[GH-ISSUE #744] Could i use IAM Role to mount S3 bucket ? #429

New issue

Closed

opened 2026-03-04 01:45:29 +03:00 by kerem · 2 comments

kerem commented 2026-03-04 01:45:29 +03:00

Owner

Copy link

Originally created by @ninhvguyen-vn on GitHub (Apr 5, 2018).
Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/744

Hi S3FS team,

Thanks for your contribution.

in these days, i am trying to use s3fs to mount S3 bucket with IAM role.
But it seems not work for me.
Do you have any guide for this part?
I appreciate it very much!

Regards!
Ninh

Originally created by @ninhvguyen-vn on GitHub (Apr 5, 2018). Original GitHub issue: https://github.com/s3fs-fuse/s3fs-fuse/issues/744 Hi S3FS team, Thanks for your contribution. in these days, i am trying to use s3fs to mount S3 bucket with IAM role. But it seems not work for me. Do you have any guide for this part? I appreciate it very much! Regards! Ninh

kerem closed this issue 2026-03-04 01:45:29 +03:00

kerem commented 2026-03-04 01:45:30 +03:00

Author

Owner

Copy link

@H6 commented on GitHub (Apr 14, 2018):

Just call with iam_role argument...

e.g.

s3fs -o iam_role="MY_ROLE" -o url="https://s3-eu-central-1.amazonaws.com" -o endpoint=eu-central-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp DEST_BUCKET /var/ftp/here

of course the role needs to have the correct permissions on the DEST_BUCKET..

e.g. in Cloudformation:

[...]
      - PolicyName: DestinationBucketAccessPolicy
        PolicyDocument:
          Version: '2012-10-17'
          Statement:
          - Effect: Allow
            Action:
              - s3:ListBucket
              - s3:DeleteObject
              - s3:GetObject
              - s3:PutObject
              - s3:RestoreObject
            Resource:
              - !Sub 'arn:aws:s3:::${DestinationBucket}/*'
              - !Sub 'arn:aws:s3:::${DestinationBucket}'

<!-- gh-comment-id:381323705 --> @H6 commented on GitHub (Apr 14, 2018): Just call with `iam_role` argument... e.g. `s3fs -o iam_role="MY_ROLE" -o url="https://s3-eu-central-1.amazonaws.com" -o endpoint=eu-central-1 -o dbglevel=info -o curldbg -o allow_other -o use_cache=/tmp DEST_BUCKET /var/ftp/here` of course the role needs to have the correct permissions on the DEST_BUCKET.. e.g. in Cloudformation: ``` [...] - PolicyName: DestinationBucketAccessPolicy PolicyDocument: Version: '2012-10-17' Statement: - Effect: Allow Action: - s3:ListBucket - s3:DeleteObject - s3:GetObject - s3:PutObject - s3:RestoreObject Resource: - !Sub 'arn:aws:s3:::${DestinationBucket}/*' - !Sub 'arn:aws:s3:::${DestinationBucket}' ```

kerem commented 2026-03-04 01:45:30 +03:00

Author

Owner

Copy link

@ninhvguyen-vn commented on GitHub (Apr 16, 2018):

Thanks H6,

I already mounted S3 bucket [in china AWS region] successfully.

<!-- gh-comment-id:381465657 --> @ninhvguyen-vn commented on GitHub (Apr 16, 2018): Thanks H6, I already mounted S3 bucket [in china AWS region] successfully.

Sign in to join this conversation.

No Branch/Tag specified

Branches Tags

master

v1.97

v1.96

v1.95

v1.94

v1.93

v1.92

v1.91

v1.90

v1.89

v1.88

v1.87

v1.86

v1.85

v1.84

v1.83

v1.82

v1.81

v1.80

v1.79

v1.78

Pre-v1.78

v1.77

v1.76

v1.75

v1.74

Labels

Clear labels   

bug

  

bug

  

dataloss

  

duplicate

  

enhancement

  

feature request

  

help wanted

  

invalid

  

need info

  

performance

  

pull-request

Mirrored from GitHub Pull Request

  

question

  

question

  

testing

No labels

bug

bug

dataloss

duplicate

enhancement

feature request

help wanted

invalid

need info

performance

pull-request

question

question

testing

Milestone

Clear milestone

No items

No milestone

Projects

Clear projects

No items

No project

Assignees

Clear assignees

No assignees

1 participant

Notifications

Subscribe

Due date

The due date is invalid or out of range. Please use the format "yyyy-mm-dd".

No due date set.

Dependencies

No dependencies set.

Reference

starred/s3fs-fuse#429

No description provided.