You can use the below Java code to get the s3client
instance when you are trying to connect to S3 bucket from EC2 instance.
AmazonS3 s3Client = AmazonS3ClientBuilder.standard()
.withCredentials(new InstanceProfileCredentialsProvider(false))
.build();
This is the recommended way as the application doesn't require to maintain the access keys in property files.
- IAM role should be created and S3 access should be provided for that
role. See the sample policy below.
- The IAM role should be assigned to the EC2 instance
Sample policy for IAM role:-
{
"Action": ["s3:PutObject",
"s3:ListBucket",
"s3:GetObject",
"s3:DeleteObject"],
"Resource": ["arn:aws:s3:::yourBucketName",
"arn:aws:s3:::yourBucketName/*"],
"Effect": "Allow",
"Sid": "AllowBucketLinux"
}
与恶龙缠斗过久,自身亦成为恶龙;凝视深渊过久,深渊将回以凝视…