Published September 06, 2020 by

Migrate AWS S3 bucket to another AWS account

In this tutorial, I will explain how to migrate the AWS S3 bucket or objects from one AWS account to another AWS account or region.

Step 1: Get Destination AWS Account Number

Sign in to the destination AWS account. Go to My Account → Account Id and copy the account id from there.

Step 2: Create Source S3 Bucket

Sign in to source AWS account. Create a bucket in S3 and Attach the following policy to the bucket.

 {  
   "Version": "2012-10-17",  
   "Statement": [  
     {  
       "Sid": "DelegateS3Access",  
       "Effect": "Allow",  
       "Principal": {  
         "AWS": "arn:aws:iam::DESTINATION_BUCKET_ACCOUNT_NUMBER:root"  
       },  
       "Action": [  
         "s3:ListBucket",  
         "s3:GetObject"  
       ],  
       "Resource": [  
         "arn:aws:s3:::SOURCE_BUCKET_NAME/*",  
         "arn:aws:s3:::SOURCE_BUCKET_NAME"  
       ]  
     }  
   ]  
 }  

Step 3: Create Destination S3 Bucket

Sign in to the destination AWS account. Create a bucket in S3.

Step 4: Create IAM User In Destination AWS Account
Create a new IAM user in the destination AWS account and Attach the following policy to that user. 
 {   
   "Version": "2012-10-17",   
   "Statement": [   
    {   
     "Effect": "Allow",   
     "Action": [   
      "s3:ListBucket",   
      "s3:GetObject"   
     ],   
     "Resource": [   
      "arn:aws:s3:::SOURCE_BUCKET_NAME",   
      "arn:aws:s3:::SOURCE_BUCKET_NAME/*"   
     ]   
    },   
    {   
     "Effect": "Allow",   
     "Action": [   
      "s3:ListBucket",   
      "s3:PutObject",   
      "s3:PutObjectAcl"   
     ],   
     "Resource": [   
      "arn:aws:s3:::DESTINATION_BUCKET_NAME",   
      "arn:aws:s3:::DESTINATION_BUCKET_NAME/*"   
     ]   
    }   
   ]   
  }  

Step 5: Sync or copy S3 Bucket or objects To Destination bucket

Now we can copy or sync S3 bucket or objects from the source account to the destination account by using the following AWS CLI command.
 aws s3 sync s3://SOURCE-BUCKET-NAME s3://DESTINATION-BUCKET-NAME   
As you see we did not define any access control list during the command. We can use --acl parameter for this purpose and provide canned ACLs to apply to all objects.
 aws s3 sync s3://SOURCE-BUCKET-NAME s3://DESTINATION-BUCKET-NAME --acl public-read   

Read More

,

Published September 06, 2020 by

Auto change AMI in AWS launch-configuration

 

Normally, we create AMIs manually and update the launch configurations of different auto-scaling groups using those AMIs. This kind of repetitive work becomes tedious on a daily basis and there’s no such feature in AWS to do this automatically. 

After getting frustrated, I thought of getting this fixed on a permanent basis. Using my knowledge of shell scripting and basic AWS CLI commands, I have created a shell script to do this automatically. 

What does this script do?
    1. Get instance id from AutoScallingGroup
    2. Get launch configuration name from AutoScallingGroup
    3. Create AMI from the instance which gets in step 1
    4. Create a new Launch Configuration
    5. Update Auto Scaling Group to use newly created Launch Configuration
    6. Delete old Launch Configuration 

How to choose a specific instance from ASG?
In that case, you can specify the instance ID as well along with the autoscaling group name. The script will then create it’s AMI and update the launch configuration.

And Finally below is the shell script 
 #!/bin/bash  
   
 #Define parameters  
 ASG_NAME="myapp"  
 NEW_LC="myapp-$(date +%Y-%m-%d_%H-%M)"  
 TIME=$(date +%Y-%m-%d_%H-%M)  
   
 echo "Selected Auto Scaling Group is ${ASG_NAME}"  
   
 # Get instance id from ASG_NAME  
 RANDOM_INST_ID="$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names ${ASG_NAME} --query 'AutoScalingGroups[].Instances[?HealthStatus==`Healthy`].InstanceId' | head -3 | sed 1d | sed 1d | sed 's/ //g' | sed 's/"//g')";  
   
 # Get launch configuration name from ASG_NAME  
 LC_NAME=$(aws autoscaling describe-auto-scaling-groups --auto-scaling-group-names ${ASG_NAME} --query 'AutoScalingGroups[].LaunchConfigurationName' | head -2 | sed 1d | sed 's/ //g' | sed 's/"//g')  
   
 # Create AMI  
 IMAGE=`aws ec2 create-image --instance-id ${RANDOM_INST_ID} --name NEW-IMAGE-${TIME} --no-reboot --output text`  
   
 echo "Create Image of instance ${RANDOM_INST_ID}"  
   
 # Create Launch Configuration  
 aws autoscaling create-launch-configuration --launch-configuration-name ${NEW_LC} --image-id ${IMAGE} --instance-type t2.micro --key myapp --associate-public-ip-address --security-groups sg-0123456ghbh79  
   
 echo "create new Launch Configuration ${NEW_LC}"  
   
 # Update Auto Scaling Group to use new Launch Configuration  
 aws autoscaling update-auto-scaling-group --auto-scaling-group-name ${ASG_NAME} --launch-configuration-name ${NEW_LC}  
   
 echo "New Launch Configuration is updated in ASG ${NEW_LC}"  
   
 # Delete old Auto Scaling Launch Configuration  
 aws autoscaling delete-launch-configuration --launch-configuration-name ${LC_NAME}  
   
 echo "Delete old Launch Configuration"  
   
 echo "SUCCESS!"  

Read More