Last Updated: February 25, 2016
·
612
· magnetikonline

Fetch protected S3 resources using EC2 IAM roles

The popular s3curl.pl utility for accessing S3 bucket contents with IAM credentials is handy, but it doesn't support IAM roles.

So I put together a handy wrapper script (in bash) to fetch and correctly pass through the current EC2 IAM role credentials to s3curl.pl.

You can grab it here: https://github.com/magnetikonline/s3curliamrole

My use case for this is to get protected resources (e.g. source code/packages/auth keys/etc.) from S3 buckets into new EC2 instances via userdata (e.g. EC2 instances started via auto scaling groups).

Create a new IAM role, assign to your EC2 instance launch configs, add the relevant policy protections to your S3 bucket(s) and you are good to go! :)