How to mount Amazon S3 Bucket into AWS EC2 instance





Step 1
Update all the packages if required
(RHEL/CentOS)
yum update

(Debian/Ubuntu)
apt-get update

Step 2
Install all the dependencies require to configure
(RHEL/CentOS)
sudo yum install automake fuse fuse-devel gcc-c++ git libcurl-devel libxml2-devel make openssl-devel

(Debian/Ubuntu)
sudo apt-get install automake autotools-dev fuse g++ git libcurl4-gnutls-dev libfuse-dev libssl-dev libxml2-dev make pkg-config

Step 3
Clone the s3fs repository from the GitHub
(RHEL Family and Debian Family)
git clone https://github.com/s3fs-fuse/s3fs-fuse.git

Step 4
Now change directory to just clone from the GitHub and compile and setup the s3fs-fuse
cd s3fs-fuse

./autogen.sh

./configure --prefix=/usr --with-openssl

make

sudo make install


Step 5
Run the following command to check if every set up correctly
which s3fs
Output
/usr/bin/s3fs

Step 6
Now, Go to IAM and create a user name "s3user" and give him Programmatic Access and attached the Policy "AmazonS3FullAccess".

While creating a user, it will provide you "Access key ID" and "Secret access key". Note it down into a notepad or download the CSV file. We will need this for configuring the configuration file for s3fs.

Step 7
Now create a configuration file name "passwd-s3fs" under etc folder
vi /etc/passwd-s3fs

and enter the following into the file and save and exit
Access-key-ID:Secret-access-key
eg. AKIATJAADJMXQVLQIOSR:gUSMAUjXPJy4sAPa00+nntGpIjR0eWnL96M9AHOx

Step 8
Change the permission of the file
chmod 640 /etc/passwd-s3fs
Step 9
Now, create a directory into your ec2 instance where you want to mount the S3 Bucket
mkdir /gautam-bucket

Step 10
Now mount the S3 Bucket into created directory name "gautam-bucket"
sudo s3fs gautam-bucket /gautam-bucket -o passwd_file=/etc/passwd-s3fs

We have mounted the gautam-bucket into /gautam-bucket folder successfully. But But But this is not the secure way to access the bucket into ec2 instance because you have paste the Access key ID and Secret access key into the instance.

In-case your system compromise, hacker can easily steal your data. To overcome this situation we use roles.

Now we will umount the S3 Bucket and remove the passwd-s3fs file. We will now use the Roles to achieve this.

Step 11
Now we will create a role for ec2 to give permission "AmazonS3FullAccess"

Step 12
Go to ec2 instance dashboard select the instance, go to instance setting and attached the s3role with the instance.

Step 13
Now, mount the S3 Bucket again with IAM Role
s3fs -o iam_role="s3role" gautam-bucket /gautam-bucket
Congratulations. You have setup the S3 Bucket privately from your EC2 instance. 

Popular posts from this blog

How to reset MySQL root password in Ubuntu in latest Ubuntu versions 18.04 and above

Ubuntu default Firewall UFW (Uncomplicated Firewall) Command-Line

How to deploy Java Springboot application in Ubuntu 16.04/18.04