S3 Cross Account Replication
What is S3 Replication?
S3 Replication refers to the process of copying the contents of a S3 bucket to another S3 bucket automatically without any manual intervention, post the setup process. The destination bucket can be in the same region as the source bucket or even different region from the source bucket
What is S3 Cross Account Replication?
S3 Cross Account Replication refers to copying the contents of the S3 bucket from one account to another S3 bucket in a different account. Its possible that both the accounts may or may not be owned by the same individual or organization.
The below is a hands on tutorial to perform S3 Cross Account Replication
Requirement
Replicate the contents of the source bucket → ‘may-medium-bucket’ in ‘Data’ account to the below destination buckets:
- ‘may-medium-bucket-replica-dev’ in ‘Dev’ account
- ‘may-medium-bucket-replica-test’ in ‘Test’ account
Pre-Requisites
- All the buckets — source and destination should have ‘Bucket Versioning’ enabled (This can be set at the time of bucket creation)
- Create the following S3 buckets in their respective account:
- ‘may-medium-bucket’ in ‘Data’ account
- ‘may-medium-bucket-replica-dev’ in ‘Dev’ account
- ‘may-medium-bucket-replica-test’ in ‘Test’ account
Changes — High Level
Changes required to configure S3 Cross Account Replication are:
- Create a role for cross account replication in the source account (in this case is ‘Data’ account)
- Create a replication rule against the source bucket in the source account (‘Data’ account) to destination buckets in destination accounts (‘Dev’ and ‘Test’ account)
- Apply a bucket policy on the destination bucket in destination account (‘Dev’ and ‘Test’ account)
#1 — Create a role for cross account replication in the source account
- Navigate to IAM console in the…