Working with Amazon S3
To provide cluster resources permission to access to Amazon S3 buckets, specify the bucket ARNs in the s3_read_resource and s3_read_write_resource parameters in the Amazon ParallelCluster configuration. For more information about controlling access with Amazon ParallelCluster, see Amazon Identity and Access Management roles in Amazon ParallelCluster.
# Specify Amazon S3 resource which Amazon ParallelCluster nodes will be granted read-only access # (no default) s3_read_resource = arn:aws-cn:s3:::
my_corporate_bucket
* # Specify Amazon S3 resource which Amazon ParallelCluster nodes will be granted read-write access # (no default) s3_read_write_resource = arn:aws-cn:s3:::my_corporate_bucket
/*
Both parameters accept either *
or a valid Amazon S3 ARN. For information about specifying Amazon S3 ARNs, see
Amazon S3 ARN format in the
Amazon Web Services General Reference.
Examples
The following example gives you read access to any object in the Amazon S3 bucket my_corporate_bucket.
s3_read_resource = arn:aws-cn:s3:::
my_corporate_bucket
/*
This following example gives you read access to the bucket, but does not let you read items from the bucket.
s3_read_resource = arn:aws-cn:s3:::
my_corporate_bucket
This last example gives you read access to the bucket and to the items stored in the bucket.
s3_read_resource = arn:aws-cn:s3:::
my_corporate_bucket
*