Working with Amazon S3 - Amazon ParallelCluster
Examples
Services or capabilities described in Amazon Web Services documentation might vary by Region. To see the differences applicable to the China Regions, see Getting Started with Amazon Web Services in China (PDF).

Working with Amazon S3

To provide cluster resources permission to access to Amazon S3 buckets, specify the bucket ARNs in the s3_read_resource and s3_read_write_resource parameters in the Amazon ParallelCluster configuration. For more information about controlling access with Amazon ParallelCluster, see Amazon Identity and Access Management roles in Amazon ParallelCluster.

# Specify Amazon S3 resource which Amazon ParallelCluster nodes will be granted read-only access
# (no default)
s3_read_resource = arn:aws-cn:s3:::my_corporate_bucket*
# Specify Amazon S3 resource which Amazon ParallelCluster nodes will be granted read-write access
# (no default)
s3_read_write_resource = arn:aws-cn:s3:::my_corporate_bucket/*

Both parameters accept either * or a valid Amazon S3 ARN. For information about specifying Amazon S3 ARNs, see Amazon S3 ARN format in the Amazon Web Services General Reference.

Examples

The following example gives you read access to any object in the Amazon S3 bucket my_corporate_bucket.

s3_read_resource = arn:aws-cn:s3:::my_corporate_bucket/*

This following example gives you read access to the bucket, but does not let you read items from the bucket.

s3_read_resource = arn:aws-cn:s3:::my_corporate_bucket

This last example gives you read access to the bucket and to the items stored in the bucket.

s3_read_resource = arn:aws-cn:s3:::my_corporate_bucket*