Seleziona le tue preferenze relative ai cookie

Utilizziamo cookie essenziali e strumenti simili necessari per fornire il nostro sito e i nostri servizi. Utilizziamo i cookie prestazionali per raccogliere statistiche anonime in modo da poter capire come i clienti utilizzano il nostro sito e apportare miglioramenti. I cookie essenziali non possono essere disattivati, ma puoi fare clic su \"Personalizza\" o \"Rifiuta\" per rifiutare i cookie prestazionali.

Se sei d'accordo, AWS e le terze parti approvate utilizzeranno i cookie anche per fornire utili funzionalità del sito, ricordare le tue preferenze e visualizzare contenuti pertinenti, inclusa la pubblicità pertinente. Per continuare senza accettare questi cookie, fai clic su \"Continua\" o \"Rifiuta\". Per effettuare scelte più dettagliate o saperne di più, fai clic su \"Personalizza\".

Using a file share for cross-account access

Modalità Focus

In questa pagina

Using a file share for cross-account access - AWS Storage Gateway
Questa pagina non è tradotta nella tua lingua. Richiedi traduzione

Cross-account access is when an Amazon Web Services account and users for that account are granted access to resources that belong to another Amazon Web Services account. With File Gateways, you can use a file share in one Amazon Web Services account to access objects in an Amazon S3 bucket that belongs to a different Amazon Web Services account.

To use a file share owned by one Amazon Web Services account to access an S3 bucket in a different Amazon Web Services account
  1. Make sure that the S3 bucket owner has granted your Amazon Web Services account access to the S3 bucket that you need to access and the objects in that bucket. For information about how to grant this access, see Example 2: Bucket owner granting cross-account bucket permissions in the Amazon Simple Storage Service User Guide. For a list of the required permissions, see Granting access to an Amazon S3 bucket.

  2. Make sure that the IAM role that your file share uses to access the S3 bucket includes permissions for operations such as s3:GetObjectAcl and s3:PutObjectAcl. In addition, make sure that the IAM role includes a trust policy that allows your account to assume that IAM role. For an example of such a trust policy, see Granting access to an Amazon S3 bucket.

    If your file share uses an existing role to access the S3 bucket, you should include permissions for s3:GetObjectAcl and s3:PutObjectAcl operations. The role also needs a trust policy that allows your account to assume this role. For an example of such a trust policy, see Granting access to an Amazon S3 bucket.

  3. Choose Gateway files acccessible to S3 bucket owner when creating your file share or editing file share settings in the https://console.aws.amazon.com/storagegateway/home.

When you have created or updated your file share for cross-account access and mounted the file share on-premises, we highly recommend that you test your setup. You can do this by listing directory contents or writing test files and making sure the files show up as objects in the S3 bucket.

Important

Make sure to set up the policies correctly to grant cross-account access to the account used by your file share. If you don't, updates to files through your on-premises applications don't propagate to the Amazon S3 bucket that you're working with.

For additional information about access policies and access control lists, see the following:

Guidelines for using the available access policy options in the Amazon Simple Storage Service User Guide

Access Control List (ACL) overview in the Amazon Simple Storage Service User Guide

PrivacyCondizioni del sitoPreferenze cookie
© 2025, Amazon Web Services, Inc. o società affiliate. Tutti i diritti riservati.