In this tutorial, Iβll walk you through how to copy files from and to an Amazon S3 bucket using an EC2 instance. Weβll create the EC2 instance via the AWS Console, and use the AWS CLI to perform S3 copy operations.
Prerequisites
- AWS account
- AWS CLI installed and configured
Step 1: Create an EC2 Instance Using the Console
- Go to the EC2 Dashboard in the AWS Console
- Click Launch Instance
- Fill in the details:
- Name:
S3-Copy-Instance - AMI: Ubuntu
- Instance Type:
t2.micro(free tier) - Key Pair: Select or create a key pair (download the
.pemfile) - Network Settings:
- Use default security group
- Make sure SSH (port 22) is open
- Name:
- Click Launch Instance
Once it launches, copy the Public IPv4 address of the instance.
Step 2: SSH Into the EC2 Instance
Open your terminal:
ssh -i my-key-pair.pem ec2-user@<EC2_PUBLIC_IP>
β οΈ Replace
my-key-pair.pemwith your actual PEM file name, and<EC2_PUBLIC_IP>with the instanceβs public IP address.
Step 3: Create a Dummy Log File on the Instance
echo "This is a test log from EC2" > test.log
Step 4: Create an S3 Bucket Using the Console
- Go to the S3 Dashboard
- Click Create Bucket
- Name it something like:
my-s3-bucket-logs-unique - Region: us-west-2
- Leave the rest as default (Block public access enabled)
- Click Create Bucket
Step 5: Try to Copy the File to S3 (This Will Fail)
Back in your EC2 terminal:
aws s3 cp test.log s3://my-s3-bucket-logs-unique/
Youβll likely see a permission denied or Access Denied (403) error β this is expected because the instance doesnβt have S3 permissions yet.
Step 6: Create an IAM Role and Attach It to the EC2 Instance
- Go to the IAM Dashboard β Roles
- Click Create role
- Trusted entity type: AWS service
- Use case: EC2
- Attach policy:
AmazonS3FullAccess - Name the role:
EC2-S3Access-Role - Click Create Role
Now, go back to the EC2 Dashboard:
- Select your instance
- Choose Actions β Security β Modify IAM Role
- Attach the role:
EC2-S3Access-Role - Click Update IAM Role
Step 7: Retry the Copy Operation (Now It Works)
Back in your EC2 shell:
aws s3 cp test.log s3://my-s3-bucket-logs-john/
β You should see output confirming the upload.
Step 8: Download from S3 Back to EC2 (Optional)
aws s3 cp s3://my-s3-bucket-logs-john/test.log downloaded.log
cat downloaded.log
π§ Recap
- β Created an EC2 instance using AWS Console
- β SSHed into the instance and created a dummy log file
- β Created an S3 bucket
- β Tried copying without permissions (expected failure)
- β Created IAM role and attached it to EC2
- β Successfully copied files to and from S3
π₯ Watch the Full Demo
This post is the perfect companion to my YouTube walkthrough β subscribe and follow along visually!