# AWS S3 Cross-Account File Transfer Guide


This guide demonstrates how to transfer files from an S3 bucket in one AWS account (source) to another bucket in a different AWS account (destination) using the AWS CLI.

## Scenario
- **Source Bucket**: `cellprofileraws` in `us-east-1`
- **Destination Bucket**: `arkalivr` in `eu-central-1`
- **Goal**: Copy all files from `s3://cellprofileraws/Image_data/` to `s3://arkalivr/test/` while ensuring the destination bucket owner has full control.

## Key Steps
1. **Configure Permissions**: Ensure the destination bucket allows write access for the source account.
2. **Use Recursive Copy**: Use `--recursive` to copy all files from the source directory.
3. **Transfer Ownership (Optional)**: Set up **Bucket Owner Enforced** mode on the destination bucket to automatically assign ownership of uploaded files to the destination bucket owner.



## Step 1: Configure Cross-Account Permissions on the Destination Bucket

To allow the source account to upload files, the owner of the destination bucket should add a bucket policy like this:

```json
{
  "Version": "2012-10-17",
  "Statement": [
    {
      "Effect": "Allow",
      "Principal": {
        "AWS": "arn:aws:iam::YOUR_ACCOUNT_ID:root"
      },
      "Action": "s3:PutObject",
      "Resource": "arn:aws:s3:::arkalivr/*"
    }
  ]
}
```

Replace `YOUR_ACCOUNT_ID` with the actual account ID of the source bucket owner **(Insert the account ID of the source bucket, here the source bucket is located in the us-east-1 region)**. This policy will grant permission to upload files from the source account to the destination bucket.



## Step 2: Use Recursive Copy to Transfer Files

To copy all files from `Image_data` in the source bucket to the destination bucket, use the `--recursive` option:

```bash
aws s3 cp s3://cellprofileraws/Image_data/ s3://arkalivr/test/ --region eu-central-1 --recursive
```

### Explanation
- **`--recursive`**: Copies all files and subdirectories within `Image_data`.



## Step 3: Optional - Transfer Ownership Automatically

If the destination bucket owner wants automatic ownership of uploaded files, they can enable **Bucket Owner Enforced** mode:

1. Go to **S3 Console** > **arkalivr** > **Permissions** > **Object Ownership**.
2. Select **Bucket owner enforced** and save changes.

This setting will make the destination bucket owner the default owner of all uploaded files, eliminating the need for the `--acl bucket-owner-full-control` flag.
