ID 000000000002
  • Account A user — creates the S3 bucket and grants cross-account access via bucket policies
  • Account B user — copies resources from Account A's source bucket into its own target bucket

Prerequisites

Check prerequisites

make check

Installation

make install

Start LocalStack

export LOCALSTACK_AUTH_TOKEN=<your-auth-token>
make start

Run the application

make run

The script sets up two AWS accounts with IAM users and bucket policies, then demonstrates cross-account S3 resource access.

License

This code is available under the Apache 2.0 license.