An S3 Bucket is similar to an NFS share in that it is a mountable storage volume.

You can mount an S3 Bucket on a Linux system using:

• mount-s3
• s3fs (this article)

This assumes you have a running Linux EC2 Instance. If youre EC2 instance is using the Amazon 2 image, install epel.

sudo amazon-linux-extras install epel

Then install the S3FS FUSE package. This will create the /etc/fuse.conf file.

sudo yum install s3fs-fuse

On the other hand, if you are running Amazon Linux 2023 (AL2023) . . .

~]$ cat /etc/amazon-linux-release
Amazon Linux release 2023 (Amazon Linux)

Use these commands.

sudo yum install automake fuse fuse-devel gcc-c++ git libcurl-devel libxml2-devel make openssl-devel -y
git clone https://github.com/s3fs-fuse/s3fs-fuse.git
cd  s3fs-fuse
./autogen.sh 
./configure --prefix=/usr --with-openssl
make
sudo make install

You will use the Access Key and Secret Key of one of your AWS IAM (Identity and Access Management) user accounts to authenticate to AWS. Your IAM user account will need to have an associated policy that allows certain S3 actions. For example, your user account could be associated with a policy that has the following JSON that allows the IAM user to list the bucket and get objects in the bucket.

{
    "Version": "2012-10-17",
    "Statement": [
        {
            "Effect": "Allow",
            "Action": "s3:ListBucket",
            "Resource": "arn:aws:s3:::my-bucket-abcdefg"
        },
        {
            "Effect": "Allow",
            "Action": "s3:GetObject",
            "Resource": "arn:aws:s3:::my-bucket-abcdefg/*"
        }
    ]
}

AVOID TROUBLE

The Secret Key is only available to you when you create a new IAM user, so if you don't have the Secret Key, you may need to Create IAM Access Keys using the AWS CLI.

On your EC2 Instance, create a file named .passwd-s3fs and append your IAM Access Key and Secret Key to the .passwd-s3fs file.

echo <your access key ID>:<your secret key> > ${HOME}/.passwd-s3fs

Set the permissions of the .passwd-s3fs so that only the owner of the file has read and write permission to the .passwd-s3fs file.

chmod 0600 $HOME/.passwd-s3fs

Create directory for where your S3 Bucket will be mounted.

mkdir /usr/local/my-bucket-abcdefg

Use the s3fs command to mount the S3 Bucket.

s3fs my-bucket-abdcefs /usr/local/my-bucket-abdcefs -o passwd_file=${HOME}/.passwd-s3fs

The mount command can then be used to validate that the S3 Bucket has been mounted.

~]$ mount | grep test
s3fs on /usr/local/my-bucket-abcdefg type fuse.s3fs (rw,nosuid,nodev,relatime,user_id=1000,group_id=1000)

Even if the bucket is mounted, be aware that if the policy associated with the IAM user account does not allow s3:ListBucket and s3:GetObjects, if you were to try to interact with files in the mounted bucket, such as using the ls command to list the details of a one of the files, or stat to get the statistics of one of the files, or file to view the file type, or cat to read the file,

ls /usr/local/aws/my-bucket-abcdefg/path/to/example.png
stat /usr/local/aws/my-bucket-abcdefg/path/to/example.png
file /usr/local/aws/my-bucket-abcdefg/path/to/example.png
cat /usr/local/aws/my-bucket-abcdefg/path/to/example.png

You will likely get an error, most probably, cannot read file, input/output error. Almost always this is resolved by ensuring the Access Key and Secret Key in the .passwd-s3fs file maps to the IAM user that has a policy attached that allows s3:ListBucket and s3:GetObject.

cannot read '/usr/local/aws/my-bucket-abcdefg/path/to/example.png' (Input/Output Error)

Better yet, an entry like this can be added to /etc/fstab so that the S3 Bucket is mounted when the Operating System is rebooted.

s3fs#my-bucket-abcdefg  /usr/local/aws/my-bucket-abcdefg  fuse.s3fs  passwd_file=/home/john.doe/.passwd-s3fs   0   0

However, when I tried adding an entry like this in my CentOS VM /etc/fstab, the VM would go into emergency mode on boot. So I removed the entry from /etc/fstab and created a simple bash script that uses the s3fs command to mount the S3 bucket and then I added an entry like this to crontab to run the bash script 60 seconds after boot to mount the S3 Bucket.

@reboot sleep 60 && bash /usr/local/scripts/mount_s3_bucket.sh

If this is an empty S3 Bucket, you can create a new file in the Bucket.

~]$ echo "Hello World" > /usr/local/my-bucket-abcdefg/example.txt